Windows 10:Trojan:Win32/Ymacco.AA84

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by **** (02-02-2021 22:54:33)
Running from C:\Users\****\Desktop
Windows 10 Pro Version 20H2 19042.746 (X64) (2020-12-11 01:52:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-629832801-3061168427-1117579530-500 - Administrator - Disabled)
**** (S-1-5-21-629832801-3061168427-1117579530-1001 - Administrator - Enabled) => C:\Users\****
DefaultAccount (S-1-5-21-629832801-3061168427-1117579530-503 - Limited - Disabled)
Guest (S-1-5-21-629832801-3061168427-1117579530-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-629832801-3061168427-1117579530-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AI Noise-Canceling Microphone (HKLM\...\AI Noise-Canceling Microphone) (Version: 1.0.1.9 - ASUSTek Computer Inc.)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.00.59 - ASUSTeK Computer Inc.)
Amazon WorkSpaces (HKLM-x32\...\{6DDE53C5-D069-4273-9770-F9B013FB381E}) (Version: 3.1.2.1844 - Amazon Web Services, Inc)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.0.1702 - Advanced Micro Devices, Inc.)
Anaconda3 2020.11 (Python 3.8.5 64-bit) (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\Anaconda3 2020.11 (Python 3.8.5 64-bit)) (Version: 2020.11 - Anaconda, Inc.)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 3.3.7 - ASUS)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Origins (HKLM-x32\...\Uplay Install 3539) (Version:  - Ubisoft)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.15.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{c6059da6-7c2c-4aff-99e6-a524262404ad}) (Version: 1.1.15.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.24 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{a75323e1-f1a4-4aff-a7ce-3858cbc1c0d2}) (Version: 1.0.24 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.69.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{1ed19b57-ef0e-474d-946f-aac911f8b0e3}) (Version: 1.0.69.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.03 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.3.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{4e2ab86c-b539-4b1d-bacd-a434371143fb}) (Version: 0.0.3.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{161cc9f2-e50c-4561-a999-15cf3133a1d3}) (Version: 2.0.1.3 - ASUSTek COMPUTER INC.)
ASUS Framework Service (HKLM-x32\...\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}) (Version: 2.0.1.3 - ASUSTek COMPUTER INC.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GPU TweakII (HKLM-x32\...\{2914BAB6-CA16-4B5A-BF41-2466656C7040}) (Version: 2.2.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{2914BAB6-CA16-4B5A-BF41-2466656C7040}) (Version: 2.2.7.0 - ASUSTek COMPUTER INC.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 1.04.21 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.39 - ASUSTeK Computer Inc.) Hidden
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.54 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{db73e7a9-d4ff-4857-a29c-4f6414eb8aca}) (Version: 1.0.54 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.14 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.14 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.04.32 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{1dd27167-f40c-47db-9e8f-b2f5d210f173}) (Version: 3.04.32 - ASUSTeK Computer Inc.)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Battlestate Games Launcher 10.4.4.1239 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 10.4.4.1239 - Battlestate Games)
BeamMP Launcher (HKLM\...\{0D8B7A7C-5EA7-41FF-8736-FEF9CF648661}) (Version: 1.80.5 - BeamMP) Hidden
BeamMP Launcher (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\BeamMP Launcher 1.80.5) (Version: 1.80.5 - BeamMP)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{0243F145-076D-423A-8F77-218DC8840261}) (Version: 4.8.04119 - Microsoft Corporation) Hidden
Core Temp 1.16 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.16 - ALCPU)
CORSAIR iCUE Software (HKLM-x32\...\{74AF4222-AABF-462F-B0CC-59A4BF827F8C}) (Version: 3.36.125 - Corsair)
CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.)
CPUID ROG CPU-Z 1.93 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.93 - CPUID, Inc.)
CrystalDiskMark 7.0.0h (HKLM\...\CrystalDiskMark7_is1) (Version: 7.0.0h - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.13.0.1387 - Disc Soft Ltd)
Dashlane (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\Dashlane) (Version: 6.2103.0.42861 - Dashlane, Inc.)
DB Browser for SQLite (HKLM\...\{05578DF5-8497-4177-970D-702309C5D897}) (Version: 3.12.1 - DB Browser for SQLite Team)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Docker Desktop (HKLM\...\Docker Desktop) (Version: 3.1.0 - Docker Inc.)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.28.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{d22b5310-9f1e-43a8-8547-58fa44742994}) (Version: 1.1.28.0 - Ene Tech.) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2019 (HKLM-x32\...\{7C2070BF-8E07-4B5F-A182-FADB0B95AB39}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.9.10519 - Battlestate Games)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Excel (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Folding@home (HKLM-x32\...\FAHClient) (Version: 7.6.21 - Folding@home.org)
FTB App (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\Overwolf_cmogmmciplgmocnhikmphehmeecmpaggknkjlbag) (Version: 1.0.12 - Overwolf app)
Futuremark SystemInfo (HKLM-x32\...\{F608ED5F-3818-4F87-A277-E52E8790C039}) (Version: 5.35.871.0 - Futuremark)
Git version 2.29.2.3 (HKLM\...\Git_is1) (Version: 2.29.2.3 - The Git Development Community)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2189.0 - Rockstar Games)
HexChat (HKLM\...\HexChat_is1) (Version: 2.14.3 - HexChat)
HxD Hex Editor 2.4 (HKLM\...\HxD_is1) (Version: 2.4 - Maël Hörz)
icecap_collection_neutral (HKLM-x32\...\{7C703135-98AC-4EB9-86C0-0C3169C99649}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{7C914878-C64B-4CA6-8E41-91308877A586}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{C28C9D95-66E3-48A9-8CC4-A517661DD132}) (Version: 16.8.30607 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{D3B94F9C-CBFC-4571-B30B-7665B3A9DB4F}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{10764165-E41B-4A08-B2B0-950EA48A27AC}) (Version: 19.0.281 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM-x32\...\{7D94CF67-6666-4111-B027-D7AB7F189F70}) (Version: 15.0.18198.01 - Microsoft Corporation) Hidden
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.28 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{511a62a9-1ff0-4cc5-adfe-4a5bd044a3c0}) (Version: 1.0.28 - KINGSTON COMPONENTS INC.) Hidden
Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{E1F68FC9-F23C-4F44-8092-CAC55E43A80B}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lily (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\Lily) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft .NET SDK 5.0.101 (x64) from Visual Studio (HKLM\...\{D623A466-38A7-4E39-9D69-7B07951D3406}) (Version: 5.1.120.60105 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.52.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.8.3077.1211 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2019 CTP2.2 (HKLM\...\{0AF3B52A-F38D-4D63-9F72-73623C601CD9}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2019 CTP2.2 (HKLM-x32\...\{BF16A1DB-06A6-4A8E-B7A8-61F1F9C9FBA3}) (Version: 15.0.1200.24 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
MySQL Connector Net 8.0.22 (HKLM-x32\...\{F7CB561A-E6E8-4B53-887B-DE2215BCA4C4}) (Version: 8.0.22 - Oracle)
NeoFly (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\2eedfbc2cc1a251c) (Version: 2.33.0.4 - NeoFly)
Node.js (HKLM\...\{7667E0D6-09E5-4146-94B0-F8918EC5A692}) (Version: 15.4.0 - Node.js Foundation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafiktreiber 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera GX Stable 72.0.3815.487 (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\Opera GX 72.0.3815.487) (Version: 72.0.3815.487 - Opera Software)
Oracle VM VirtualBox 6.1.16 (HKLM\...\{6BC7BBCE-9202-4698-B866-F02AACB838C7}) (Version: 6.1.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.91.46291 - Electronic Arts, Inc.)
Outlook (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.162.0.13 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (HKLM-x32\...\{8989DBC1-E87B-448F-9147-57EEEC5A24A5}) (Version: 1.0.0 - Overwolf) Hidden
Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.7.2 (Deutsch) (HKLM-x32\...\{98FE7C2A-22A4-401A-B45B-2AA107C06DD7}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{A8D4AE16-519B-409D-B5B4-2647C06805AD}) (Version: 2.0.3.0 - Paradox Interactive)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.1 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{e38442c0-a433-48c2-84e2-51ac0b30c3ab}) (Version: 1.0.9.1 - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{8839fbd5-69f9-41c5-a1cf-cdfbec966d66}) (Version: 1.0.6.3 - Patriot Memory)
PDF24 Creator 10.0.7 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.7 - PDF24.org)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.6.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{c8f7044c-7f48-404a-9a5d-9f038f28a789}) (Version: 1.0.6.0 - PHISON Electronics Corp.) Hidden
PowerPoint (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
qBittorrent 4.3.3 (HKLM-x32\...\qBittorrent) (Version: 4.3.3 - The qBittorrent project)
RAGE Multiplayer (HKLM-x32\...\RAGE Multiplayer) (Version: 0.0.1.1 - )
RamCache III (HKLM-x32\...\RamCache III) (Version: 1.01.08 - ASUSTeKcomputer Inc)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1355.18 - Rockstar Games)
REDlauncher (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
RetroArch 1.9.0 (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\RetroArch) (Version: 1.9.0 - libretro)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.33.319 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.1.16.0 - ASUSTek COMPUTER INC.)
Sandboxie 5.46.5 (64-bit) (HKLM\...\Sandboxie) (Version: 5.46.5 - sandboxie-plus.com)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
The Alchemyst Tale version 0.9.2a (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\{ED583D84-DF75-4411-80DB-7FE5AD2F07F7}_is1) (Version: 0.9.2a - Night Games)
Twine 2.3.9 (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\09757d2a-5a16-578f-a64f-297ed0213ec0) (Version: 2.3.9 - Chris Klimas)
TyperSolver (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\TyperSolver) (Version: 2.1.2 - ProTypers)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 118.0.10358 - Ubisoft)
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.1 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{68fb2ff9-0618-4948-b68f-9f95e5687067}) (Version: 1.0.0.1 - PD)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{21928C37-911F-4FC7-936F-720AB8739C0E}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Visual Studio Community 2019 (HKLM-x32\...\00cf5edf) (Version: 16.8.30804.86 - Microsoft Corporation)
VS Immersive Activate Helper (HKLM-x32\...\{A71406B5-E487-4B01-8E59-D466841350F5}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{C7E8A4F2-EF09-42A8-B892-69D5ED99D965}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{B5E3A3E1-1529-4D5A-9E95-34971FA07825}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{78696386-A4B6-4F69-B558-2667CD3A579D}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{271F1F42-B547-4498-825F-590DBB1774F7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{30D97A69-3C0F-4552-9A72-60E591B210C7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{DEB11EB7-B61A-4883-8CB0-99013A4873AB}) (Version: 16.8.30608 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{A90E107F-D024-4EEC-A6F4-9E2858B4E506}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{E9439DB7-BF01-4820-8CB1-80957150AB86}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{8990F1B6-F880-4E73-A2D9-7A611F4C38A1}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{3C4B2ED3-2296-4203-A420-AC042BE8484D}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{08AF5DA9-F3BD-4B59-8D99-C47CC4D53CAD}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6013F369-D916-4C44-A79F-B1A35AEDAEBB}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{E1FD1D9D-0611-4DE5-826F-37FAC17706AC}) (Version: 16.8.30615 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{BEEB2E56-91DB-4AFB-AC88-8E98B18DD889}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{0F772F74-D1D4-4D63-B37D-FBBC3D9581C7}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
War Thunder Launcher 1.0.3.260 (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Network)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WeMod (HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\WeMod) (Version: 6.3.12 - WeMod)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
XAMPP (HKLM\...\xampp) (Version: 8.0.0-2 - Bitnami)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.5) (Version: 1.3.5 - Xvid Team)

Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_3.3.7.0_x64__qmba6cd70vzyy [2021-01-21] (ASUSTeK COMPUTER INC.)
Bridge Constructor Portal -> C:\Program Files\WindowsApps\HeadupGames.BridgeConstructorPortal_5.0.173.2_x64__zedvb25zy7eke [2021-02-02] (Headup Games)
Control PCGP -> C:\Program Files\WindowsApps\505GAMESS.P.A.ControlPCGP_1.0.5.0_x64__tefn33qh9azfc [2021-01-22] (505 GAMES S.P.A.)
Kali Linux -> C:\Program Files\WindowsApps\KaliLinux.54290C8133FEE_1.6.0.0_x64__ey8k8hqnwqnmg [2021-01-15] (Kali Linux)
Microsoft Flight Simulator -> C:\Program Files\WindowsApps\Microsoft.FlightSimulator_1.12.13.0_x64__8wekyb3d8bbwe [2020-12-23] (Microsoft Studios)
Microsoft Flight Simulator Digital Ownership -> C:\Program Files\WindowsApps\Microsoft.DigitalOwnership_1.0.1.0_x64__8wekyb3d8bbwe [2020-12-11] (Microsoft Studios)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.36.4251.0_x64__8wekyb3d8bbwe [2021-01-26] (Microsoft Corporation) [Startup Task]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.21056.0_x64__8wekyb3d8bbwe [2021-01-21] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-21] (NVIDIA Corp.)
Python 3.9 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.9_3.9.496.0_x64__qbz5n2kfra8p0 [2020-12-26] (Python Software Foundation)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.98.921.2_x64__8wekyb3d8bbwe [2021-01-30] (ms-resource:PublisherDisplayName)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0 [2021-01-30] (Spotify AB) [Startup Task]
Ubuntu -> C:\Program Files\WindowsApps\CanonicalGroupLimited.UbuntuonWindows_2004.2020.812.0_x64__79rhkp1fndgsc [2021-01-31] (Canonical Group Limited)
Word -> C:\Program Files\WindowsApps\word.office.com-CECA1A7F_1.0.0.0_neutral__jc2kecmnkxwqc [2021-02-01] (word.office.com)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.7.0_x86__xpfg3f7e9an52 [2021-01-21] (New Work SE)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-12-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-12-10] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-02] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a51067c0ac557884\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-02] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [251392 2017-12-08] () [File not signed]
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [189440 2019-12-07] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2017-12-08] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\****\anaconda3\Scripts\activate.bat C:\Users\****\anaconda3
ShortcutWithArgument: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (anaconda32).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\****\anaconda32\Scripts\activate.bat C:\Users\****\anaconda32
ShortcutWithArgument: C:\Users\****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\cf42999f6561ff23\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Loaded Modules (Whitelisted) =============

