Windows 10: Windows Defender Alarm - Trojan:Win32/Occamy.C

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-08-2023
Ran by ***** (09-08-2023 11:51:05)
Running from C:\Users\*****\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3208 (X64) (2020-11-30 13:25:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-917627657-1518166570-4135675860-500 - Administrator - Disabled)
***** (S-1-5-21-917627657-1518166570-4135675860-1001 - Administrator - Enabled) => C:\Users\*****
DefaultAccount (S-1-5-21-917627657-1518166570-4135675860-503 - Limited - Disabled)
Gast (S-1-5-21-917627657-1518166570-4135675860-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-917627657-1518166570-4135675860-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 23.003.20244 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.11.0.522.1 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.49 - Adobe Inc.)
Adobe Illustrator 2023 (HKLM-x32\...\ILST_27_7) (Version: 27.7 - Adobe Inc.)
Adobe InDesign 2023 (HKLM-x32\...\IDSN_18_5) (Version: 18.5 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_7) (Version: 24.7.0.643 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Anki (HKLM-x32\...\Anki) (Version: 2.1.54 - )
Arabisch (Special) (HKLM\...\{263C9F95-ED75-4012-A108-ADBCC0AF9450}) (Version: 1.0.3.40 - al-Ghaliun Production)
balenaEtcher 1.18.11 (HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.18.11 - Balena Ltd.)
calibre 64bit (HKLM\...\{C034EE35-6695-4523-BEBE-12ED15960189}) (Version: 6.24.0 - Kovid Goyal)
Canon Generic Plus PCL6 Printer Driver Uninstaller (HKLM\...\Canon Generic Plus PCL6) (Version: 7, 3, 0, 0 - Canon Inc.)
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3042 - Acer Incorporated)
Chromium (HKLM-x32\...\Chromium) (Version: 115.0.5790.171 - The Chromium Authors)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.00093 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{6B15DEBB-2AB9-42DD-8ECF-82EF8F21CC69}) (Version: 4.10.00093 - Cisco Systems, Inc.) Hidden
Cisco Webex Meetings (HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\ActiveTouchMeetingClient) (Version: 41.9.5 - Cisco Webex LLC)
Colour Contrast Analyser (CCA) (HKLM\...\{B0B9ED31-E653-4B5A-A410-203684792BCC}) (Version: 3.1.1.0 - Cédric Trévisan)
DB Browser for SQLite (HKLM\...\{5211034D-495B-4A5E-9B8D-8961BBB2B9E2}) (Version: 3.12.2 - DB Browser for SQLite Team)
Deutsch (Orientalistik) (HKLM\...\{ACDBE22B-ABED-4D0B-A5C6-FC741E4DBAB9}) (Version: 1.0.3.40 - Institut für Iranistik)
DjVuLibre DjView  3.5.28+4.12 (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.28+4.12 - DjVuZone)
Documentation Manager (HKLM\...\{17C797EF-1D27-41CF-8A52-024F33A8A8FE}) (Version: 22.80.1.1 - Intel Corporation) Hidden
Documentation Manager (HKLM\...\{619AF8CA-69CA-4463-88F7-86E2E387FB66}) (Version: 22.230.0.8 - Intel Corporation) Hidden
Eclipse Temurin JRE mit Hotspot 8u382-b05 (x64) (HKLM\...\{5DA5EFCA-79E7-41A3-AD52-9383EF948EBB}) (Version: 8.0.382.5 - Eclipse Adoptium)
EditPad Pro 7 v.7.6.7 (HKLM\...\EditPad Pro 7) (Version: v.7.6.7 - Just Great Software)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Everything 1.4.1.1024 (x64) (HKLM\...\Everything) (Version: 1.4.1.1024 - voidtools)
FlightGear v2020.3.6 (HKLM\...\FlightGear_is1) (Version:  - The FlightGear Team)
Gephi 0.10.1 (HKLM\...\{51722911-C391-4118-97BF-B50100D2AB15}_is1) (Version: 0.10.1 - Gephi)
Git (HKLM\...\Git_is1) (Version: 2.41.0 - The Git Development Community)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.4.3 - The GnuPG Project)
Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google)
Gpg4win (4.2.0) (HKLM-x32\...\Gpg4win) (Version: 4.2.0 - The Gpg4win Project)
Grammarly for Windows (HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\Grammarly Desktop Integrations) (Version: 1.0.38.801 - Grammarly)
Graphviz (HKLM-x32\...\Graphviz) (Version: 8.1.0 - Graphviz)
HandBrake 1.6.1 (HKLM-x32\...\HandBrake) (Version: 1.6.1 - )
IceCat (x64 en-US) (HKLM\...\IceCat 91.9.1 (x64 en-US)) (Version: 91.9.1 - Mozilla)
Intel Driver && Support Assistant (HKLM-x32\...\{0F7F6F7B-684E-435A-9FCE-C8A1F71EDA14}) (Version: 23.3.25.6 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{34989299-2d34-4a1b-baa2-4de4fafbb4d0}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{56b89a97-2659-4931-bffa-4b136a521eb1}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{7e58df71-ff1c-43fd-a618-5511b76c0dd9}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{899f8bb6-99cd-4f33-a004-c70d9ec22260}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{d0e4f33b-f383-4c75-8d81-ec92db2939eb}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{ed8a48d8-7f70-4dcd-b524-163792643281}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000230-0220-1031-84C8-B8D95FA3C8C3}) (Version: 22.230.0.2 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{0ddcdf18-17cd-44ad-af4e-ba6821421c30}) (Version: 23.3.25.6 - Intel)
Intel® Software Installer (HKLM-x32\...\{09b61d86-bc76-4353-a7d8-ebc9e2822195}) (Version: 22.230.0.8 - Intel Corporation) Hidden
