|
Plagegeister aller Art und deren Bekämpfung: Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
10.04.2021, 13:57 | #16 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer?Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
10.04.2021, 14:02 | #17 |
| Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer? Ich habe mir eine Lizenz bei Lizengo gekauft. Leider ist deren Website down, ich suche in meiner Email nach der Kaufbestätigung
__________________Edit: Habe die E-Mail gefunden, würde Sie aber gerne privat einem mitteilen Geändert von Drty (10.04.2021 um 14:08 Uhr) |
10.04.2021, 14:08 | #18 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer? Aber sowas wie Windows KMS Activator Ultimate 2019 4.6 ist ein handfestes Indiz für ein gecracktes Windows. Ich würde hier jetzt den Support abbrechen und dir die Neuinstallation von Windows zeigen. Was anderes wär es wenn du ein Windows 10 Home hättest, diese Edition crackt niemand. Soll MKDB entscheiden wie es weitergeht, ich bin hier wieder raus.
__________________
__________________ |
10.04.2021, 14:13 | #19 |
| Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer? Wie gesagt ich kann euch beweisen das ich es gekauft habe, den Ordner von Windows KMS Activator Ultimate 2019 habe ich gelöscht und dort war kein Activator vorhanden. Mehr kann ich dazu jetzt nicht sagen, es ist eure Entscheidung und euer Forum. Falls der Support abgebrochen wird dann bitte ich darum den Thread zu löschen oder zumindest nicht öffentlich zu lassen. |
10.04.2021, 15:07 | #20 |
/// TB-Ausbilder | Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer? Ich bitte um eine Erklärung, warum Windows 10 Pro (und nicht Home) installiert ist. Und den Nachweis bitte nachreichen, dann kanns weiter gehen, ich schreibe dich per PM an. |
10.04.2021, 15:24 | #21 |
| Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer? Habe dir Privat den Nachweis gesendet. Ich habe mich für Windows 10 Pro entschieden um die Remote Desktop Funktion nutzen zu können |
10.04.2021, 16:54 | #22 |
/// TB-Ausbilder | Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer? Wir entfernen einige Reste, auch von Avira und Avast, damit der Cloudbasierte Schutz wieder funktioniert (Schritt 2). Ich habe zudem eine mir unbekannte Malware entdeckt... gut getarnt. Schritt 1 Die folgenden Programme sind veraltet, stören die Bereinigung oder es handelt sich um Werbesoftware (Adware) bzw. Potentiell Unerwünschte Programme (PUP) und müssen entfernt werden.
Schritt 2 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
Schritt 3 Mit Schritt 2 wurde ein .zip Archiv mit dem Schema < Datum_Uhrzeit.zip > (z. B. 20.02.2021_11.33.52.zip) auf deinem Desktop erstellt.
Schritt 4
Bitte poste mit deiner nächsten Antwort:
|
10.04.2021, 17:25 | #23 |
| Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer? Avast konnte nicht komplett gelöscht werden, habe folgenden ordner gelöscht C:\Programme (x86)\Avast Software und anschließend neugestartet. den cloud schutz kann ich immer noch nicht einschalten. Schritt 2: Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-04-2021 durchgeführt von K1992 (10-04-2021 18:21:02) Run:2 Gestartet von C:\Users\gnxks\Downloads Geladene Profile: K1992 Start-Modus: Normal ============================================== fixlist Inhalt: ***************** CloseProcesses: Task: {08C931ED-7BAC-431E-A77C-439CDB2E130A} - System32\Tasks\sartorial ecologically marshallingsartorial ecologically marshalling => C:\Users\gnxks\AppData\Local\Boaster.exe C:\Users\gnxks\AppData\Local\Boaster.exe Task: {0A50E67E-8040-45E3-AC54-26E610654AA7} - System32\Tasks\presets rozenpresets rozen => C:\Program Files (x86)\Kefauver\Unruffled.exe C:\Program Files (x86)\Kefauver Task: {27A02945-C013-4D94-8191-5AD75C8BCF26} - System32\Tasks\danto-zeroeddanto-zeroed => C:\Program Files (x86)\lees\Unruffled.exe C:\Program Files (x86)\lees Task: {9BD5D49C-453B-48F6-A3AA-5EC0F6232A38} - System32\Tasks\venial_weisvenial_weis => C:\Program Files (x86)\Kefauver\Boaster.exe Zip: C:\FRST\Quarantine Task: {38402431-47D9-4590-89D6-686671F7FEBF} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe C:\Windows\System32\Tasks\Avira C:\Program Files (x86)\Avira Task: {5C284F6B-D398-4C9A-B043-5FB20CE5B91D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe C:\Windows\System32\Tasks\Avast C:\Program Files\Common Files\AVAST Software Task: {600034CF-BB59-4F46-A8BE-873378E78242} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software Task: {933F6584-43EE-4E0A-945D-589B9E6761FC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe C:\Windows\System32\Tasks\Microsoft\Office C:\Program Files (x86)\Microsoft Office Task: {E305393D-CD51-49FD-AA36-8FA1B93C8DB2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB} CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\gnxks\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\gnxks\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\gnxks\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> Keine Datei ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> Keine Datei ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> Keine Datei ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Keine Datei ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => Z:\GPG\Gpg4win\bin_64\gpgex.dll -> Keine Datei ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Keine Datei ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Keine Datei ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => Z:\GPG\Gpg4win\bin_64\gpgex.dll -> Keine Datei AlternateDataStreams: C:\Windows:CM_84ef824d9223cefd9bd822e6d77642667f7d6fb48eed9e6869b85458646cdb76 [74] AlternateDataStreams: C:\Windows:CM_c99942455a9c503e19a638848b3be80d8d04f7176b8db08566b3fc4f618f63be [74] HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=bgy_dbnwss_19_38_ssg00¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwingy%26cd%3D2XzuyEtN2Y1L1QzuyE0C0E0D0F0B0C0BtA0FtBtD0B0B0FtDtN0D0Tzu0StBzztBtDtN1L2XzuyEtFyDyDtFtDtFtCtAtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDtAyE0FyDtCtCyBtGyEtC0D0EtGtBtCyBtCtGyCtAzzyBtGzzyE0C0FyBzz0AtD0DzztD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz1S1OyD1StAtD1OtG1R1Q1Q1StGyEzztA1QtG1T1RyB1PtG1RyByC1O1P1T1StAzyzytAtA2QtN0A0LzutDtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCzytDzyzztCzytC%26cr%3D461987780%26a%3Dbgy_dbnwss_19_38_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} HKLM\...\StartupApproved\StartupFolder: => "Avast Cleanup Premium.lnk" HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk" HKLM\...\StartupApproved\Run32: => "Updater" GroupPolicy: Beschränkung ? <==== ACHTUNG HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-03-30] C:\Program Files (x86)\AVAST Software CMD: ipconfig /flushdns CMD: netsh winsock reset CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: Bitsadmin /Reset /Allusers powershell: Set-MpPreference -PUAProtection Enabled powershell: Set-MpPreference -DisableScanningNetworkFiles 0 Hosts: RemoveProxy: SystemRestore: On EmptyTemp: ***************** Prozesse erfolgreich geschlossen. Das System musste neu gestartet werden. ==== Ende von Fixlog 18:21:04 ==== Schritt 3: Es wurde keine .zip Datei auf meinem Desktop angelegt...? |
10.04.2021, 17:37 | #24 |
| Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-04-2021 durchgeführt von K1992 (10-04-2021 18:27:57) Gestartet von C:\Users\gnxks\Downloads Windows 10 Pro Version 20H2 19042.867 (X64) (2020-09-02 14:34:50) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2402965086-3410531683-3514658406-500 - Administrator - Disabled) CDFAccount (S-1-5-21-2402965086-3410531683-3514658406-1006 - Limited - Disabled) DefaultAccount (S-1-5-21-2402965086-3410531683-3514658406-503 - Limited - Disabled) Gast (S-1-5-21-2402965086-3410531683-3514658406-501 - Limited - Disabled) K1992 (S-1-5-21-2402965086-3410531683-3514658406-1004 - Administrator - Enabled) => C:\Users\gnxks WDAGUtilityAccount (S-1-5-21-2402965086-3410531683-3514658406-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) .NET Core SDK 1.0.0 (x64) Installer (x64) (HKLM\...\{3A36F010-62C4-4173-9F25-257F1B0899DD}) (Version: 4.0.4911 - Microsoft Corporation) Hidden .NET Core SDK 1.0.0 (x64) Installer (x64) (HKLM-x32\...\{c7c7d963-f622-455d-879a-7ffa111d1322}) (Version: 1.0.0 - Microsoft Corporation) µTorrent (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.) Active Directory Authentication Library für SQL Server (HKLM\...\{088DDE47-955D-406C-848F-C1531DF2E049}) (Version: 15.0.1300.359 - Microsoft Corporation) Hidden Ad (HKLM\...\{58621D10-8DB7-42D2-9576-32104DBD17F0}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated) AirDroid 3.6.4.0 (HKLM-x32\...\AirDroid) (Version: 3.6.4.0 - Sand Studio) Android Studio (HKLM\...\Android Studio) (Version: 3.3 - Google LLC) Antares Auto-Tune bundle (HKLM\...\Antares Auto-Tune bundle_is1) (Version: 9.1.0 - Antares & Team V.R) Antares Auto-Tune Unlimited (HKLM\...\{4B3EDA7B-3FFD-42C6-8063-B6FC557427E9}) (Version: 1.0.1 - Antares Audio Technologies) Application Verifier x64 External Package (HKLM\...\{10CA1677-8F02-3131-F25C-780BAB52E468}) (Version: 10.1.18362.1 - Microsoft) Hidden Application Verifier x64 External Package (HKLM\...\{AB5E83C8-0175-0A1F-338A-EB8925AFC341}) (Version: 10.1.14393.795 - Microsoft) Hidden Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden Architekt 3D X9 Ultimate (HKLM-x32\...\{5D6C058E-2CF1-4d65-8F72-AAAEA24C57CE}) (Version: 19.0.0 - Avanquest Software) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) Assassin's Creed Odyssey (HKLM-x32\...\Uplay Install 5059) (Version: - Ubisoft) ASTRO Command Center (HKLM-x32\...\{C1C65C00-BE3F-414E-B321-06309B308474}) (Version: 1.0.170 - Astro Gaming) ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.12.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_NBDT HAL (HKLM-x32\...\{71667bbb-81ab-429c-aeb4-e43c31e8fe14}) (Version: 2.2.12.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Display Component (HKLM-x32\...\{36aa03d4-9606-4f04-bf3e-a70ebe6650f3}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.9 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM-x32\...\{2d85b111-aee4-468b-874b-a9272712f69b}) (Version: 1.0.9 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.1.16 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM-x32\...\{ac3dc320-7e5e-4f22-9572-4c2119fcdf85}) (Version: 1.1.16 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.31 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM-x32\...\{b31aaf98-0562-411d-a962-0c3d16a3527a}) (Version: 1.0.31 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Odd Component (HKLM-x32\...\{a29279dc-f417-4442-8225-4db77f7d35b5}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.1.7 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA VGA Component (HKLM-x32\...\{4f18ae01-4390-4b41-be3a-54ef4eacdd91}) (Version: 0.0.1.7 - ASUSTek COMPUTER INC. ) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.27 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM-x32\...\{210cdd08-c947-43a2-9378-bc288f651e41}) (Version: 1.0.27 - ASUSTek COMPUTER INC.) Hidden ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden ASUS MB Peripheral Products (HKLM-x32\...\{3e9b91eb-5bb0-4272-8670-f88d353eb68b}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden ASUS Mouse HAL (HKLM-x32\...\{add3bacc-578f-4bf9-97e3-a0f0c3ae3323}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.0.6 - ASUSTek COMPUTER INC.) Hidden ASUS MousePad HAL (HKLM-x32\...\{cc37f609-4db9-4ce3-9e37-9cb1b432452e}) (Version: 1.0.0.6 - ASUSTek COMPUTER INC.) Hidden Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team) AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.26 - ASUS) Hidden AURA DRAM Component (HKLM-x32\...\{dded177f-c7b2-4212-9c64-74884f3fd53b}) (Version: 1.0.26 - ASUS) Hidden AutoHotkey 1.1.33.02 (HKLM\...\AutoHotkey) (Version: 1.1.33.02 - Lexikos) Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.) Badlion Client 2.13.2 (HKLM\...\{1de14785-dd8c-5cd2-aae8-d4a376f81d78}) (Version: 2.13.2 - Badlion) Bandicam (HKLM-x32\...\Bandicam) (Version: 5.1.0.1822 - Bandicam.com) Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Blender (HKLM\...\{8147BEDC-AA13-4C38-A632-585FCB30C445}) (Version: 2.83.5 - Blender Foundation) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.31.55.2507 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Brackets (HKLM-x32\...\{0AE22FBF-578D-45D9-9E2D-9678512154AC}) (Version: 1.13.17699 - brackets.io) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 89.1.22.71 - Die Brave-Autoren) Bulk Image Downloader v5.41.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version: 5.41 - Antibody Software) Call of Duty Modern Warfare Beta (HKLM-x32\...\Call of Duty Modern Warfare Beta) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform) Chatterino version default (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\{F5FE6614-04D4-4D32-8600-0ABA0AC113A4}_is1) (Version: default - Daniel Schnabel) ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{0243F145-076D-423A-8F77-218DC8840261}) (Version: 4.8.04119 - Microsoft Corporation) Hidden CodeMeter Runtime Kit v7.20 (HKLM\...\{17A0560A-3F78-46D4-9CE2-209A54122AB7}) (Version: 7.20.4396.500 - WIBU-SYSTEMS AG) Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.6 - CORSAIR COMPONENTS INC.) Hidden Corsair AURA DRAM Component (HKLM-x32\...\{da7ebf10-b0be-494e-a79d-568546795a51}) (Version: 1.0.6 - CORSAIR COMPONENTS INC.) Hidden CORSAIR iCUE Software (HKLM-x32\...\{BA4ADF1F-E401-47FB-93E9-1BDF12E08BF3}) (Version: 3.32.80 - Corsair) CORSAIR iCUE Software (HKLM-x32\...\{DC0DB5E7-9E80-4192-A1BF-AACBC6CCE137}) (Version: 3.7.99 - Corsair) Corsair LINK 4 (HKLM-x32\...\{42E978FD-3358-4461-9EA5-9C872979E2EA}) (Version: 4.9.9.3 - Corsair Components, Inc.) Hidden Corsair LINK 4 (HKLM-x32\...\{ab593f70-89d2-468d-8eb2-ed71ffa0eedb}) (Version: 4.9.9.3 - Corsair Components, Inc.) CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.) CWL-Auslegung v4 (HKLM-x32\...\CWL-Auslegung v4_is1) (Version: 4.0.42.3 - Wolf GmbH) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Debut Video-Aufnahme-Programm (HKLM-x32\...\Debut) (Version: 6.24 - NCH Software) DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden Discord (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Discord) (Version: 0.0.309 - Discord Inc.) Discord Canary (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\DiscordCanary) (Version: 0.0.299 - Discord Inc.) DisplayFusion 9.6.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.6.1.0 - Binary Fortress Software) Driver Easy 5.6.14 (HKLM\...\DriverEasy_is1) (Version: 5.6.14 - Easeware) Electrum (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Electrum) (Version: 4.0.9 - Electrum Technologies GmbH) eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.12.4.1276 - Steinberg Media Technologies GmbH) Entity Framework 6.2.0 Tools for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden Entity Framework 6.2.0 Tools for Visual Studio 2019 (HKLM-x32\...\{7C2070BF-8E07-4B5F-A182-FADB0B95AB39}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden EXIF Date Changer v3.8.0 (HKLM-x32\...\{26CA1B07-BC53-4196-B9C2-A11C6F6F3E08}_is1) (Version: 3.8.0 - Rellik Software) Express Zip ZIP-Programm (HKLM-x32\...\ExpressZip) (Version: 8.01 - NCH Software) FileZilla Client 3.45.1 (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\FileZilla Client) (Version: 3.45.1 - Tim Kosse) FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.60 - FileZilla Project) FiveM (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\CitizenFX_FiveM) (Version: - Cfx.re) FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio) Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski) GALAX GAMER RGB (HKLM\...\{06A16AA8-BBA7-4362-962E-16651962D87C}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Hidden GALAX GAMER RGB (HKLM-x32\...\{1257fdeb-ffa3-4e17-9d4b-189075ea3656}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) GalaxyBudsManager (HKLM-x32\...\GalaxyBudsManager) (Version: 2.0.200526.51 - Samsung Electronics Co, Ltd.) Git version 2.22.0.windows.1 (HKLM\...\Git_is1) (Version: 2.22.0.windows.1 - The Git Development Community) GitHub Desktop (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\GitHubDesktop) (Version: 1.6.6 - GitHub, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC) Google Chrome Beta (HKLM-x32\...\Google Chrome Beta) (Version: 90.0.4430.61 - Google LLC) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 8.2.0.0 - Google LLC.) GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.) GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.) Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2245.0 - Rockstar Games) Grand Theft Multiplayer (HKLM-x32\...\GrandTheftMultiplayer) (Version: - Grand Theft Multiplayer Team) GVMP - Launcher Version 2.0.7.3 (HKLM-x32\...\{7CA97A3D-7909-4B35-A9DB-B33746795650}_is1) (Version: 2.0.7.3 - GVMP) Gyazo 4.1.4.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) heroku (HKLM-x32\...\heroku) (Version: - Heroku) HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{333E22D7-9F56-4482-A13C-1B9D35B9D641}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Deskjet 2540 series Hilfe (HKLM-x32\...\{B3E5B153-CC4B-40F2-9802-288B0AF2A966}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Hue Sync (HKLM\...\{C0270355-35E2-4862-8B57-A7C1A258AF77}) (Version: 1.5.3.3 - Signify Netherlands B.V.) icecap_collection_neutral (HKLM-x32\...\{2A00DCB3-752F-446C-B3B3-1B6ADFBFF3E3}) (Version: 16.6.30014 - Microsoft Corporation) Hidden icecap_collection_x64 (HKLM\...\{BE5E54C4-6B68-4AE3-A7F4-45F0D29D48D3}) (Version: 16.6.30014 - Microsoft Corporation) Hidden icecap_collectionresources (HKLM-x32\...\{CDEDC7CB-8283-4F13-903E-CF3C2C4CFF6D}) (Version: 16.6.30014 - Microsoft Corporation) Hidden icecap_collectionresourcesx64 (HKLM-x32\...\{85FF8308-26DA-4D4B-9267-AFAC4CBFE08C}) (Version: 16.6.30014 - Microsoft Corporation) Hidden IIS 10.0 Express (HKLM\...\{2B8326B6-4202-4239-B9A9-F3EC8812E82D}) (Version: 10.0.03917 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden Intel® Hardware Accelerated Execution Manager (HKLM\...\{27276DC1-66AA-4B16-918D-5AB1EEDF09C6}) (Version: 6.0.5 - Intel Corporation) Intel® Processor Identification Utility (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Intel® Programm für die Prozessorerkennung 6.0.0211) (Version: 6.0.0211 - Intel Corporation) Intel® Programm für die Prozessorerkennung (HKLM-x32\...\{9F092974-A58E-45E5-B087-5F830D993CF6}) (Version: 6.0.0211 - Intel Corporation) Hidden IntelliJ IDEA 2019.2.2 (HKLM-x32\...\IntelliJ IDEA 2019.2.2) (Version: 192.6603.28 - JetBrains s.r.o.) Intellisense Lang Pack Mobile Extension SDK 10.0.14393.0 (HKLM-x32\...\{FE250127-0DBB-47AA-8439-7A2FA145030F}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden IntelliTraceProfilerProxy (HKLM-x32\...\{7D94CF67-6666-4111-B027-D7AB7F189F70}) (Version: 15.0.18198.01 - Microsoft Corporation) Hidden Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: 6.38.18 - Tonec Inc.) iVCam 5.3 (HKLM\...\iVCam_is1) (Version: 5.3.2 - e2eSoft) Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation) Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation) Java SE Development Kit 8 Update 112 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180112}) (Version: 8.0.1120.15 - Oracle Corporation) Java(TM) SE Development Kit 11.0.2 (64-bit) (HKLM\...\{07E85AEA-1F8D-5F49-8CC8-319389751152}) (Version: 11.0.2.0 - Oracle Corporation) Java(TM) SE Development Kit 12 (64-bit) (HKLM\...\{5CC5C4CC-A19F-5B04-B55E-F3905B205D53}) (Version: 12.0.0.0 - Oracle Corporation) Java(TM) SE Development Kit 12.0.1 (64-bit) (HKLM\...\{0D60E96D-0B74-55A5-ACA5-0F6786FDF256}) (Version: 12.0.1.0 - Oracle Corporation) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.9 - KINGSTON COMPONENTS INC.) Hidden Kingston AURA DRAM Component (HKLM-x32\...\{d6cac989-7570-43fd-b147-e31d6280a3a6}) (Version: 1.0.9 - KINGSTON COMPONENTS INC.) Hidden KinoniDrivers 2.9.8 (HKLM-x32\...\KinoniDrivers) (Version: 2.9.8 - Kinoni) Kits Configuration Installer (HKLM-x32\...\{63AAA877-5536-9481-2385-28A082100D78}) (Version: 10.1.18362.1 - Microsoft) Hidden Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{E1F68FC9-F23C-4F44-8092-CAC55E43A80B}) (Version: 4.8.03761 - Microsoft Corporation) Hidden LastPass (HKLM-x32\...\{83267A30-9813-4CA8-8E34-C5E827511404}) (Version: 4.26.0.805 - LogMeIn) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: - ) Logitech Capture (HKLM\...\Capture) (Version: 2.02.155 - Logitech) Macro Keys 4.0 (HKLM-x32\...\{944E2C4C-8B87-437F-8D9C-AB4474A7F5D8}_is1) (Version: - NewSoftwares.net Inc.) MacroRecorder v2.0.65 (HKLM-x32\...\MacroRecorder_is1) (Version: 2.0.65 - Bartels Media GmbH) Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - ) MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX PC Check & Tuning 2020 (HKLM-x32\...\PC Check Tuning 2020_is1) (Version: 2.9.2.1755 - MAGIX Software GmbH) MAGIX Soundpool Music Maker - Feel good (HKLM\...\{62ED0962-0942-4859-8448-D350614BF248}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) MediaTab (HKLM\...\MediaTab) (Version: 1.4.1 - ShalafiSoft) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft .NET Core Runtime - 2.1.26 (x64) (HKLM-x32\...\{50acab5a-426e-4788-8de9-99b047dbe1c5}) (Version: 2.1.26.29812 - Microsoft Corporation) Microsoft .NET Core SDK 2.1.602 (x64) (HKLM-x32\...\{ce5d125b-e426-441b-a83f-d6ef6825aa77}) (Version: 2.1.602 - Microsoft Corporation) Microsoft .NET Core SDK 2.2.202 (x64) (HKLM-x32\...\{691be41c-f2d3-4d46-83e1-c5d505e1d6fc}) (Version: 2.2.202 - Microsoft Corporation) Microsoft .NET Core SDK 3.1.300 (x64) from Visual Studio (HKLM\...\{0D8DAD1B-30B8-4EA4-8CF7-D52385BCD3C0}) (Version: 3.1.300.015161 - Microsoft Corporation) Microsoft .NET Core SDK 3.1.407 (x64) (HKLM-x32\...\{78da02e5-acb8-4a17-9285-c87656052e5c}) (Version: 3.1.407.15660 - Microsoft Corporation) Microsoft ASP.NET Core 2.1.26 - Shared Framework (HKLM-x32\...\{8faa55cd-6b10-43b4-a759-4880f79eeac3}) (Version: 2.1.26.45833 - Microsoft Corporation) Microsoft ASP.NET Core 3.1.13 - Shared Framework (HKLM-x32\...\{b895b3a6-0f1f-4ae4-95a4-918cee277cdb}) (Version: 3.1.13.21117 - Microsoft Corporation) Microsoft Azure Authoring Tools - v2.9.6 (HKLM\...\{EDADFA19-7F96-4075-A4AB-2209910626C5}) (Version: 2.9.8899.26 - Microsoft Corporation) Microsoft Azure Compute Emulator - v2.9.6 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.6) (Version: 2.9.8899.26 - Microsoft Corporation) Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation) Microsoft Azure PowerShell - April 2018 (HKLM\...\{3BA7CAA9-97BA-4528-B7E1-B640910BB149}) (Version: 5.7.0.18831 - Microsoft Corporation) Microsoft Azure Storage Emulator - v5.10 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.10) (Version: 5.10.19227.2113 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.75 - Microsoft Corporation) Microsoft Identity Extensions (HKLM\...\{F99F24BF-0B90-463E-9658-3FD2EFC3C992}) (Version: 2.0.1459.0 - Microsoft Corporation) Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{804C5CED-8E5F-4E1D-A8E8-DD00E383B81D}) (Version: 17.2.0.1 - Microsoft Corporation) Microsoft Project - de-de (HKLM\...\ProjectPro2019Retail - de-de) (Version: 16.0.13901.20336 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{E9AD0F97-5DF2-4F5B-BC5B-F524D21BF165}) (Version: 11.3.6518.0 - Microsoft Corporation) Microsoft SQL Server 2016 LocalDB (HKLM\...\{33B8D051-4DF5-4103-8FDB-8663E468A204}) (Version: 13.1.4001.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visio - de-de (HKLM\...\VisioPro2019Retail - de-de) (Version: 16.0.13901.20336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.26.28720 (HKLM-x32\...\{86380aef-fd23-4fc3-8723-a98ccad8f2c6}) (Version: 14.26.28720.3 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.53.2 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.6.2033.413 - Microsoft Corporation) Microsoft Web Deploy 4.0 (HKLM\...\{BBCDB523-F5B7-4E53-A911-C85191E3BDF0}) (Version: 10.0.2606 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 3.1.13 (x86) (HKLM-x32\...\{f76a3b93-2094-46b4-9fbb-62c276267a90}) (Version: 3.1.13.29816 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2019 CTP2.2 (HKLM\...\{0AF3B52A-F38D-4D63-9F72-73623C601CD9}) (Version: 15.0.1200.24 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2019 CTP2.2 (HKLM-x32\...\{BF16A1DB-06A6-4A8E-B7A8-61F1F9C9FBA3}) (Version: 15.0.1200.24 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation) Minecraft (HKLM-x32\...\{756E195A-CB58-4B99-917F-0DDA0D881204}) (Version: 1.0.4.0 - Mojang) Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 85.0 (x64 de) (HKLM\...\Mozilla Firefox 85.0 (x64 de)) (Version: 85.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 77.0.1 - Mozilla) MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden MSI Development Tools (HKLM-x32\...\{DB4DB790-64DD-1902-4BF2-833B3B6DBCA1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden MSI Display Kit(x64) (HKLM\...\{5A8E3E72-D260-4DB3-BCE3-AF47C364F275}) (Version: 0.0.1.1 - MSI) Hidden MSI Display Kit(x64) (HKLM-x32\...\Installshield_{5A8E3E72-D260-4DB3-BCE3-AF47C364F275}) (Version: 0.0.1.1 - MICRO-STAR INT'L,.LTD.) MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 5.0.0.16 - MSI) Music Maker (HKLM\...\{DC21CFD5-02AC-4C89-8D35-85506A9FEB55}) (Version: 28.0.2.43 - MAGIX Software GmbH) Hidden Music Maker (HKLM-x32\...\MX.{DC21CFD5-02AC-4C89-8D35-85506A9FEB55}) (Version: 28.0.2.43 - MAGIX Software GmbH) Netflix 2.2.1 (only current user) (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\08000edb-64a4-5ca9-b5c8-a77995336264) (Version: 2.2.1 - Nirewen) Node.js (HKLM\...\{C1CFB5E5-00F2-4514-B9E8-3CBAF9F42985}) (Version: 12.3.1 - Node.js Foundation) Noise Reduction Plug-In 2.0 (x64) (HKLM\...\{BCD60981-841A-11E8-A5B0-408D5CC672F4}) (Version: 2.0.1318 - MAGIX) NordPass (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\f7c32559-6c31-590a-9972-0bea54b04213) (Version: 2.32.11 - NordPass Team) NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.35.9.0 - TEFINCOM S.A.) NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN) NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.6.4 - Notepad++ Team) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team) NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation) NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation) NVIDIA Grafiktreiber 461.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.40 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NVM for Windows 1.1.7 (HKLM\...\40078385-F676-4C61-9A9C-F9028599D6D3_is1) (Version: 1.1.7 - Ecor Ventures LLC) NZBGet (HKLM-x32\...\NZBGet) (Version: - Andrey Prygunkov) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project) obs-websocket version 4.9.0 (HKLM-x32\...\{117EE44F-48E1-49E5-A381-CC8D9195CF35}_is1) (Version: 4.9.0 - Stephane Lepin) Octoparse (HKLM-x32\...\{DB4DF4C6-B1F8-40B8-9CEB-DFD4B251CA5C}) (Version: 7.1.2 - Octopus Data Inc.) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden OpenIV (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\OpenIV) (Version: 3.1.1033 - .black/OpenIV Team) OpenVPN Connect (HKLM\...\{20D3815E-B6A0-4416-912A-F97C1C2044C7}) (Version: 3.2.3 - OpenVPN Technologies) Opera GX Stable 73.0.3856.424 (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Opera GX 73.0.3856.424) (Version: 73.0.3856.424 - Opera Software) Opera Stable 75.0.3969.149 (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Opera 75.0.3969.149) (Version: 75.0.3969.149 - Opera Software) Oracle VM VirtualBox 6.1.18 (HKLM\...\{B1B2878D-9F1A-4403-84E7-6378D7D43C83}) (Version: 6.1.18 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.36.23506 - Electronic Arts, Inc.) Ozone 9 Elements (HKLM\...\Ozone 9 Elements) (Version: 9.1.0 - iZotope, Inc.) Paket zur Festlegung von "Doc Redirected"-Zielversionen von Microsoft .NET Framework 4.7.1 (Deutsch) (HKLM-x32\...\{5B970BE4-A2F2-41BD-8B91-FEA8DAA1DB9B}) (Version: 4.7.02558 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.2 (Deutsch) (HKLM-x32\...\{7D6C6611-CDE8-4057-96DE-70BF41A7AB6C}) (Version: 4.6.01590 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.7 (Deutsch) (HKLM-x32\...\{1E08B92D-5B3C-4B8F-B31D-87577C65A164}) (Version: 4.7.02046 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.7.2 (Deutsch) (HKLM-x32\...\{98FE7C2A-22A4-401A-B45B-2AA107C06DD7}) (Version: 4.7.03062 - Microsoft Corporation) Hidden PassFab for RAR (HKLM-x32\...\{PassFab for RAR}_is1) (Version: 9.3.3 - PassFab, Inc.) Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.05 - Patriot Memory) Hidden Patriot Viper RGB (HKLM-x32\...\{0ea44351-5397-43b0-a9c7-c4c53d9948ef}) (Version: 1.00.05 - Patriot Memory) PDF-XChange PRO (HKLM\...\{7C27AE43-385F-42DC-A8CA-1F1FD397336E}) (Version: 8.0.336.0 - Tracker Software Products (Canada) Ltd.) Hidden PDF-XChange PRO (HKLM-x32\...\{5844f5e4-0620-4dc8-97a1-fb18e73fd2a1}) (Version: 8.0.336.0 - Tracker Software Products (Canada) Ltd.) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Pidgin (HKLM-x32\...\Pidgin) (Version: 2.13.0 - ) PlanetSide 2 (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment) Plarium Play (HKLM-x32\...\{798A48F2-CE13-4E35-B919-997C23C4456A}) (Version: 6.2.0 - Plarium) Hidden Plarium Play (HKLM-x32\...\{96b191e6-b4ee-424d-a731-575206a20dee}) (Version: 6.2.0 - Plarium) Production Line (HKLM-x32\...\1240786865_is1) (Version: 1.59 - GOG.com) Proxifier version 4.05 (HKLM-x32\...\{187182AF-79AD-4717-85E9-2508E3F4775B}_is1) (Version: 4.05 - Initex) PS4 Remote Play (HKLM-x32\...\{723C13D9-E91C-41CF-B7EC-ECF3BA8C6D20}) (Version: 2.7.0.07270 - Sony Interactive Entertainment Inc.) PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham) Python 3.7.2 (64-bit) (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\{c0f1e976-f585-48f8-968d-48c870496d4e}) (Version: 3.7.2150.0 - Python Software Foundation) Python 3.7.2 Add to Path (64-bit) (HKLM\...\{55DD38E4-4D05-4A05-A1CD-415A07DAF40B}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Core Interpreter (64-bit) (HKLM\...\{8BDA6D6E-234F-4DD8-A7CA-6DB55F6B609E}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Development Libraries (64-bit) (HKLM\...\{D2CC67CD-ED4E-40BC-94FD-3EA65A6824D6}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Documentation (64-bit) (HKLM\...\{1A91F9E1-13CE-4D8B-9257-61376EC9ED92}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Executables (64-bit) (HKLM\...\{24260BC9-6F83-4F8F-96AE-6D654621DDF7}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 pip Bootstrap (64-bit) (HKLM\...\{E33F2815-DA54-4554-87A2-FD25EAB1A963}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Standard Library (64-bit) (HKLM\...\{BE46C9B8-DD8E-4835-B686-644EA6415FEE}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Tcl/Tk Support (64-bit) (HKLM\...\{1ED81958-CE51-4748-ABFA-583227794FDB}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Test Suite (64-bit) (HKLM\...\{C1CA4559-3153-4EF9-8B74-CC804965E441}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.2 Utility Scripts (64-bit) (HKLM\...\{259C5D04-A6E0-47F3-AB23-91F2E9828466}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden Python 3.7.5 Core Interpreter (64-bit symbols) (HKLM\...\{8186EDC2-D02C-4561-BD11-55F3B9C363FF}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 Core Interpreter (64-bit) (HKLM\...\{6DC6BC71-F1FB-412D-A16A-2FE8C463E89F}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 Development Libraries (64-bit) (HKLM\...\{5A54B213-36D8-40CB-9E55-D20864AEF3C8}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 Documentation (64-bit) (HKLM\...\{B33E7CE3-8BFE-4F55-8505-2F74D97392C4}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 Executables (64-bit symbols) (HKLM\...\{3AA7C0A6-97EC-41C9-B2F8-37BCA749D9C9}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 Executables (64-bit) (HKLM\...\{8864B390-4DFB-43AB-934B-F02C48577666}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 pip Bootstrap (64-bit) (HKLM\...\{2E590D5A-4E40-4C9C-AFF8-7CB80F085752}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 Standard Library (64-bit symbols) (HKLM\...\{8159776E-5D9A-457B-BAA5-AD306A89D3C9}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 Standard Library (64-bit) (HKLM\...\{45CB356A-C0DF-430E-B75F-7764DBA06DF9}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 Tcl/Tk Support (64-bit symbols) (HKLM\...\{10FB2B6E-BDA1-479F-9844-FF3A9C8ED166}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 Tcl/Tk Support (64-bit) (HKLM\...\{42DC5149-4088-4217-8F86-487FA8B953FC}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 Test Suite (64-bit symbols) (HKLM\...\{A5AC50DE-D446-4AF2-8D83-8BC548B57C31}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 Test Suite (64-bit) (HKLM\...\{1822F1DC-2972-499D-9FE2-C27395C06766}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.7.5 Utility Scripts (64-bit) (HKLM\...\{EFF40415-0D5B-4CBA-9080-3EE2DADB527C}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden Python 3.8.1 (32-bit) (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\{4e3c79d9-fd08-4d23-ba50-d6f19553b0ee}) (Version: 3.8.1150.0 - Python Software Foundation) Python 3.8.1 Add to Path (32-bit) (HKLM-x32\...\{39F3EF2E-1A91-4A80-8C81-F696C487553B}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Core Interpreter (32-bit) (HKLM-x32\...\{03976998-4294-4FA5-9BE9-3E01B1DBEDC3}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Development Libraries (32-bit) (HKLM-x32\...\{0211E4D2-E2F6-422D-AEC9-46AD4CC583DD}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Documentation (32-bit) (HKLM-x32\...\{4408F4FC-AFC1-483E-A744-D61491A8AB85}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Executables (32-bit) (HKLM-x32\...\{F4F906AC-DFDB-4DA2-86C4-D116EAB497FA}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 pip Bootstrap (32-bit) (HKLM-x32\...\{34B7C438-99B2-4876-8F3A-5295A7DA2AE0}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Standard Library (32-bit) (HKLM-x32\...\{81CC98E6-C3E9-41EE-9ECC-30A6952AF726}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F97C2D8A-7ED6-4BA9-BAA7-036878A8AC5B}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Test Suite (32-bit) (HKLM-x32\...\{656BF6D9-2710-466C-8F82-88135B8EAF00}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python 3.8.1 Utility Scripts (32-bit) (HKLM-x32\...\{EE756009-EBAF-4C88-A99B-2E30FD1FA5DC}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{41A9BB87-60B8-47C3-BB79-6EC186827EC7}) (Version: 3.8.6925.0 - Python Software Foundation) RAGE Multiplayer (HKLM-x32\...\RAGE Multiplayer) (Version: - RAGE Multiplayer Team) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.3 r3298 - Rainmeter) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.) Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.31.211.2019 - Realtek) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.36.344 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games) Rowbyte Plexus 3.1.0 CE (HKLM\...\Plexus_is1) (Version: 3.1.0 - Team V.R) RX 7 Elements (HKLM-x32\...\RX 7 Audio Editor) (Version: 7.01 - iZotope, Inc.) SABnzbd 2.3.9 (HKLM-x32\...\SABnzbd) (Version: 2.3.9 - The SABnzbd Team) Samsung DeX (HKLM-x32\...\{24639BA3-44DD-4648-806D-8046771E6722}) (Version: 2.0.0.20 - Samsung Electronics Co., Ltd.) Hidden Samsung DeX (HKLM-x32\...\{51af111f-4665-4995-8982-55e0e02163e7}) (Version: 2.0.0.20 - Samsung Electronics Co., Ltd.) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.) Sandboxie 5.49.0 (64-bit) (HKLM\...\Sandboxie) (Version: 5.49.0 - sandboxie-plus.com) SDK ARM Additions (HKLM-x32\...\{73681F86-CD86-4208-572F-959B45430B04}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden SDK ARM Redistributables (HKLM-x32\...\{67EE3804-9642-62BA-EBF1-B1561FB4ECBE}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Smart View (HKLM-x32\...\{C7B50A89-F1D6-41C1-9375-0AF0C4CFE66F}) (Version: 1.0.0.0 - Samsung ) SOLAR-COMPUTER-Software (HKLM-x32\...\SOLAR-COMPUTER-Software) (Version: April 2020/2 - SOLAR-COMPUTER GmbH) SOUND FORGE Pro 14.0 (x64) (HKLM\...\{D9360C0F-249F-11EB-A498-50E549394757}) (Version: 14.0.130 - MAGIX) Spark AR Studio (HKLM\...\{8D589428-2099-4EF7-8680-BAB9574EE257}) (Version: 104.1.22 - Facebook Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Steinberg Cubase 10.5 (HKLM\...\{9514E7F1-4A21-41FF-B06D-8178E34534E5}) (Version: 10.5.20 - Steinberg Media Technologies GmbH) Steinberg Download Assistant (HKLM-x32\...\Steinberg Download Assistant) (Version: 1.16.3 - Steinberg Media Technologies GmbH) Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.12 - Steinberg Media Technologies GmbH) Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 5.0.20 - Steinberg Media Technologies GmbH) Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.3 - Steinberg Media Technologies GmbH) Steinberg HALion Sonic SE 3 Component (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 3.4.0 - Steinberg Media Technologies GmbH) Steinberg Library Manager (HKLM\...\{AA78592A-F13C-4C8E-B849-7A398001FA7F}) (Version: 3.0.27 - Steinberg Media Technologies GmbH) Steinberg Padshop 2 (HKLM\...\{6FBAF5EF-816E-4D80-BFBE-8B237EEA4CD4}) (Version: 2.0.10 - Steinberg Media Technologies GmbH) Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 2.2.20 - Steinberg Media Technologies GmbH) Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.0 - General Workings, Inc.) Studie zur Verbesserung von HP Deskjet 2540 series (HKLM\...\{98802D44-4885-41EA-9BA8-96A117ECF223}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) TDR VOS SlickEQ version 1.3.6 (HKLM\...\TDR VOS SlickEQ_is1) (Version: 1.3.6 - Tokyo Dawn Labs) TeamSpeak 3 Client (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer) Telegram Desktop Version 2.7.1 (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.1 - Telegram FZ-LLC) Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH) Trapcode Form (HKLM-x32\...\Trapcode Form) (Version: - ) Trapcode Particular 64 bit (HKLM\...\{9497360C-4C41-4E05-81C0-BE56DF2ADFE8}) (Version: 2.1.1 - Red Giant Software) Hidden Trapcode Particular 64 bit (HKLM-x32\...\InstallShield_{9497360C-4C41-4E05-81C0-BE56DF2ADFE8}) (Version: 2.1.1 - Red Giant Software) TreeSize Free V4.4.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.1 - JAM Software) Twitch (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) Twitch Developer Rig 1.2.14 (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\62d8730e-9fd1-561c-ac73-82f2e2c777e9) (Version: 1.2.14 - Twitch Interactive, Inc.) Twitch Studio (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.) TypeScript SDK (HKLM-x32\...\{1BD4A115-8F61-4216-A2B6-775AF2A6A289}) (Version: 3.3.3.0 - Microsoft Corporation) Hidden TypeScript SDK (HKLM-x32\...\{7E046A6D-8DDB-41BF-B2FB-46CA2C9506FB}) (Version: 3.8.3.0 - Microsoft Corporation) Hidden Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 50.0 - Ubisoft) Unity (HKLM-x32\...\Unity) (Version: 2018.3.7f1 - Unity Technologies ApS) Universal CRT Extension SDK (HKLM-x32\...\{13952D7A-B7B3-F4F8-5F29-5CD18E8168B7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal CRT Extension SDK (HKLM-x32\...\{4E8F20FD-6BC7-B65C-D4F2-5D7CEDE3352E}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{233B73D9-650E-9CEC-1002-767C916C1B61}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{74CBC330-ED16-31B9-E8BE-0C6A8E67DE32}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{847D4DAF-0182-265B-324F-406462E8A90D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{DA52B326-3A74-1EB4-A788-D812C2F100A8}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{54FE4D23-11A2-F1C4-76E9-79C8FB40A4A1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal CRT Tools x86 (HKLM-x32\...\{9F7B0D96-881D-8850-C303-43F3A08E6902}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6F54BF87-2EE6-FA6D-431D-33A665992D49}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{F2EB74A7-148A-8DC9-82A5-B5A88093EEC4}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation) Update Notifier (HKLM\...\{3D4FADFE-AAF2-4765-8161-DD99BB613F3B}) (Version: 3.0.0.57 - MAGIX Software GmbH) Hidden Update Notifier (HKLM\...\MX.{3D4FADFE-AAF2-4765-8161-DD99BB613F3B}) (Version: 3.0.0.57 - MAGIX Software GmbH) UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden vcpp_crt.redist.clickonce (HKLM-x32\...\{4E404CFF-7150-4141-AB6B-41AA1C016D6E}) (Version: 14.20.27508 - Microsoft Corporation) Hidden vcpp_crt.redist.clickonce (HKLM-x32\...\{63537D40-3E86-4AE7-867F-81F48A043D1A}) (Version: 14.26.28720 - Microsoft Corporation) Hidden VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.23-Hotfix-2 - IDRIX) Video Comparer Win64 (HKLM-x32\...\{9e2221b6-2b8e-4e77-ae28-4597cd24a6c3}) (Version: 1.6.9 - Video Comparer) Video Comparer Win64 1.06.009 (HKLM\...\{3039D52B-B99F-4636-B46F-9EA7E1F86E64}) (Version: 1.06.009 - Video Comparer) Hidden VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - ) Visual Studio Community 2019 (2) (HKLM-x32\...\36086c65) (Version: 16.6.30114.105 - Microsoft Corporation) Visual Studio Enterprise 2019 (HKLM-x32\...\117d519c) (Version: 16.0.28803.156 - Microsoft Corporation) Vita Concert Grand LE (HKLM\...\{57C401B8-C121-462E-A2B1-9E9EE57875A8}) (Version: 2.4.0.96 - MAGIX Software GmbH) Hidden VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) VLC Setup Helper (HKLM-x32\...\VLC Setup Helper_is1) (Version: - Hobbyist Software) Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.7.0.6 - Voicemod S.L.) VS Immersive Activate Helper (HKLM-x32\...\{A71406B5-E487-4B01-8E59-D466841350F5}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden VS JIT Debugger (HKLM\...\{C7E8A4F2-EF09-42A8-B892-69D5ED99D965}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden VS Script Debugging Common (HKLM\...\{A4272808-82F5-410F-A5F9-1BF6F63F6B9A}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden vs_BlendMsi (HKLM-x32\...\{B5E3A3E1-1529-4D5A-9E95-34971FA07825}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsi (HKLM-x32\...\{BAF91847-0A64-405E-98EC-A0BA6FB4BC4E}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsires (HKLM-x32\...\{271F1F42-B547-4498-825F-590DBB1774F7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_clickoncesigntoolmsi (HKLM-x32\...\{30D97A69-3C0F-4552-9A72-60E591B210C7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_codecoveragemsi (HKLM-x32\...\{CCD2BE9E-EF63-480B-BB98-E24CB96A21E0}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_communitymsi (HKLM-x32\...\{2CCEC45B-1462-4FFD-8214-90E3C25000F7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{A90E107F-D024-4EEC-A6F4-9E2858B4E506}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_enterprisemsi (HKLM-x32\...\{913D9F7E-6D61-43DE-BC1A-131152455BFC}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{7A991159-9069-471D-B85F-89B1E4E66822}) (Version: 16.6.30014 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{16E73A5A-339C-4177-A0BD-04278C06625C}) (Version: 16.6.30014 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{C8E7C1FC-925C-4163-BAB3-769E6C7961D2}) (Version: 16.6.30014 - Microsoft Corporation) Hidden vs_Graphics_Singletonx64 (HKLM\...\{ABBD10CA-0CFA-4D76-B033-F76C55A54336}) (Version: 16.4.29411 - Microsoft Corporation) Hidden vs_Graphics_Singletonx86 (HKLM-x32\...\{E47B4703-2337-4ED0-BA24-3EC08D643684}) (Version: 16.4.29411 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{47C6B2A0-8A58-4C87-91B8-DC8D138524AA}) (Version: 15.0.26228 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{DA7AB063-D1A3-4D5A-8221-598ACF4574B4}) (Version: 16.6.30014 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{6691EA7F-A585-4A9A-A6A9-160CEB236393}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_networkemulationmsi_x64 (HKLM-x32\...\{4A7C360D-F268-4712-8D92-EBE9936DBEC8}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_professionalmsi (HKLM-x32\...\{A1B4652E-255B-4F25-8914-A67C0AA36C54}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{0A54CADD-CBA1-4BC9-A134-6C9F91F41B9A}) (Version: 16.5.29521 - Microsoft Corporation) Hidden vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden vs_vswebprotocolselectormsi (HKLM-x32\...\{5F2E2347-2042-4340-BBDD-262BB1791EC7}) (Version: 16.6.30014 - Microsoft Corporation) Hidden vs_vswebprotocolselectormsires (HKLM-x32\...\{B3BDDC31-5C64-47F0-A25C-DB5032C62279}) (Version: 16.6.30014 - Microsoft Corporation) Hidden vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.41-1 - Wacom Technology Corp.) WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version: - Ubisoft) Waves Central (HKLM\...\{ab507e17-892b-5203-838d-d58d8d09c50f}) (Version: 12.0.16 - Waves Audio Ltd) Web Content Extractor 8.7 (HKLM-x32\...\Web Content Extractor_is1) (Version: - Newprosoft) Web Launch Recorder (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\WebLaunchRecorder) (Version: 2.0 - ) WhatsApp (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\WhatsApp) (Version: 2.2049.10 - WhatsApp) Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers) WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinAppDeploy (HKLM-x32\...\{8E3AE0EF-D067-700C-BDB4-10D5552155DC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinAppDeploy (HKLM-x32\...\{C9966D24-DB2F-8514-EAA3-BEED85F3E166}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows SDK AddOn (HKLM-x32\...\{3BE62AA1-60B9-42EA-99BC-1A46B31C7E0C}) (Version: 10.1.0.0 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.14393.795 (HKLM-x32\...\{5eb6fbea-73ee-4a8e-9042-110704768d7f}) (Version: 10.1.14393.795 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32\...\{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation) Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.) WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack) WinRAR 5.70 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - en-us (HKLM-x32\...\{A249F631-CEBC-EDCB-4C49-700E551E66CA}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - en-us (HKLM-x32\...\{E67F1F03-FB4A-3D61-8999-E6A4C4B26F34}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{7EF010FF-7800-28BA-FF49-2D219EC7BA82}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E71CB7F1-3E88-4450-1764-B3CC1E205C4A}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{C49E6FDA-8196-0CAF-2CDD-CF1B0F4EA5AD}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{33D11371-82A5-852B-CDE2-5528CE406151}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{6B03A6A4-643C-57CE-CA6F-4E19BF47497A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{918A448F-59E8-FBF5-B087-D3F07160C7E0}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{66483041-F590-EC46-4AF0-EE39C62FB680}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{FB431EE2-C835-6DE9-8DC3-C8FCDE028FE0}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{9C61E6D2-C43E-6746-B519-6185558C4A24}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FB82399D-9C48-9AF5-DCA1-CFE61BCA70A6}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{23909757-D6F0-7F7C-BD34-7E72BA9BD59C}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{6B37CC5B-78DF-5050-2215-68479716A587}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{250D5341-0879-4016-399C-BBCD87B80E95}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D3A337CD-EA32-F4BA-03FA-825903190C92}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Workflow Manager Client 1.0 (HKLM\...\{BD88D998-D321-43F3-B3FE-6D82C796AF7A}) (Version: 2.0.50408.1 - Microsoft Corporation) Hidden Xamarin Offline Packages (HKLM-x32\...\{3799AB1E-BD9C-46FB-B0C2-4BE52F777938}) (Version: 16.6.40 - Xamarin) Hidden Xamarin PCL Profiles v1.0.9 (HKLM-x32\...\{5E6844AB-A867-419C-A376-B12B574AA5F7}) (Version: 1.0.9.0 - Xamarin) Hidden Xamarin Remoted iOS Simulator (HKLM-x32\...\{6DE37C07-AFD1-4833-A3B2-0BF958E836C1}) (Version: 1.4.0.3 - Xamarin) Hidden XAMPP (HKLM\...\xampp) (Version: 7.4.3-0 - Bitnami) Youtube-DLG Version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos) Packages: ========= Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-19] (Adobe Systems Incorporated) Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2018-09-20] (Adobe Systems Incorporated) Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_19.1.22.6_x64__adky2gkssdxte [2019-06-16] (0) Adobe-Fresco -> C:\Program Files\WindowsApps\Adobe.Fresco_1.6.1.113_x64__pc75e8sa7ep4e [2020-06-23] (Adobe Inc.) BitPay for Windows -> C:\Program Files\WindowsApps\18C7659D.BitPayforWindows_12.4.0.0_x64__tq51jcq72mbzw [2021-04-03] (BitPay Inc.) Clean Master advanced -> C:\Program Files\WindowsApps\12176PicturePerfectApps.CleanMasteradvanced_1.1.8.0_x64__e40414p8savay [2019-03-29] (0) Desktop Live Wallpapers -> C:\Program Files\WindowsApps\48405AmbientSoftware.LiveDesktopWallpapers_1.2.17.0_neutral__agy8jafheqhng [2019-05-04] (0) Email Reader Metro -> C:\Program Files\WindowsApps\46067Anbalaghan.EmailReaderMetro_7.0.0.0_x64__k5hz18vdatrhw [2019-03-29] (0) Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) IDM Integration Module -> C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2019-04-09] (0) Ihr Smartphone -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21022.168.0_x64__8wekyb3d8bbwe [2021-04-10] (Microsoft Corporation) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-02-28] (Instagram) Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-18] (Apple Inc.) [Startup Task] LastPass -> C:\Program Files\WindowsApps\LastPass.LastPass_3.0.7.0_x64__sbg7naapqq8fj [2019-04-08] (0) LastPass: Free Password Manager -> C:\Program Files\WindowsApps\LastPass.LastPassFreePasswordManager_4.29.0.0_neutral__qq0fmhteeht3j [2019-06-08] (0) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-17] (Netflix, Inc.) Playlist Converter -> C:\Program Files\WindowsApps\27452DennisBakker.PlaylistConverter_2.2.96.0_x64__j7m1vj59st4m6 [2021-02-11] (Appstend) [MS Ad] Python 3.9 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.9_3.9.1264.0_x64__qbz5n2kfra8p0 [2021-04-08] (Python Software Foundation) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-06-04] (Adobe Systems Incorporated) Samsung Flow -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.7.6.0_x64__wyx1vj98g3asy [2021-02-24] (Samsung Electronics Co, Ltd.) SoundCloud for Windows (Beta) -> C:\Program Files\WindowsApps\SoundcloudLtd.SoundCloudforWindowsBeta_1.1.36.0_x64__2xc63xn306dnw [2021-02-11] (Soundcloud Ltd.) Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.13.154.0_x64__43tkc6nmykmb6 [2021-02-11] (Ookla) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0 [2021-04-04] (Spotify AB) [Startup Task] Video Editor & Slideshow Maker -> C:\Program Files\WindowsApps\23140Kinderjoy.VideoEditorSlideshowMaker_1.1.160.0_x64__4k9s1t26vykqt [2019-06-27] (Video Apps Mechanic) [MS Ad] XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.8.0_x86__xpfg3f7e9an52 [2021-02-24] (New Work SE) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-3D68AAEFC418} -> [Creative Cloud Files] => C:\Users\gnxks\Creative Cloud Files [2019-06-16 21:04] CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\gnxks\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{27DBBC79-11C5-4286-98F5-67CE8FB719DC} -> [MEGAsync] => A:\MEGAsync0 CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\gnxks\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\gnxks\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\gnxks\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.) CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\gnxks\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-08] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\gnxks\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-08] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\gnxks\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-08] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2021-03-03] (Tonec Inc. -> Tonec FZE) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-01] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-01] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-01] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> Keine Datei ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> Keine Datei ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> Keine Datei ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\gnxks\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-08] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\gnxks\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-08] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\gnxks\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-08] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-01] (Adobe Inc. -> ) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-17] (Notepad++ -> ) ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Keine Datei ContextMenuHandlers1: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2021-03-22] () [Datei ist nicht signiert] ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google) ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => Z:\GPG\Gpg4win\bin_64\gpgex.dll -> Keine Datei ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [Datei ist nicht signiert] ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\gnxks\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-08] (Mega Limited -> ) ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Keine Datei ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\gnxks\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-08] (Mega Limited -> ) ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2021-03-25] (VMware, Inc. -> VMware, Inc.) ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2021-03-25] (VMware, Inc. -> VMware, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-13] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\gnxks\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-08] (Mega Limited -> ) ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Keine Datei ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google) ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => Z:\GPG\Gpg4win\bin_64\gpgex.dll -> Keine Datei ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [Datei ist nicht signiert] ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\gnxks\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-08] (Mega Limited -> ) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-01-22] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-01] (Adobe Inc. -> ) ContextMenuHandlers6: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2021-03-22] () [Datei ist nicht signiert] ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => C:\ProgramData\AllDup\FEShlExt.dll [2008-08-21] (Alex Yakovlev) [Datei ist nicht signiert] ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [Datei ist nicht signiert] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-13] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [vidc.mjpg] => bdmjpeg64.dll HKLM\...\Drivers32: [vidc.mpeg] => bdmpegv64.dll HKLM\...\Drivers32: [msacm.bdmpeg] => bdmpega64.acm HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> ) HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> ) ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Beta-Apps\Authy.lnk -> C:\Program Files (x86)\Google\Chrome Beta\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb ShortcutWithArgument: C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Beta-Apps\Postman.lnk -> C:\Program Files (x86)\Google\Chrome Beta\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2020-08-13 16:33 - 2020-08-13 16:33 - 000209408 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll 2020-08-13 16:33 - 2020-08-13 16:33 - 000101376 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll 2018-08-16 14:54 - 2018-08-16 14:54 - 001484800 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Kinoni\EpocCam\avcodec-58.dll 2018-08-16 14:52 - 2018-08-16 14:52 - 000556544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Kinoni\EpocCam\avutil-56.dll 2018-08-16 14:54 - 2018-08-16 14:54 - 000190464 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Kinoni\EpocCam\swresample-3.dll 2018-08-16 14:55 - 2018-08-16 14:55 - 000514048 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Kinoni\EpocCam\swscale-5.dll 2021-03-22 20:44 - 2021-03-22 20:44 - 000088576 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000056320 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\bz2.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 001130496 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000117760 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\expat.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000222208 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\fontconfig.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000009728 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\libcharset.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000918016 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\libiconv.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000164864 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\libpng16.