2020-07-08 18:42 - 2020-07-08 18:42 - 000477696 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ffi-napi\prebuilds\win32-ia32\node.napi.node
2020-07-08 18:42 - 2020-07-08 18:42 - 000471040 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\ref-napi\prebuilds\win32-ia32\node.napi.node
2020-07-14 18:16 - 2020-07-14 18:16 - 000454656 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\node_modules\registry-js\prebuilds\win32-ia32\node.napi.node
2020-12-10 23:51 - 2020-01-08 13:33 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2020-12-11 00:03 - 2020-02-11 16:02 - 000884224 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2020-12-11 00:03 - 2020-02-11 16:02 - 000999936 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2020-12-11 00:03 - 2020-02-11 16:02 - 000987648 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2020-12-11 00:03 - 2020-02-11 16:02 - 000950784 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2020-12-11 00:03 - 2020-02-20 10:02 - 001063424 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FanInfofromProtocol.dll
2020-12-10 23:51 - 2020-03-31 10:32 - 001164800 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2020-12-10 23:51 - 2020-03-31 10:31 - 005844612 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll
2020-12-10 23:51 - 2019-05-13 17:44 - 000208896 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll
2020-12-10 23:51 - 2019-05-13 17:44 - 000681984 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\UIImprovmentHelper.dll
2020-12-10 18:59 - 2019-12-23 19:51 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2020-04-22 16:35 - 2020-04-22 16:35 - 000081920 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\WindowID\WindowID.dll
2020-12-10 23:51 - 2020-02-11 16:02 - 006065152 _____ () [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.86\libprotobufd.dll
2020-12-10 23:51 - 2020-02-11 16:05 - 000069632 _____ () [File not signed] C:\Program Files (x86)\ASUS\VGA COM\2.00.05\Exeio.dll
2020-11-23 18:42 - 2020-11-23 18:42 - 000356352 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ActionsConverters.dll
2020-11-23 18:04 - 2020-11-23 18:04 - 000759808 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyCommands.dll
2020-11-23 18:04 - 2020-11-23 18:04 - 000743936 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyNotifications.dll
2020-11-23 18:03 - 2020-11-23 18:03 - 000658944 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\MobileProto.dll
2020-11-23 18:04 - 2020-11-23 18:04 - 000203776 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ModelHelpers.dll
2020-11-23 18:03 - 2020-11-23 18:03 - 000209408 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2020-11-23 18:02 - 2020-11-23 18:02 - 000101376 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2020-05-26 18:08 - 2020-05-26 18:08 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2020-12-10 23:51 - 2020-01-08 13:33 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2020-12-10 23:51 - 2020-01-08 13:33 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2020-12-10 23:51 - 2020-01-08 13:33 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2020-12-11 00:03 - 2020-02-11 16:02 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2020-12-10 18:59 - 2019-10-24 12:15 - 002676736 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\AURAChecker.dll
2021-01-26 21:44 - 2021-01-26 21:44 - 000684544 _____ (sandboxie-plus.com) [File not signed] C:\Program Files\Sandboxie\SbieDll.dll
2021-01-26 21:48 - 2021-01-26 21:48 - 000121344 _____ (sandboxie-plus.com) [File not signed] C:\Program Files\Sandboxie\SboxHostDll.dll
2020-10-21 10:59 - 2020-10-21 10:59 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2020-12-10 18:59 - 2019-06-26 17:07 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2020-12-10 18:59 - 2019-06-26 17:07 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2020-12-10 19:00 - 2020-05-14 16:15 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libcrypto-1_1-x64.dll
2020-12-10 19:00 - 2020-05-14 16:15 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\libssl-1_1-x64.dll
2020-12-15 19:28 - 2020-12-15 19:28 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-12-15 19:28 - 2020-12-15 19:28 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-11-23 18:02 - 2020-11-23 18:02 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2020-11-23 18:02 - 2020-11-23 18:02 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
2020-12-15 19:28 - 2020-12-15 19:28 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-01-27 20:17 - 2020-12-15 19:28 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-01-27 20:17 - 2020-12-15 19:28 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-01-27 20:17 - 2020-12-15 19:28 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-01-27 20:17 - 2020-12-15 19:28 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-01-27 20:17 - 2020-12-15 19:28 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-01-27 20:17 - 2020-12-15 19:28 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2020-12-10 23:51 - 2020-02-11 16:05 - 000362496 _____ (TODO: <Company name>) [File not signed] [File is in use] C:\Program Files (x86)\ASUS\VGA COM\2.00.05\AsusGpuTweak.dll
2020-12-10 18:59 - 2019-07-31 15:48 - 000072704 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Protocol\Interrupt\InterruptTransfer.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-629832801-3061168427-1117579530-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-12-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-12-10] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-11] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2021-01-24 10:14 - 000000273 _____ C:\Windows\system32\drivers\etc\hosts

192.168.0.194 host.docker.internal
192.168.0.194 gateway.docker.internal
127.0.0.1 kubernetes.docker.internal