LernBar Studio 4 (HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\LernBarStudio) (Version:  - )
LibreOffice 7.1.2.2 (HKLM\...\{07426A34-E0CD-4EC4-843B-F7A47C7BC835}) (Version: 7.1.2.2 - The Document Foundation)
LINE (HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\LINE) (Version: 8.2.0.3154 - LINE Corporation)
Malwarebytes version 4.5.34.275 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.34.275 - Malwarebytes)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.20 (x64) (HKLM\...\{217B2755-3BAD-486B-9606-CCD0E6CF3BE8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.20 (x86) (HKLM-x32\...\{82F89EDB-1DF1-402B-BED6-01C736967B6F}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x86) (HKLM-x32\...\{561137EF-2ECE-48F0-A6D6-6260AC7112A5}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x86) (HKLM-x32\...\{6E4984A9-4321-4D96-861F-D03578E68C8B}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.16626.20134 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.16626.20134 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.20 (x64) (HKLM\...\{53531ED1-E480-4012-9912-BF1C67547BF3}) (Version: 48.83.63194 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.20 (x64) (HKLM-x32\...\{8e256e2b-a36f-4f85-a4c7-37fdf661778c}) (Version: 6.0.20.32621 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.20 (x86) (HKLM-x32\...\{39139702-799e-4843-8d90-cfe9330b285a}) (Version: 6.0.20.32621 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.20 (x86) (HKLM-x32\...\{FC641ACB-FE5E-4F88-B392-9421BDCA1143}) (Version: 48.83.63194 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 116.0.2 (x64 de)) (Version: 116.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 116.0 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 115.1.0 (x64 de)) (Version: 115.1.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 7.0.10 (HKLM\...\{16919967-9ED2-47C0-B86C-987992BA491F}) (Version: 7.0.10 - Oracle and/or its affiliates)
Oxygen XML Editor 25.1 (64-bit) (HKLM\...\8531-1278-6363-8538) (Version: 25.1 - SyncRO Soft)
Pandoc 3.1.6 (HKLM\...\{2436203B-0BDD-4FC7-BC74-03A4A690F12C}) (Version: 3.1.6 - John MacFarlane)
PowerFolder (HKLM-x32\...\PowerFolder) (Version: 19.2.100.0 - PowerFolder.com)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3038 - Acer Incorporated)
QuickSteuer Deluxe 2021 (HKLM-x32\...\{A2846AC5-3D80-4229-8408-782C760CD0D2}) (Version: 26.45.124 - Haufe-Lexware GmbH & Co.KG)
QuickSteuer Deluxe 2022 (HKLM-x32\...\{7D964C53-6E60-4483-99F6-C393BA285169}) (Version: 27.32.81 - Haufe-Lexware GmbH & Co.KG)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8929.1 - Realtek Semiconductor Corp.)
ReinstallWindows (HKLM\...\{BF6DE64B-BCE9-433A-865A-2871F7AD5980}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Signal 6.27.0 (HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.27.0 - Signal Messenger, LLC)
Skype 8.100 (HKLM-x32\...\{7822B534-EC4E-4139-9320-03303496E0C3}) (Version: 8.100.0.203 - Skype Technologies S.A.)
Skype version 8.100 (HKLM-x32\...\Skype_is1) (Version: 8.100 - Skype Technologies S.A.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strawberry Perl (64-bit) (HKLM\...\{2DC518D0-750A-1014-A07D-5301D6FAD9F8}) (Version: 5.32.1001 - strawberryperl.com project)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.4.6 - Krzysztof Kowalczyk)
SyncTrayzor (x64) version 1.1.29.0 (HKLM\...\{c004dcef-b848-46a5-9c30-4dbf736396fa}_is1) (Version: 1.1.29.0 - SyncTrayzor)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
Telegram Desktop (HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.8.10 - Telegram FZ-LLC)
TeX Live 2022 (HKLM-x32\...\TeXLive2022) (Version: 2022 - TeX Live)
tiptoi® Manager 5.0.2 (HKLM\...\{833392BB-E8C0-4066-9408-3A30FA43972F}_is1) (Version: 5.0.2 - Ravensburger AG)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VidyoConnect (HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\VidyoConnect) (Version: 21.6.0.17451 - Vidyo Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Windows Driver Package - DAVICOM Semiconductor, Inc. (DM9USB) Net  (07/03/2012 5.0.3.0703) (HKLM\...\A843D426B14509A56ED9B3F9E0ADC07ADD2F8409) (Version: 07/03/2012 5.0.3.0703 - DAVICOM Semiconductor, Inc.)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows Subsystem for Linux Update (HKLM\...\{F8474A47-8B5D-4466-ACE3-78EAB3BF21A8}) (Version: 5.10.102.1 - Microsoft Corporation)
Zoom (64-bit) (HKLM\...\{CBCEFA59-8DE2-4FA4-8596-FC41BCC14D50}) (Version: 5.15.19404 - Zoom)
Zotero (HKLM-x32\...\Zotero 6.0.26 (x86 en-US)) (Version: 6.0.26 - Corporation for Digital Scholarship)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-12-07] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-25] (Adobe Systems Incorporated)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3042.0_x64__48frkmn4z8aw4 [2022-01-13] (Acer Incorporated)
Debian -> C:\Program Files\WindowsApps\TheDebianProject.DebianGNULinux_1.15.0.0_x64__76v4gfsz19hv4 [2023-07-05] (The Debian Project)
DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.14.0_x64__t5j2fzbtdg37r [2023-07-07] (DTS, Inc.)