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000074752 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000011776 _____ () [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\libEGL.DLL 2020-08-12 10:54 - 2020-08-12 10:54 - 002013696 _____ () [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\libGLESv2.dll 2020-07-28 09:34 - 2020-07-28 09:34 - 000087040 _____ () [Datei ist nicht signiert] C:\Program Files\Hue Sync\aws-c-common.dll 2020-07-28 09:34 - 2020-07-28 09:34 - 000028160 _____ () [Datei ist nicht signiert] C:\Program Files\Hue Sync\aws-c-event-stream.dll 2020-07-28 09:34 - 2020-07-28 09:34 - 000046080 _____ () [Datei ist nicht signiert] C:\Program Files\Hue Sync\aws-checksums.dll 2020-07-28 09:34 - 2020-07-28 09:34 - 001590784 _____ () [Datei ist nicht signiert] C:\Program Files\Hue Sync\aws-cpp-sdk-core.dll 2020-07-28 09:34 - 2020-07-28 09:34 - 006056448 _____ () [Datei ist nicht signiert] C:\Program Files\Hue Sync\aws-cpp-sdk-s3.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000114176 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\_ctypes.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000172544 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\_elementtree.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 002255872 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\_hashlib.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000032256 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\_multiprocessing.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000046080 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\_psutil_windows.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000047616 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\_socket.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 002824704 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\_ssl.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000026112 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\_yappi.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000080896 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\bz2.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000015872 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\common.time34.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000007680 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\hashobjs_ext.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000301568 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\PIL._imaging.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000168448 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\pyexpat.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001084416 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\pysqlite2._sqlite.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000548864 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\pythoncom27.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000137728 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\pywintypes27.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000010752 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\select.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000020992 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\thumbnails_ext.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000689664 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\unicodedata.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000119808 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\usb_ext.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000128512 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32api.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000438784 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32com.shell.shell.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000011776 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32crypt.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000023040 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32event.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000149504 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32file.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000223232 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32gui.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000048128 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32inet.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000029696 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32pdh.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000027648 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32pipe.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000044032 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32process.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000020480 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32profile.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000136192 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32security.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000026624 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\win32ts.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\windows.conditional.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000037888 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\windows.connectivity.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000071680 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\windows.device_monitor.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000103936 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\windows.volumes.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000019968 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\windows.winwrap.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001325056 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\wx._controls_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001489408 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\wx._core_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001007104 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\wx._gdi_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000103424 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\wx._html2.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000916992 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\wx._misc_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001039872 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\wx._windows_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000114176 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\_ctypes.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000172544 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\_elementtree.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 002255872 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\_hashlib.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000032256 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\_multiprocessing.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000046080 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\_psutil_windows.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000047616 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\_socket.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 002824704 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\_ssl.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000026112 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\_yappi.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000080896 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\bz2.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000015872 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\common.time34.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000007680 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\hashobjs_ext.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000301568 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\PIL._imaging.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000168448 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\pyexpat.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001084416 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\pysqlite2._sqlite.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000548864 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\pythoncom27.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000137728 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\pywintypes27.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000010752 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\select.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000020992 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\thumbnails_ext.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000689664 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\unicodedata.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000119808 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\usb_ext.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000128512 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32api.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000438784 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32com.shell.shell.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000011776 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32crypt.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000023040 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32event.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000149504 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32file.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000223232 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32gui.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000048128 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32inet.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000029696 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32pdh.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000027648 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32pipe.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000044032 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32process.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000020480 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32profile.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000136192 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32security.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000026624 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\win32ts.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\windows.conditional.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000037888 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\windows.connectivity.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000071680 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\windows.device_monitor.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000103936 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\windows.volumes.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000019968 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\windows.winwrap.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001325056 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\wx._controls_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001489408 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\wx._core_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001007104 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\wx._gdi_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000103424 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\wx._html2.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000916992 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\wx._misc_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001039872 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\wx._windows_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000114176 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\_ctypes.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000172544 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\_elementtree.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 002255872 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\_hashlib.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000032256 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\_multiprocessing.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000046080 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\_psutil_windows.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000047616 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\_socket.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 002824704 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\_ssl.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000026112 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\_yappi.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000080896 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\bz2.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000015872 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\common.time34.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000007680 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\hashobjs_ext.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000301568 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\PIL._imaging.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000168448 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\pyexpat.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001084416 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\pysqlite2._sqlite.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000548864 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\pythoncom27.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000137728 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\pywintypes27.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000010752 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\select.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000020992 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\thumbnails_ext.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000689664 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\unicodedata.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000119808 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\usb_ext.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000128512 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32api.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000438784 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32com.shell.shell.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000011776 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32crypt.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000023040 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32event.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000149504 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32file.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000223232 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32gui.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000048128 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32inet.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000029696 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32pdh.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000027648 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32pipe.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000044032 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32process.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000020480 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32profile.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000136192 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32security.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000026624 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\win32ts.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000034304 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\windows.conditional.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000037888 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\windows.connectivity.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000071680 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\windows.device_monitor.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000103936 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\windows.volumes.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000019968 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\windows.winwrap.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001325056 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\wx._controls_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001489408 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\wx._core_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001007104 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\wx._gdi_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000103424 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\wx._html2.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 000916992 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\wx._misc_.pyd 2021-04-10 18:23 - 2021-04-10 18:23 - 001039872 _____ () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\wx._windows_.pyd 2020-11-23 16:52 - 2020-11-23 16:52 - 031859200 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 010266624 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\avfilter-7.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 010868736 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 001006592 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000125440 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\postproc-55.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000316416 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000524800 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll 2017-01-05 21:45 - 2017-01-05 21:45 - 000259584 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL 2021-03-11 10:47 - 2021-03-11 10:47 - 003060736 _____ (Newtonsoft) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\e5e20eaa3bfed45a3478e203cc62209b\Newtonsoft.Json.ni.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000055808 _____ (Open Source Software community LGPL) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 001420800 _____ (Pizzolato Davide - www.xdp.it) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\cximageu.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 003043328 _____ (Python Software Foundation) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\python27.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 003043328 _____ (Python Software Foundation) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\python27.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 003043328 _____ (Python Software Foundation) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\python27.dll 2021-01-28 19:02 - 2021-01-28 19:02 - 004579840 _____ (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll 2021-01-28 19:01 - 2021-01-28 19:01 - 002872320 _____ (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll 2021-01-28 19:01 - 2021-01-28 19:01 - 006453248 _____ (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll 2020-06-24 10:01 - 2020-06-24 10:01 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000527872 _____ (The FreeType Project) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\freetype.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 001657856 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\LIBEAY32.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000321024 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\ssleay32.dll 2020-07-03 13:32 - 2020-07-03 13:32 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll 2020-07-03 13:32 - 2020-07-03 13:32 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll 2020-12-22 12:03 - 2019-09-11 18:11 - 003386880 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Programs\Chatterino\libcrypto-1_1-x64.dll 2020-12-22 12:03 - 2019-09-11 18:11 - 000679424 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Programs\Chatterino\libssl-1_1-x64.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000048128 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\bearer\qgenericbearer.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000032768 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qgif.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000039936 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qicns.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000033280 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qico.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000331264 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qjpeg.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000026112 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qsvg.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000025600 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qtga.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000371712 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qtiff.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000024064 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qwbmp.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000492544 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\imageformats\qwebp.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 001424896 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\platforms\qwindows.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 005892608 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Core.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 006332416 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Gui.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 001245696 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Network.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 003279360 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Qml.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 003600384 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Quick.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000329216 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Svg.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 005496832 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\Qt5Widgets.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000018432 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\QtQuick.2\qtquick2plugin.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000314880 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\QtQuick\Controls\qtquickcontrolsplugin.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000091648 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\QtQuick\Layouts\qquicklayoutsplugin.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000018432 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\QtQuick\Window.2\windowplugin.dll 2020-08-12 10:54 - 2020-08-12 10:54 - 000135168 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Common Files\MAGIX Services\Update Notifier\styles\qwindowsvistastyle.dll 2020-12-22 12:03 - 2020-11-17 11:59 - 006165112 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Programs\Chatterino\Qt5Core.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000110207 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\BASS.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000019008 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\BASSCD.dll 2020-11-23 16:52 - 2020-11-23 16:52 - 000017472 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung DeX\BASSWMA.dll 2020-12-21 08:20 - 2020-12-21 08:20 - 000218624 _____ (WIBU-SYSTEMS AG) [Datei ist nicht signiert] C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.lDe 2020-12-21 08:20 - 2020-12-21 08:20 - 000049664 _____ (WIBU-SYSTEMS AG) [Datei ist nicht signiert] C:\WINDOWS\SYSTEM32\WIBUCM64.lDe 2016-11-16 14:58 - 2016-11-16 14:58 - 000250368 _____ (Windows (R) Codename Longhorn DDK provider) [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000202240 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\wxbase30u_net_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 002831872 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\wxbase30u_vc90_x64.dll 2021-04-10 18:24 - 2021-04-10 18:24 - 001654784 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\wxmsw30u_adv_vc90_x64.dll 2021-04-10 18:24 - 2021-04-10 18:24 - 006542336 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\wxmsw30u_core_vc90_x64.dll 2021-04-10 18:24 - 2021-04-10 18:24 - 000773632 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\wxmsw30u_html_vc90_x64.dll 2021-04-10 18:24 - 2021-04-10 18:24 - 000137216 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI151122\wxmsw30u_webview_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000202240 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\wxbase30u_net_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 002831872 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\wxbase30u_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 001654784 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\wxmsw30u_adv_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 006542336 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\wxmsw30u_core_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000773632 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\wxmsw30u_html_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000137216 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI155122\wxmsw30u_webview_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000202240 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\wxbase30u_net_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 002831872 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\wxbase30u_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 001654784 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\wxmsw30u_adv_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 006542336 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\wxmsw30u_core_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000773632 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\wxmsw30u_html_vc90_x64.dll 2021-04-10 18:23 - 2021-04-10 18:23 - 000137216 _____ (wxWidgets development team) [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Temp\_MEI225882\wxmsw30u_webview_vc90_x64.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Windows:CM_84ef824d9223cefd9bd822e6d77642667f7d6fb48eed9e6869b85458646cdb76 [74] AlternateDataStreams: C:\Windows:CM_c99942455a9c503e19a638848b3be80d8d04f7176b8db08566b3fc4f618f63be [74] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=bgy_dbnwss_19_38_ssg00¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwingy%26cd%3D2XzuyEtN2Y1L1QzuyE0C0E0D0F0B0C0BtA0FtBtD0B0B0FtDtN0D0Tzu0StBzztBtDtN1L2XzuyEtFyDyDtFtDtFtCtAtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDtAyE0FyDtCtCyBtGyEtC0D0EtGtBtCyBtCtGyCtAzzyBtGzzyE0C0FyBzz0AtD0DzztD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz1S1OyD1StAtD1OtG1R1Q1Q1StGyEzztA1QtG1T1RyB1PtG1RyByC1O1P1T1StAzyzytAtA2QtN0A0LzutDtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCzytDzyzztCzytC%26cr%3D461987780%26a%3Dbgy_dbnwss_19_38_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2020-12-12] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-06-04] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-06-04] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2020-12-12] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\Neuer Ordner\bin\ssv.dll [2020-06-03] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\Neuer Ordner\bin\jp2ssv.dll [2020-06-03] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Toolbar: HKLM-x32 - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\localhost -> localhost ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-07-13 21:49 - 2020-10-24 19:59 - 000000187 _____ C:\WINDOWS\system32\drivers\etc\hosts 185.189.112.66 de-007.whiskergalaxy.com #added by Windscribe, do not modify. 185.104.184.130 de-005.whiskergalaxy.com #added by Windscribe, do not modify. 2021-03-21 01:14 - 2021-03-28 00:10 - 000000525 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.26.176.1 Daniel.mshome.net # 2026 3 4 26 22 10 53 238 ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\VMware\VMware Player\bin\ HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\gnxks\AppData\Roaming\IrfanView\IrfanView_Wallpaper.png DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) ist aktiviert. |