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\FAHClient;C:\Program Files\Git\cmd;C:\Program Files\nodejs\;C:\Program Files\dotnet\;C:\xampp\php;C:\composer;C:\Program Files\Docker\Docker\resources\bin;C:\ProgramData\DockerDesktop\version-bin
HKU\S-1-5-21-629832801-3061168427-1117579530-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\****-wallpaper.png
DNS Servers: 172.18.0.24 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Hamachi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "RamCache III "
HKU\S-1-5-21-629832801-3061168427-1117579530-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7786DD0F-901A-45AA-AE81-45B7F72AA411}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{F10D5C2E-C3F9-4448-B969-4095E26396E6}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{D3A95F79-C63F-44D1-9C8F-00D19B09A2CC}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
FirewallRules: [{474D76C7-C620-4D70-B4E1-CF116A2571A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A2A2F1E-2F38-44E1-A11F-9BBE5CA5FA4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3213FC6A-A6BD-4291-9525-1063D682644D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{19113434-D2A4-47D4-99F6-9BF78374FB44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C0849312-FD2B-4BF5-ADA6-0F703CBD5A08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7B7683A1-BA79-43A9-9988-82C0B0C105DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{412B0D32-7ABD-4606-A9A0-A877DE3357B6}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1995FB57-FD38-4F25-833D-4CD96B8DEF99}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E9BCDA8E-A437-4074-903F-4F921C687CCC}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{84AC9DB7-30FC-4D2A-A13C-27F6DA69041D}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{BB4A39DA-6781-4442-869E-BC1B7F9E4A28}] => (Allow) D:\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{00FD46F9-7C32-4C6E-A7A1-DC224C32C4B4}] => (Allow) D:\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{831400C1-070D-4D5A-8421-22A3C024D9CF}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{336FD182-5415-43A4-8DFB-6C0F4B18B2B2}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A55265F5-EE31-4421-A122-70F513EA914D}] => (Allow) D:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{499377E4-3773-44C1-82DD-D3684F211E50}] => (Allow) D:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [TCP Query User{51C398C0-B335-4D53-B5A1-0BBD0E120918}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{A16DC63B-5F41-451B-ADB5-8EC54713DA13}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{9554AB16-9EB5-4FBE-AB6A-FF0DE4943E95}] => (Allow) D:\Steam\steamapps\common\ShareX\ShareX_Launcher.exe (ShareX Team) [File not signed]
FirewallRules: [{25C6BB4E-5AB3-4246-A1A8-8EC2741F136E}] => (Allow) D:\Steam\steamapps\common\ShareX\ShareX_Launcher.exe (ShareX Team) [File not signed]
FirewallRules: [TCP Query User{F9E2DB17-1EE1-40E9-A826-F3B9A92A010A}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{AFBBD0E6-565D-41E7-94FF-D12C364215CE}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{D230BDB9-482A-410B-AC4E-1447E96645CA}C:\users\****\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe] => (Allow) C:\users\****\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [UDP Query User{1F603E99-38C5-4350-AFE4-85B2B154BD38}C:\users\****\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe] => (Allow) C:\users\****\appdata\local\packages\b9eced6f.armourycrate_qmba6cd70vzyy\localstate\gridupdatefile\asusgcdriverupdateclient.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
FirewallRules: [{6A9D2A4E-2F28-4A2F-8219-D4233D0AAAE4}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{054648CF-7FE8-430A-BC67-CE3431597C9A}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{42165231-AF21-492D-A4F0-39B02FCA4D09}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{282F9C6F-4A8B-4640-8F00-16C0481EE1C0}] => (Allow) D:\Steam\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{7F9A4066-51C4-4E3D-8844-AE8F2C9343C1}] => (Allow) D:\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{C96188AD-7F9C-4230-92D8-B5CC4C6832B6}] => (Allow) D:\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [TCP Query User{94635BB5-A463-4037-A57C-1DF43CC4E909}D:\steam\steamapps\common\hearts of iron iv\hoi4.exe] => (Allow) D:\steam\steamapps\common\hearts of iron iv\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [UDP Query User{CDB7843D-4FB1-4313-AA0B-DD9EA494E596}D:\steam\steamapps\common\hearts of iron iv\hoi4.exe] => (Allow) D:\steam\steamapps\common\hearts of iron iv\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [TCP Query User{E865A4D0-D228-42C2-9453-F18E35C50686}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe () [File not signed]
FirewallRules: [UDP Query User{9BFC10C2-6200-4051-9563-588EAF38F5D5}C:\program files (x86)\fahclient\fahclient.exe] => (Allow) C:\program files (x86)\fahclient\fahclient.exe () [File not signed]
FirewallRules: [TCP Query User{95739962-7F64-4842-A9CD-08B68DF68D1E}C:\users\****\appdata\local\programs\opera gx\71.0.3770.456\opera.exe] => (Allow) C:\users\****\appdata\local\programs\opera gx\71.0.3770.456\opera.exe => No File
FirewallRules: [UDP Query User{51931B1C-BD0E-4879-9603-8F61EBEAAA20}C:\users\****\appdata\local\programs\opera gx\71.0.3770.456\opera.exe] => (Allow) C:\users\****\appdata\local\programs\opera gx\71.0.3770.456\opera.exe => No File
FirewallRules: [{406D285E-5DA8-4BAE-ABD0-F77FD572EEA8}] => (Allow) D:\Rockstar\Grand Theft Auto V\GTA5.exe => No File
FirewallRules: [{0CFA5555-0FCC-4404-9CDD-06E502AFCA3B}] => (Allow) D:\Rockstar\Grand Theft Auto V\GTA5.exe => No File
FirewallRules: [TCP Query User{166AD9F8-1415-498C-AE06-F35A2A742EEC}C:\users\****\onedrive\desktop\nanotek_full0.0.1.0 (1)\windowsnoeditor\nanotek\binaries\win64\nanotek.exe] => (Block) C:\users\****\onedrive\desktop\nanotek_full0.0.1.0 (1)\windowsnoeditor\nanotek\binaries\win64\nanotek.exe => No File
FirewallRules: [UDP Query User{5580287B-1474-4B39-BA59-92E7DD7A618C}C:\users\****\onedrive\desktop\nanotek_full0.0.1.0 (1)\windowsnoeditor\nanotek\binaries\win64\nanotek.exe] => (Block) C:\users\****\onedrive\desktop\nanotek_full0.0.1.0 (1)\windowsnoeditor\nanotek\binaries\win64\nanotek.exe => No File
FirewallRules: [{D70D9065-BE58-4813-B6A8-A73677EE5DAF}] => (Allow) D:\Steam\steamapps\common\Star Trek Online\Star Trek Online.exe (Cryptic Studios Inc. -> )
FirewallRules: [{D62F28AC-2F62-4DA5-9DE6-26172A0C3975}] => (Allow) D:\Steam\steamapps\common\Star Trek Online\Star Trek Online.exe (Cryptic Studios Inc. -> )
FirewallRules: [{22518677-D12D-4129-9868-4E9906270B95}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{89E95977-8915-41DE-B595-3901B85E1B0C}] => (Allow) D:\Steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{40F36952-9114-4C22-9DAD-94EB719F3D54}] => (Allow) D:\Steam\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{3A3BF618-4960-4E62-9151-87C4CB8F633C}] => (Allow) D:\Steam\steamapps\common\ImperatorRome\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{3FA11582-1CC3-4929-9BB1-666DADC52E0D}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{1FAF6E54-8FA0-4977-81A0-0C61670026C7}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{94347F4B-493C-481E-BEDA-5E0FCDD86E93}D:\steam\steamapps\common\star trek online\star trek online\live\x64\gameclient.exe] => (Allow) D:\steam\steamapps\common\star trek online\star trek online\live\x64\gameclient.exe (Cryptic Studios Inc. -> )
FirewallRules: [UDP Query User{AE952A3F-F52E-4073-9FD5-ADB728359A47}D:\steam\steamapps\common\star trek online\star trek online\live\x64\gameclient.exe] => (Allow) D:\steam\steamapps\common\star trek online\star trek online\live\x64\gameclient.exe (Cryptic Studios Inc. -> )
FirewallRules: [{1245A28D-07DE-416A-81F6-8F82D03C15AB}] => (Allow) D:\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [{90A01042-0DBA-4BA6-9D2C-FFB9F74C87DA}] => (Allow) D:\Steam\steamapps\common\Mafia Definitive Edition\launcher.exe (2K Games) [File not signed]
FirewallRules: [TCP Query User{5A879F7D-F01A-44F1-899F-1688AD6E09E0}C:\users\****\onedrive\desktop\spiele\nanotek_full0.0.1.0 (1)\windowsnoeditor\nanotek\binaries\win64\nanotek.exe] => (Block) C:\users\****\onedrive\desktop\spiele\nanotek_full0.0.1.0 (1)\windowsnoeditor\nanotek\binaries\win64\nanotek.exe => No File