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5131.0_x64__8j3eq9eme6ctt [2023-07-02] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2022-10-18] (INTEL CORP)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-01-10] (Microsoft Corporation)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2022-02-10] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2021-08-31] (Realtek Semiconductor Corp)
Thunderbolt™ Kontrollcenter -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2022-09-26] (INTEL CORP)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2330.7.0_x64__cv1g1gvanyjgm [2023-08-03] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-917627657-1518166570-4135675860-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-93846ED5F987} -> [Creative Cloud Files] => C:\Users\*****\Creative Cloud Files [2021-05-28 19:26]
CustomCLSID: HKU\S-1-5-21-917627657-1518166570-4135675860-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\*****\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-917627657-1518166570-4135675860-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-917627657-1518166570-4135675860-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel)
CustomCLSID: HKU\S-1-5-21-917627657-1518166570-4135675860-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-917627657-1518166570-4135675860-1001_Classes\CLSID\{5107667c-149a-47c8-b0c9-e4bf9132f17d} -> [PowerFolder] => C:\Users\*****\PowerFolders [2022-01-31 19:30]
CustomCLSID: HKU\S-1-5-21-917627657-1518166570-4135675860-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-917627657-1518166570-4135675860-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\*****\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
CustomCLSID: HKU\S-1-5-21-917627657-1518166570-4135675860-1001_Classes\CLSID\{e26efb18-339f-4433-9b3d-c2832a3fe6cb}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => No File
CustomCLSID: HKU\S-1-5-21-917627657-1518166570-4135675860-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-06-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-06-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-06-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [  PowerFolderIgnored] -> {0800cf35-8302-4030-8add-40ac1e3f8834} => C:\Program Files\PowerFolder.com\PowerFolder\IgnoredOverlay_x64.dll [2023-06-07] () [File not signed]
ShellIconOverlayIdentifiers: [  PowerFolderLocked] -> {0800cf35-8302-4030-8add-40ac1e3f8835} => C:\Program Files\PowerFolder.com\PowerFolder\LockedOverlay_x64.dll [2023-06-07] () [File not signed]
ShellIconOverlayIdentifiers: [  PowerFolderOK] -> {0800cf35-8302-4030-8add-40ac1e3f8831} => C:\Program Files\PowerFolder.com\PowerFolder\OKOverlay_x64.dll [2023-06-07] () [File not signed]
ShellIconOverlayIdentifiers: [  PowerFolderSyncing] -> {0800cf35-8302-4030-8add-40ac1e3f8832} => C:\Program Files\PowerFolder.com\PowerFolder\SyncingOverlay_x64.dll [2023-06-07] () [File not signed]
ShellIconOverlayIdentifiers: [  PowerFolderWarning] -> {0800cf35-8302-4030-8add-40ac1e3f8833} => C:\Program Files\PowerFolder.com\PowerFolder\WarningOverlay_x64.dll [2023-06-07] () [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-06-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2023-07-14] (g10 Code GmbH -> g10 Code GmbH) [File not signed]
ContextMenuHandlers1: [LiferayNativityContextMenus] -> {0800cf35-8302-4030-8add-40ac1e3f8830} => C:\Program Files\PowerFolder.com\PowerFolder\LiferayNativityContextMenus_x64.dll [2023-06-07] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-25] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2023-07-14] (g10 Code GmbH -> g10 Code GmbH) [File not signed]
ContextMenuHandlers4: [LiferayNativityContextMenus] -> {0800cf35-8302-4030-8add-40ac1e3f8830} => C:\Program Files\PowerFolder.com\PowerFolder\LiferayNativityContextMenus_x64.dll [2023-06-07] () [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-06-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-25] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\elastic.lnk -> D:\new-maktaba-shamila\shamela4\elastic\bin\nircmd.exe (NirSoft) -> exec hide "d:\new-maktaba-shamila\shamela4\elastic\bin\elasticsearch64.bat"
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium Apps\Jitsi Meet.lnk -> C:\Program Files\Chromium\Application\chrome_proxy.exe (The Chromium Authors) ->  --profile-directory=Default --app-id=ibiognfelmneebngbnbeonnllapmffmb

==================== Loaded Modules (Whitelisted) =============

2023-08-02 10:26 - 2023-07-31 22:03 - 004684288 _____ () [File not signed] \\?\C:\Users\*****\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\better-sqlite3\build\Release\better_sqlite3.node
2023-08-02 10:26 - 2023-07-31 22:03 - 004961792 _____ () [File not signed] \\?\C:\Users\*****\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\libsignal-client\prebuilds\win32-x64\node.napi.node
2023-08-02 10:26 - 2023-07-31 22:03 - 011730432 _____ () [File not signed] \\?\C:\Users\*****\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\ringrtc\build\win32\libringrtc-x64.node
2020-11-30 15:46 - 2022-05-28 10:45 - 000031232 _____ () [File not signed] C:\Program Files\IceCat\libEGL.dll
2020-11-30 15:46 - 2022-05-28 10:45 - 004999680 _____ () [File not signed] C:\Program Files\IceCat\libGLESv2.dll
2023-06-07 15:48 - 2023-06-07 15:48 - 000395264 _____ () [File not signed] C:\Program Files\PowerFolder.com\PowerFolder\IgnoredOverlay_x64.dll
2023-06-07 15:48 - 2023-06-07 15:48 - 000169472 _____ () [File not signed] C:\Program Files\PowerFolder.com\PowerFolder\LiferayNativityUtil_x64.dll
2023-06-07 15:48 - 2023-06-07 15:48 - 000395264 _____ () [File not signed] C:\Program Files\PowerFolder.com\PowerFolder\LockedOverlay_x64.dll