10.04.2021, 17:38 | #25 |
| Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer?Code:
ATTFilter Network Binding: ============= Ethernet 3: VMware Bridge Protocol -> vmware_bridge (enabled) Ethernet 3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet 3: NordVPN LightWeight Firewall -> NordLwf (enabled) VPN - VPN Client: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) VPN - VPN Client: VMware Bridge Protocol -> vmware_bridge (enabled) VPN - VPN Client: NordVPN LightWeight Firewall -> NordLwf (enabled) vEthernet (Ethernet): VMware Bridge Protocol -> vmware_bridge (enabled) vEthernet (Ethernet): VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) vEthernet (Ethernet): NordVPN LightWeight Firewall -> NordLwf (enabled) vEthernet (VMware Network ) 2: VMware Bridge Protocol -> vmware_bridge (enabled) vEthernet (VMware Network ) 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) vEthernet (VMware Network ) 2: NordVPN LightWeight Firewall -> NordLwf (enabled) Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled) OpenVPN Wintun: VMware Bridge Protocol -> vmware_bridge (enabled) Bluetooth-Netzwerkverbindung 4: VMware Bridge Protocol -> vmware_bridge (enabled) vEthernet (Ethernet 2): VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) vEthernet (Ethernet 2): VMware Bridge Protocol -> vmware_bridge (enabled) vEthernet (Ethernet 2): NordVPN LightWeight Firewall -> NordLwf (enabled) VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) NordLynx: VMware Bridge Protocol -> vmware_bridge (enabled) vEthernet (Ethernet 3): VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) vEthernet (Ethernet 3): NordVPN LightWeight Firewall -> NordLwf (enabled) vEthernet (Ethernet 3): VMware Bridge Protocol -> vmware_bridge (enabled) LAN-Verbindung: NordVPN LightWeight Firewall -> NordLwf (enabled) LAN-Verbindung: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) LAN-Verbindung: VMware Bridge Protocol -> vmware_bridge (enabled) Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled) Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet 2: VMware Bridge Protocol -> vmware_bridge (enabled) vEthernet (VMware Network ): VMware Bridge Protocol -> vmware_bridge (enabled) vEthernet (VMware Network ): NordVPN LightWeight Firewall -> NordLwf (enabled) vEthernet (VMware Network ): VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) MSCONFIG\Services: AdobeUpdateService => 2 MSCONFIG\Services: asComSvc => 2 MSCONFIG\Services: CleanupPSvc => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: cplspcon => 2 MSCONFIG\Services: DisplayFusionService => 2 MSCONFIG\Services: FileZilla Server => 2 MSCONFIG\Services: GamingApp_Service => 2 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: hmevpnsvc => 2 MSCONFIG\Services: iaStorAfsService => 3 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: igfxCUIService2.0.0.0 => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LightingService => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: nordvpn-service => 2 MSCONFIG\Services: OverwolfUpdater => 3 MSCONFIG\Services: SecureLine => 2 MSCONFIG\Services: ss_conn_service => 2 MSCONFIG\Services: VBoxSDS => 3 MSCONFIG\Services: WTabletServicePro => 2 HKLM\...\StartupApproved\StartupFolder: => "Update UWP App.lnk" HKLM\...\StartupApproved\StartupFolder: => "Avast Cleanup Premium.lnk" HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "Uncouth" HKLM\...\StartupApproved\Run: => "Cates" HKLM\...\StartupApproved\Run32: => "Updater" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Launch 0 FwCustom" HKLM\...\StartupApproved\Run32: => "ZELOTES C-12" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface" HKLM\...\StartupApproved\Run32: => "IncrediBuild Agent Monitor" HKLM\...\StartupApproved\Run32: => "SoundTouchHelper" HKLM\...\StartupApproved\Run32: => "SoundTouch Music Server" HKLM\...\StartupApproved\Run32: => "Whistleblower" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\StartupFolder: => "bywaterbywater.lnk" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\StartupFolder: => "Voicemeeter (VB-Audio).LNK" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "Gaijin.Net Agent" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "DisplayFusion" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "Epic Privacy Browser Installer" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "VideoDownloaderUltimate" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "WCEScheduler" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "Plunge" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "Banville" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "Wilkes" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "Jezebel" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "NordVPN" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\StartupApproved\Run: => "Gyazo" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{0A7B5DE0-2C11-4B1E-BD8D-01874247BD6E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei FirewallRules: [{73166844-EB42-40C3-A377-774D6578D8F8}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei FirewallRules: [{FC7E72AF-AB0F-4447-B06B-E2ED5A178FDC}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => Keine Datei FirewallRules: [UDP Query User{7A22B654-B1D1-4021-9BC4-DFBA82095DF2}C:\users\gnxks\appdata\local\discordcanary\app-0.0.270\discordcanary.exe] => (Allow) C:\users\gnxks\appdata\local\discordcanary\app-0.0.270\discordcanary.exe => Keine Datei FirewallRules: [TCP Query User{E633BC62-9F65-470C-80F3-44561C088C86}C:\users\gnxks\appdata\local\discordcanary\app-0.0.270\discordcanary.exe] => (Allow) C:\users\gnxks\appdata\local\discordcanary\app-0.0.270\discordcanary.exe => Keine Datei FirewallRules: [UDP Query User{1E70A286-1B55-4ADA-8462-E6FAEDA0151E}C:\users\gnxks\appdata\roaming\premid\premid.exe] => (Block) C:\users\gnxks\appdata\roaming\premid\premid.exe => Keine Datei FirewallRules: [TCP Query User{0C6B9B23-E42A-471F-BB4E-E9D77092C7EA}C:\users\gnxks\appdata\roaming\premid\premid.exe] => (Block) C:\users\gnxks\appdata\roaming\premid\premid.exe => Keine Datei FirewallRules: [UDP Query User{59F7250A-4843-4E65-84FF-D64C962FA6F9}C:\users\gnxks\appdata\local\discordcanary\app-0.0.266\discordcanary.exe] => (Allow) C:\users\gnxks\appdata\local\discordcanary\app-0.0.266\discordcanary.exe => Keine Datei FirewallRules: [TCP Query User{D55B15C5-FBD2-4D3F-8AC1-E902CB9B3536}C:\users\gnxks\appdata\local\discordcanary\app-0.0.266\discordcanary.exe] => (Allow) C:\users\gnxks\appdata\local\discordcanary\app-0.0.266\discordcanary.exe => Keine Datei FirewallRules: [{D5C48163-66A4-47CE-B416-54224014DB4A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{90E0E5A7-D003-4264-919A-C367A4F6FFB3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B8C60C50-7451-45DF-9181-FFD32D5BB02C}] => (Allow) C:\Users\gnxks\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{ABFB8C27-B4A8-4C4F-AF23-E6FC20A049E7}] => (Allow) C:\Users\gnxks\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{FD46C486-4F31-47BC-A1B7-C6139788C7FD}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.) FirewallRules: [{E9715069-9C40-431A-8478-E4222F7B4DB4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Keine Datei FirewallRules: [{EBD2D52D-58B4-4090-95F0-E52F96E2AF0C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Keine Datei FirewallRules: [UDP Query User{8EF6AD7A-22ED-43AA-A838-DD96C49BDD9A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{4B26527E-9779-47AE-9385-9C1093C84E3D}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{A80ABC3F-4F9C-4D8A-8C08-FB7C1342F6F6}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{AC760031-CB48-4198-91A7-B0A78F403225}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{35021ED9-5065-4B38-AEE8-33FE5F64E14F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3B66E46D-38C6-4014-B4BF-F27229747E1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{1ABEAB64-6F1A-43F7-BD93-DBA789A8C599}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A9F106A2-01E7-407F-AF92-37E4CAD72529}] => (Allow) LPort=2869 FirewallRules: [{7FCA78D5-8B72-47DD-8B10-B3C2108822D1}] => (Allow) LPort=1900 FirewallRules: [{A9AFAECA-BA50-49AF-9E95-469F8F6D4106}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [{EFC68B65-002A-401C-9D44-33F0B11C9466}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei FirewallRules: [{AEC9E2B0-6FAC-44BD-A5CF-8CBB824FD4D1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei FirewallRules: [{3F8A3543-4921-49D5-86BB-E6EECD96C069}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => Keine Datei FirewallRules: [{5AB365CA-4A75-4CF7-834F-250BDC0EB4D4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => Keine Datei FirewallRules: [{24FD0540-4EDB-47C2-B07A-0A6038B78F50}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe => Keine Datei FirewallRules: [{41BB59C3-2BF6-4784-AA89-F32FA98DFCC3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => Keine Datei FirewallRules: [{FAA13A7B-EE04-49C1-830E-F1B8F69BAD8A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => Keine Datei FirewallRules: [{746BBCA9-EB94-457E-B643-0BA2E60DC073}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform) FirewallRules: [{E7659BA5-FBD7-4FEC-9CC7-E063259574D9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform) FirewallRules: [{7840095E-2EFB-4965-981F-D0B21B10FD7C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Odyssey\ACOdyssey.exe => Keine Datei FirewallRules: [TCP Query User{4F7C35F5-9D0A-48AB-B203-011800ADAD70}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{EA3A0427-82A2-45DE-AC22-2EB05E9CB5B6}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{95B456AA-F51C-4083-89CA-79D1C15D32BA}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{9E447EC6-913E-43CE-985A-20F48922D2FE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{E86C5468-72A8-4A7B-BEAC-372423EEC2F0}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Adobe Systems Incorporated -> Node.js) FirewallRules: [UDP Query User{188304D0-97E9-44AC-9337-2E694108DC69}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Adobe Systems Incorporated -> Node.js) FirewallRules: [{5D5BBB0D-FD42-440B-B744-816E42F52C0A}] => (Allow) C:\Program Files\SABnzbd\SABnzbd.exe (The SABnzbd-team) [Datei ist nicht signiert] FirewallRules: [{9666FFBF-35EA-442D-9C6E-82574383FE32}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS) FirewallRules: [{DD2D02A6-7875-403E-A2C5-E6EDC5869B60}] => (Block) C:\Program Files\Unity\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS) FirewallRules: [TCP Query User{1D013154-5EA5-4D09-9BD7-5379EA9F7698}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio) FirewallRules: [UDP Query User{95354A7D-BD68-423E-8134-B771E518032E}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio) FirewallRules: [TCP Query User{B9B9724D-59D6-424D-816E-796F35EA455F}Z:\programs\jdownloader\jdownloader 2.0\jdownloader2.exe] => (Allow) Z:\programs\jdownloader\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH) FirewallRules: [UDP Query User{AE041ABF-323B-4B70-A50E-0E3937584262}Z:\programs\jdownloader\jdownloader 2.0\jdownloader2.exe] => (Allow) Z:\programs\jdownloader\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH) FirewallRules: [TCP Query User{EC9FA3B7-0024-4C88-ADFA-CD81E0776B0F}D:\windowsapps\spotifyab.spotifymusic_1.105.152.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) D:\windowsapps\spotifyab.spotifymusic_1.105.152.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei FirewallRules: [UDP Query User{EDB77AF5-FC51-4AD2-B528-0682B101755A}D:\windowsapps\spotifyab.spotifymusic_1.105.152.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) D:\windowsapps\spotifyab.spotifymusic_1.105.152.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei FirewallRules: [{78BA9053-4670-4439-8607-DDB2715FF8DF}] => (Allow) D:0\SteamLibrary\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => Keine Datei FirewallRules: [{582B9108-AC11-4AC8-92F2-962A732BDA39}] => (Allow) D:0\SteamLibrary\steamapps\common\FarCry5\bin\ArcadeEditor64.exe => Keine Datei FirewallRules: [{28D7BCED-E036-4010-8F33-152A6AEA9070}] => (Allow) C:\Program Files (x86)\Kefauver\Boaster.exe => Keine Datei FirewallRules: [{2771A14A-287B-4610-A5B7-F8BE3F3ADDEE}] => (Allow) C:\Program Files (x86)\lees\Unruffled.exe => Keine Datei FirewallRules: [{7BBAC336-8209-4076-A3DA-749E3F5C344B}] => (Allow) C:\Program Files (x86)\Kefauver\Unruffled.exe => Keine Datei FirewallRules: [{FCF6C659-68AD-4103-9EBA-5D82029FD3DF}] => (Allow) C:\WINDOWS\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{5E33CB30-69EF-470F-B975-51ACCD1EF7C2}] => (Allow) C:\WINDOWS\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{6A93BC6C-D908-4B8C-90A4-E739CDD94902}D:\windowsapps\spotifyab.spotifymusic_1.107.13766.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) D:\windowsapps\spotifyab.spotifymusic_1.107.13766.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei FirewallRules: [UDP Query User{854BBF46-2765-4E99-993F-98A101AD6A36}D:\windowsapps\spotifyab.spotifymusic_1.107.13766.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) D:\windowsapps\spotifyab.spotifymusic_1.107.13766.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei FirewallRules: [TCP Query User{D97899C8-F40D-4A48-9315-0B9B8568B387}Z:\server - testserver\mysql\bin\mysqld.exe] => (Allow) Z:\server - testserver\mysql\bin\mysqld.exe => Keine Datei FirewallRules: [UDP Query User{0250A272-628F-49A9-880A-F605FDE4432A}Z:\server - testserver\mysql\bin\mysqld.exe] => (Allow) Z:\server - testserver\mysql\bin\mysqld.exe => Keine Datei FirewallRules: [TCP Query User{B3916BED-EDAB-4FC3-B58F-42B84DE15B96}Z:\server - testserver\apache\bin\httpd.exe] => (Allow) Z:\server - testserver\apache\bin\httpd.exe => Keine Datei FirewallRules: [UDP Query User{6A0AD4EB-DB68-4DAD-9757-0AC8C4B7F2E0}Z:\server - testserver\apache\bin\httpd.exe] => (Allow) Z:\server - testserver\apache\bin\httpd.exe => Keine Datei FirewallRules: [TCP Query User{50D14FF3-AC65-4BEC-BAA1-76A1DA4EAB1A}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe FirewallRules: [UDP Query User{AE983F81-999D-4D01-8E02-B7FD2D65605D}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe FirewallRules: [TCP Query User{191D25A6-ECFE-46CB-A476-7FBCAF69C0ED}D:\windowsapps\spotifyab.spotifymusic_1.108.439.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) D:\windowsapps\spotifyab.spotifymusic_1.108.439.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei FirewallRules: [UDP Query User{EF5FC1C3-1B44-4B35-9BB5-0943B136DCEF}D:\windowsapps\spotifyab.spotifymusic_1.108.439.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) D:\windowsapps\spotifyab.spotifymusic_1.108.439.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei FirewallRules: [TCP Query User{2FD2CA92-172A-4136-9E90-BF99872BD9CC}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe (Google LLC -> JetBrains s.r.o.) FirewallRules: [UDP Query User{3602BB9F-E606-460F-B668-0DECD851BBAB}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe (Google LLC -> JetBrains s.r.o.) FirewallRules: [TCP Query User{960552A7-C60C-4599-A2A5-57DB41D0EAA4}C:\users\gnxks\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gnxks\appdata\roaming\spotify\spotify.exe => Keine Datei FirewallRules: [UDP Query User{2888A867-6D67-495F-84DB-7276EDE6C402}C:\users\gnxks\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gnxks\appdata\roaming\spotify\spotify.exe => Keine Datei FirewallRules: [TCP Query User{FB1D1D49-9E9D-45BB-A1D5-855FA436FDA7}D:0\program files\microsoft vs code\code.exe] => (Allow) D:0\program files\microsoft vs code\code.exe => Keine Datei FirewallRules: [UDP Query User{3C5913DC-88D8-4A7C-BE0C-0EE366DDB0B3}D:0\program files\microsoft vs code\code.exe] => (Allow) D:0\program files\microsoft vs code\code.exe => Keine Datei FirewallRules: [TCP Query User{4D440E09-1055-43EA-9BCA-EC50A669CC68}D:0\games\gta\gvmp - launcher\server-files\server.exe] => (Allow) D:0\games\gta\gvmp - launcher\server-files\server.exe => Keine Datei FirewallRules: [UDP Query User{CB6535A0-246A-4E13-9D01-2E7375ED4479}D:0\games\gta\gvmp - launcher\server-files\server.exe] => (Allow) D:0\games\gta\gvmp - launcher\server-files\server.exe => Keine Datei FirewallRules: [{D4886E05-F8C7-4BB8-8954-1C4C032C7D6D}] => (Allow) D:0\SteamLibrary\steamapps\common\FarCry5\bin\FarCry5.exe => Keine Datei FirewallRules: [{5B4B0FDE-B3B5-48A1-BAF6-7D4E2FCDC2A2}] => (Allow) D:0\SteamLibrary\steamapps\common\FarCry5\bin\FarCry5.exe => Keine Datei FirewallRules: [{BF1F8C3F-4881-4789-9CBD-0A9216E2F16B}] => (Allow) D:0\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe => Keine Datei FirewallRules: [{845E860C-3747-455C-80F5-5E360F536937}] => (Allow) D:0\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe => Keine Datei FirewallRules: [{30CCE6BA-2E5A-4D7F-A903-46DA22900F24}] => (Allow) D:0\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe => Keine Datei FirewallRules: [{8F997244-256A-4041-B14F-7D67F1593732}] => (Allow) D:0\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe => Keine Datei FirewallRules: [{DA4011C1-C33D-4C43-A817-529FB4D57256}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Setup Helper\VLC Setup Helper.exe (Hobbyist Software Limited -> Hobbyist Software) [Datei ist nicht signiert] FirewallRules: [{80560073-BF8A-432B-B8C8-106FCF2BB211}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Setup Helper\mDNSResponder.exe (Apple Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{B65FF09D-A8FC-4C71-BBCB-FBD792B5E228}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe => Keine Datei FirewallRules: [UDP Query User{8EBC2446-5F5F-4E02-B790-08D82EDDE8EE}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe => Keine Datei FirewallRules: [{CC7EE9A7-A32C-417F-AEE6-A059C11DAF19}] => (Allow) D:0\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei FirewallRules: [{3BA9D73A-A36F-4A49-8FE9-50B2510E9F46}] => (Allow) D:0\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei FirewallRules: [TCP Query User{14F22D4E-9D03-4D4B-95AE-A93AE87408AB}C:\users\gnxks\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\users\gnxks\appdata\local\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH) FirewallRules: [UDP Query User{487CF54C-A970-4023-9CF7-77596670A301}C:\users\gnxks\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\users\gnxks\appdata\local\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH) FirewallRules: [{598D654A-3298-4460-833B-6090DA21D61A}] => (Allow) D:0\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei FirewallRules: [{79F411B0-F071-49E5-850A-D77128B333D8}] => (Allow) D:0\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei FirewallRules: [TCP Query User{D9EEC00B-B7F0-4734-B755-879300FEBC63}D:0\games\blizzard\call of duty black ops 4\blackops4.exe] => (Allow) D:0\games\blizzard\call of duty black ops 4\blackops4.exe => Keine Datei FirewallRules: [UDP Query User{B1028627-53AB-4D81-8928-C84A0E0FE8C9}D:0\games\blizzard\call of duty black ops 4\blackops4.exe] => (Allow) D:0\games\blizzard\call of duty black ops 4\blackops4.exe => Keine Datei FirewallRules: [TCP Query User{9BCBD876-39E6-4A3E-86D4-03A2D0BA080A}D:\games\bussimulator18\engine\binaries\win64\ue4editor.exe] => (Allow) D:\games\bussimulator18\engine\binaries\win64\ue4editor.exe => Keine Datei FirewallRules: [UDP Query User{B7D1D005-C8E4-423E-ADAC-5470F9AA1927}D:\games\bussimulator18\engine\binaries\win64\ue4editor.exe] => (Allow) D:\games\bussimulator18\engine\binaries\win64\ue4editor.exe => Keine Datei FirewallRules: [{8725882F-338C-46B0-A0DE-8437E1E4CE7B}] => (Allow) D:\GAMES\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment) FirewallRules: [{C8491368-B743-4E51-85F5-27E63BE286CE}] => (Allow) D:\GAMES\WATCH_DOGS2\bin\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment) FirewallRules: [{E1FCF670-2E73-4CF3-A916-3932059C19DF}] => (Allow) D:\GAMES\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{6C0E6455-04E1-45D0-9384-6776C185BF3E}] => (Allow) D:\GAMES\WATCH_DOGS2\EAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{FBD89698-E20C-43A6-991E-01E78BD405B6}D:\games\blizzard\call of duty black ops 4\blackops4.exe] => (Allow) D:\games\blizzard\call of duty black ops 4\blackops4.exe => Keine Datei FirewallRules: [UDP Query User{5DC83E20-5ECD-4CF3-8D27-5073DD62188E}D:\games\blizzard\call of duty black ops 4\blackops4.exe] => (Allow) D:\games\blizzard\call of duty black ops 4\blackops4.exe => Keine Datei FirewallRules: [{CC87B17F-A4B7-48B0-92C7-1CF382754F23}] => (Allow) D:0\Games\GTA\GTA5.exe => Keine Datei FirewallRules: [{C504B466-ECF4-47B7-8A5B-3DE353844B60}] => (Allow) D:0\Games\GTA\GTA5.exe => Keine Datei FirewallRules: [{D2BBBF98-89CD-4598-95EB-B6266A6DC3CC}] => (Allow) D:\GAMES\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{7ECA39FD-50A8-46BF-9A1D-C96B2ECC0C0E}] => (Allow) D:\GAMES\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{0BD27FEE-2059-4C57-BE15-9BF90F5E805D}] => (Allow) D:\GAMES\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{139BE544-1C69-4CF4-A2C2-6532CF7DB653}] => (Allow) D:\GAMES\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [TCP Query User{D26D79F5-E55A-4F7A-BA21-5C9AB38402AC}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [UDP Query User{BA7BB2FA-932A-4F12-823D-DFCC527D4941}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [{20C70023-8089-4F72-AE0C-04C4C3D1D147}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{14C3810D-A267-41C5-88CE-0CB6DBB82747}] => (Allow) LPort=5357 FirewallRules: [{557C5AC1-1B0C-4325-85A8-302A08606361}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [TCP Query User{63117F70-284A-4288-BC7B-A576F90A223A}C:\users\gnxks\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\users\gnxks\appdata\local\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH) FirewallRules: [UDP Query User{3449C0BE-3345-4F0F-8AA2-E9BFFE2A460C}C:\users\gnxks\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) C:\users\gnxks\appdata\local\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH) FirewallRules: [TCP Query User{0893324D-A046-4AE3-B6AF-D50A03B3795E}D:0\program files\server-files\server.exe] => (Allow) D:0\program files\server-files\server.exe => Keine Datei FirewallRules: [UDP Query User{2194E317-6FEA-4767-B6CA-10B297548B9B}D:0\program files\server-files\server.exe] => (Allow) D:0\program files\server-files\server.exe => Keine Datei FirewallRules: [TCP Query User{019B3B2D-26CB-494A-B57B-253081218D53}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{0086D3DA-B95C-43DB-9C6A-1A2E38769644}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{7533287E-EFBA-4780-B9DD-CCE410FC4333}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio) FirewallRules: [UDP Query User{1C719113-DBC8-459C-A378-049E5E9F2AE1}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio) FirewallRules: [TCP Query User{8C123EB7-4324-4FB2-B555-80DBD8D45C04}D:\games\call of duty modern warfare beta\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare beta\modernwarfare.exe => Keine Datei FirewallRules: [UDP Query User{BFE97955-8B80-4BF2-8FBD-E67C8AD979FA}D:\games\call of duty modern warfare beta\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare beta\modernwarfare.exe => Keine Datei FirewallRules: [{9161AB76-A543-4723-B946-88D95CFC080C}] => (Allow) D:0\Games\GTA\GTA5.exe => Keine Datei FirewallRules: [{EB526D5A-CDB3-447F-B921-8DFC2CCDBBB8}] => (Allow) D:0\Games\GTA\GTA5.exe => Keine Datei FirewallRules: [TCP Query User{57F7B42D-4450-4E4A-A0DB-B4B7B3D3B115}D:0\games\blizzard\call of duty modern warfare beta\modernwarfare.exe] => (Allow) D:0\games\blizzard\call of duty modern warfare beta\modernwarfare.exe => Keine Datei FirewallRules: [UDP Query User{1E29E870-CDFE-4CDE-8C39-12CD2A3640CD}D:0\games\blizzard\call of duty modern warfare beta\modernwarfare.exe] => (Allow) D:0\games\blizzard\call of duty modern warfare beta\modernwarfare.exe => Keine Datei FirewallRules: [TCP Query User{78D1CE6B-95F2-43B6-9C8E-143DFF54FB83}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [UDP Query User{1F75A990-4E60-4CC0-A118-34E759DBA183}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [TCP Query User{7CB4BE47-7FF1-42B1-A944-9AFA5AC22924}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Adobe Systems Incorporated -> Node.js) FirewallRules: [UDP Query User{69A44C77-4BAA-42F1-918F-A6375F3E9517}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Adobe Systems Incorporated -> Node.js) FirewallRules: [{EE0466C0-B6A9-4590-804C-D1EFF7E3707A}] => (Allow) D:0\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe => Keine Datei FirewallRules: [{16F34876-2DDB-422F-8AFE-BBC5671F1459}] => (Allow) D:0\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe => Keine Datei FirewallRules: [{A49A43B0-68F8-4A66-916C-F37BB3C75C91}] => (Allow) D:0\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe => Keine Datei FirewallRules: [{10A9FD1A-0279-4DEB-B0E9-C486BC71E29C}] => (Allow) D:0\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe => Keine Datei FirewallRules: [{32C3B674-761F-4AAD-B007-9A6CDC4D08C4}] => (Allow) D:0\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei FirewallRules: [{F2FA525D-4FC5-415B-93BC-ED8491E86D07}] => (Allow) D:0\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei FirewallRules: [{05AD1AEC-043A-4E0E-A1F0-A7F32E2DD123}] => (Allow) D:0\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei FirewallRules: [{E6D91587-F546-400C-9EE1-44B1DD636951}] => (Allow) D:0\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => Keine Datei FirewallRules: [{7AFFE630-E58A-4A42-BE22-1D1ECE51CA2B}] => (Allow) D:0\Steam\Steam.exe => Keine Datei FirewallRules: [{BB8F448B-A507-4841-B8E2-1DF4DBBC8D32}] => (Allow) D:0\Steam\Steam.exe => Keine Datei FirewallRules: [{891D64D7-36EE-460C-B9BB-4AD97CD238DA}] => (Allow) D:0\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [{C96F33FE-E1BC-4FE9-90B8-5D0C622FA38E}] => (Allow) D:0\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [{5F568C1B-D162-4954-9719-13081A5E7072}] => (Allow) C:\Users\gnxks\STEAM\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{A041F553-F171-4511-BA8A-A8316068A630}] => (Allow) C:\Users\gnxks\STEAM\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{21A77F9B-6BE1-4E49-9C54-6B221AFAA01D}] => (Allow) C:\Users\gnxks\STEAM\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [{F00BEA9E-EBD9-42C1-BF2A-796692CA8753}] => (Allow) C:\Users\gnxks\STEAM\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [TCP Query User{1736A372-6BA8-4AA6-9323-BF64C2ADEAFE}Z:\programs\jdownloader\jdownloader 2.0\jdownloader2.exe] => (Allow) Z:\programs\jdownloader\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH) FirewallRules: [UDP Query User{2EFCF37D-95CA-43F6-B33A-F6EA2725C79D}Z:\programs\jdownloader\jdownloader 2.0\jdownloader2.exe] => (Allow) Z:\programs\jdownloader\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH) FirewallRules: [TCP Query User{9B7AE623-E8DA-42FE-9B36-3435FB090E52}D:0\games\batmanarkhamasylum\binaries\shippingpc-bmgame.exe] => (Allow) D:0\games\batmanarkhamasylum\binaries\shippingpc-bmgame.exe => Keine Datei FirewallRules: [UDP Query User{0FA7AF1F-4F13-4737-8001-63AF0E92ED2D}D:0\games\batmanarkhamasylum\binaries\shippingpc-bmgame.exe] => (Allow) D:0\games\batmanarkhamasylum\binaries\shippingpc-bmgame.exe => Keine Datei FirewallRules: [{059D4984-5692-43AB-A767-09CF91DF4EAA}] => (Allow) D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{3DEF3662-2CF8-4BCF-A584-8F60CBEF4FCA}] => (Allow) D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [TCP Query User{5CF81CF9-9473-454A-8508-DFC0F836782D}D:0\games\blizzard\call of duty modern warfare beta\call of duty modern warfare\modernwarfare.exe] => (Allow) D:0\games\blizzard\call of duty modern warfare beta\call of duty modern warfare\modernwarfare.exe => Keine Datei FirewallRules: [UDP Query User{F70EE4F2-7777-4FA3-B68F-568ACB98E286}D:0\games\blizzard\call of duty modern warfare beta\call of duty modern warfare\modernwarfare.exe] => (Allow) D:0\games\blizzard\call of duty modern warfare beta\call of duty modern warfare\modernwarfare.exe => Keine Datei FirewallRules: [{C6DB1B3E-2289-4846-A750-BCAD5B33B756}] => (Allow) C:\Program