FirewallRules: [UDP Query User{1FF7308B-6CD9-4699-8E6E-34D13FC334F9}C:\users\****\onedrive\desktop\spiele\nanotek_full0.0.1.0 (1)\windowsnoeditor\nanotek\binaries\win64\nanotek.exe] => (Block) C:\users\****\onedrive\desktop\spiele\nanotek_full0.0.1.0 (1)\windowsnoeditor\nanotek\binaries\win64\nanotek.exe => No File
FirewallRules: [TCP Query User{1AD4DB97-1BD4-46CD-89D8-B27E0D2A7413}C:\users\****\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.0.11\jdk-11.0.8+10-jre\bin\java.exe] => (Allow) C:\users\****\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.0.11\jdk-11.0.8+10-jre\bin\java.exe
FirewallRules: [UDP Query User{A070B82E-1D43-464E-AC83-15514DF493C6}C:\users\****\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.0.11\jdk-11.0.8+10-jre\bin\java.exe] => (Allow) C:\users\****\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.0.11\jdk-11.0.8+10-jre\bin\java.exe
FirewallRules: [TCP Query User{1A22BDD7-28D4-47E1-A81B-1E2B4F802F71}C:\users\****\appdata\local\.ftba\bin\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\****\appdata\local\.ftba\bin\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{303BB5BC-A377-4787-8499-E847DF78BA1C}C:\users\****\appdata\local\.ftba\bin\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\****\appdata\local\.ftba\bin\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{9592B8B5-A223-43B8-B8E7-D5BCC4AAC381}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{332CB269-CFEF-4435-B54B-83BD0B99079D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{624D2D14-49E5-4AE3-A490-06120B845E01}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{69D8FC93-AF16-4B9F-9A84-94C2F7C1A653}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{84732AD0-A17E-4817-8DD3-D6D9B3CF8F23}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{5D90172E-8199-4B9F-809B-759830BBEEBA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{3C7BBC2C-CF43-4FB4-B749-FF37B74D0619}] => (Allow) D:\Origin\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{0E0FCC45-A427-44FC-8466-17EC8629B934}] => (Allow) D:\Origin\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{AA8B6ABA-05C6-4374-8412-549E1E725838}] => (Allow) D:\Origin\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{C95A0B3A-B8C0-48CE-BAEF-C744073EE960}] => (Allow) D:\Origin\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{EA2880DA-29EB-4903-9F97-A37B51DEEC98}D:\origin\battlefield 4\bf4.exe] => (Allow) D:\origin\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{6EFE9B51-5A34-48C3-A2BA-D30DFD1B0851}D:\origin\battlefield 4\bf4.exe] => (Allow) D:\origin\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{A7EA33A7-03A5-435E-BB94-8EDF1E53A516}D:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{7A550BA4-690D-4407-8521-3F3F73EECB8E}D:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steam\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{7F306528-E40A-445B-A96B-0368BAB831FA}] => (Allow) D:\Steam\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0E291CBA-3687-4FBC-9227-1EDB8E4C2C5B}] => (Allow) D:\Steam\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{9E11AFDD-DD24-42E0-90BA-61DBE2073B0D}C:\ragemp\server-files\ragemp-server.exe] => (Allow) C:\ragemp\server-files\ragemp-server.exe () [File not signed]
FirewallRules: [UDP Query User{0C2DB987-86DE-4665-AFB5-DD1CB430C565}C:\ragemp\server-files\ragemp-server.exe] => (Allow) C:\ragemp\server-files\ragemp-server.exe () [File not signed]
FirewallRules: [{5F1BF152-9703-4BF6-8F57-24E095A38B9A}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [{3C4D73EE-C904-4A5B-B5C8-6D72E2EE2F51}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe () [File not signed]
FirewallRules: [{A780C78D-BFF2-4396-A087-B2D69D114B55}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release_vr.exe () [File not signed]
FirewallRules: [{09827B56-1359-48A0-BF24-58D23790F53A}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release_vr.exe () [File not signed]
FirewallRules: [{3CAA5F39-A6F6-4103-B307-870DB52C6AB4}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{D21C719B-10B8-4778-9D1A-3009B38F1086}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{9B29F212-0056-4E1B-9110-88C2C86B612C}] => (Allow) D:\Steam\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.)
FirewallRules: [{153268C0-40E1-4F80-BFAA-EB5CCF5322BA}] => (Allow) D:\Steam\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.)
FirewallRules: [{D24A86A9-8D24-48ED-9919-548103CF5063}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{345D5BF1-2A21-4EB0-857F-DD4FD7101D8C}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{DCE16A07-30E9-4C74-8204-084CB569A4DD}C:\users\****\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.0.12\jdk-11.0.8+10-jre\bin\java.exe] => (Allow) C:\users\****\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.0.12\jdk-11.0.8+10-jre\bin\java.exe
FirewallRules: [UDP Query User{9AD0786B-892A-4147-AF69-F7100FD0A106}C:\users\****\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.0.12\jdk-11.0.8+10-jre\bin\java.exe] => (Allow) C:\users\****\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.0.12\jdk-11.0.8+10-jre\bin\java.exe
FirewallRules: [TCP Query User{966CEF76-64C6-4F3A-9E60-8C76FDC55AFB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{13735AF7-D183-4194-B491-6485B2A076A3}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{E7661DDB-CD0A-4087-8168-FC912425AAEC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{D94B103C-36AE-4A63-9F93-5C4E9174CFD0}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [{8D43245A-C887-44DB-A1C2-13EE5C3CE5A4}] => (Allow) D:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe () [File not signed]
FirewallRules: [{797BBE4A-FEFA-456D-BE06-B8267842454F}] => (Allow) D:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe () [File not signed]
FirewallRules: [{371BE193-E022-433E-A5D3-27FBA109BE71}] => (Allow) D:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe () [File not signed]
FirewallRules: [{C418BA58-2C79-43E7-9D4B-2FEDBAD6DEE9}] => (Allow) D:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe () [File not signed]
FirewallRules: [{F6A83E72-3170-4370-99DB-B0DB481FA27F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1232AA7-ED53-498F-8022-EE56693B66A7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B80CBDC-97FB-486E-9D31-5C9EFCD67AD4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C89FE7B5-298C-4AC2-83C0-5F1448886F30}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B33A1487-0CAB-45FE-A39E-0882CC2E481A}] => (Allow) D:\Steam\steamapps\common\Power & Revolution 2019 Edition\_start.exe (Eversim -> )
FirewallRules: [{C8AE3775-02FA-47BF-8ABD-66014FC6294D}] => (Allow) D:\Steam\steamapps\common\Power & Revolution 2019 Edition\_start.exe (Eversim -> )
FirewallRules: [TCP Query User{28AC1266-FB3F-4D6B-921F-FC2BBA356A5A}C:\users\****\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\****\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B0844071-20B1-4DDF-90C6-FC0AB5D05B33}C:\users\****\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\****\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F52CA12-41E9-482C-B931-D309A66B9FE8}] => (Allow) D:\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe (Koch Media GmbH) [File not signed]
FirewallRules: [{1978891A-89B8-4010-B707-DFBB77E438EF}] => (Allow) D:\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe (Koch Media GmbH) [File not signed]
FirewallRules: [{F5035D1D-FD1F-4B29-A690-3A4422EDF8A5}] => (Allow) D:\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{21FA39B0-BD4B-41D5-AA28-2854ABEEB6D5}] => (Allow) D:\Steam\steamapps\common\RimWorld\RimWorldWin64.exe () [File not signed]
FirewallRules: [{85688EF7-68C5-49FB-8263-77FA3F8FCB3E}] => (Allow) D:\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{DF96DE28-DF88-4EC0-A3A0-8EAB38A053BE}] => (Allow) D:\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{7809E508-9246-4A22-8E23-223A3AAC814C}] => (Allow) D:\Steam\steamapps\common\Sherlock Holmes - Crimes and Punishments\Binaries\Win32\Sherlock.exe (Frogwares, Inc.) [File not signed]
FirewallRules: [{A14B39F2-4D15-4E12-A62C-1953BEBD413D}] => (Allow) D:\Steam\steamapps\common\Sherlock Holmes - Crimes and Punishments\Binaries\Win32\Sherlock.exe (Frogwares, Inc.) [File not signed]
FirewallRules: [TCP Query User{C102D219-355A-448A-9234-827CBD0BE4B2}C:\users\****\appdata\local\programs\opera gx\72.0.3815.459\opera.exe] => (Allow) C:\users\****\appdata\local\programs\opera gx\72.0.3815.459\opera.exe => No File