2023-06-07 15:48 - 2023-06-07 15:48 - 000395264 _____ () [File not signed] C:\Program Files\PowerFolder.com\PowerFolder\OKOverlay_x64.dll
2023-06-07 15:48 - 2023-06-07 15:48 - 000395264 _____ () [File not signed] C:\Program Files\PowerFolder.com\PowerFolder\SyncingOverlay_x64.dll
2023-06-07 15:48 - 2023-06-07 15:48 - 000395264 _____ () [File not signed] C:\Program Files\PowerFolder.com\PowerFolder\WarningOverlay_x64.dll
2023-08-02 12:33 - 2023-06-07 15:55 - 000059392 _____ () [File not signed] C:\Users\*****\AppData\Local\Temp\desktoputils.dll
2023-08-02 12:33 - 2023-06-07 15:55 - 001203750 _____ () [File not signed] C:\Users\*****\AppData\Local\Temp\jnotify.dll
2023-08-02 12:33 - 2023-06-07 15:55 - 000014848 _____ () [File not signed] C:\Users\*****\AppData\Local\Temp\LiferayNativityWindowsUtil.dll
2023-08-02 12:33 - 2023-06-07 15:55 - 000281088 _____ () [File not signed] C:\Users\*****\AppData\Local\Temp\udt.dll
2023-08-02 12:33 - 2023-06-07 15:55 - 000061952 _____ () [File not signed] C:\Users\*****\AppData\Local\Temp\udt4j.dll
2023-08-06 19:09 - 2023-06-09 01:27 - 000457216 _____ () [File not signed] D:\shamela4\app\win\64\bin\lib\_jpype.cp37-win_amd64.pyd
2023-08-06 19:08 - 2023-06-09 01:27 - 012723712 _____ () [File not signed] D:\shamela4\app\win\64\bin\lib\fitz\_fitz.cp37-win_amd64.pyd
2023-08-06 19:09 - 2023-06-09 01:27 - 000104448 _____ () [File not signed] D:\shamela4\app\win\64\bin\lib\msgpack._cmsgpack.cp37-win_amd64.pyd
2023-08-06 19:09 - 2023-06-09 01:27 - 002522112 _____ () [File not signed] D:\shamela4\app\win\64\bin\lib\PIL\_imaging.cp37-win_amd64.pyd
2023-08-06 19:10 - 2023-06-09 01:27 - 000553984 _____ () [File not signed] D:\shamela4\app\win\64\bin\lib\pythoncom37.dll
2023-08-06 19:10 - 2023-06-09 01:27 - 000140800 _____ () [File not signed] D:\shamela4\app\win\64\bin\lib\pywintypes37.dll
2023-08-06 19:09 - 2023-06-09 01:27 - 000667136 _____ () [File not signed] D:\shamela4\app\win\64\bin\lib\regex._regex.cp37-win_amd64.pyd
2023-08-06 19:09 - 2023-06-09 01:27 - 000134144 _____ () [File not signed] D:\shamela4\app\win\64\bin\lib\win32api.pyd
2023-08-06 19:09 - 2023-06-09 01:27 - 000523776 _____ () [File not signed] D:\shamela4\app\win\64\bin\lib\win32com.shell.shell.pyd
2023-08-06 19:10 - 2023-05-31 01:40 - 000153600 _____ () [File not signed] D:\shamela4\app\win\64\bin\nvdaControllerClient64.dll
2016-06-30 11:15 - 2016-06-30 11:15 - 000012288 _____ (Institut für Iranistik) [File not signed] C:\Windows\system32\dtsch-or.dll
2021-10-15 12:38 - 2022-05-28 10:45 - 000182272 _____ (Mozilla Foundation) [File not signed] [File is in use] C:\Program Files\IceCat\AccessibleHandler.dll
2021-10-15 12:38 - 2022-05-28 10:45 - 000073216 _____ (Mozilla Foundation) [File not signed] [File is in use] C:\Program Files\IceCat\ia2marshal.dll
2020-11-30 15:46 - 2022-05-28 10:45 - 112619008 _____ (Mozilla Foundation) [File not signed] [File is in use] C:\Program Files\IceCat\xul.dll
2020-11-30 15:46 - 2022-05-28 10:45 - 000731648 _____ (Mozilla Foundation) [File not signed] C:\Program Files\IceCat\freebl3.dll
2020-11-30 15:46 - 2022-05-28 10:45 - 000035840 _____ (Mozilla Foundation) [File not signed] C:\Program Files\IceCat\lgpllibs.dll
2020-11-30 15:46 - 2022-05-28 10:45 - 002115584 _____ (Mozilla Foundation) [File not signed] C:\Program Files\IceCat\mozavcodec.dll
2020-11-30 15:46 - 2022-05-28 10:45 - 000198144 _____ (Mozilla Foundation) [File not signed] C:\Program Files\IceCat\mozavutil.dll
2020-11-30 15:46 - 2022-05-28 10:45 - 000650240 _____ (Mozilla Foundation) [File not signed] C:\Program Files\IceCat\mozglue.dll
2020-11-30 15:46 - 2022-05-28 10:45 - 002315776 _____ (Mozilla Foundation) [File not signed] C:\Program Files\IceCat\nss3.dll
2020-11-30 15:46 - 2022-05-28 10:45 - 000399360 _____ (Mozilla Foundation) [File not signed] C:\Program Files\IceCat\nssckbi.dll
2020-11-30 15:46 - 2022-05-28 10:45 - 000377856 _____ (Mozilla Foundation) [File not signed] C:\Program Files\IceCat\osclientcerts.dll
2020-11-30 15:46 - 2022-05-28 10:45 - 000265728 _____ (Mozilla Foundation) [File not signed] C:\Program Files\IceCat\softokn3.dll
2015-12-17 12:11 - 2015-12-17 12:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2020-12-15 23:28 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
2020-12-15 23:28 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enpres.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-10-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-08-02] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\sharepoint.com -> hxxps://goetheuniversitaet-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2023-07-24 20:28 - 000000830 _____ C:\Windows\system32\drivers\etc\hosts

2022-08-21 22:37 - 2023-07-29 11:26 - 000000445 _____ C:\Windows\system32\drivers\etc\hosts.ics
172.21.208.1 DESKTOP-UIULLTJ.mshome.net # 2028 7 4 27 9 26 51 764

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Eclipse Adoptium\jre-8.0.382.5-hotspot\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\ProgramData\chocolatey\bin;C:\Program Files\Calibre2\;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\Program Files\dotnet\;C:\Program Files (x86)\dotnet\;C:\Program Files (x86)\GnuPG\bin;C:\texlive\2022\bin\win32;C:\Program Files\Git\cmd;C:\Program Files (x86)\Gpg4win\..\GnuPG\bin
HKCU\Environment\\Path -> C:\Program Files\Eclipse Adoptium\jre-8.0.352.8-hotspot\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\ProgramData\chocolatey\bin;C:\Program Files\Calibre2\;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\Program Files\MiKTeX\miktex\bin\x64\;C:\Program Files\dotnet\;C:\Program Files (x86)\dotnet\;C:\Program Files\Git\cmd;C:\Program Files (x86)\Gpg4win\..\GnuPG\bin;C:\Program Files (x86)\GnuPG\bin;C:\Program Files\Eclipse Adoptium\jre-8.0.352.8-hotspot\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\ProgramData\chocolatey\bin;C:\Program Files\Calibre2\;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\Program Files\MiKTeX\miktex\bin\x64\;C:\Program Files\dotnet\;C:\Program Files (x86)\dotnet\;C:\Program Files\Git\cmd;C:\Program Files (x86)\Gpg4win\..\GnuPG\bin;C:\Program Files (x86)\GnuP;C:\Users\*****\AppData\Local\Pandoc\;C:\Program Files\Oracle\VirtualBox;