Files\SABnzbd\SABnzbd.exe (The SABnzbd-team) [Datei ist nicht signiert] FirewallRules: [{B8387E77-4645-4B8B-9AD2-3545107321C8}] => (Allow) C:\Program Files\SABnzbd\SABnzbd.exe (The SABnzbd-team) [Datei ist nicht signiert] FirewallRules: [{2697838F-3716-45AF-B252-B61E8F223C8A}] => (Allow) C:\Program Files\SABnzbd\SABnzbd.exe (The SABnzbd-team) [Datei ist nicht signiert] FirewallRules: [TCP Query User{893CB4B8-FA50-4DB0-80B1-3F28BB2E442A}C:\program files (x86)\voipsoftclient.com\voipsoftclient\voipsoftclient.exe] => (Allow) C:\program files (x86)\voipsoftclient.com\voipsoftclient\voipsoftclient.exe => Keine Datei FirewallRules: [UDP Query User{43E24163-04BB-4EEC-A8AA-E040FDAEA666}C:\program files (x86)\voipsoftclient.com\voipsoftclient\voipsoftclient.exe] => (Allow) C:\program files (x86)\voipsoftclient.com\voipsoftclient\voipsoftclient.exe => Keine Datei FirewallRules: [{E354627D-335E-4787-AE5B-5276D928F6E7}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe => Keine Datei FirewallRules: [{1AC3E722-C9DB-4A6C-B11F-1865EDA897EB}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe => Keine Datei FirewallRules: [{FBCB0CB6-5446-43D6-935C-85D53D13B3BF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe => Keine Datei FirewallRules: [{B3A0BFF5-F388-4647-9F3C-F73665DBDBF1}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe => Keine Datei FirewallRules: [{7D5CE3F1-BC2D-4922-BD29-7AFEBA00B9B2}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe => Keine Datei FirewallRules: [{265E1752-D27B-48F8-8452-4200314E071A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe => Keine Datei FirewallRules: [TCP Query User{24063C49-5A54-479A-98B0-A41CAFE01317}C:\program files (x86)\voipsoftclient.com\voipsoftclient\voipsoftclient.exe] => (Allow) C:\program files (x86)\voipsoftclient.com\voipsoftclient\voipsoftclient.exe => Keine Datei FirewallRules: [UDP Query User{7466B699-0970-4ABF-BDCB-C39A2871FE91}C:\program files (x86)\voipsoftclient.com\voipsoftclient\voipsoftclient.exe] => (Allow) C:\program files (x86)\voipsoftclient.com\voipsoftclient\voipsoftclient.exe => Keine Datei FirewallRules: [{407AE218-5ACB-403D-BE58-2212C70A58DF}] => (Allow) C:\Users\gnxks\STEAM\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{0AB0D0A1-CD38-46F0-8E5C-CD22CD6BF3D0}] => (Allow) C:\Users\gnxks\STEAM\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{76CD69CD-B05A-4875-8C83-0A6835739CDA}] => (Allow) D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert] FirewallRules: [{AA83E691-EB4B-44FA-A667-02934159F151}] => (Allow) D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{2370B5AF-4597-43D4-8668-A12DC58FB26B}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert] FirewallRules: [UDP Query User{1AC06499-67E2-40BA-828B-304A4B5BD4A5}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert] FirewallRules: [TCP Query User{AFE476BA-B015-453B-9A1B-453D43F035EF}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> ) FirewallRules: [UDP Query User{DA0C3248-E99A-45E9-BA51-F2D1622265D8}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> ) FirewallRules: [TCP Query User{4F43D953-3CCC-4930-A7EE-CB79FA1A38CB}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe (FileZilla Project) [Datei ist nicht signiert] FirewallRules: [UDP Query User{B39F43B5-A836-4DBE-A85D-085172C37A4C}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe (FileZilla Project) [Datei ist nicht signiert] FirewallRules: [TCP Query User{9A8B1FA0-45BB-4622-BD5B-12A684468BAA}C:\users\gnxks\onedrive\desktop\whatsapp-monitor\whatsapp-monitor.exe] => (Allow) C:\users\gnxks\onedrive\desktop\whatsapp-monitor\whatsapp-monitor.exe => Keine Datei FirewallRules: [UDP Query User{76241496-1136-48AA-A34B-07DB03A2BF02}C:\users\gnxks\onedrive\desktop\whatsapp-monitor\whatsapp-monitor.exe] => (Allow) C:\users\gnxks\onedrive\desktop\whatsapp-monitor\whatsapp-monitor.exe => Keine Datei FirewallRules: [TCP Query User{01AE40A3-E270-472B-B6C6-7FA51859B600}D:0\games\rage mp\server-files\server.exe] => (Allow) D:0\games\rage mp\server-files\server.exe => Keine Datei FirewallRules: [UDP Query User{A0016EAC-2626-409F-A116-8D03DB8D8AD9}D:0\games\rage mp\server-files\server.exe] => (Allow) D:0\games\rage mp\server-files\server.exe => Keine Datei FirewallRules: [{424A4662-A587-4D2E-80F2-C45DEFF43717}] => (Allow) D:0\Games\Grand Theft Auto V\GTA5.exe => Keine Datei FirewallRules: [{0353C19B-5E62-418F-A3B6-B8A018C3AF63}] => (Allow) D:0\Games\Grand Theft Auto V\GTA5.exe => Keine Datei FirewallRules: [TCP Query User{54B0D9CF-DE38-4DD4-B940-185BB9BEF525}D:0\program files\microsoft vs code\code.exe] => (Allow) D:0\program files\microsoft vs code\code.exe => Keine Datei FirewallRules: [UDP Query User{840E5471-B98C-4D22-B9DC-DEC8208F8624}D:0\program files\microsoft vs code\code.exe] => (Allow) D:0\program files\microsoft vs code\code.exe => Keine Datei FirewallRules: [TCP Query User{27787D74-88FE-46F6-97F8-32F3497A5787}C:\users\gnxks\appdata\local\temp\xamarin\xma\broker.local\16.6.000.1055\broker.exe] => (Allow) C:\users\gnxks\appdata\local\temp\xamarin\xma\broker.local\16.6.000.1055\broker.exe => Keine Datei FirewallRules: [UDP Query User{72979A39-36D2-4F11-9764-6824769C1E64}C:\users\gnxks\appdata\local\temp\xamarin\xma\broker.local\16.6.000.1055\broker.exe] => (Allow) C:\users\gnxks\appdata\local\temp\xamarin\xma\broker.local\16.6.000.1055\broker.exe => Keine Datei FirewallRules: [TCP Query User{CBE4A1F3-9CDC-4E59-85C1-8E3309F1AE87}C:\program files (x86)\microsoft visual studio\2019\community\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe] => (Block) C:\program files (x86)\microsoft visual studio\2019\community\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{DFEC3AA4-2A93-4BD4-9441-7730D96E892D}C:\program files (x86)\microsoft visual studio\2019\community\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe] => (Block) C:\program files (x86)\microsoft visual studio\2019\community\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{984CCF6C-59A4-4606-871E-F22317216636}] => (Allow) LPort=5055 FirewallRules: [{12BB34FF-7163-4BE8-B4E9-CB1F0FC3392B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B021EF18-EAD4-4787-87ED-FBFEA1333E91}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0ED147F0-EBC3-43C4-85A3-736C861917B2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C654FCD1-9FE7-43C3-B9AB-577FB22383E2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{EF89998E-4B95-48FC-AA61-A5E13FCDE7D7}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe (Shanghai Yitu Information Technology Co., Ltd. -> ) FirewallRules: [UDP Query User{3F499D4A-40C1-4715-846A-5B5BB287EBDF}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe (Shanghai Yitu Information Technology Co., Ltd. -> ) FirewallRules: [TCP Query User{441EB93C-A626-4235-BCA4-D541376839E4}C:\program files\hue sync\huesync.exe] => (Allow) C:\program files\hue sync\huesync.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.) FirewallRules: [UDP Query User{20877661-75E7-44C9-99E1-760CDEC0723B}C:\program files\hue sync\huesync.exe] => (Allow) C:\program files\hue sync\huesync.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.) FirewallRules: [TCP Query User{D14DA9D5-F339-4228-88A5-5A075DD27330}C:\users\gnxks\appdata\roaming\premid\premid.exe] => (Allow) C:\users\gnxks\appdata\roaming\premid\premid.exe => Keine Datei FirewallRules: [UDP Query User{3320496E-CEA9-4BC3-8D1E-C9C20CB017EC}C:\users\gnxks\appdata\roaming\premid\premid.exe] => (Allow) C:\users\gnxks\appdata\roaming\premid\premid.exe => Keine Datei FirewallRules: [TCP Query User{825EE203-06B9-4CEA-8CEF-D5A06BCF052D}C:\program files (x86)\java\jdk1.8.0_112\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_112\jre\bin\javaw.exe FirewallRules: [UDP Query User{F04D2BF9-0D1C-465D-9FB5-7BE969F2305E}C:\program files (x86)\java\jdk1.8.0_112\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jdk1.8.0_112\jre\bin\javaw.exe FirewallRules: [TCP Query User{B7586E40-FB33-4F43-9AF4-7D7119BE4529}C:\program files\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_251\bin\javaw.exe FirewallRules: [UDP Query User{2507C6FF-3A7A-457A-96BF-7AD738215C69}C:\program files\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_251\bin\javaw.exe FirewallRules: [{B483E099-2762-4E90-ABD7-740D42DE7AF7}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware) FirewallRules: [{896BAEAD-3D76-4655-8A06-1F7780D072A0}] => (Allow) D:\GAMES\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment) FirewallRules: [{59DF957B-1815-4AE8-AD10-156EB1B3C7E1}] => (Allow) D:\GAMES\WATCH_DOGS2\bin_plus\WatchDogs2.exe (Blue Byte GmbH -> Ubisoft Entertainment) FirewallRules: [TCP Query User{98D93378-912F-4087-865B-17F256131E19}C:\program files\hue sync\huesync.exe] => (Allow) C:\program files\hue sync\huesync.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.) FirewallRules: [UDP Query User{6307191C-2452-4815-88E1-8A121AEA63A9}C:\program files\hue sync\huesync.exe] => (Allow) C:\program files\hue sync\huesync.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.) FirewallRules: [{6D26A206-8DCF-42FF-A47D-4AAEC307B909}] => (Allow) LPort=51111 FirewallRules: [{31649CA1-55F7-4506-97A1-9473DC9AE013}] => (Allow) LPort=51112 FirewallRules: [{973F30B6-A5F0-42D6-8292-F8AD3DA09A35}] => (Allow) LPort=51113 FirewallRules: [{B553A28C-2C58-48DD-A801-DB4B31E730E0}] => (Allow) Z:\Programs\steinberg\Cubase10.5.exe (Steinberg Media Technologies GmbH -> Steinberg Media Technologies) FirewallRules: [{C9650FA1-DEDF-4D9E-B5BC-7763AE62A071}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker\28\MusicMaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH) FirewallRules: [TCP Query User{AA9F3EF1-2C37-44D5-957E-50A2F6B46263}C:\users\gnxks\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Block) C:\users\gnxks\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH) FirewallRules: [UDP Query User{A2E8F515-FE37-43BA-B3EE-4F68BC7B4514}C:\users\gnxks\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Block) C:\users\gnxks\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH) FirewallRules: [{F530A9A7-E538-4DF9-8FF2-B9DF4C89CAA7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{ED284790-4252-4844-B361-D7EAED3F52E1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9189FCFD-F226-4710-ADB5-2A5123736345}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C33A5F52-661E-4AA4-93FF-D90C53E5D344}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{BCACC153-7249-4917-A087-23775AB8F3B2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{CEAD3FB4-08AF-4446-AD12-1BD6FE24E28A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{649098C4-9AA8-4448-B55C-254BD002FE22}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{030A6F2F-0590-4857-9FA2-3E255541EC25}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{5762B86C-D641-4E70-81E1-12CF4AF12A39}C:\users\gnxks\appdata\local\programs\python\python38-32\python.exe] => (Allow) C:\users\gnxks\appdata\local\programs\python\python38-32\python.exe (Python Software Foundation -> Python Software Foundation) FirewallRules: [UDP Query User{81FE596F-7B5F-49EE-8BD2-7DB9D20446E5}C:\users\gnxks\appdata\local\programs\python\python38-32\python.exe] => (Allow) C:\users\gnxks\appdata\local\programs\python\python38-32\python.exe (Python Software Foundation -> Python Software Foundation) FirewallRules: [{3B3E693A-7F39-4DA7-BDB6-980FCD713D4C}] => (Allow) C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe (MAGIX Software GmbH -> MAGIX) FirewallRules: [TCP Query User{6DC1279E-93F3-4945-89AC-07FF9C13D3A8}C:\users\gnxks\appdata\local\discordcanary\app-1.0.16\discordcanary.exe] => (Allow) C:\users\gnxks\appdata\local\discordcanary\app-1.0.16\discordcanary.exe => Keine Datei FirewallRules: [UDP Query User{3C73F797-05C4-4800-9588-7962A75D9E41}C:\users\gnxks\appdata\local\discordcanary\app-1.0.16\discordcanary.exe] => (Allow) C:\users\gnxks\appdata\local\discordcanary\app-1.0.16\discordcanary.exe => Keine Datei FirewallRules: [{089667CC-FE25-4D7D-A737-362AE9E71200}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) FirewallRules: [{377AA2D9-5F2E-4A1C-B7D8-AB8E35CC80AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{F1C567D3-8787-4254-999E-0C9BA798018A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{03339700-21A1-43C7-A6E9-84255E615D54}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{A649334A-2715-4621-A26C-2A3FCBFED0E0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{F8CE04A2-662B-4C17-B9AB-8FB068A1AC18}] => (Allow) D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{E0F0241C-A52D-4996-B593-3C089373C10D}] => (Allow) D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [TCP Query User{80453DBC-A30E-4039-8053-E62769F4320A}C:\users\gnxks\appdata\local\discordcanary\app-1.0.20\discordcanary.exe] => (Allow) C:\users\gnxks\appdata\local\discordcanary\app-1.0.20\discordcanary.exe => Keine Datei FirewallRules: [UDP Query User{1BC487D2-8AEE-4D40-85D4-F408EB2C28A5}C:\users\gnxks\appdata\local\discordcanary\app-1.0.20\discordcanary.exe] => (Allow) C:\users\gnxks\appdata\local\discordcanary\app-1.0.20\discordcanary.exe => Keine Datei FirewallRules: [{133DA43F-3479-45F8-9772-E2EBD75D6F75}] => (Allow) D:0\Games\SteamLibrary\steamapps\common\Among Us\Among Us.exe => Keine Datei FirewallRules: [{3AB2D1EB-9762-401D-802C-5D1DA30B150A}] => (Allow) D:0\Games\SteamLibrary\steamapps\common\Among Us\Among Us.exe => Keine Datei FirewallRules: [TCP Query User{2B0D7F96-E529-4218-A2C3-D9DF17EF9E3E}C:\users\gnxks\appdata\local\discordcanary\app-1.0.21\discordcanary.exe] => (Allow) C:\users\gnxks\appdata\local\discordcanary\app-1.0.21\discordcanary.exe => Keine Datei FirewallRules: [UDP Query User{50D105D8-1A8F-4877-8004-1003518CD2EC}C:\users\gnxks\appdata\local\discordcanary\app-1.0.21\discordcanary.exe] => (Allow) C:\users\gnxks\appdata\local\discordcanary\app-1.0.21\discordcanary.exe => Keine Datei FirewallRules: [{EEBE631E-9E42-4DE0-A72A-6DB3F0F017A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E2A43F59-56B8-44A4-A87E-F6BC71FBE416}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8B14FCD9-CFCB-42B2-9336-10D253235EE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{03CC378D-1EE9-41A1-9700-ECF0D6CD2DE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{232504FA-23C4-4F71-A23F-BD7CA04AF342}] => (Allow) D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{4425387C-5605-418B-B243-4DE235E9C9CD}] => (Allow) D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{F32E85CE-55CA-4C48-9915-D55353B9D888}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) FirewallRules: [{840B83AD-C665-44FE-9E7C-2CB516589205}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) FirewallRules: [{8ECAC96B-C56B-435D-B38A-BB43EB7A07DE}] => (Allow) D:0\Games\SteamLibrary\steamapps\common\Business Tour\BusinessTour.exe => Keine Datei FirewallRules: [{AFB4D1B5-7979-4679-AB35-46B7A62BBC2D}] => (Allow) D:0\Games\SteamLibrary\steamapps\common\Business Tour\BusinessTour.exe => Keine Datei FirewallRules: [{E558A9D3-2B66-48C8-B253-1012F3EAC4AE}] => (Allow) D:0\Games\SteamLibrary\steamapps\common\MicrosoftFlightSimulator\FlightSimulator.exe => Keine Datei FirewallRules: [{ABAE65F9-CD10-4AFB-8F7A-93D9BDF76501}] => (Allow) D:0\Games\SteamLibrary\steamapps\common\MicrosoftFlightSimulator\FlightSimulator.exe => Keine Datei FirewallRules: [TCP Query User{6ED1009B-642E-4C9A-B6AF-4CF464C86A03}C:\users\gnxks\appdata\local\programs\developer-rig\twitch developer rig.exe] => (Allow) C:\users\gnxks\appdata\local\programs\developer-rig\twitch developer rig.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) FirewallRules: [UDP Query User{9089C56C-AB8E-4189-BFB4-2E52554E09E6}C:\users\gnxks\appdata\local\programs\developer-rig\twitch developer rig.exe] => (Allow) C:\users\gnxks\appdata\local\programs\developer-rig\twitch developer rig.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) FirewallRules: [{AB614D56-059D-4EB7-A0AB-B95C971D5373}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.7.6.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{4D8BC433-30CB-445B-91BA-2D78EA61A291}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.7.6.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{BE2A666F-4EC2-47AA-A7B6-E87DC1AACCA7}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.7.6.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{20F39BCD-6322-4FF0-868E-BABCF731436B}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.7.6.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [TCP Query User{1EAAFDE3-674C-4E4C-AA5F-C39644A77868}C:\users\gnxks\appdata\local\discordcanary\app-1.0.23\discordcanary.exe] => (Allow) C:\users\gnxks\appdata\local\discordcanary\app-1.0.23\discordcanary.exe => Keine Datei FirewallRules: [UDP Query User{4145E6EA-8DF2-4B5A-8124-1C90ECC066F7}C:\users\gnxks\appdata\local\discordcanary\app-1.0.23\discordcanary.exe] => (Allow) C:\users\gnxks\appdata\local\discordcanary\app-1.0.23\discordcanary.exe => Keine Datei FirewallRules: [TCP Query User{8095824D-3C02-41D6-AA72-EE1F38499094}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS) FirewallRules: [UDP Query User{C43256A3-EAF5-434F-A518-4EC60575243C}C:\program files\obs-studio\bin\64bit\obs64.exe] => (Allow) C:\program files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS) FirewallRules: [{686BD630-2906-4B11-A65C-609FCD0ED5AD}] => (Allow) C:\Users\gnxks\AppData\Local\Programs\Opera\74.0.3911.218\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{F46933CE-84EA-4D22-83A0-D6F737DF0F56}C:\program files (x86)\proxifier\proxifier.exe] => (Allow) C:\program files (x86)\proxifier\proxifier.exe (Initeks, OOO -> Initex) FirewallRules: [UDP Query User{64D1EB96-F443-49EE-948A-A55511522053}C:\program files (x86)\proxifier\proxifier.exe] => (Allow) C:\program files (x86)\proxifier\proxifier.exe (Initeks, OOO -> Initex) FirewallRules: [TCP Query User{B9CC9FC0-7182-4FF5-BD3B-A1AD9E345B23}C:\users\gnxks\appdata\local\programs\developer-rig\twitch developer rig.exe] => (Allow) C:\users\gnxks\appdata\local\programs\developer-rig\twitch developer rig.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) FirewallRules: [UDP Query User{E92F485C-13A2-4162-9475-E4171A1A42A4}C:\users\gnxks\appdata\local\programs\developer-rig\twitch developer rig.exe] => (Allow) C:\users\gnxks\appdata\local\programs\developer-rig\twitch developer rig.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) FirewallRules: [TCP Query User{66B859B4-5DB9-4FD4-8E61-D84A41CC9A7D}D:0\games\grand theft auto v\gta5.exe] => (Block) D:0\games\grand theft auto v\gta5.exe => Keine Datei FirewallRules: [UDP Query User{C7E18EAD-9F29-44BB-845D-2BBE4DE3E60B}D:0\games\grand theft auto v\gta5.exe] => (Block) D:0\games\grand theft auto v\gta5.exe => Keine Datei FirewallRules: [{93906B66-4C3D-45FD-B78C-9C334837C3C4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{7C1B8AA1-2FBD-4B28-B4EB-6069B3FA9570}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{8F832F10-4B2D-45D9-AF2C-E98EACC74BE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{31FA77AA-8AB5-465F-BE09-8AD009708E1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E346914D-7B4B-4C3F-999D-414D7B83429F}] => (Allow) D:0\Games\SteamLibrary\steamapps\common\Among Us\Among Us.exe => Keine Datei FirewallRules: [{35EEE92A-E7DD-43CC-9B4C-147D8EB975AB}] => (Allow) D:0\Games\SteamLibrary\steamapps\common\Among Us\Among Us.exe => Keine Datei FirewallRules: [{6B99B9CB-B224-455F-8879-0F4605387758}] => (Allow) D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{8582030B-CB66-4691-8460-8BA13D99AF2F}] => (Allow) D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{6E70C736-7D1F-49B1-85CE-A5CC26B857BC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{7F633590-EB7E-41A3-9A22-B473DAAE586F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{A2869939-4F5D-46A0-A031-99C01EAED800}] => (Allow) C:\Users\gnxks\AppData\Local\Programs\Opera GX\73.0.3856.421\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{B0D4FCE5-2912-4995-99D6-990791828C78}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{3BAAE0CF-FFE6-4775-9588-4F68BC2C7D35}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{BC6F2B92-4193-4157-96E9-B1AC2C77F351}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{287238A6-A56A-4EDA-9C73-AD57010F7C89}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4042E771-5B7E-4F85-AA24-343B2B546BCB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{854F6360-EFB8-43AD-996E-ECB416D0CDEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{23D24185-F1F2-4E9F-B7FA-2BF824601815}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9F4F2761-6B61-4584-8CF4-2379F54D07B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F45B2FBD-FFFC-4835-8C58-F3622AEE07C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{44CD4982-EBEB-48FA-928D-0D7B2B99440B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BE963CC6-C6B0-45A6-A6D9-5D9B7F54470D}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{AD4A7F50-6C40-4115-8959-B5E4972108E1}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) FirewallRules: [{5620C35C-2B89-4EEB-B894-C16CE2E6ED82}] => (Allow) C:\Users\gnxks\AppData\Local\Programs\Opera GX\73.0.3856.424\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{E0E42EE4-02E8-4994-9205-A58743172E2C}C:\users\gnxks\appdata\local\programs\nordpass\nordpass.exe] => (Allow) C:\users\gnxks\appdata\local\programs\nordpass\nordpass.exe (TEFINCOM S.A. -> NordPass Team) FirewallRules: [UDP Query User{70F9DC69-F4EB-4885-8FCD-E708F4896663}C:\users\gnxks\appdata\local\programs\nordpass\nordpass.exe] => (Allow) C:\users\gnxks\appdata\local\programs\nordpass\nordpass.exe (TEFINCOM S.A. -> NordPass Team) FirewallRules: [{85646343-F5C1-4BAD-99FF-85679F8E1D26}] => (Allow) C:\Users\gnxks\AppData\Local\Programs\Opera\75.0.3969.149\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{34A7331E-DAE4-4959-B788-37D423DE4F8A}] => (Allow) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{5A94478E-A058-4721-AE7F-4F034B2AB116}C:\users\gnxks\appdata\local\discordcanary\app-1.0.28\discordcanary.exe] => (Block) C:\users\gnxks\appdata\local\discordcanary\app-1.0.28\discordcanary.exe (Discord Inc. -> Discord Inc.) FirewallRules: [UDP Query User{4F3422A4-3A5A-435C-9F61-239C2DA3206F}C:\users\gnxks\appdata\local\discordcanary\app-1.0.28\discordcanary.exe] => (Block) C:\users\gnxks\appdata\local\discordcanary\app-1.0.28\discordcanary.exe (Discord Inc. -> Discord Inc.) DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server ==================== Wiederherstellungspunkte ========================= 09-04-2021 19:02:34 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (04/10/2021 06:10:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: iCUE.exe, Version: 3.32.80.0, Zeitstempel: 0x5f354c18 Name des fehlerhaften Moduls: iCUE.dll, Version: 3.32.80.0, Zeitstempel: 0x5f354be5 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00d9ea36 ID des fehlerhaften Prozesses: 0x16e8 Startzeit der fehlerhaften Anwendung: 0x01d72e23ffb77a94 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.dll Berichtskennung: 634cbae1-d9cc-48da-aabd-3350f457e03b Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/10/2021 06:02:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: webwallpaper32.exe, Version: 0.0.0.0, Zeitstempel: 0x60213619 Name des fehlerhaften Moduls: libcef.dll, Version: 83.3.12.0, Zeitstempel: 0x5ed5980d Ausnahmecode: 0x80000003 Fehleroffset: 0x01ce55a5 ID des fehlerhaften Prozesses: 0x1d38 Startzeit der fehlerhaften Anwendung: 0x01d72e22ea0246a2 Pfad der fehlerhaften Anwendung: D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe Pfad des fehlerhaften Moduls: D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\wallpaper_engine\bin\libcef.dll Berichtskennung: f6082c23-bc6f-4401-abb8-9b253aa290bb Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/10/2021 01:27:49 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (04/10/2021 01:27:49 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (04/10/2021 12:32:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: SecurityHealthService.exe, Version: 4.18.1907.16384, Zeitstempel: 0xba94ffe3 Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.844, Zeitstempel: 0x60a6ca36 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000fef89 ID des fehlerhaften Prozesses: 0x40bc Startzeit der fehlerhaften Anwendung: 0x01d72d3729e2e0d1 Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\SecurityHealthService.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll Berichtskennung: 83b899e0-617f-43bb-9eb5-729565c5c7ce Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (04/09/2021 05:10:23 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Das Programm FL64.exe Version 20.7.2.1852 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 631c Startzeit: 01d72d511df9931f Beendigungszeit: 11 Anwendungspfad: D:\FL Stu\FL64.exe Bericht-ID: 610300d5-1fee-498b-a764-a70d6ba7eb77 Vollständiger Name des fehlerhaften Pakets: Relative Anwendungs-ID des fehlerhaften Pakets: Absturztyp: Unknown Error: (04/09/2021 02:01:51 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht. . Vorgang: Asynchroner Vorgang wird ausgeführt Kontext: Aktueller Status: DoSnapshotSet Error: (04/08/2021 11:29:33 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Systemfehler: ============= Error: (04/10/2021 06:22:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "IntelHaxm" wurde aufgrund folgenden Fehlers nicht gestartet: Ein an das System angeschlossenes Gerät funktioniert nicht. Error: (04/10/2021 06:22:32 PM) (Source: IntelHaxm) (EventID: 3) (User: ) Description: HAXM Failed to init VMX Error: (04/10/2021 06:22:32 PM) (Source: IntelHaxm) (EventID: 6) (User: ) Description: HAXM can't work on system without VT support Error: (04/10/2021 06:22:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "LMS" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (04/10/2021 06:22:21 PM) (Source: VBoxNetLwf) (EventID: 12) (User: ) Description: Der Treiber hat einen internen Treiberfehler auf \Device\VBoxNetLwf gefunden. Error: (04/10/2021 06:22:21 PM) (Source: VBoxNetLwf) (EventID: 12) (User: ) Description: Der Treiber hat einen internen Treiberfehler auf \Device\VBoxNetLwf gefunden. Error: (04/10/2021 06:22:21 PM) (Source: VBoxNetLwf) (EventID: 12) (User: ) Description: Der Treiber hat einen internen Treiberfehler auf \Device\VBoxNetLwf gefunden. Error: (04/10/2021 06:21:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 1002 07/02/2018 Hauptplatine: ASUSTeK COMPUTER INC. ROG STRIX Z370-F GAMING Prozessor: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz Prozentuale Nutzung des RAM: 52% Installierter physikalischer RAM: 16319.36 MB Verfügbarer physikalischer RAM: 7671.13 MB Summe virtueller Speicher: 35775.36 MB Verfügbarer virtueller Speicher: 23005.38 MB ==================== Laufwerke ================================ Drive a: () (Fixed) (Total: ? GB) (Free: ? GB) (Protected) (Locked) Drive c: (Windows SSD) (Fixed) (Total:461.37 GB) (Free:92.59 GB) NTFS Drive d: (HDD) (Fixed) (Total:1863.02 GB) (Free:1466.4 GB) NTFS Drive m: (M.2 SSD) (Fixed) (Total:465.75 GB) (Free:149.57 GB) NTFS Drive o: (VOLUME) (Fixed) (Total:0.97 GB) (Free:0.97 GB) FAT32 Drive y: (8i) (Fixed) (Total:463.87 GB) (Free:309.22 GB) NTFS Drive z: (9i) (Fixed) (Total:467.64 GB) (Free:69.64 GB) NTFS \\?\Volume{629458e4-0000-0000-0000-010000000000}\ (PortableBaseLayer) (Fixed) (Total:8 GB) (Free:7.51 GB) NTFS \\?\Volume{37de8a6e-2c52-4dc7-a83e-73775c264181}\ (EFI) (Fixed) (Total:1.46 GB) (Free:1.43 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 1863 GB) (Disk ID: 869A87C2) Partition: GPT. ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 3AB1AA5C) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 3 (Size: 465.8 GB) (Disk ID: 869A86DE) Partition: GPT. ========================================================== Disk: 4 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 5 (MBR Code: Windows 7/8/10) (Size: 8 GB) (Disk ID: 629458E4) Partition 1: (Not Active) - (Size=8 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ======================= |
10.04.2021, 17:40 | #26 |
| Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer?Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 10-04-2021 durchgeführt von K1992 (Administrator) auf DANIEL (10-04-2021 18:25:53) Gestartet von C:\Users\gnxks\Downloads Geladene Profile: K1992 Platform: Windows 10 Pro Version 20H2 19042.867 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () [Datei ist nicht signiert] C:\Program Files (x86)\Kinoni\EpocCam\KinoniSvc.exe () [Datei ist nicht signiert] C:\Program Files\Antares Audio Technologies\Antares Central Services.exe () [Datei ist nicht signiert] C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1612970385045.exe () [Datei ist nicht signiert] C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe () [Datei ist nicht signiert] C:\Users\gnxks\AppData\Local\Programs\Chatterino\chatterino.exe (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2> (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe (Discord Inc. -> Discord Inc.) C:\Users\gnxks\AppData\Local\DiscordCanary\app-1.0.28\DiscordCanary.exe <6> (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <6> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <24> (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7c484f80872e1cd8\jhi_service.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_1e5aa28740c131d2\RstMwService.exe (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe (MAGIX Software GmbH -> MAGIX) C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe (MAGIX Software GmbH -> simplitec GmbH) C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2020\Autopilot.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (PLARIUM GLOBAL LTD. -> ) C:\Users\gnxks\AppData\Local\Plarium\PlariumPlay\6.2.0-0.0.0\TrayPP.exe (PLARIUM GLOBAL LTD. -> Plarium) C:\Users\gnxks\AppData\Local\Plarium\PlariumPlay\6.2.0-0.0.0\PlariumPlay.exe <4> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.) C:\Program Files\Hue Sync\HueSync.exe (Skutta, Kristjan -> ) D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\wallpaper_engine\bin\ui32.exe <4> (Skutta, Kristjan -> ) D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper64.exe (Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe <5> (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe (Tonalio GmbH -> sandboxie-plus.com) D:\HACKS\Sandbox\SbieSvc.exe (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-08-13] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-03-12] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-05] (Adobe Inc. -> ) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5484392 2021-03-03] (Tonec Inc. -> Tonec Inc.) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680720 2021-03-12] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [917200 2020-11-17] (Nota,Inc. -> Nota Inc.) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [9011648 2019-12-23] (Binary Fortress Software Ltd -> Binary Fortress Software) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [PreMiD] => "C:\Users\gnxks\AppData\Roaming\PreMiD\PreMiD.exe" --hidden HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-03-06] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> ) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [PlariumPlay] => C:\Users\gnxks\AppData\Local\Plarium\PlariumPlay\PlariumPlay --args -run-with-os HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [WallpaperEngine] => D:\GAMES\Steam BACKUP\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper64.exe [3531880 2021-02-16] (Skutta, Kristjan -> ) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [HueSync] => C:\Program Files\Hue Sync\HueSync.exe [17515400 2020-12-16] (Signify Netherlands B.V. -> Signify Netherlands B.V.) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [QMxNetworkSync] => C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe [1151744 2020-08-24] (MAGIX Software GmbH -> MAGIX) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [Opera Browser Assistant] => C:\Users\gnxks\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [Chatterino] => C:\Users\gnxks\AppData\Local\Programs\Chatterino\chatterino.exe [4754944 2020-11-17] () [Datei ist nicht signiert] HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10398376 2021-01-28] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [DiscordCanary] => C:\Users\gnxks\AppData\Local\DiscordCanary\Update.exe [1512040 2021-02-25] (Discord Inc. -> GitHub) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [Discord] => C:\Users\gnxks\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [Opera GX Browser Assistant] => C:\Users\gnxks\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [Proxifier] => C:\Program Files (x86)\Proxifier\Proxifier.exe [6660016 2021-03-03] (Initeks, OOO -> Initex) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [GoogleChromeAutoLaunch_61793B35B632BA2286F49DD9D1C0CA79] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [SandboxieControl] => "D:\HACKS\Sandbox\SbieCtrl.exe" HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [274176 2021-01-18] (TEFINCOM S.A. -> TEFINCOM S.A.) HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\RunOnce: [Application Restart #6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 --flag-switches-begin --disable-quic --enable-smooth-scrolling --enable-features=AutofillShowTypePrediction (Der Dateneintrag hat 229 mehr Zeichen). HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 --flag-switches-begin --disable-quic --enable-smooth-scrolling --enable-features=AutofillShowTypePrediction (Der Dateneintrag hat 244 mehr Zeichen). HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Policies\Explorer: [NoInstrumentation] 1 HKLM\...\Providers\Internet Print Provider: inetpp.dll HKLM\...\Providers\LanMan Print Services: win32spl.dll HKLM\...\Print\Monitors\Appmon: AppMon.dll HKLM\...\Print\Monitors\HP C211 Status Monitor: hpinkstsC211LM.dll HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): HPDiscoPMC211.dll HKLM\...\Print\Monitors\Local Port: localspl.dll HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: FXSMON.DLL HKLM\...\Print\Monitors\PDF-XChange Standard Port Monitor: C:\WINDOWS\system32\pxcpm.dll [2147584 2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) HKLM\...\Print\Monitors\Standard TCP/IP Port: tcpmon.dll HKLM\...\Print\Monitors\USB Monitor: usbmon.dll HKLM\...\Print\Monitors\WSD Port: APMon.dll HKLM\Software\Microsoft\Active Setup\Installed Components: [{8237E44A-0054-442C-B6B6-EA0509993955}] -> C:\Program Files (x86)\Google\Chrome Beta\Application\90.0.4430.61\Installer\chrmstp.exe [2021-04-07] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\89.1.22.71\Installer\chrmstp.exe [2021-04-01] (Brave Software, Inc. -> Brave Software, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3E048AC137B9}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\SysWOW64\wlgpclnt.dll [2020-09-11] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{169EBF44-942F-4C43-87CE-13C93996EBBE}] -> C:\Windows\SysWOW64\AppManagementConfiguration.dll [2021-01-15] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\SysWOW64\fdeploy.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{2BFCC077-22D2-48DE-BDE1-2F618D9B476D}] -> C:\Windows\SysWOW64\AppManagementConfiguration.dll [2021-01-15] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> C:\Windows\SysWOW64\dmenrollengine.dll [2021-03-13] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2020-09-02] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] -> hvsigpext.dll HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\SysWOW64\dot3gpclnt.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> C:\Windows\SysWOW64\appmgmts.dll [2020-10-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{F312195E-3D9D-447A-A3F5-08DFFA24735E}] -> dggpext.dll HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\SysWOW64\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{FC491EF1-C4AA-4CE1-B329-414B101DB823}] -> dggpext.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2021-01-01] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update UWP App.lnk [2019-03-23] ShortcutAndArgument: Update UWP App.lnk -> C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe => -WindowStyle Hidden -NoLogo -NonInteractive -InputFormat None -NoProfile -ExecutionPolicy Bypass -Command "& 'C:\Program Files (x86)\LastPass\AppxUpgrade.ps1' -PackagePath 'C:\Program Files (x86)\LastPass\lpwinmetro.appxbundle' -PackageName 'LastPass.LastPass Startup: C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iCUE.lnk [2019-09-21] ShortcutTarget: iCUE.lnk -> C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) Startup: C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\log.txt [2021-04-06] () Startup: C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wallpaper32.exe [2019-09-28] (Kristjan Skutta -> ) GroupPolicy: Beschränkung ? <==== ACHTUNG HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0106E90F-57D0-4E44-9A82-CF3F0C2F26A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-19] (Google Inc -> Google Inc.) Task: {02398F6D-5B3C-4669-9DE0-43AB0C8A08C7} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6896800 2020-11-17] (Nota,Inc. -> Nota Inc.) Task: {08C931ED-7BAC-431E-A77C-439CDB2E130A} - System32\Tasks\sartorial ecologically marshallingsartorial ecologically marshalling => C:\Users\gnxks\AppData\Local\Boaster.exe Task: {0A50E67E-8040-45E3-AC54-26E610654AA7} - System32\Tasks\presets rozenpresets rozen => C:\Program Files (x86)\Kefauver\Unruffled.exe Task: {19094E1F-D621-48E8-ACA2-A486360F85D2} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1E03D216-BD54-4C68-927F-54D824B16858} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2216A62B-D7AF-4652-8B7D-05635CAF3017} - System32\Tasks\ZhangWoZheC12-TaskPlan => C:\Program Files\ZELOTES MOUSE (C-12)\ZELOTES(C-12).exe Task: {27A02945-C013-4D94-8191-5AD75C8BCF26} - System32\Tasks\danto-zeroeddanto-zeroed => C:\Program Files (x86)\lees\Unruffled.exe Task: {2CAEB079-F779-4A1A-9FD7-0B7643FB9A84} - System32\Tasks\Opera GX scheduled Autoupdate 1591363623 => C:\Users\gnxks\AppData\Local\Programs\Opera GX\launcher.exe [1720472 2021-03-31] (Opera Software AS -> Opera Software) Task: {37D1A31E-BFCA-42E3-ADE0-65B01034BD45} - System32\Tasks\Opera scheduled assistant Autoupdate 1576864332 => C:\Users\gnxks\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\gnxks\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {38402431-47D9-4590-89D6-686671F7FEBF} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe Task: {3DBAC250-A56C-4EBE-88D5-AFE69FA1C7C9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation) Task: {40BCE62A-1ACE-44DD-AAA8-4795E96B3702} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3660232 2020-02-17] (Easeware Technology Limited -> Easeware) Task: {428623A4-A7A0-48DF-8F86-68C944D9F1AD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4AE9343A-A1F0-4DA3-8083-E96B14D0BDAE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4F344803-33ED-46BD-8933-4B2663543E27} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform) Task: {52324BF7-F973-4E45-8604-7DF6D563B931} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-2402965086-3410531683-3514658406-1005 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23472 2020-05-19] (Microsoft Corporation -> Microsoft) Task: {5B4D47E4-D1F5-475D-876C-EC5813566865} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-08] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {5C284F6B-D398-4C9A-B043-5FB20CE5B91D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe Task: {5EEC591D-D363-4FE0-8FB6-C0563E8A9D14} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation) Task: {60D5D834-8D0B-415C-B30F-12014E0DACE4} - System32\Tasks\MAGIX PC Check & Tuning 2020 (Autopilot.exe) => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2020\Autopilot.exe [1754696 2019-07-22] (MAGIX Software GmbH -> simplitec GmbH) Task: {66A8D936-D160-43F9-A20D-83D3E347F114} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6755313D-6338-43F6-AD6D-5D79B0536776} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {69B5C771-2F2E-4225-BB02-DC28318FDC17} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6F55A292-61C8-4F1C-8DA9-936600248CE9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7B916094-9CDF-4857-9623-FEFF824E655F} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-08] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {7C4E1769-E525-4768-9D3C-8F674932CF74} - System32\Tasks\Opera scheduled Autoupdate 1540659554 => C:\Users\gnxks\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software) Task: {7CE58D19-6B1F-4FBF-A40E-276517EC24EA} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [744968 2019-03-01] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {80D1BB67-A738-45CE-A889-710C86FE5E3A} - System32\Tasks\Opera scheduled Autoupdate 1537686832 => C:\Users\gnxks\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-01] (Opera Software AS -> Opera Software) Task: {81B5E6E8-B450-4366-B016-06FB495BF222} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.) Task: {84AE3A01-F928-463E-B33B-284496BE7A03} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {8526A9C4-6A2D-4528-BA84-AEF463449F52} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {8C2D8998-1E79-4D2A-AE4D-E04ED149AEEB} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXAutoUpdate.exe [208752 2020-05-19] (Microsoft Corporation -> ) Task: {8CB81A13-AB89-4E2E-88A2-7EE3F4C8775E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2402965086-3410531683-3514658406-500 => C:\Users\gnxks\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {8F648B96-83FF-41AF-9E94-A8690FADE1FD} - System32\Tasks\MAGIX PC Check & Tuning 2020 => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2020\PCCT.exe [2449992 2019-07-22] (MAGIX Software GmbH -> MAGIX Software GmbH) Task: {933F6584-43EE-4E0A-945D-589B9E6761FC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe Task: {95D81D41-D3D0-4323-A285-1260C5E16148} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {97E29870-6A75-4BA3-8F0C-4E43491260C8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {9BD5D49C-453B-48F6-A3AA-5EC0F6232A38} - System32\Tasks\venial_weisvenial_weis => C:\Program Files (x86)\Kefauver\Boaster.exe Task: {AB05B368-13F7-468A-9B30-E553C06B5449} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [38400 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Task: {AF0FE55C-49DD-4602-9014-8AC6221A5FFD} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615903302 => C:\Users\gnxks\AppData\Local\Programs\Opera GX\launcher.exe [1720472 2021-03-31] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\gnxks\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {B5ECE740-A749-4791-8882-0AB3C81D997B} - System32\Tasks\G2MUploadTask-S-1-5-21-2402965086-3410531683-3514658406-1004 => C:\Users\gnxks\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-04] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {B74A4D2C-C51D-4B33-A18D-8249CFBB83B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-19] (Google Inc -> Google Inc.) Task: {BCB9FC0A-7D14-4A49-998F-7C9AA99E455F} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\IntelPTTEKRecertification.exe [919832 2021-02-15] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {BD1F2D7F-0821-41DC-A5AF-837856604DB0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CE95F1D6-892B-440F-8422-77430AA6FDF4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D0111449-62A3-43BF-BA7B-FDFDCFEAE198} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D0A9D2BB-52F6-46C2-9C24-ECF56C62F604} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {D1D2A371-BB0A-46BA-863D-8A25DA5FD429} - System32\Tasks\Microsoft\Windows\Secondary Authentication Factor\BackgroundTaskDeployment => C:\WINDOWS\System32\DeviceCredentialDeployment.exe [82432 2021-01-15] (Microsoft Windows -> Microsoft Corporation) Task: {D3E7E47B-4965-4277-9644-A2557D3C085A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-01-30] (Mozilla Corporation -> Mozilla Foundation) Task: {DA2AD96D-464F-48F6-B60C-1D440F197720} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E305393D-CD51-49FD-AA36-8FA1B93C8DB2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe Task: {E83092EA-1A06-4BE8-AEA9-9783419F235C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {E8B748A7-9672-4ABC-886E-1F96474D204F} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6896800 2020-11-17] (Nota,Inc. -> Nota Inc.) Task: {EC0DEAD1-F4B1-4D1D-8A6C-7C2D05F37F91} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Task: {EEA2F8C6-5154-42D2-9625-4ECA984044AD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-09] (Microsoft Corporation -> Microsoft Corporation) Task: {EF107803-57EA-4382-BCA3-BAE26A64E473} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-2402965086-3410531683-3514658406-1004 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [23472 2020-05-19] (Microsoft Corporation -> Microsoft) Task: {F67786C0-C38E-45EE-B85F-7CD6996D0D96} - System32\Tasks\LastPassUpdater => C:\Program Files (x86)\LastPass\Updater\Updater.exe [2865552 2019-03-21] (LogMeIn, Inc. -> ) Task: {FA449228-C584-4E77-B501-4AA156008246} - System32\Tasks\G2MUpdateTask-S-1-5-21-2402965086-3410531683-3514658406-1004 => C:\Users\gnxks\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-04] (LogMeIn, Inc. -> LogMeIn, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2402965086-3410531683-3514658406-1004.job => C:\Users\gnxks\AppData\Local\GoToMeeting\19598\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2402965086-3410531683-3514658406-1004.job => C:\Users\gnxks\AppData\Local\GoToMeeting\19598\g2mupload.exe Task: C:\WINDOWS\Tasks\MAGIX PC Check & Tuning 2020 (Autopilot.exe).job => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2020\Autopilot.exe C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2020\DANIEL\K1992-MAGIX PC Check & Tuning 2020 (Autopilot.exe Task: C:\WINDOWS\Tasks\MAGIX PC Check & Tuning 2020.job => C:\Program Files (x86)\MAGIX\MAGIX PC Check & Tuning 2020\PCCT.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [44128 2020-08-11] (VMware, Inc. -> VMware, Inc.) Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [44128 2020-08-11] (VMware, Inc. -> VMware, Inc.) Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [48224 2020-08-11] (VMware, Inc. -> VMware, Inc.) Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [48224 2020-08-11] (VMware, Inc. -> VMware, Inc.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{86af3e41-a25f-4a31-a897-a8329e43f830}: [DhcpNameServer] 192.168.2.1 Edge: ======= Edge Extension: (Kein Name) -> EdgeExtension_TonecIncIDMIntegrationModule_e7b5mm5d3r6v2 => C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2019-04-09] Edge Extension: (Kein Name) -> hdokiejnpimakedhajhdlcegeplioahd_LastPassLastPassFreePasswordManager_qq0fmhteeht3j => C:\Program Files\WindowsApps\LastPass.LastPassFreePasswordManager_4.29.0.0_neutral__qq0fmhteeht3j [2019-06-08] Edge Profile: C:\Users\gnxks\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-10] Edge Extension: (LastPass: Free Password Manager) - C:\Users\gnxks\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2021-04-09] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\gnxks\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-09] Edge Extension: (IDM Integration Module) - C:\Users\gnxks\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-04-09] Edge Extension: (IDM Integration Module) - C:\Users\gnxks\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-04-09] Edge HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2021-03-05] Edge HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-05] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: l2px8do5.default FF DefaultProfile: gbfvkn07.default-1566082662414 FF ProfilePath: C:\Users\gnxks\AppData\Roaming\ParseHub\parsehub\Profiles\l2px8do5.default [2019-03-31] FF Extension: (ParseHub) - C:\Users\gnxks\AppData\Roaming\ParseHub\parsehub\Profiles\l2px8do5.default\Extensions\parsehub2@parsehub.com.xpi [2019-03-31] [] [ist nicht signiert] FF Extension: (Kein Name) - Z:\Websites\browser\extensions\install@parsehub.com.xpi [nicht gefunden] FF ProfilePath: C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781 [2021-02-21] FF Extension: (MySessions) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\balyaev@gmail.com.xpi [2020-11-04] FF Extension: (Browsec VPN - Free VPN for Firefox) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\browsec@browsec.com.xpi [2021-01-30] FF Extension: (cliget) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\cliget@zaidabdulla.com.xpi [2021-01-30] FF Extension: (Tampermonkey) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\firefox@tampermonkey.net.xpi [2020-11-04] FF Extension: (FoxyProxy Standard) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\foxyproxy@eric.h.jung.xpi [2020-11-04] FF Extension: (Tab Reloader (page auto refresh)) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\jid0-bnmfwWw2w2w4e4edvcdDbnMhdVg@jetpack.xpi [2020-11-04] FF Extension: (Turbo Download Manager (3rd edition)) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\jid0-dsq67mf5kjjhiiju2dfb6kk8dfw@jetpack.xpi [2021-01-30] FF Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi [2021-01-30] FF Extension: (To Google Translate) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11] FF Extension: (download-helper) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\jid1-i6dUGvCrz2WZu8@jetpack.xpi [2021-01-30] FF Extension: (Privacy Badger) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-01-30] FF Extension: (Dark Background and Light Text) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\jid1-QoFqdK4qzUfGWQ@jetpack.xpi [2020-11-04] FF Extension: (Double-click Image Downloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\jid1-xgtdawe3yyUeBQ@jetpack.xpi [2021-01-30] FF Extension: (ScrollAnywhere) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\juraj.masiar@gmail.com_ScrollAnywhere.xpi [2021-01-30] FF Extension: (Link Analyzer) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\link-analyzer@damufo.xpi [2020-11-04] FF Extension: (NordVPN #1 VPN Extension: Get VPN for Firefox) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\nordvpnproxy@nordvpn.com.xpi [2021-01-30] FF Extension: (Open Multiple URLs) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\openmultipleurls@ustat.de.xpi [2020-11-04] FF Extension: (PageExpand) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\PageExpand@hakuhin.jp.xpi [2020-11-04] FF Extension: (HTTP Directory Downloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\rushikesh988-4@gmail.com.xpi [2020-11-04] FF Extension: (LastPass: Free Password Manager) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\support@lastpass.com.xpi [2020-11-04] FF Extension: (Wildfire) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\support@wildfire.ai.xpi [2020-11-04] FF Extension: (tumblr Downloader Professional) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\tumblrS@link64.xpi [2020-11-04] FF Extension: (User-Agent Switcher) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\user-agent-switcher@ninetailed.ninja.xpi [2021-01-30] FF Extension: (minerBlock) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\xd4rker@gmail.com.xpi [2020-11-04] FF Extension: (Imagus) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2020-11-04] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (Download with JDownloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{03e07985-30b0-4ae0-8b3e-0c7519b9bdf6}.xpi [2021-01-30] FF Extension: (Popupblocker) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{05ce2135-ced2-4272-97b0-c00c00a93355}.xpi [2020-11-04] FF Extension: (PH Downloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{0adb7d9f-4f8a-43db-890a-5421cd153986}.xpi [2020-11-07] FF Extension: (Dark Mode) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{174b2d58-b983-4501-ab4b-07e71203cb43}.xpi [2021-01-30] FF Extension: (UI.Vision RPA) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{190d04a6-e387-4f5b-9751-e0d222cf8275}.xpi [2021-01-30] FF Extension: (M3U Playlist Converter) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{2755cbda-50f7-4cfe-a497-8585df5be40f}.xpi [2020-11-04] FF Extension: (A powerful reverse image search tool, with support for various search engines, such as Google, Bing, Yandex, Baidu and TinEye.) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c}.xpi [2021-01-30] FF Extension: (Link Extractor) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{32234610-80fa-4bc1-9cef-183abea3f3b2}.xpi [2020-11-04] FF Extension: (Download All Images) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2020-11-04] FF Extension: (AddToAny: Share Anywhere) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{35d49e56-0142-4a7b-82a8-6ace7d28ff92}.xpi [2020-11-04] FF Extension: (4chan Image Expander & Saver) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{3859d492-cbb8-4ce1-a1c2-d9394ea829df}.xpi [2020-11-04] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (Download Images From Tabs) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{45ee564a-8d3a-4efa-92cc-8ff5db92bf93}.xpi [2020-11-04] FF Extension: (Web Scraper - Free Web Scraping) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{4d22c3b5-8248-4431-ad99-90b1443de5ee}.xpi [2020-11-04] FF Extension: (Bulk Image Downloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi [2020-11-04] FF Extension: (SingleFile) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{531906d3-e22f-4a6c-a102-8057b88a1a63}.xpi [2021-01-30] FF Extension: (Don't touch my tabs! (rel=noopener)) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{6b938c0c-fc53-4f27-805f-619778631082}.xpi [2020-11-04] FF Extension: (Open in VLC™ media player) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{6b954d17-d17c-4a19-8fe6-ee8052a562d6}.xpi [2020-11-04] FF Extension: (NoScript) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-01-30] FF Extension: (iMacros for Firefox) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}.xpi [2020-11-04] FF Extension: (Kein Name) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{8b344d1d-265c-4d48-8418-0b522359bad2}.xpi [2020-11-08] FF Extension: (List open tab URLs) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{92e1f589-b2de-4ad6-bcd5-95ab0699a4fb}.xpi [2020-11-04] FF Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-01-30] FF Extension: (Reddit Minimizer) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{9b76f004-d8fb-46f5-9ce9-47c5412b47ec}.xpi [2020-11-04] FF Extension: (User-Agent Switcher and Manager) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{a6c4a591-f1b2-4f03-b3ff-767e5bedf4e7}.xpi [2021-01-30] FF Extension: (Selenium IDE) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}.xpi [2020-11-04] FF Extension: (Private Video Downloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{b9a672d6-0a2c-470e-9bed-1ca2e2a900c5}.xpi [2020-11-04] FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-01-30] FF Extension: (Video DownloadHelper) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-01-30] FF Extension: (Popup blocker for FF: Poper Blocker) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{bee8b1f2-823a-424c-959c-f8f76c8b2306}.xpi [2020-11-17] FF Extension: (Bulk URL Opener) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{c5b32a48-5514-4a46-81f2-075ebf3cbc29}.xpi [2021-01-30] FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-30] FF Extension: (NZBDonkey) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{dd77cf0b-b93f-4e9f-8006-b642c02219db}.xpi [2020-11-04] FF Extension: (DownThemAll!) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2020-11-04] FF Extension: (iDM Integration Extension) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{ed9a84e6-a04e-4d97-ad7e-b7414f2912eb}.xpi [2020-11-04] FF Extension: (All Video Downloader Pro) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\h1292jlu.bit-1604517672781\Extensions\{eef4a074-e2c8-428c-bbe0-63da072bb563}.xpi [2020-11-04] FF ProfilePath: C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414 [2020-11-13] FF NetworkProxy: Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414 -> backup.ftp", "" FF Extension: (Facebook Videos and Photoalbums Downloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\@fud.xpi [2019-08-18] FF Extension: (MySessions) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\balyaev@gmail.com.xpi [2020-01-20] FF Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\browsec@browsec.com.xpi [2020-01-04] FF Extension: (cliget) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\cliget@zaidabdulla.com.xpi [2019-08-18] FF Extension: (Tampermonkey) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\firefox@tampermonkey.net.xpi [2019-12-19] FF Extension: (FoxyProxy Standard) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\foxyproxy@eric.h.jung.xpi [2020-01-04] FF Extension: (Tab Reloader (page auto refresh)) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\jid0-bnmfwWw2w2w4e4edvcdDbnMhdVg@jetpack.xpi [2020-01-05] FF Extension: (To Google Translate) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-01-19] FF Extension: (download-helper) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\jid1-i6dUGvCrz2WZu8@jetpack.xpi [2019-10-05] FF Extension: (Privacy Badger) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2020-01-14] FF Extension: (Dark Background and Light Text) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\jid1-QoFqdK4qzUfGWQ@jetpack.xpi [2020-01-04] FF Extension: (Premiumize.me) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2020-01-04] FF Extension: (Double-click Image Downloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\jid1-xgtdawe3yyUeBQ@jetpack.xpi [2020-01-01] FF Extension: (ScrollAnywhere) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\juraj.masiar@gmail.com_ScrollAnywhere.xpi [2020-01-05] FF Extension: (Link Analyzer) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\link-analyzer@damufo.xpi [2019-08-18] FF Extension: (NordVPN – #1 VPN Proxy Extension for Firefox) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\nordvpnproxy@nordvpn.com.xpi [2020-01-20] FF Extension: (Open Multiple URLs) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\openmultipleurls@ustat.de.xpi [2019-12-10] FF Extension: (PageExpand) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\PageExpand@hakuhin.jp.xpi [2019-11-20] FF Extension: (Reddit Video Downloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\RedditVideoDownloader@sas41.ext.xpi [2019-11-05] FF Extension: (HTTP Directory Downloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\rushikesh988-4@gmail.com.xpi [2020-01-19] FF Extension: (Wildfire) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\support@wildfire.ai.xpi [2020-01-05] FF Extension: (User-Agent Switcher) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\user-agent-switcher@ninetailed.ninja.xpi [2020-01-14] FF Extension: (minerBlock) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\xd4rker@gmail.com.xpi [2019-08-18] FF Extension: (Imagus) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2019-08-18] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (Download with JDownloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{03e07985-30b0-4ae0-8b3e-0c7519b9bdf6}.xpi [2019-12-27] FF Extension: (Popupblocker) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{05ce2135-ced2-4272-97b0-c00c00a93355}.xpi [2019-08-18] FF Extension: (Dark Mode) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{174b2d58-b983-4501-ab4b-07e71203cb43}.xpi [2019-11-05] FF Extension: (UI.Vision RPA) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{190d04a6-e387-4f5b-9751-e0d222cf8275}.xpi [2020-01-05] FF Extension: (M3U Playlist Converter) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{2755cbda-50f7-4cfe-a497-8585df5be40f}.xpi [2019-12-08] FF Extension: (A powerful reverse image search tool, with support for various search engines, such as Google, Bing, Yandex, Baidu and TinEye.) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c}.xpi [2020-01-05] FF Extension: (Link Extractor) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{32234610-80fa-4bc1-9cef-183abea3f3b2}.xpi [2019-08-18] FF Extension: (Download all Images) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2020-01-05] FF Extension: (AddToAny: Share Anywhere) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{35d49e56-0142-4a7b-82a8-6ace7d28ff92}.xpi [2019-08-18] FF Extension: (4chan Image Expander & Saver) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{3859d492-cbb8-4ce1-a1c2-d9394ea829df}.xpi [2019-08-18] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (Download Images From Tabs) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{45ee564a-8d3a-4efa-92cc-8ff5db92bf93}.xpi [2020-01-06] FF Extension: (AntiCaptcha automatic captcha solver) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{487609b5-5ca6-4c62-8523-11f3e1db851c}.xpi [2020-01-06] [UpdateUrl:hxxps://antcpt.com/downloads/firefox/update_manifest.json] FF Extension: (Bulk Image Downloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi [2019-08-18] FF Extension: (SingleFile) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{531906d3-e22f-4a6c-a102-8057b88a1a63}.xpi [2020-01-22] FF Extension: (Don't touch my tabs! (rel=noopener)) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{6b938c0c-fc53-4f27-805f-619778631082}.xpi [2020-01-05] FF Extension: (Open in VLC™ media player) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{6b954d17-d17c-4a19-8fe6-ee8052a562d6}.xpi [2019-11-05] FF Extension: (iMacros for Firefox) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}.xpi [2020-01-05] FF Extension: (Kein Name) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{8b344d1d-265c-4d48-8418-0b522359bad2}.xpi [2020-01-14] FF Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2020-01-19] FF Extension: (Reddit Minimizer) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{9b76f004-d8fb-46f5-9ce9-47c5412b47ec}.xpi [2019-08-18] FF Extension: (User-Agent Switcher and Manager) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{a6c4a591-f1b2-4f03-b3ff-767e5bedf4e7}.xpi [2019-11-06] FF Extension: (Selenium IDE) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}.xpi [2020-01-05] FF Extension: (Private Video Downloader) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{b9a672d6-0a2c-470e-9bed-1ca2e2a900c5}.xpi [2019-08-18] FF Extension: (Video DownloadHelper) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-08-18] FF Extension: (Bulk URL Opener) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{c5b32a48-5514-4a46-81f2-075ebf3cbc29}.xpi [2020-01-06] FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-11-05] FF Extension: (NZBDonkey) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{dd77cf0b-b93f-4e9f-8006-b642c02219db}.xpi [2019-11-24] FF Extension: (DownThemAll!) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2020-01-04] FF Extension: (All Video Downloader Pro) - C:\Users\gnxks\AppData\Roaming\Mozilla\Firefox\Profiles\gbfvkn07.default-1566082662414\Extensions\{eef4a074-e2c8-428c-bbe0-63da072bb563}.xpi [2019-11-05] FF HKLM\...\Firefox\Extensions: [support@lastpass.com] - C:\Program Files (x86)\LastPass\support@lastpass.com.xpi FF Extension: (LastPass: Free Password Manager) - C:\Program Files (x86)\LastPass\support@lastpass.com.xpi [2019-03-21] FF HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2021-03-05] FF HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\gnxks\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\gnxks\AppData\Roaming\IDM\idmmzcc5 [2019-04-08] [] [ist nicht signiert] FF HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [] FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-06-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-06-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-03-12] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\Neuer Ordner\bin\dtplugin\npDeployJava1.dll [2020-06-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\Neuer Ordner\bin\plugin2\npjp2.dll [2020-06-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [Keine Datei] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-02-08] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-02-08] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-03-12] (Adobe Inc. -> Adobe Systems) FF Plugin HKU\S-1-5-21-2402965086-3410531683-3514658406-1004: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\gnxks\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2402965086-3410531683-3514658406-1004: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\gnxks\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [Keine Datei] StartMenuInternet: Firefox-94437107B3C58B50 - Z:\Websites\parsehub.exe |
10.04.2021, 17:41 | #27 |
| Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer?Code:
ATTFilter Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default [2021-04-10] CHR StartupUrls: Default -> "hxxps://www.youtube.com/","hxxps://www.amazon.de/" CHR DefaultSearchURL: Default -> hxxps://www.instagram.com/static/images/ico/xxhdpi_launcher.png/99cf3909d459.png CHR Extension: (Google Übersetzer) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-02-20] CHR Extension: (Präsentationen) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-20] CHR Extension: (Just Black) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-02-21] CHR Extension: (BetterTTV) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-03-15] CHR Extension: (Docs) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-20] CHR Extension: (Google Drive) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-20] CHR Extension: (Web Developer) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2021-02-20] CHR Extension: (Turn Off the Lights) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2021-04-01] CHR Extension: (User-Agent Switcher and Manager) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhchdcejhohfmigjafbampogmaanbfkg [2021-02-20] CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2021-02-20] CHR Extension: (YouTube) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-20] CHR Extension: (Twitter Media Downloader) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\cblpjenafgeohmnjknfhpdbdljfkndig [2021-03-27] CHR Extension: (uBlock Origin) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-03-21] CHR Extension: (Tampermonkey) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-04-09] CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2021-02-20] CHR Extension: (Auto Link Bypasser) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\doiagnjlaingkmdjlbfalakpnphfmnoh [2021-03-21] CHR Extension: (XPath Generator) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\dphfifdfpfabhbkghlmnkkdghbmocfeb [2021-02-20] CHR Extension: (Video Downloader professional) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2021-02-20] CHR Extension: (Tabellen) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-20] CHR Extension: (Postman) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2021-02-20] CHR Extension: (Streamheroes) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\fibcoefnefcolkjjkjeamcokohnjbagp [2021-02-20] CHR Extension: (NordVPN — #1 VPN Chrome Extension: Get a VPN) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2021-03-27] CHR Extension: (NordPass® Password Manager & Digital Vault) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\fooolghllnmhmmndgjiamiiodkpenpbb [2021-04-08] CHR Extension: (Authy) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2021-02-20] CHR Extension: (UI.Vision RPA) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbalfbdmfieckjlnblleoemohcganoc [2021-04-05] CHR Extension: (HTTPS Everywhere) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2021-02-20] CHR Extension: (Chrome Web Store Launcher (by Google)) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\gecgipfabdickgidpmbicneamekgbaej [2021-02-20] CHR Extension: (Google Docs Offline) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-13] CHR Extension: (LastPass: Free Password Manager) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-04-09] CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2021-02-20] CHR Extension: (AirDroid) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2021-02-20] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-29] CHR Extension: (Web Scraper - Free Web Scraping) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnhgnonknehpejjnehehllkliplmbmhn [2021-02-20] CHR Extension: (Image and Video Downloader) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\khnadcdfjbjgojiilfdebbpiepokangj [2021-02-20] CHR Extension: (Twitter Image Downloader) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfafhkjifmbnflpbpeoepeponlkodel [2021-02-20] CHR Extension: (Instagram) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm [2021-02-20] CHR Extension: (Downloader for OnlyFans.com) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdkjblcbbgncmdipibnbgfoehgdjpaob [2021-02-21] CHR Extension: (Web Sniffer) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndfgffclcpdbgghfgkmooklaendohaef [2021-02-20] CHR Extension: (IDM Integration Module) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-03-10] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-20] CHR Extension: (WebRTC Network Limiter) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\npeicpdbkakmehahjeeohfdhnlpdklia [2021-02-20] CHR Extension: (vidIQ Vision for YouTube) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2021-04-04] CHR Extension: (Google Mail) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-20] CHR Extension: (Chrome Media Router) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-03] CHR Extension: (RSS Feed Reader) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2021-03-14] CHR Profile: C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-15] CHR Extension: (Präsentationen) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-24] CHR Extension: (Docs) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-24] CHR Extension: (Google Drive) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-24] CHR Extension: (YouTube) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-24] CHR Extension: (Avira Password Manager) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-03-15] CHR Extension: (Avira Safe Shopping) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-02-24] CHR Extension: (Tabellen) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-24] CHR Extension: (Google Docs Offline) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-15] CHR Extension: (Avast Online Security) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-24] CHR Extension: (LastPass: Free Password Manager) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-03-15] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-15] CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-24] CHR Extension: (IDM Integration Module) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-03-15] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-24] CHR Extension: (Google Mail) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-24] CHR Extension: (Chrome Media Router) - C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-15] CHR Profile: C:\Users\gnxks\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-24] CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-05] CHR HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-05] StartMenuInternet: Google Chrome Beta - C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe Opera: ======= OPR Profile: C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable [2021-04-06] OPR DefaultSearchURL: Opera Stable -> hxxp://shadow2531.com/opera/extensions/gmail_compose_support.html OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (WebRTC Control) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\abbdelbgkogfgjkjflgmhebbfjahgalo [2019-11-02] OPR Extension: (Screensync Screenshot App Turbo Version) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\amehcfbcblckknomikfmijhhbfkalfcj [2020-04-30] OPR Extension: (Bulk URL Opener) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\aohlmdjhlikgookdbgebjikjmijipnkf [2019-04-02] OPR Extension: (Free VPN Proxy) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\ddmpfhchafhgfdflhiilhdeaocinlocb [2021-03-19] OPR Extension: (Browsec VPN - Free VPN for Opera) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\dknfpcdpbkjijldegonllfnnfhabjpde [2021-03-10] OPR Extension: (Rich Hints Agent) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-03-10] OPR Extension: (Page Screenshot) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\henfjlgncdjjhkpjhkjdhiimecnigjlm [2020-04-30] OPR Extension: (LastPass: Free Password Manager) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2021-04-01] OPR Extension: (Droplr - Screenshots, Anmerkungen und Screencasts) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\jehccjfmbojnohjjnpnbinkpikndopeo [2020-04-30] OPR Extension: (WebRTC Leak Prevent) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\jjabaljgaabcnmcoalhaldkmcfbojkkb [2019-04-01] OPR Extension: ( Copy URLs ) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\kgmdofgghbeipjnddielphhhecgnppab [2019-04-02] OPR Extension: (User-Agent Switcher and Manager) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\mdhadkjmpbhfdmmoogneplmcpoelfggp [2020-01-14] OPR Extension: (Amazon Assistant für Opera) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2021-03-29] OPR Extension: (EasyShot: one click full page screenshots) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\npkdeckocgecnojkdbpdjnelfmnmndeb [2020-04-30] OPR Extension: (SimpleProxy) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\oalcjjbilaklgpajmkkkbdblbamkckai [2019-03-24] OPR Extension: (Gmail Compose) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\oplkbppbdibcplkemfiadblmhopffnfm [2020-05-17] OPR Extension: (Nehmen Sie Screenshot der Webseite - FireShot) - C:\Users\gnxks\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbjmgmedeliohhbaefhlplndokcbmjio [2020-04-30] StartMenuInternet: (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004) Opera GXStable - "C:\Users\gnxks\AppData\Local\Programs\Opera GX\Launcher.exe" StartMenuInternet: (HKU\S-1-5-21-2402965086-3410531683-3514658406-1004) OperaStable - "C:\Users\gnxks\AppData\Local\Programs\Opera\Launcher.exe" Brave: ======= BRA DefaultProfile: Default BRA Profile: C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-27] BRA DefaultSearchKeyword: Default -> :g BRA Extension: (Avira Password Manager) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-03-27] BRA Extension: (User-Agent Switcher for Chrome) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2020-02-08] BRA Extension: (NordVPN — #1 VPN Chrome Extension: Get a VPN) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2021-03-27] BRA Extension: (LastPass: Free Password Manager) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-03-27] BRA Extension: (Malwarebytes Browser Guard) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-20] BRA Extension: (Application Launcher For Drive (by Google)) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-03-20] BRA Extension: (IDM Integration Module) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-03-20] BRA Extension: (WebRTC Network Limiter) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\npeicpdbkakmehahjeeohfdhnlpdklia [2020-02-08] BRA Extension: (Brave Local Data Files Updater) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-03-20] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-27] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-09-13] BRA Extension: (Brave SpeedReader Updater) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-09-02] BRA Extension: (Brave NTP sponsored images) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2021-03-27] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\gnxks\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-03-27] StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-03-12] (Adobe Inc. -> Adobe Inc.) R2 agent_ovpnconnect; C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1612970385045.exe [2445824 2021-02-10] () [Datei ist nicht signiert] R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated) R2 Antares Central Services; C:\Program Files\Antares Audio Technologies\Antares Central Services.exe [5499904 2020-11-10] () [Datei ist nicht signiert] S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe [419264 2018-12-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-05-31] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-08] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-08] (Brave Software, Inc. -> BraveSoftware Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation) S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [34344 2018-12-28] (Corsair Memory, Inc. -> Corsair Components, Inc.) R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [11976128 2020-12-21] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [605096 2020-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-08-13] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [56872 2020-08-13] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5546960 2019-12-23] (Binary Fortress Software Ltd -> Binary Fortress Software) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-08-30] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S4 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [859304 2017-02-08] (Tim Kosse -> FileZilla Project) S4 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [Datei ist nicht signiert] S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA) S4 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [22184 2015-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) S3 GoogleChromeBetaElevationService; C:\Program Files (x86)\Google\Chrome Beta\Application\90.0.4430.61\elevation_service.exe [1498216 2021-04-07] (Google LLC -> Google LLC) S4 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [138912 2019-03-15] (eVenture Limited -> eVenture Limited) S4 iaStorAfsService; C:\windows\IAStorAfsService\iaStorAfsService.exe [2406576 2017-03-28] (Intel(R) Rapid Storage Technology -> Intel Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2017-01-06] (Microsoft Corporation -> Microsoft Corporation) R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam\KinoniSvc.exe [748544 2020-04-18] () [Datei ist nicht signiert] R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-05-18] (Logitech Inc -> Logitech) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-21] (Malwarebytes Inc -> Malwarebytes) R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [275200 2021-01-18] (TEFINCOM S.A. -> TEFINCOM S.A.) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-03-12] (Electronic Arts, Inc. -> Electronic Arts) S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-03-12] (Electronic Arts, Inc. -> Electronic Arts) R2 ovpnhelper_service; C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe [2280448 2021-02-10] () [Datei ist nicht signiert] S3 Rockstar Service; M:\Games\GTA LAUNCHER\Launcher\RockstarService.exe [1676696 2021-03-16] (Rockstar Games, Inc. -> Rockstar Games) R2 SbieSvc; D:\HACKS\Sandbox\SbieSvc.exe [332264 2021-03-05] (Tonalio GmbH -> sandboxie-plus.com) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [334208 2020-06-15] (Twitch Interactive, Inc. -> ) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746944 2021-01-07] (Oracle Corporation -> Oracle Corporation) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-04-05] (ASUSTeK Computer Inc. -> ) R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33504 2019-01-01] (ASUSTeK Computer Inc. -> ) S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project) R1 BadlionAnticheat; C:\WINDOWS\system32\drivers\BadlionAnticheat.sys [2479648 2020-05-24] (Microsoft Windows Hardware Compatibility Publisher -> <Turtle Entertainment>) S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-10-03] (Bluestack Systems, Inc. -> Bluestack System Inc.) R3 BthAvrcp; C:\WINDOWS\System32\drivers\BthAvrcp.sys [29184 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc) S3 CorsairGamingAudioService; C:\WINDOWS\system32\DRIVERS\CorsairGamingAudioamd64.sys [103664 2018-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Components, Inc.) R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2021-04-10] (CPUID S.A.R.L.U. -> CPUID) R3 csr_a2dp; C:\WINDOWS\system32\drivers\bthav.sys [78848 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> ) R3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1089512 2020-04-04] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft) R3 JmUsbCcgp; C:\WINDOWS\system32\DRIVERS\jmccgp.sys [17136 2009-07-29] (JMicron Technology Corp. -> JMicron Technology Corp.) R3 kinonivd; C:\WINDOWS\System32\drivers\kinonivd.sys [283840 2020-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 KINONI_Wave; C:\WINDOWS\system32\drivers\kinonivad.sys [31424 2020-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [89776 2019-04-05] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-04-09] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-10-25] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-09] (Malwarebytes Inc -> Malwarebytes) R3 MpKsl70ebe70d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{47CFBBAC-A792-43CF-9FFC-D83E1926A0A1}\MpKslDrv.sys [97528 2021-04-10] (Microsoft Windows -> Microsoft Corporation) S3 MSIO; C:\Program Files\Patriot\Aac_Patriot Viper RGB\msio64.sys [25616 2018-02-12] (MICSYS Technology Co., Ltd. -> ) R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-02-22] (TEFINCOM S.A. -> ) R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2019-11-24] (SoftEther Corporation -> SoftEther Corporation) R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-03-29] (TEFINCOM S.A. -> WireGuard LLC) R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.) S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2019-11-04] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) R3 pmkbdfltr; C:\WINDOWS\System32\drivers\pmkbdfltr.sys [18832 2009-06-18] (PenMount Test Certification -> PenMount) R2 ProxifierDrv; C:\WINDOWS\system32\DRIVERS\ProxifierDrv.sys [58104 2020-09-24] (Initeks, OOO -> Initex) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> ) S3 RtsUpx; C:\windows\system32\drivers\RtsUpx.sys [30328 2018-09-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R3 SbieDrv; D:\HACKS\Sandbox\SbieDrv.sys [192504 2021-03-05] (Tonalio GmbH -> sandboxie-plus.com) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-06-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd) R3 Serial; C:\WINDOWS\system32\DRIVERS\wdfserial.sys [89976 2018-04-26] (LG Electronics Inc. -> LG Electronics Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project) S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project) R3 tap_ovpnconnect; C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys [40128 2021-02-10] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2019-09-16] (Vincent Burel -> Windows (R) Win 7 DDK provider) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239872 2021-01-07] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249776 2021-01-07] (Oracle Corporation -> Oracle Corporation) S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174968 2021-01-07] (Oracle Corporation -> Oracle Corporation) R0 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [829320 2019-04-08] (IDRIX -> IDRIX) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2021-03-25] (VMware, Inc. -> VMware, Inc.) R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2021-01-13] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.) S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [127512 2020-09-18] (WDKTestCert dant,132134237881206156 -> Wacom Technology, Corp.) R3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [28680 2020-09-18] (WDKTestCert dant,132134237881206156 -> Wacom Technology, Corp.