FirewallRules: [UDP Query User{CDBE280C-CF6F-4564-A0C6-15AEFBE04BE2}C:\users\****\appdata\local\programs\opera gx\72.0.3815.459\opera.exe] => (Allow) C:\users\****\appdata\local\programs\opera gx\72.0.3815.459\opera.exe => No File
FirewallRules: [{B4846605-08DC-4BFE-B0FC-76805D0418E3}] => (Allow) D:\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{4CB9E398-D92D-48F9-9609-91930FF8F0D6}] => (Allow) D:\Steam\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{C5582861-2B08-44C9-A37B-99D1D0210B29}] => (Allow) D:\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> )
FirewallRules: [{D723BE69-5D29-4512-B5E1-3E4F0C9C6E38}] => (Allow) D:\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> )
FirewallRules: [{EA5547FF-0ADC-4FD2-98C2-61D977414CBE}] => (Allow) D:\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{B97A796C-0AB0-450C-B139-4EE907D740E2}] => (Allow) D:\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{3692566E-2E64-496D-B9D1-66BDE7235CF7}] => (Allow) D:\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe (BeamNG GmbH) [File not signed]
FirewallRules: [{FEEF6682-6CE5-4E29-BAE0-AAA83F893855}] => (Allow) D:\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe (BeamNG GmbH) [File not signed]
FirewallRules: [{59AD863D-ABA4-485B-9556-CC5E8415DAE3}] => (Allow) D:\Steam\steamapps\common\Squad\squad_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{AC2654B1-6C22-453F-8D0A-D52F6824813B}] => (Allow) D:\Steam\steamapps\common\Squad\squad_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8CFCBF1F-0A9C-44DF-82A3-3BA19FF53858}] => (Allow) D:\Steam\steamapps\common\Stormworks\stormworks64.exe () [File not signed]
FirewallRules: [{9FA6DCB8-2046-43C1-B0E2-B571D59FC31B}] => (Allow) D:\Steam\steamapps\common\Stormworks\stormworks64.exe () [File not signed]
FirewallRules: [{8FFEE9D6-F4EF-49EB-B8B7-B51B684D9963}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EFB3A07-6D04-4113-89A7-C063BC077B32}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE0FBA9A-CC97-454F-A9F0-4919A2DBE44A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3C351192-3414-4215-93DC-63472BF382DB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3D0CEEC3-1CB2-437D-8785-DF63E6211CDF}] => (Allow) D:\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{2EEE3475-9418-4721-A0BF-5D302F7CB649}] => (Allow) D:\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{8EBF74FD-8D9A-493B-A786-0EFF3549C4FB}] => (Allow) D:\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{BB141690-CC14-46E1-83C0-33AC4262082E}] => (Allow) D:\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{DDC91E8E-A45E-4243-8479-8B2BC3F4368A}] => (Allow) D:\Steam\steamapps\common\Galimulator\galimulator-windows-64bit.exe () [File not signed]
FirewallRules: [{6049F9CC-1032-485C-87C8-F2EC324710FB}] => (Allow) D:\Steam\steamapps\common\Galimulator\galimulator-windows-64bit.exe () [File not signed]
FirewallRules: [{1A4F1C4E-72AA-4241-9CA7-AE3981D99224}] => (Allow) D:\Steam\steamapps\common\I Am Your President Prologue\I Am Your President Prologue.exe () [File not signed]
FirewallRules: [{7249E6E2-275F-4B48-8DE5-82032814C5DF}] => (Allow) D:\Steam\steamapps\common\I Am Your President Prologue\I Am Your President Prologue.exe () [File not signed]
FirewallRules: [{9B7EF771-D034-46AD-BE5C-4AE09A02B49E}] => (Allow) D:\Steam\steamapps\common\Command - Modern Operations\Launcher.exe (Slitherine Software UK Limited -> Slitherine Ltd.)
FirewallRules: [{E8E09B16-488A-4271-A1E9-07B31CE1752C}] => (Allow) D:\Steam\steamapps\common\Command - Modern Operations\Launcher.exe (Slitherine Software UK Limited -> Slitherine Ltd.)
FirewallRules: [{206BFC6D-1B37-46D4-86A6-3FF0C054B6AD}] => (Allow) D:\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments Plc -> Frontier Developments)
FirewallRules: [{ED3C82DD-DEAB-42C9-BEAA-2A2D64ADEFCA}] => (Allow) D:\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments Plc -> Frontier Developments)
FirewallRules: [{20A8D4AF-45C3-4CA3-9293-114BE875352E}] => (Allow) D:\Steam\steamapps\common\DCSWorld\bin\DCS.exe (Eagle Dynamics) [File not signed]
FirewallRules: [{A7AB282D-DF36-46AF-80E2-F291AED14406}] => (Allow) D:\Steam\steamapps\common\DCSWorld\bin\DCS.exe (Eagle Dynamics) [File not signed]
FirewallRules: [{4DD0A5A4-940D-40BB-95B3-FFD09645BC07}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6BA58C74-E3BD-4D9C-81FA-D4920989184C}D:\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe] => (Allow) D:\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe (BeamNG GmbH) [File not signed]
FirewallRules: [UDP Query User{847DF0BD-CED7-45EA-B078-9072BD20BCEE}D:\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe] => (Allow) D:\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe (BeamNG GmbH) [File not signed]
FirewallRules: [TCP Query User{8BD13A21-C5B7-453B-915F-3867ECAD2632}C:\users\****\appdata\roaming\beammp launcher\beammp-launcher.exe] => (Allow) C:\users\****\appdata\roaming\beammp launcher\beammp-launcher.exe (BeamMP Mod Team -> BeamMP Mod Team) [File not signed]
FirewallRules: [UDP Query User{97BE7F60-9BD0-466C-BD35-EA8F1ADFAB99}C:\users\****\appdata\roaming\beammp launcher\beammp-launcher.exe] => (Allow) C:\users\****\appdata\roaming\beammp launcher\beammp-launcher.exe (BeamMP Mod Team -> BeamMP Mod Team) [File not signed]
FirewallRules: [{24EA48E0-8C9E-4BAF-ACE5-6D171A204D15}] => (Allow) D:\Steam\steamapps\common\X4 Foundations\X4.exe (EGOSOFT GmbH) [File not signed]
FirewallRules: [{34E06D68-F5CB-4DFF-97D9-BCEEB7CE0E61}] => (Allow) D:\Steam\steamapps\common\X4 Foundations\X4.exe (EGOSOFT GmbH) [File not signed]
FirewallRules: [{4242AF25-D681-487A-990C-9F0C50579C66}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{5FF49F82-0628-47B6-82B1-519EB06E0B41}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{9D5F1208-E85D-441C-98E7-FD15D38062B1}C:\program files (x86)\amazon web services, inc\amazon workspaces\workspaces.exe] => (Allow) C:\program files (x86)\amazon web services, inc\amazon workspaces\workspaces.exe (Amazon.com Services LLC -> workspaces)
FirewallRules: [UDP Query User{1A182303-BC64-457C-BB25-5434706C3D80}C:\program files (x86)\amazon web services, inc\amazon workspaces\workspaces.exe] => (Allow) C:\program files (x86)\amazon web services, inc\amazon workspaces\workspaces.exe (Amazon.com Services LLC -> workspaces)
FirewallRules: [TCP Query User{1E4E019F-631E-478E-82E0-0CF99A4F74CB}C:\users\****\appdata\local\programs\opera gx\72.0.3815.465\opera.exe] => (Allow) C:\users\****\appdata\local\programs\opera gx\72.0.3815.465\opera.exe => No File
FirewallRules: [UDP Query User{93437765-8BD6-4187-BD02-DB5BFD8E92C0}C:\users\****\appdata\local\programs\opera gx\72.0.3815.465\opera.exe] => (Allow) C:\users\****\appdata\local\programs\opera gx\72.0.3815.465\opera.exe => No File
FirewallRules: [TCP Query User{9E808824-FC73-4727-B494-FBACC1228DE5}D:\rockstar\red dead redemption 2\rdr2.exe] => (Allow) D:\rockstar\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{DEC69C25-F3BF-4FB2-A427-3E474029A2B7}D:\rockstar\red dead redemption 2\rdr2.exe] => (Allow) D:\rockstar\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{F966FB8B-4743-4027-8C9D-1FFAEE885B4D}C:\users\****\appdata\local\temp\rar$exa29036.626\eveefangamepackage2\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Block) C:\users\****\appdata\local\temp\rar$exa29036.626\eveefangamepackage2\windowsnoeditor\engine\binaries\win64\ue4game.exe => No File
FirewallRules: [UDP Query User{19E9AC38-4DF3-4A7E-95A8-8640ED6D471A}C:\users\****\appdata\local\temp\rar$exa29036.626\eveefangamepackage2\windowsnoeditor\engine\binaries\win64\ue4game.exe] => (Block) C:\users\****\appdata\local\temp\rar$exa29036.626\eveefangamepackage2\windowsnoeditor\engine\binaries\win64\ue4game.exe => No File
FirewallRules: [{C92232C7-777A-41EC-8CE2-F898809484C1}] => (Allow) D:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{B49BC408-60AD-442C-BBEA-302EE9D1C3D3}] => (Allow) D:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (Relic Entertainment, Inc -> Relic Entertainment Inc.)