HKU\S-1-5-21-917627657-1518166570-4135675860-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

Network Binding:
=============
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet 5: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
WLAN: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-917627657-1518166570-4135675860-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6316AB26-D844-4216-ADC1-E281DAB3EE7D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3E3F3E05-5583-458E-A2ED-DAD18E59A4E0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{54400108-44E5-4EB4-9819-B87070D23332}] => (Allow) C:\Program Files\IceCat\icecat.exe (Mozilla Corporation) [File not signed]
FirewallRules: [{5417BF67-5BBD-4837-B544-65542B5A9982}] => (Allow) C:\Program Files\IceCat\icecat.exe (Mozilla Corporation) [File not signed]
FirewallRules: [{146DBE79-28C8-4CCB-891D-B1D786AEBC4E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9864282C-5A9F-41BE-A9C5-B78F57C25B97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{26C9CB4E-7D95-45FB-9D93-171B71AAD04B}C:\users\*****\appdata\local\vidyoconnect\vidyoconnect.exe] => (Allow) C:\users\*****\appdata\local\vidyoconnect\vidyoconnect.exe (Vidyo Inc. -> Vidyo, Inc)
FirewallRules: [UDP Query User{A34F2747-2A0B-4112-BBCE-4E885F3AAEAF}C:\users\*****\appdata\local\vidyoconnect\vidyoconnect.exe] => (Allow) C:\users\*****\appdata\local\vidyoconnect\vidyoconnect.exe (Vidyo Inc. -> Vidyo, Inc)
FirewallRules: [{9F55A48A-AB81-4AE5-979A-DD4368B86AE6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E7EAD15-889F-44F4-9087-CC102D7ABA64}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7C327271-0E24-46D1-8161-E1BF9320BDB6}] => (Allow) C:\Program Files\Canon\DIAS\CnxDIAS.exe (CANON INC. -> CANON INC.)
FirewallRules: [{CD43FA0D-EEC7-4C49-BD28-78225C470B07}] => (Allow) C:\Users\*****\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{73FE525C-74AE-42BB-B8E6-C14163D65071}] => (Allow) C:\Users\*****\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{08A2E773-4262-48BB-A35A-496642E91AD3}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{24509F41-D82E-46F1-B69B-DDEB3FC81336}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{5F8ACE13-226C-43B0-B547-C7818886931E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B485A504-ADA1-42A4-B4FF-DA3C56173BA6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{37883EBE-3136-49E0-9356-6987273A6F37}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A695D91F-9146-4797-94B7-8BDE3B80861D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B6BD8654-A40C-44E4-AFAF-A0F36CECCF62}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{5B728A5A-7D74-484A-B23C-72F52C3CDB75}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{D9D60D83-AB00-48D3-8A69-FA743BE8A67E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E254E46B-07B5-423A-84B3-15FF74A2B0A5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A60F5E64-1E9A-44A1-A906-E3F8022E9009}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{38F721BC-3028-477F-BFCD-B8EDAAF6BB68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{E857E69F-0D10-41F7-B51C-931EDB27BE0E}] => (Allow) C:\Program Files\FlightGear 2020.3.6\bin\fgfs.exe () [File not signed]
FirewallRules: [{F269B616-7271-424E-A7BF-C34BBB589478}] => (Allow) C:\Program Files\FlightGear 2020.3.6\bin\fgfs.exe () [File not signed]
FirewallRules: [{172DF7BF-3B8C-49D8-A5A5-937782164487}] => (Allow) C:\Program Files\FlightGear 2020.3.6\bin\fgcom.exe () [File not signed]
FirewallRules: [{A2EEEE1B-5C5C-40C6-9065-84626C7AA6BF}] => (Allow) C:\Program Files\FlightGear 2020.3.6\bin\fgcom.exe () [File not signed]
FirewallRules: [TCP Query User{568C277E-E824-4A78-9D06-62F56494BDCC}C:\users\*****\appdata\local\vidyoconnect\vidyoconnect.exe] => (Block) C:\users\*****\appdata\local\vidyoconnect\vidyoconnect.exe (Vidyo Inc. -> Vidyo, Inc)
FirewallRules: [UDP Query User{4A82AAFB-0ECD-4904-8754-8EEFE67ABF97}C:\users\*****\appdata\local\vidyoconnect\vidyoconnect.exe] => (Block) C:\users\*****\appdata\local\vidyoconnect\vidyoconnect.exe (Vidyo Inc. -> Vidyo, Inc)
FirewallRules: [{4C238347-B9F9-4360-A96A-28A627A7C396}] => (Allow) C:\Program Files (x86)\Zoom\bin\Zoom.exe => No File
FirewallRules: [{4ED0778D-7419-4C47-8D24-7AEA4B93EFB4}] => (Allow) C:\Program Files (x86)\Zoom\bin\airhost.exe => No File
FirewallRules: [{F2468B3E-91FF-4F24-9D89-C699E2CE3752}] => (Allow) C:\Program Files (x86)\Zoom\bin\airhost.exe => No File
FirewallRules: [{1F4E0520-39E9-4645-8649-44CEB46B634C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{321053D3-E470-4092-A8AF-D6F28349C0CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{DC16E46A-C3B8-4683-AD12-B2BB855616C1}C:\users\*****\appdata\local\microsoft\onedrive\21.109.0530.0001\filecoauth.exe] => (Block) C:\users\*****\appdata\local\microsoft\onedrive\21.109.0530.0001\filecoauth.exe => No File
FirewallRules: [UDP Query User{0330DBC6-A582-4A27-A734-3B72013D16AE}C:\users\*****\appdata\local\microsoft\onedrive\21.109.0530.0001\filecoauth.exe] => (Block) C:\users\*****\appdata\local\microsoft\onedrive\21.109.0530.0001\filecoauth.exe => No File
FirewallRules: [TCP Query User{A9AEBBD3-0318-42E9-AE10-62481938FD81}C:\users\*****\appdata\local\microsoft\onedrive\21.119.0613.0001\filecoauth.exe] => (Block) C:\users\*****\appdata\local\microsoft\onedrive\21.119.0613.0001\filecoauth.exe => No File