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation) R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2020-09-13] (WireGuard LLC -> WireGuard LLC) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-04-10 18:22 - 2021-04-10 18:22 - 000000004 ____H C:\ProgramData\cm-lock 2021-04-10 17:59 - 2021-04-10 18:21 - 000008293 _____ C:\Users\gnxks\Downloads\Fixlog.txt 2021-04-10 17:59 - 2021-04-10 17:59 - 002297856 _____ (Farbar) C:\Users\gnxks\Downloads\FRST64.exe 2021-04-10 17:59 - 2021-04-10 17:59 - 000000000 ____D C:\Users\gnxks\Downloads\FRST-OlderVersion 2021-04-10 14:12 - 2021-04-10 14:12 - 000000002 _____ C:\Users\gnxks\Downloads\iydgotlqzli.txt 2021-04-10 09:39 - 2021-04-10 09:39 - 000000000 ____D C:\SideSync 2021-04-09 13:54 - 2021-04-09 13:54 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-04-09 13:51 - 2021-04-09 13:51 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-04-09 13:51 - 2021-04-09 13:51 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-04-08 18:19 - 2021-04-08 18:19 - 001624574 _____ C:\Users\gnxks\Downloads\Follower timb0.txt 2021-04-08 18:18 - 2021-04-08 18:18 - 001624574 _____ C:\Users\gnxks\Downloads\followerlist_timb0___2021-04-08_18-18-29.csv 2021-04-08 15:33 - 2021-04-08 15:34 - 009736600 _____ (AVAST Software) C:\Users\gnxks\Downloads\avastclear.exe 2021-04-07 21:12 - 2021-04-07 21:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-04-07 18:03 - 2021-04-07 18:03 - 000378866 _____ C:\Users\gnxks\Downloads\Modbewerbung_-_Timb0__-_Google_Formulare.pdf 2021-04-07 18:02 - 2021-04-07 18:02 - 000378866 _____ C:\Users\gnxks\Downloads\Modbewerbung - Timb0_ - Google Formulare.pdf 2021-04-07 15:05 - 2021-04-10 14:10 - 000197714 _____ C:\Users\gnxks\Downloads\Addition.txt 2021-04-07 15:02 - 2021-04-10 18:27 - 000099895 _____ C:\Users\gnxks\Downloads\FRST.txt 2021-04-07 14:27 - 2021-04-07 14:27 - 001830264 _____ C:\Users\gnxks\AppData\LocalLow\wbk2BE0.tmp 2021-04-07 14:27 - 2021-04-07 14:27 - 001794305 _____ C:\Users\gnxks\AppData\LocalLow\wbk2A46.tmp 2021-04-07 14:27 - 2021-04-07 14:27 - 001172192 _____ C:\Users\gnxks\AppData\LocalLow\wbk2820.tmp 2021-04-07 14:19 - 2021-04-07 14:19 - 000004178 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1540659554 2021-04-07 14:19 - 2021-04-07 14:19 - 000001384 _____ C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk 2021-04-06 22:27 - 2021-04-10 18:26 - 000000000 ____D C:\FRST 2021-04-06 15:39 - 2021-04-06 15:39 - 000004190 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1591363623 2021-04-06 15:39 - 2021-04-06 15:39 - 000001449 _____ C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk 2021-04-05 13:25 - 2021-03-25 04:44 - 001304168 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll 2021-04-05 13:25 - 2021-03-25 04:42 - 000420968 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe 2021-04-05 13:25 - 2021-03-25 04:42 - 000381184 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe 2021-04-05 13:25 - 2021-03-25 04:42 - 000119792 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetinst.dll 2021-04-05 13:25 - 2021-03-25 04:42 - 000044544 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys 2021-04-05 13:25 - 2021-03-25 04:36 - 000110696 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys 2021-04-05 13:25 - 2020-08-11 00:25 - 000048224 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll 2021-04-05 13:25 - 2020-08-11 00:25 - 000044128 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll 2021-04-05 13:25 - 2020-08-11 00:24 - 000105912 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys 2021-04-05 13:24 - 2021-04-05 13:24 - 000000000 ____D C:\Program Files\Common Files\VMware 2021-04-05 13:24 - 2021-01-20 05:08 - 000085448 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys 2021-04-04 17:51 - 2021-04-05 12:18 - 000000648 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2402965086-3410531683-3514658406-1004.job 2021-04-04 17:51 - 2021-04-05 12:18 - 000000552 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2402965086-3410531683-3514658406-1004.job 2021-03-31 18:40 - 2021-04-01 20:04 - 000000000 ____D C:\Users\gnxks\OneDrive\Dokumente\Bandicam 2021-03-31 18:40 - 2021-03-31 18:40 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Bandicam Company 2021-03-31 18:40 - 2021-03-31 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam 2021-03-31 18:39 - 2021-03-31 18:40 - 000000000 ____D C:\Program Files (x86)\Bandicam 2021-03-31 18:39 - 2021-03-31 18:39 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1 2021-03-30 12:03 - 2021-04-01 03:28 - 000000000 ____D C:\Users\gnxks\OneDrive\Dokumente\Virtual Machines 2021-03-29 21:47 - 2021-03-29 21:50 - 000000000 ____D C:\Users\gnxks\AppData\Local\NordVPN 2021-03-29 21:47 - 2021-03-29 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec 2021-03-29 21:47 - 2021-03-29 21:47 - 000000000 ____D C:\Program Files\NordVPN 2021-03-29 21:47 - 2021-03-29 21:47 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP 2021-03-29 21:47 - 2020-12-14 10:21 - 000038608 _____ (TEFINCOM S.A.) C:\WINDOWS\system32\Drivers\nordlwf.sys 2021-03-29 21:46 - 2021-03-29 21:46 - 000039360 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\nlwt.sys 2021-03-29 21:46 - 2021-03-29 21:46 - 000000000 ____D C:\Program Files\NordVPN network TUN 2021-03-29 15:15 - 2021-03-31 21:00 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Electrum 2021-03-29 15:14 - 2021-03-29 15:14 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum 2021-03-29 15:14 - 2021-03-29 15:14 - 000000000 ____D C:\Program Files (x86)\Electrum 2021-03-28 01:08 - 2021-04-02 00:34 - 000000000 ____D C:\ProgramsData 2021-03-28 00:12 - 2021-03-28 00:12 - 000000000 ___HD C:\$Windows.~WS 2021-03-27 23:17 - 2021-04-09 22:31 - 000000000 ____D C:\Users\gnxks\AppData\Local\VMware 2021-03-27 23:17 - 2021-04-09 17:50 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\VMware 2021-03-27 23:03 - 2021-04-10 18:22 - 000000000 ____D C:\ProgramData\VMware 2021-03-27 23:03 - 2021-03-27 23:03 - 000000000 ____D C:\Program Files (x86)\VMware 2021-03-27 22:12 - 2021-03-27 22:12 - 000000000 ___RD C:\Sandbox 2021-03-27 22:10 - 2021-03-28 12:08 - 000002726 _____ C:\WINDOWS\Sandboxie.ini 2021-03-27 22:10 - 2021-03-27 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie 2021-03-27 22:00 - 2021-03-27 22:00 - 000000000 ____D C:\Users\gnxks\AppData\Local\SkinSoft 2021-03-26 23:02 - 2021-03-26 23:02 - 000000968 _____ C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2021-03-26 03:12 - 2021-03-26 04:59 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\OpenVPN Connect 2021-03-26 03:12 - 2021-03-26 03:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN Connect 2021-03-26 03:12 - 2021-03-26 03:12 - 000000000 ____D C:\Program Files\OpenVPN Connect 2021-03-26 00:55 - 2021-03-26 00:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2021-03-26 00:55 - 2021-01-07 11:18 - 001037824 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys 2021-03-26 00:55 - 2021-01-07 11:18 - 000187888 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys 2021-03-25 19:54 - 2021-03-28 01:15 - 000000000 ____D C:\ESD 2021-03-25 15:45 - 2021-03-25 15:45 - 000000000 ____D C:\Program Files (x86)\VstPlugins 2021-03-25 13:05 - 2021-03-25 13:05 - 000000000 ____D C:\Users\gnxks\AppData\Local\AutoBot_Computing 2021-03-25 04:42 - 2021-03-25 04:42 - 000097504 _____ (VMware, Inc.) C:\WINDOWS\system32\vmnetbridge.dll 2021-03-25 04:42 - 2021-03-25 04:42 - 000067072 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetbridge.sys 2021-03-25 04:42 - 2021-03-25 04:42 - 000046576 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetadapter.sys 2021-03-25 04:42 - 2021-03-25 04:42 - 000046576 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnet.sys 2021-03-25 04:17 - 2021-03-25 04:17 - 000000000 ____D C:\$WINDOWS.~BT 2021-03-24 22:17 - 2021-04-08 23:27 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\NordPass 2021-03-24 22:17 - 2021-03-25 15:50 - 000000000 ____D C:\Users\gnxks\AppData\Local\nordpass-updater 2021-03-24 22:17 - 2021-03-24 22:17 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NordSec 2021-03-22 23:15 - 2021-03-23 14:05 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2021-03-22 23:14 - 2021-03-23 14:12 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Telegram Desktop 2021-03-22 20:44 - 2021-03-22 20:44 - 000001394 _____ C:\ProgramData\Desktop\Produktpalette.lnk 2021-03-22 20:44 - 2021-03-22 20:44 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip ZIP-Programm.lnk 2021-03-22 20:44 - 2021-03-22 20:44 - 000000000 ____D C:\Users\gnxks\NCH Software Produktpalette 2021-03-22 15:31 - 2021-04-10 18:22 - 000008192 ___SH C:\DumpStack.log.tmp 2021-03-21 01:14 - 2021-03-28 00:10 - 000000525 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2021-03-21 00:57 - 2021-03-21 00:57 - 000001162 _____ C:\WINDOWS\system32\config\VSMIDK 2021-03-21 00:55 - 2021-03-21 00:55 - 000000000 ___SD C:\WINDOWS\system32\containers 2021-03-19 14:44 - 2021-03-19 14:44 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Proxifier4 2021-03-19 14:44 - 2021-03-19 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxifier 2021-03-19 14:44 - 2021-03-19 14:44 - 000000000 ____D C:\Program Files (x86)\Proxifier 2021-03-19 14:44 - 2020-09-29 21:55 - 000299952 _____ (Initex) C:\WINDOWS\system32\ProxifierShellExt.dll 2021-03-19 14:44 - 2020-09-29 21:55 - 000271792 _____ (Initex) C:\WINDOWS\SysWOW64\ProxifierShellExt.dll 2021-03-19 14:44 - 2020-09-24 05:17 - 000058104 _____ (Initex) C:\WINDOWS\system32\Drivers\ProxifierDrv.sys 2021-03-16 16:01 - 2021-03-16 16:01 - 000004428 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled assistant Autoupdate 1615903302 2021-03-14 21:05 - 2021-03-14 21:05 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Tokyo Dawn Labs 2021-03-14 21:05 - 2021-03-14 21:05 - 000000000 ____D C:\Users\gnxks\AppData\Local\numba 2021-03-14 21:05 - 2021-03-14 21:05 - 000000000 ____D C:\Users\gnxks\.keras 2021-03-13 19:48 - 2021-03-29 21:47 - 000000000 ____D C:\ProgramData\NordVPN 2021-03-13 19:48 - 2021-02-22 08:27 - 000105184 _____ C:\WINDOWS\system32\Drivers\NDivert.sys 2021-03-13 10:07 - 2021-03-13 10:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-03-13 10:07 - 2021-03-13 10:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-03-13 10:07 - 2021-03-13 10:07 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-03-13 10:07 - 2021-03-13 10:07 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-03-13 10:07 - 2021-03-13 10:07 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-03-13 10:07 - 2021-03-13 10:07 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll 2021-03-13 10:07 - 2021-03-13 10:07 - 000374096 _____ C:\WINDOWS\system32\vp9fs.dll 2021-03-13 10:07 - 2021-03-13 10:07 - 000164144 _____ C:\WINDOWS\system32\cmdiag.exe 2021-03-13 10:07 - 2021-03-13 10:07 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-03-13 10:06 - 2021-03-13 10:06 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-03-13 10:06 - 2021-03-13 10:06 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-03-13 10:06 - 2021-03-13 10:06 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-03-13 10:06 - 2021-03-13 10:06 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-03-13 10:06 - 2021-03-13 10:06 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-03-12 23:50 - 2021-03-12 23:50 - 000001415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2021-03-11 20:19 - 2021-03-11 20:19 - 000000000 ____D C:\Program Files\VSTPlugIns 2021-03-11 20:02 - 2021-03-11 20:22 - 000000000 ____D C:\Users\gnxks\AppData\Local\Waves Audio 2021-03-11 20:01 - 2021-03-25 20:04 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Waves Audio 2021-03-11 20:01 - 2021-03-11 20:22 - 000000000 ___SD C:\Program Files (x86)\Waves 2021-03-11 20:01 - 2021-03-11 20:19 - 000000000 ____D C:\ProgramData\Waves Audio 2021-03-11 20:00 - 2021-03-11 20:23 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Waves Central 2021-03-11 19:59 - 2021-03-11 19:59 - 000001951 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves Central.lnk 2021-03-11 19:59 - 2021-03-11 19:59 - 000000000 ____D C:\Users\gnxks\AppData\Local\central-updater 2021-03-11 19:59 - 2021-03-11 19:59 - 000000000 ____D C:\Program Files\Waves Central 2021-03-11 10:29 - 2021-03-11 10:30 - 000000000 ____D C:\ProgramData\Gyazo 2021-03-11 10:20 - 2021-03-11 10:20 - 000002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2021-04-10 18:25 - 2021-02-28 02:45 - 000000000 ____D C:\Users\gnxks\AppData\Local\DiscordCanary 2021-04-10 18:25 - 2020-07-05 14:33 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\discordcanary 2021-04-10 18:24 - 2018-11-04 20:50 - 000000000 ____D C:\Program Files\CCleaner 2021-04-10 18:23 - 2020-05-23 14:47 - 000000000 ____D C:\ProgramData\boost_interprocess 2021-04-10 18:22 - 2021-01-11 11:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-04-10 18:22 - 2021-01-01 15:52 - 000000068 ___SH C:\WINDOWS\system32\Drivers\ws2ifsl.winsecurity 2021-04-10 18:22 - 2020-09-02 16:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-10 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-10 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-10 18:22 - 2019-04-01 13:58 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\WTablet 2021-04-10 18:22 - 2018-09-17 12:08 - 000000000 ____D C:\ProgramData\NVIDIA 2021-04-10 18:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-10 18:21 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-04-10 18:16 - 2020-09-02 16:33 - 000007570 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-10 18:16 - 2019-12-07 16:51 - 000920154 _____ C:\WINDOWS\system32\perfh007.dat 2021-04-10 18:16 - 2019-12-07 16:51 - 000206718 _____ C:\WINDOWS\system32\perfc007.dat 2021-04-10 18:13 - 2021-01-01 15:48 - 000000068 ___SH C:\WINDOWS\system32\Drivers\wof.winsecurity 2021-04-10 18:10 - 2018-09-21 23:44 - 000000000 ____D C:\Users\gnxks\AppData\Local\CrashDumps 2021-04-10 18:07 - 2019-03-21 14:14 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\DMCache 2021-04-10 18:01 - 2020-09-02 16:24 - 000739128 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-10 17:56 - 2019-03-29 21:50 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\AVAST Software 2021-04-10 17:56 - 2018-09-23 09:14 - 000000000 ____D C:\ProgramData\AVAST Software 2021-04-10 17:56 - 2018-09-17 12:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2021-04-10 15:51 - 2020-09-02 16:34 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{913D8150-2B71-4134-BCBC-CFBDC530775C} 2021-04-10 13:14 - 2020-06-09 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2021-04-10 13:14 - 2020-06-09 11:51 - 000000000 ____D C:\Program Files\Microsoft Office 2021-04-10 13:08 - 2018-09-19 18:52 - 000000000 ____D C:\Users\gnxks\AppData\Local\Packages 2021-04-10 12:51 - 2020-09-02 16:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-10 11:21 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-10 00:58 - 2020-06-24 19:52 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-09 14:08 - 2018-09-19 19:08 - 000000000 ____D C:\Users\gnxks\AppData\Local\D3DSCache 2021-04-09 13:53 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-04-09 13:53 - 2018-09-23 09:17 - 000000000 ____D C:\Program Files\Common Files\AVAST Software 2021-04-08 20:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-04-07 19:55 - 2020-07-05 11:11 - 000002363 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome Beta.lnk 2021-04-07 17:48 - 2018-09-22 19:17 - 000007606 _____ C:\Users\gnxks\AppData\Local\Resmon.ResmonCfg 2021-04-07 15:12 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2021-04-07 14:36 - 2020-06-10 15:34 - 000000000 ____D C:\Users\gnxks\OneDrive\Dokumente\Meisterkurs 2021-04-06 22:58 - 2020-09-02 13:21 - 000000000 ___DC C:\WINDOWS\Panther 2021-04-06 22:58 - 2019-04-08 20:13 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\IDM 2021-04-06 22:58 - 2018-11-27 18:38 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\TeamViewer 2021-04-06 22:58 - 2018-09-23 09:11 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\uTorrent 2021-04-06 22:56 - 2021-02-16 13:50 - 000000000 ____D C:\WINDOWS\Minidump 2021-04-06 21:18 - 2018-09-29 20:53 - 000000000 ____D C:\Users\gnxks\AppData\LocalLow\Mozilla 2021-04-05 21:44 - 2020-09-02 16:27 - 000000000 ____D C:\Users\gnxks 2021-04-05 13:24 - 2018-05-11 09:39 - 000007574 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2021-04-04 17:51 - 2021-01-11 09:02 - 000003800 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2402965086-3410531683-3514658406-1004 2021-04-04 17:51 - 2021-01-11 09:02 - 000003704 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2402965086-3410531683-3514658406-1004 2021-04-04 17:51 - 2021-01-11 09:02 - 000000000 ____D C:\Users\gnxks\AppData\Local\GoToMeeting 2021-04-04 15:12 - 2020-04-13 08:33 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-04-03 10:30 - 2019-02-04 19:47 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\HueSync 2021-04-02 06:29 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-04-02 02:42 - 2021-02-20 16:47 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-02 02:42 - 2021-02-20 16:47 - 000002211 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2021-04-01 21:53 - 2020-02-08 12:49 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2021-04-01 00:44 - 2019-06-16 21:04 - 000000000 ___RD C:\Users\gnxks\Creative Cloud Files 2021-04-01 00:44 - 2018-09-23 10:47 - 000000000 ___HD C:\adobeTemp 2021-04-01 00:43 - 2018-09-23 09:40 - 000000000 ____D C:\Program Files\Common Files\Adobe 2021-03-31 18:44 - 2019-02-24 18:18 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\vlc 2021-03-30 16:18 - 2020-05-29 18:31 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\slobs-client 2021-03-30 13:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-03-29 23:56 - 2019-09-29 17:22 - 000000000 ____D C:\Users\gnxks\STEAM 2021-03-29 20:44 - 2020-09-02 16:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software 2021-03-29 20:44 - 2018-09-19 18:54 - 000000000 ___RD C:\Users\gnxks\OneDrive 2021-03-29 15:37 - 2020-01-05 18:45 - 000000000 ____D C:\Users\gnxks\OneDrive\Dokumente\Web Content Extractor Projects 2021-03-28 12:11 - 2020-11-13 20:27 - 000000000 ___RD C:\Users\gnxks\Google Drive (daniel.kddk@gmail.com) 2021-03-28 12:10 - 2020-07-05 12:16 - 000000000 ___RD C:\Users\gnxks\Google Drive 2021-03-28 05:38 - 2019-03-12 20:41 - 000000000 ____D C:\Users\gnxks\.VirtualBox 2021-03-28 01:14 - 2020-09-02 16:34 - 000015933 _____ C:\WINDOWS\diagwrn.xml 2021-03-28 01:14 - 2020-09-02 16:34 - 000015243 _____ C:\WINDOWS\diagerr.xml 2021-03-27 23:26 - 2019-03-12 22:42 - 000000000 ____D C:\Users\gnxks\VirtualBox VMs 2021-03-27 21:53 - 2019-03-12 20:41 - 000000000 ____D C:\ProgramData\VirtualBox 2021-03-26 00:07 - 2021-02-28 02:49 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\betterdiscord 2021-03-25 21:31 - 2020-01-29 19:06 - 000000000 ____D C:\Users\gnxks\AppData\Local\TeamViewer 2021-03-25 18:57 - 2019-03-22 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2021-03-25 17:59 - 2018-09-20 19:54 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\discord 2021-03-25 15:56 - 2020-03-14 13:38 - 000000000 ____D C:\Users\gnxks\OneDrive\Dokumente\Image-Line 2021-03-25 15:56 - 2020-03-14 13:37 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 2021-03-25 15:45 - 2020-03-14 13:37 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2021-03-25 03:42 - 2019-12-08 22:26 - 000000000 ____D C:\Users\gnxks\dwhelper 2021-03-23 17:07 - 2020-03-14 15:19 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\audacity 2021-03-23 13:53 - 2020-09-02 13:10 - 000000000 ___HD C:\$WinREAgent 2021-03-22 20:44 - 2020-07-08 08:55 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\NCH Software 2021-03-22 20:44 - 2020-07-08 08:55 - 000000000 ____D C:\ProgramData\NCH Software 2021-03-22 20:44 - 2020-07-08 08:55 - 000000000 ____D C:\Program Files (x86)\NCH Software 2021-03-20 20:17 - 2021-02-22 23:29 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\developer-rig 2021-03-16 21:41 - 2018-10-14 09:13 - 000000000 ____D C:\Program Files\Rockstar Games 2021-03-16 21:41 - 2018-09-21 21:08 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2021-03-16 21:32 - 2020-04-18 14:47 - 000000000 ____D C:\Program Files (x86)\GVMP-Launcher 2021-03-16 15:56 - 2018-05-11 09:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-03-15 15:00 - 2020-03-14 13:37 - 000000000 ____D C:\Program Files\Common Files\VST2 2021-03-15 14:59 - 2020-10-18 17:25 - 000000000 ____D C:\Program Files\Common Files\VST3 2021-03-14 17:00 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-03-14 01:20 - 2019-12-07 16:54 - 000000000 ___SD C:\WINDOWS\system32\AppV 2021-03-14 01:20 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-03-14 01:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-03-13 20:10 - 2018-11-29 19:02 - 000000000 ____D C:\Users\gnxks\AppData\Local\Ubisoft Game Launcher 2021-03-12 23:53 - 2018-09-23 09:39 - 000000000 ____D C:\Program Files\Adobe 2021-03-12 23:50 - 2018-09-23 09:39 - 000000000 ____D C:\Program Files (x86)\Adobe 2021-03-12 10:30 - 2018-05-11 09:29 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-03-12 10:25 - 2020-05-19 18:15 - 000000000 ____D C:\Program Files (x86)\dotnet 2021-03-12 10:25 - 2019-04-07 18:37 - 000000000 ____D C:\Program Files\dotnet 2021-03-12 10:25 - 2018-05-11 09:42 - 000000000 ____D C:\ProgramData\Package Cache 2021-03-12 10:25 - 2018-05-11 09:29 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-03-12 10:24 - 2021-02-13 14:17 - 000000000 ____D C:\Users\Default\.dotnet 2021-03-11 18:33 - 2020-03-14 13:37 - 000000000 ____D C:\Program Files (x86)\ASIO4ALL v2 2021-03-11 18:21 - 2018-09-19 18:52 - 000000000 ____D C:\Users\gnxks\AppData\Roaming\Adobe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2019-03-18 14:31 - 2014-10-02 15:10 - 000294912 _____ () C:\Program Files\FolderSize-2.6-x64.msi 2019-03-18 14:31 - 2014-10-02 15:09 - 000274432 _____ () C:\Program Files\FolderSize-2.6-x86.msi 2019-02-26 15:06 - 2019-02-26 15:06 - 000046258 _____ () C:\Program Files\peg.png 2018-09-23 18:55 - 2018-09-23 18:55 - 000021077 _____ () C:\Program Files (x86)\trapcodeform.log 2021-03-09 09:49 - 2021-03-09 09:49 - 000000014 _____ () C:\Users\gnxks\AppData\Roaming\obs-virtualcam.txt 2020-12-08 22:14 - 2020-12-08 22:14 - 000002336 _____ () C:\Users\gnxks\AppData\Roaming\plugin_scan_state_VST2_x32.scan 2020-12-08 22:13 - 2020-12-08 22:13 - 000005642 _____ () C:\Users\gnxks\AppData\Roaming\plugin_scan_state_VST2_x64.scan 2020-12-08 22:13 - 2020-12-08 22:13 - 000000690 _____ () C:\Users\gnxks\AppData\Roaming\plugin_scan_state_VST3_x32.scan 2020-12-08 22:15 - 2020-12-08 22:15 - 000002104 _____ () C:\Users\gnxks\AppData\Roaming\plugin_scan_state_VST3_x64.scan 2021-01-04 15:33 - 2021-01-04 15:33 - 000001386 ___SH () C:\Users\gnxks\AppData\Roaming\systemMK.$dk 2019-09-16 20:44 - 2020-12-29 13:37 - 000004631 _____ () C:\Users\gnxks\AppData\Roaming\VoiceMeeterDefault.xml 2019-05-04 17:30 - 2021-02-08 12:45 - 000001456 _____ () C:\Users\gnxks\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2020-11-13 05:26 - 2020-11-13 05:26 - 000003584 _____ () C:\Users\gnxks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-04-20 19:41 - 2019-05-04 23:00 - 000002050 _____ () C:\Users\gnxks\AppData\Local\oobelibMkey.log 2020-08-23 20:21 - 2020-08-23 20:23 - 000004104 _____ () C:\Users\gnxks\AppData\Local\PlariumPlay.log 2019-04-05 12:02 - 2021-02-28 20:48 - 000000128 _____ () C:\Users\gnxks\AppData\Local\PUTTY.RND 2018-09-22 19:17 - 2021-04-07 17:48 - 000007606 _____ () C:\Users\gnxks\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
10.04.2021, 19:47 | #28 |
/// TB-Ausbilder | Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer? Du hast den Fix falsch ausgeführt... bei dir steht da alles in einer Zeile... so ist das nicht gedacht. Du musst eigentlich nur den Inhalt der ganzen Code-Box mit der Maus markieren ( inklusve Start:: und End:: ), mit STRG+c kopieren und dann FRST starten und auf den Button "Entfernen" klicken... keine Ahnung, was du gemacht hast. Bei mir funktioniert es einwandfrei. Daher wurde auch kein .zip Archiv erstellt. Die Schritte 2 bis 4 bitte wiederholen. Geändert von M-K-D-B (10.04.2021 um 20:01 Uhr) |
10.04.2021, 20:29 | #29 | |
| Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer?Zitat:
Du meinst sicher den Button Reparieren. Entfernen steht nicht da. Also Schritt 2 ist ja wirklich nicht schwer, ich hab es nochmal gemacht und wieder war der fix log in einer Linie, es wurde auch keine zip erstellt. Ich habe jetzt mal den Zwischenablagenverlauf deaktiviert, Zwischenablage gelöscht den code erneut kopiert und frst geöffnet und sofort auf reparieren geklickt. Es wurde aber immer noch keine Zip erstellt und der Fixlog ist in einer Linie...? Viel falsch kann man ja nicht machen Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-04-2021 durchgeführt von K1992 (10-04-2021 21:18:44) Run:4 Gestartet von C:\Users\gnxks\Downloads Geladene Profile: K1992 Start-Modus: Normal ============================================== fixlist Inhalt: ***************** CloseProcesses: Task: {08C931ED-7BAC-431E-A77C-439CDB2E130A} - System32\Tasks\sartorial ecologically marshallingsartorial ecologically marshalling => C:\Users\gnxks\AppData\Local\Boaster.exe C:\Users\gnxks\AppData\Local\Boaster.exe Task: {0A50E67E-8040-45E3-AC54-26E610654AA7} - System32\Tasks\presets rozenpresets rozen => C:\Program Files (x86)\Kefauver\Unruffled.exe C:\Program Files (x86)\Kefauver Task: {27A02945-C013-4D94-8191-5AD75C8BCF26} - System32\Tasks\danto-zeroeddanto-zeroed => C:\Program Files (x86)\lees\Unruffled.exe C:\Program Files (x86)\lees Task: {9BD5D49C-453B-48F6-A3AA-5EC0F6232A38} - System32\Tasks\venial_weisvenial_weis => C:\Program Files (x86)\Kefauver\Boaster.exe Zip: C:\FRST\Quarantine Task: {38402431-47D9-4590-89D6-686671F7FEBF} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe C:\Windows\System32\Tasks\Avira C:\Program Files (x86)\Avira Task: {5C284F6B-D398-4C9A-B043-5FB20CE5B91D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe C:\Windows\System32\Tasks\Avast C:\Program Files\Common Files\AVAST Software Task: {600034CF-BB59-4F46-A8BE-873378E78242} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software Task: {933F6584-43EE-4E0A-945D-589B9E6761FC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe C:\Windows\System32\Tasks\Microsoft\Office C:\Program Files (x86)\Microsoft Office Task: {E305393D-CD51-49FD-AA36-8FA1B93C8DB2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB} CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\gnxks\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\gnxks\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\gnxks\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64\FileSyncShell64.dll => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> Keine Datei ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> Keine Datei ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> Keine Datei ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Keine Datei ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => Z:\GPG\Gpg4win\bin_64\gpgex.dll -> Keine Datei ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Keine Datei ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Keine Datei ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => Z:\GPG\Gpg4win\bin_64\gpgex.dll -> Keine Datei AlternateDataStreams: C:\Windows:CM_84ef824d9223cefd9bd822e6d77642667f7d6fb48eed9e6869b85458646cdb76 [74] AlternateDataStreams: C:\Windows:CM_c99942455a9c503e19a638848b3be80d8d04f7176b8db08566b3fc4f618f63be [74] HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} HKU\S-1-5-21-2402965086-3410531683-3514658406-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=bgy_dbnwss_19_38_ssg00¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwingy%26cd%3D2XzuyEtN2Y1L1QzuyE0C0E0D0F0B0C0BtA0FtBtD0B0B0FtDtN0D0Tzu0StBzztBtDtN1L2XzuyEtFyDyDtFtDtFtCtAtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDtAyE0FyDtCtCyBtGyEtC0D0EtGtBtCyBtCtGyCtAzzyBtGzzyE0C0FyBzz0AtD0DzztD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz1S1OyD1StAtD1OtG1R1Q1Q1StGyEzztA1QtG1T1RyB1PtG1RyByC1O1P1T1StAzyzytAtA2QtN0A0LzutDtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDyCzytDzyzztCzytC%26cr%3D461987780%26a%3Dbgy_dbnwss_19_38_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BEnterprise SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms} SearchScopes: HKU\S-1-5-21-2402965086-3410531683-3514658406-1004 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms} HKLM\...\StartupApproved\StartupFolder: => "Avast Cleanup Premium.lnk" HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk" HKLM\...\StartupApproved\Run32: => "Updater" GroupPolicy: Beschränkung ? <==== ACHTUNG HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-03-30] C:\Program Files (x86)\AVAST Software CMD: ipconfig /flushdns CMD: netsh winsock reset CMD: netsh advfirewall reset CMD: netsh advfirewall set allprofiles state ON CMD: Bitsadmin /Reset /Allusers powershell: Set-MpPreference -PUAProtection Enabled powershell: Set-MpPreference -DisableScanningNetworkFiles 0 Hosts: RemoveProxy: SystemRestore: On EmptyTemp: ***************** Prozesse erfolgreich geschlossen. Das System musste neu gestartet werden. ==== Ende von Fixlog 21:18:47 ==== |
10.04.2021, 21:44 | #30 |
/// TB-Ausbilder | Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer? Dann anders... im Anhang ist die Datei fixlist.txt. Speichere diese Datei direkt neben FRST im Downloadordner ab. Starte FRST und klicke auf Reparieren. Damit sollte es auch klappen. |
Themen zu Defender erkennt einen Trojaner in meinem Papierkorb an, dabei ist dieser leer? |
administrator, aktivieren, angezeigt, avast, beitrag, deaktiviert, defender, entfernen, erkennt, fertig, gestartet, guten, installiert, laufwerke, leer, log, morgen, papierkorb, problem, ratlos, regedit, richtig, schutz, tool, trojaner, woche |