FirewallRules: [{34822F08-29B8-4996-B9E2-4EDEA3D12E3F}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{2257886E-413D-4371-AC19-DD2305B376ED}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{603F4D89-790A-40F6-AF78-5B944FFBFDC2}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{C894250D-0AF0-457D-BB84-F165A5852CBE}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{7151AD8A-D9F7-4112-BC27-7E1DC2F13391}] => (Allow) C:\Program Files (x86)\Overwolf\0.162.0.13\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A624A33C-D72D-48DB-90A5-06C4930767D9}] => (Allow) C:\Program Files (x86)\Overwolf\0.162.0.13\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{30B2A513-ABFA-42C0-9DC7-E6210E92BBEF}] => (Block) C:\Program Files (x86)\Overwolf\0.162.0.13\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0CE0E98F-0DFB-4804-873E-4D1D8B1E6A60}] => (Block) C:\Program Files (x86)\Overwolf\0.162.0.13\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{04BCA418-C4E9-4793-9E19-DC3FA16798AF}] => (Allow) D:\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe () [File not signed]
FirewallRules: [{86AD0881-AD66-4A94-B0C9-7032C2066ECD}] => (Allow) D:\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe () [File not signed]
FirewallRules: [{09035372-09CC-4124-AFD4-286B534CE8E8}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{BA7621F0-36DF-4FDF-B97F-FD952DEAFB4A}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)
FirewallRules: [{3B1BA7BD-24E1-4092-89A1-55F83503A4E4}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{29C571B8-4048-4B6B-ABF1-5160425EB580}] => (Allow) D:\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{94C83A05-0D5A-465C-98EE-2E3EC6669924}] => (Allow) D:\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe (TaleWorlds Entertainment -> TaleWorlds Entertainment) [File not signed]
FirewallRules: [{EE584920-A999-4E50-BB70-61FA9C46B91A}] => (Allow) D:\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe (TaleWorlds Entertainment -> TaleWorlds Entertainment) [File not signed]
FirewallRules: [{723699F8-837D-445D-A7C5-1FB2331C0B58}] => (Allow) D:\Steam\steamapps\common\Forts\Forts.exe (EarthWork Games Pty Ltd -> )
FirewallRules: [{0E7D230F-5C92-4C27-886E-93440E60580C}] => (Allow) D:\Steam\steamapps\common\Forts\Forts.exe (EarthWork Games Pty Ltd -> )
FirewallRules: [TCP Query User{68BEA085-2FB6-41BE-B585-2CAB29E58A96}C:\users\****\appdata\local\programs\opera gx\72.0.3815.473\opera.exe] => (Block) C:\users\****\appdata\local\programs\opera gx\72.0.3815.473\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{6BB373BE-D811-453F-8A9E-0632058D00F9}C:\users\****\appdata\local\programs\opera gx\72.0.3815.473\opera.exe] => (Block) C:\users\****\appdata\local\programs\opera gx\72.0.3815.473\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{C52C4944-1ECF-4C90-BA65-B9CCEBCB66B9}D:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{A9212FFD-DD7C-4344-8F79-98B96D490422}D:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{0EDF318D-05E6-4776-A6B6-B536B1ED799A}] => (Allow) D:\Steam\steamapps\common\Eve Online\eve.exe (CCP ehf -> )
FirewallRules: [{7B8A7DFF-51F3-4D57-8E71-DFB77E7EAC40}] => (Allow) D:\Steam\steamapps\common\Eve Online\eve.exe (CCP ehf -> )
FirewallRules: [{30725E42-5266-49F2-B8C7-69B4B051D454}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{512F6FFA-BF16-4D30-81E6-8494940E2B71}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{C5E7DB74-9F53-42FA-AFB0-44F7A21EEEF1}] => (Allow) D:\Steam\steamapps\common\World of Warships\WorldOfWarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{3F01911F-2A5F-4190-A4FF-4BE6EC357D9C}] => (Allow) D:\Steam\steamapps\common\World of Warships\WorldOfWarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{6E7ECF0B-4187-4B6F-A70D-2BF6ECF64A71}] => (Allow) D:\Steam\steamapps\common\CookingSimulator\CookingSim.exe () [File not signed]
FirewallRules: [{BA979165-556B-4B62-88AE-EA899C0AF410}] => (Allow) D:\Steam\steamapps\common\CookingSimulator\CookingSim.exe () [File not signed]
FirewallRules: [{FE9FB094-8CBF-4CFF-AE6A-8D79A69CA5C3}] => (Allow) D:\Steam\steamapps\common\Mr. Prepper Demo\MrPrepperDemo.exe () [File not signed]
FirewallRules: [{117D89A2-A4EE-4540-8417-EE9B657EEC69}] => (Allow) D:\Steam\steamapps\common\Mr. Prepper Demo\MrPrepperDemo.exe () [File not signed]
FirewallRules: [{86B8C81B-93D6-406F-BACB-5E1F15A1C265}] => (Allow) D:\Steam\steamapps\common\Train Station Renovation Demo\TrainStationRenovation.exe () [File not signed]
FirewallRules: [{FE8E0FB0-3D96-480B-A00F-2A8325852047}] => (Allow) D:\Steam\steamapps\common\Train Station Renovation Demo\TrainStationRenovation.exe () [File not signed]
FirewallRules: [{9BFC84D0-50C5-4B64-8795-0E7591EAF8FC}] => (Allow) D:\Steam\steamapps\common\POWER\POWER.exe (Jia Hao) [File not signed]
FirewallRules: [{6FC9F053-815A-4283-AADF-FE324AB27381}] => (Allow) D:\Steam\steamapps\common\POWER\POWER.exe (Jia Hao) [File not signed]
FirewallRules: [{BF004823-BE87-46DB-8C81-07922F8BDE75}] => (Allow) D:\Steam\steamapps\common\SCP Escape Together\SCP_ET.exe () [File not signed]
FirewallRules: [{57176285-680F-492B-91D2-509648A8A46F}] => (Allow) D:\Steam\steamapps\common\SCP Escape Together\SCP_ET.exe () [File not signed]
FirewallRules: [{71673450-8B16-45DA-9763-E26728363E9C}] => (Allow) D:\Steam\steamapps\common\Mr. Prepper Prologue\MrPrepperPrologue.exe () [File not signed]
FirewallRules: [{C989F6E4-39EC-43D9-9F37-140A96529AFB}] => (Allow) D:\Steam\steamapps\common\Mr. Prepper Prologue\MrPrepperPrologue.exe () [File not signed]
FirewallRules: [{B21726FF-231E-44A2-B9B6-55C6BA648CA1}] => (Allow) D:\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{59549946-5754-45FB-BE74-5087241ADA9D}] => (Allow) D:\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{2FB6E3F8-E3C2-4367-8C83-1EFB5851268D}] => (Allow) D:\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{3FF39816-0320-492C-A24D-F80676342442}] => (Allow) D:\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{0A76F963-81D6-42AF-82DD-C1C76B267A06}] => (Allow) D:\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{5EB552C0-672F-462D-A1E5-9A01B8D012D5}] => (Allow) D:\Assassin's Creed Origins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{AB832C05-2E69-4500-87A2-9A993078E26C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ACD1A008-E0D5-40EE-ADBF-D42FA2CBB4AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{864F31BC-D827-4D25-A290-013E017B2728}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F70643DB-802C-4D16-A8F1-7AC3B9DB1211}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D0823587-D208-43D5-8013-E737B718C06F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{13DC820E-BF38-4DA2-BD82-10EC91E4AE0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E2A9D566-1CB3-49ED-8457-9B9A541979EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E192947C-8C71-48F6-BCA2-5DE598965020}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C44B6CA5-CB22-4698-99B5-B0C116792D3C}] => (Allow) D:\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{87E156FC-1608-4010-BF4F-6218120B8FB5}] => (Allow) D:\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{90C041FB-C1F8-4C0F-879A-2EBA2D84C9B8}] => (Allow) D:\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{E2D247D8-8554-46B7-89D5-D244358EC266}] => (Allow) D:\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{1AF727B1-574D-4051-BEA4-6058882B6FFF}] => (Allow) D:\Steam\steamapps\common\Ultimate Epic Battle Simulator\UEBS.exe () [File not signed]
FirewallRules: [{C56077D3-6B41-4479-985C-BCA55F06C13B}] => (Allow) D:\Steam\steamapps\common\Ultimate Epic Battle Simulator\UEBS.exe () [File not signed]
FirewallRules: [TCP Query User{D48F0460-79D5-4D21-9B22-191357C01F53}C:\users\****\appdata\local\programs\opera gx\72.0.3815.487\opera.exe] => (Block) C:\users\****\appdata\local\programs\opera gx\72.0.3815.487\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{103AA09B-D17A-4344-A893-021B238448D2}C:\users\****\appdata\local\programs\opera gx\72.0.3815.487\opera.exe] => (Block) C:\users\****\appdata\local\programs\opera gx\72.0.3815.487\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{46B2C95A-FB7D-4F4C-8BBA-6B600A5E27BB}] => (Allow) D:\Steam\steamapps\common\Plane Mechanic Simulator\PMS_build.exe () [File not signed]
FirewallRules: [{2E880344-D27C-4DB3-A092-CF6E4C18AAA8}] => (Allow) D:\Steam\steamapps\common\Plane Mechanic Simulator\PMS_build.exe () [File not signed]
FirewallRules: [{FF0DB466-0ABC-4E40-8540-A8C0740FD70A}] => (Allow) D:\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe (Crytek GmbH) [File not signed]
FirewallRules: [{5FD56690-D163-455E-9516-543E32BD0423}] => (Allow) D:\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe (Crytek GmbH) [File not signed]