FirewallRules: [UDP Query User{642F024F-5CF4-4FA9-9AFA-EAE41EBA2A4B}C:\users\*****\appdata\local\microsoft\onedrive\21.119.0613.0001\filecoauth.exe] => (Block) C:\users\*****\appdata\local\microsoft\onedrive\21.119.0613.0001\filecoauth.exe => No File
FirewallRules: [TCP Query User{A054D41C-9704-4CB9-B514-53580E144BD1}C:\windows\system32\bdeuisrv.exe] => (Block) C:\windows\system32\bdeuisrv.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9CCDD46B-7FB4-454C-9C78-7E662743545D}C:\windows\system32\bdeuisrv.exe] => (Block) C:\windows\system32\bdeuisrv.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{BD5B6F5C-C2FB-4642-A7B5-3695B298BC94}C:\windows\system32\bdeuisrv.exe] => (Block) C:\windows\system32\bdeuisrv.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{A1B1B43A-5E8A-495D-A8B6-3F5D217AA787}C:\windows\system32\bdeuisrv.exe] => (Block) C:\windows\system32\bdeuisrv.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{76F396C9-5D9A-49B8-9D6E-0F94406A4941}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.0.3.2555\LINE.exe => No File
FirewallRules: [{062E312A-51B2-4FE8-AE23-5D6B7C8461B1}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.0.3.2555\LINE.exe => No File
FirewallRules: [{90851A1D-1C22-43BF-8D50-15809132D83C}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.0.3.2555\LineUpdater.exe => No File
FirewallRules: [{F926D051-4FBD-44F0-9F5A-A3D5024A5B3E}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.0.3.2555\LineUpdater.exe => No File
FirewallRules: [TCP Query User{0F3B9017-A50D-4C04-95B8-52B4CD86D7E9}C:\users\*****\appdata\local\microsoft\onedrive\21.139.0711.0001\filecoauth.exe] => (Block) C:\users\*****\appdata\local\microsoft\onedrive\21.139.0711.0001\filecoauth.exe => No File
FirewallRules: [UDP Query User{FB487A13-8F0D-4DB6-8A45-A4554FC2480D}C:\users\*****\appdata\local\microsoft\onedrive\21.139.0711.0001\filecoauth.exe] => (Block) C:\users\*****\appdata\local\microsoft\onedrive\21.139.0711.0001\filecoauth.exe => No File
FirewallRules: [TCP Query User{0AC380A7-7EDF-43A2-BA55-045DABB6810E}C:\users\*****\appdata\local\microsoft\onedrive\21.139.0711.0001\filecoauth.exe] => (Block) C:\users\*****\appdata\local\microsoft\onedrive\21.139.0711.0001\filecoauth.exe => No File
FirewallRules: [UDP Query User{0F751712-2694-43A3-9F41-00E6CB5575B2}C:\users\*****\appdata\local\microsoft\onedrive\21.139.0711.0001\filecoauth.exe] => (Block) C:\users\*****\appdata\local\microsoft\onedrive\21.139.0711.0001\filecoauth.exe => No File
FirewallRules: [{AAC0EF56-4C9A-47E4-8747-5C1D21BFF128}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.1.0.2585\LINE.exe => No File
FirewallRules: [{47002FCA-DB46-4C13-82F3-F4961DECF8B2}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.1.0.2585\LINE.exe => No File
FirewallRules: [{BB4F5EB0-7B7B-4125-AB9E-0C07D9E9BD1F}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.1.0.2585\LineUpdater.exe => No File
FirewallRules: [{E190D797-76DC-48C5-ACCC-0E78D2FE63A9}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.1.0.2585\LineUpdater.exe => No File
FirewallRules: [{3015F7FE-9687-4B8F-9CEF-CED908D26C83}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.2.0.2599\LINE.exe => No File
FirewallRules: [{DB55E16F-4038-4A39-97CD-D730D58A8510}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.2.0.2599\LINE.exe => No File
FirewallRules: [{9900E0D0-770F-439B-8962-1F77A93FAE94}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.2.0.2599\LineUpdater.exe => No File
FirewallRules: [{3078745A-74BB-4374-ACBD-2A28AE78601B}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.2.0.2599\LineUpdater.exe => No File
FirewallRules: [TCP Query User{B9E6FDF2-C0E6-4DAF-A6D7-F1204FDAA9AC}C:\users\*****\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\*****\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [UDP Query User{4DE9D834-0A45-4955-A280-F18A77DE3B82}C:\users\*****\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\*****\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [{E101662A-9D83-41FC-98D4-935F0E6BD19F}] => (Allow) C:\Program Files (x86)\Lexware\QuickSteuer\2021\SSE.exe (Wolters Kluwer Deutschland GmbH -> Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
FirewallRules: [{EA3A7763-572B-4401-A687-DE0513A7C23F}] => (Allow) C:\Program Files (x86)\Lexware\QuickSteuer\2021\SSE.exe (Wolters Kluwer Deutschland GmbH -> Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
FirewallRules: [{4BE1C042-FE83-4FE3-8151-481695EFB0DB}] => (Allow) C:\Program Files (x86)\Lexware\QuickSteuer\2021\SSE.exe (Wolters Kluwer Deutschland GmbH -> Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
FirewallRules: [{C99D57A6-C7EE-46CB-A916-9DBAB69F288F}] => (Allow) C:\Program Files (x86)\Lexware\QuickSteuer\2021\SSE.exe (Wolters Kluwer Deutschland GmbH -> Akademische Arbeitsgemeinschaft Verlagsgesellschaft mbH)
FirewallRules: [{B6A36035-D932-4163-9196-432EA13C8B56}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.3.0.2625\LINE.exe => No File
FirewallRules: [{18342CC9-A870-47CE-9EE4-FE03239D3150}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.3.0.2625\LINE.exe => No File
FirewallRules: [{267DAF34-6818-4335-923E-D8DCA7CE2A96}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.3.0.2625\LineUpdater.exe => No File
FirewallRules: [{56BC041B-46F5-4D76-BA30-7F101FE9B7F4}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.3.0.2625\LineUpdater.exe => No File
FirewallRules: [{215A08CE-2A0E-4946-805E-2F433EA941AB}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.3.1.2631\LINE.exe => No File
FirewallRules: [{F6807250-7EB8-486B-815E-3FEF46AAB44C}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.3.1.2631\LINE.exe => No File
FirewallRules: [{EFE78CC0-B6C6-4B2A-BC3F-9BA7FDDBDEDB}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.3.1.2631\LineUpdater.exe => No File
FirewallRules: [{83539C23-E40D-4E99-A888-B5201985788D}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.3.1.2631\LineUpdater.exe => No File
FirewallRules: [{50DDEC3D-D781-4AB1-9B76-9B99E5669037}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.4.0.2647\LINE.exe => No File
FirewallRules: [{348DA317-A5A2-42F6-80C3-33599021C7FF}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.4.0.2647\LINE.exe => No File
FirewallRules: [{80073697-F352-4F1F-BEA6-5C68707AE3C7}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.4.0.2647\LineUpdater.exe => No File
FirewallRules: [{B617AD60-7F85-4B32-88E4-D44D067E18BC}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.4.0.2647\LineUpdater.exe => No File
FirewallRules: [{D9ABF39A-F16D-4C21-AB0D-FC79D757D4F8}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.4.1.2652\LINE.exe => No File
FirewallRules: [{6BE49B60-609E-44F7-AABF-C27DCDF7A4FA}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.4.1.2652\LINE.exe => No File
FirewallRules: [{C0F5D0F5-5A02-4C05-B021-948E0B1E00FA}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.4.1.2652\LineUpdater.exe => No File
FirewallRules: [{E98BAFF6-691A-41AA-BE48-48D29C9A2873}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.4.1.2652\LineUpdater.exe => No File
FirewallRules: [TCP Query User{152E1FE4-C450-4162-B952-91310C8ACB78}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{46B04126-57CD-417B-95CB-6F4262B8D3F6}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{2D1100A0-9B41-4412-B97F-E28A28407350}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.5.0.2664\LINE.exe => No File
FirewallRules: [{FD91625C-A92B-473A-9E2E-16533E07F576}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.5.0.2664\LINE.exe => No File
FirewallRules: [{67CF3EE2-8084-4622-BFD3-B3E66D5E752F}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.5.0.2664\LineUpdater.exe => No File
FirewallRules: [{3B759B51-4BAA-493A-87A3-D115233F2FBF}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.5.0.2664\LineUpdater.exe => No File
FirewallRules: [{F71F2A97-E3F8-4386-9E69-0EACEF3FE834}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.5.0.2665\LINE.exe => No File
FirewallRules: [{DF8B8A5A-FADD-49F2-B82F-F9DE9FBD0FA5}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.5.0.2665\LINE.exe => No File
FirewallRules: [{4968D978-9DA5-490E-9DE3-098CF8ACDE4A}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.5.0.2665\LineUpdater.exe => No File
FirewallRules: [{3717605E-21A4-423B-BB52-D0316257F195}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.5.0.2665\LineUpdater.exe => No File
FirewallRules: [TCP Query User{28D4D67C-DCEC-4674-863B-F2AAF3F79B90}C:\program files\powerfolder.com\powerfolder\jre\bin\javaw.exe] => (Allow) C:\program files\powerfolder.com\powerfolder\jre\bin\javaw.exe
FirewallRules: [UDP Query User{F2AF663C-F6C2-4C6E-8C71-83DBBA1A9C68}C:\program files\powerfolder.com\powerfolder\jre\bin\javaw.exe] => (Allow) C:\program files\powerfolder.com\powerfolder\jre\bin\javaw.exe
FirewallRules: [TCP Query User{8A6E8A4F-3F69-4653-BEC7-FB0C10B531EF}C:\program files\powerfolder.com\powerfolder\jre\bin\javaw.exe] => (Block) C:\program files\powerfolder.com\powerfolder\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9493710A-28B6-49E4-8BB9-67B09A6CEE6D}C:\program files\powerfolder.com\powerfolder\jre\bin\javaw.exe] => (Block) C:\program files\powerfolder.com\powerfolder\jre\bin\javaw.exe
FirewallRules: [{04FA014B-1EC3-4E0A-98C3-CB0B22237025}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.7.0.2698\LINE.exe => No File
FirewallRules: [{ED4FA95B-98CE-4FB4-91B9-F5C264712CAF}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.7.0.2698\LINE.exe => No File
FirewallRules: [{1DF0EFAE-4CDE-416C-BB36-259AAC2A2510}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.7.0.2698\LineUpdater.exe => No File
FirewallRules: [{F2FD42FC-CCFF-4787-A458-D49ABB879B0A}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.7.0.2698\LineUpdater.exe => No File
FirewallRules: [{177E7FD9-1E5C-4136-B373-89C4E1F4254A}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.8.0.2727\LINE.exe => No File
FirewallRules: [{6A4F1B1A-EA62-4329-812C-34B2E9255391}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.8.0.2727\LINE.exe => No File
FirewallRules: [{9DD82D09-7D40-45B4-AFF4-E544CD109FB8}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.8.0.2727\LineUpdater.exe => No File
FirewallRules: [{1C240301-DDBC-43E7-95D9-3A36CCDE67EE}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.8.0.2727\LineUpdater.exe => No File
FirewallRules: [{BCC37E02-03FB-45E0-B3E6-6E753DFC0472}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.8.1.2731\LINE.exe => No File
FirewallRules: [{48955ED8-6BE6-47DC-9F40-51D3CA46585A}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.8.1.2731\LINE.exe => No File
FirewallRules: [{6D38438F-CFDE-4117-9702-125D17530684}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.8.1.2731\LineUpdater.exe => No File
FirewallRules: [{F5BD4C3F-BBA3-4884-AB72-C6E4A00ABCB1}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.8.1.2731\LineUpdater.exe => No File
FirewallRules: [{BD74503C-C199-467C-A730-9B004EA06B69}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.9.0.2756\LINE.exe => No File
FirewallRules: [{7F0ED3ED-B6A0-4B39-B0E8-7D5AAC4FC70A}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.9.0.2756\LINE.exe => No File
FirewallRules: [{92DF69B8-5E2E-4D27-A32A-6508AE1E70B4}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.9.0.2756\LineUpdater.exe => No File
FirewallRules: [{2BCF2C18-1E3C-4800-AB1B-31328E9EEB5C}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.9.0.2756\LineUpdater.exe => No File
FirewallRules: [{C8F3D64E-1C07-4D8E-A9E2-0572DD57336C}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.9.1.2757\LINE.exe => No File