==================== Restore Points =========================

19-01-2021 20:24:25 Scheduled Checkpoint
21-01-2021 17:27:42 AURA Service
29-01-2021 15:25:44 DirectX wurde installiert

==================== Faulty Device Manager Devices ============

Name: PCI-Ver-/Entschlüsselungscontroller
Description: PCI-Ver-/Entschlüsselungscontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================


Error: (02/02/2021 08:03:21 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: DESKTOP-GVB5PET)
Description: C:\Users\****\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalCacheMicrosoft.MicrosoftOfficeHub_8wekyb3d8bbwe-2147024809

Error: (02/02/2021 07:48:21 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: DESKTOP-GVB5PET)
Description: C:\Users\****\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalCacheMicrosoft.MicrosoftOfficeHub_8wekyb3d8bbwe-2147024809

Error: (02/02/2021 01:46:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wallpaper32.exe, Version: 1.0.0.0, Zeitstempel: 0x5fdea204
Name des fehlerhaften Moduls: nvwgf2um.dll, Version: 27.21.14.6089, Zeitstempel: 0x5fd40049
Ausnahmecode: 0xc0000005
Fehleroffset: 0x004f957c
ID des fehlerhaften Prozesses: 0x48d0
Startzeit der fehlerhaften Anwendung: 0x01d6f9590ac458df
Pfad der fehlerhaften Anwendung: D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a51067c0ac557884\nvwgf2um.dll
Berichtskennung: 195a8d5e-2f88-4c64-821d-4367a61252cc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/01/2021 08:39:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ArmourySwAgent.exe, Version: 1.0.0.13, Zeitstempel: 0x5f88fa47
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.746, Zeitstempel: 0x197b16c5
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0012a842
ID des fehlerhaften Prozesses: 0x1d50
Startzeit der fehlerhaften Anwendung: 0x01d6f8d1e73cd65a
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\KERNELBASE.dll
Berichtskennung: 91181e98-3c12-46c8-a025-676c77eda975
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/01/2021 08:39:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ArmourySwAgent.exe, Version: 1.0.0.13, Zeitstempel: 0x5f88fa47
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.746, Zeitstempel: 0x197b16c5
Ausnahmecode: 0xc0020001
Fehleroffset: 0x0012a842
ID des fehlerhaften Prozesses: 0x1d50
Startzeit der fehlerhaften Anwendung: 0x01d6f8d1e73cd65a
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\KERNELBASE.dll
Berichtskennung: fffc4bbb-a7d2-4780-85bf-4f54edd27e0f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/01/2021 08:39:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ArmourySwAgent.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0020001, Ausnahmeadresse 7549A842
Stapel:


System errors:
=============
Error: (02/02/2021 10:55:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/02/2021 12:46:26 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Der Treiber hat einen internen Treiberfehler auf \Device\VBoxNetLwf gefunden.

Error: (02/01/2021 07:18:44 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Der Treiber hat einen internen Treiberfehler auf \Device\VBoxNetLwf gefunden.

Error: (02/01/2021 07:18:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎01/‎02/‎2021 um 08:07:50 unerwartet heruntergefahren.

Error: (01/31/2021 11:24:35 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Der Treiber hat einen internen Treiberfehler auf \Device\VBoxNetLwf gefunden.

Error: (01/30/2021 08:11:00 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Der Treiber hat einen internen Treiberfehler auf \Device\VBoxNetLwf gefunden.

Error: (01/29/2021 07:28:01 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Der Treiber hat einen internen Treiberfehler auf \Device\VBoxNetLwf gefunden.

Error: (01/29/2021 07:28:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎29/‎01/‎2021 um 19:27:18 unerwartet heruntergefahren.


Windows Defender:
===================================
Date: 2021-02-02 22:37:14.1070000Z
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5F8DBCF3-6305-4395-903A-DB02AC057A5A}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Full Scan
Benutzer: DESKTOP-GVB5PET\****

Date: 2021-02-02 22:18:58.4770000Z
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ymacco.AA84&threatid=2147757276&enterprise=0
Name: Trojan:Win32/Ymacco.AA84
ID: 2147757276
Schweregrad: Severe
Kategorie: Trojan
Pfad: file:_C:\Users\****\Downloads\Poly Bridge 2 v1.23\Poly Bridge 2 v1.23.exe
Erkennungsursprung: Local machine
Erkennungstype: FastPath
Erkennungsquelle: Real-Time Protection
Benutzer: DESKTOP-GVB5PET\****
Prozessname: C:\Program Files\qBittorrent\qbittorrent.exe
Sicherheitsversion: AV: 1.331.67.0, AS: 1.331.67.0, NIS: 1.331.67.0
Modulversion: AM: 1.1.17800.5, NIS: 1.1.17800.5




CodeIntegrity:
===================================

Date: 2021-02-02 22:37:12.2590000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\****\AppData\Local\Programs\Opera GX\72.0.3815.487\opera.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-02 22:37:12.2530000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\****\AppData\Local\Programs\Opera GX\72.0.3815.487\opera.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-31 11:24:58.3850000Z
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-31 11:24:58.3670000Z
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-25 21:53:36.4470000Z
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-25 21:53:36.4340000Z
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-19 04:17:42.4170000Z
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-19 04:17:42.4030000Z
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

----------------------------------------------------------

==================== Drives ================================

Drive a: (****) (Fixed) (Total:14.65 GB) (Free:14.37 GB) NTFS
Drive c: (Windows) (Fixed) (Total:450.5 GB) (Free:92.14 GB) NTFS
Drive d: (Spiele) (Fixed) (Total:3726 GB) (Free:2140.28 GB) NTFS

\\?\Volume{a50c4c6e-c1c5-4737-b5d1-c330d2935c82}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{04457ac2-27bd-80ff-f2fe-af428262d882}\ () (Fixed) (Total:49.88 GB) (Free:0 GB) NTFS
\\?\Volume{17b9d833-c057-dc2f-8afe-e0747553a43c}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{28e62878-b101-a079-8951-5885c200adfd}\ () (Fixed) (Total:1.39 GB) (Free:0 GB) NTFS
\\?\Volume{53c9a71f-9fe8-42a1-98f9-89888f15923a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 5.

==================== End of Addition.txt =======================