FirewallRules: [{9538A11C-CF1F-463C-8E6B-3D53D99A8790}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.9.1.2757\LINE.exe => No File
FirewallRules: [{4620F342-2459-4D50-8134-5C69D6C5D75D}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.9.1.2757\LineUpdater.exe => No File
FirewallRules: [{2230AD97-0838-4230-A1A3-AB903D643E06}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.9.1.2757\LineUpdater.exe => No File
FirewallRules: [{F19BA587-5EE6-4233-A709-B34451FAF3BC}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.10.0.2797\LINE.exe => No File
FirewallRules: [{5915557F-05C4-47A6-8E83-F76816E92073}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.10.0.2797\LINE.exe => No File
FirewallRules: [{D6353043-517F-459A-8F54-B20325C1A47D}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.10.0.2797\LineUpdater.exe => No File
FirewallRules: [{EE4A6A58-A8AF-4AAE-A752-449C0AA48D41}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.10.0.2797\LineUpdater.exe => No File
FirewallRules: [{DFC0F6D2-454F-4A01-BB7F-0AFB7D5706AF}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.10.1.2805\LINE.exe => No File
FirewallRules: [{AE4E0712-328F-46E2-8937-816C2197A356}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.10.1.2805\LINE.exe => No File
FirewallRules: [{618455A1-03CD-4CD5-8090-AF69E48D3C70}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.10.1.2805\LineUpdater.exe => No File
FirewallRules: [{3CAD46D7-D64D-4715-B3E5-8DF881734FBE}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.10.1.2805\LineUpdater.exe => No File
FirewallRules: [{0E6F00E1-F789-4CBC-B575-F79A2629CCCC}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.10.2.2807\LINE.exe => No File
FirewallRules: [{5C491A52-0F61-4C71-ADDB-D43F222D9219}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.10.2.2807\LINE.exe => No File
FirewallRules: [{96624448-1525-4366-935D-410EDDD3D2A1}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.10.2.2807\LineUpdater.exe => No File
FirewallRules: [{8A8477FF-6288-4792-B7AD-4BA3DF150647}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.10.2.2807\LineUpdater.exe => No File
FirewallRules: [{0E0F98F0-4B16-4D9E-8BEA-9EAAAC3E613D}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.11.0.2821\LINE.exe => No File
FirewallRules: [{FEF35869-CFB9-4DE1-90AF-AFB89458300B}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.11.0.2821\LINE.exe => No File
FirewallRules: [{61FCCE96-C1A0-4C30-B23E-A5CE0F131FD3}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.11.0.2821\LineUpdater.exe => No File
FirewallRules: [{93CA1D86-11B2-4ADD-89E4-E10273CD4AD0}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.11.0.2821\LineUpdater.exe => No File
FirewallRules: [{76C148C4-63E8-4AB1-80DD-495E477CD303}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.12.0.2848\LINE.exe => No File
FirewallRules: [{8B0207B9-176D-4B06-84BB-C66DA9C4B521}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.12.0.2848\LINE.exe => No File
FirewallRules: [{EFBCB701-0F4E-4CB8-9524-9DF86F0A72E2}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.12.0.2848\LineUpdater.exe => No File
FirewallRules: [{99F72A0A-FBAC-42C2-A37E-85339A0D09B2}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.12.0.2848\LineUpdater.exe => No File
FirewallRules: [{E589ED3C-1331-4FC7-AF84-9525792AFFF9}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.13.1.2871\LINE.exe => No File
FirewallRules: [{4996CEFC-1DB6-47FD-BB3C-34E873DEC5CF}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.13.1.2871\LINE.exe => No File
FirewallRules: [{6FC035A4-A781-4DD9-BF5A-68FA2DDA0687}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.13.1.2871\LineUpdater.exe => No File
FirewallRules: [{C00358A2-55BC-494F-BDC8-444ED5045845}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.13.1.2871\LineUpdater.exe => No File
FirewallRules: [{58E6B588-A682-4948-90EA-20BF84BA5C80}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.13.1.2875\LINE.exe => No File
FirewallRules: [{E0C81D17-E9A8-4C86-8858-8C0FCF581884}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.13.1.2875\LINE.exe => No File
FirewallRules: [{370A7F63-D546-4A5F-BDF1-2EF3923A488B}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.13.1.2875\LineUpdater.exe => No File
FirewallRules: [{607CAAF6-5FC9-4985-85AD-4FBCB7E778AB}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.13.1.2875\LineUpdater.exe => No File
FirewallRules: [{033CC489-F5E4-4680-875E-EB1B13E8EC31}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.13.2.2877\LINE.exe => No File
FirewallRules: [{8589F426-604D-484A-8774-D8F6E3557A2B}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.13.2.2877\LINE.exe => No File
FirewallRules: [{AAB3B351-6743-4174-96F8-1569231AB3F3}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.13.2.2877\LineUpdater.exe => No File
FirewallRules: [{059F481F-B8FC-4664-8CEB-924AE34BE73D}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.13.2.2877\LineUpdater.exe => No File
FirewallRules: [{53A7A7AA-542A-4459-BB9B-29FE230A1C23}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.14.0.2898\LINE.exe => No File
FirewallRules: [{32506715-28C7-440C-A218-A8A48A5A32D4}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.14.0.2898\LINE.exe => No File
FirewallRules: [{7CE67A8F-DC44-4B22-B3F7-EE23CD822253}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.14.0.2898\LineUpdater.exe => No File
FirewallRules: [{806675CE-EEED-4F9E-A5BE-23B2C9DD09AA}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.14.0.2898\LineUpdater.exe => No File
FirewallRules: [{420BD97C-B169-4AB1-8FD8-B2271F373567}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.15.0.2962\LINE.exe => No File
FirewallRules: [{E6B7192B-5BF6-44F0-B775-46E7E7CB6C94}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.15.0.2962\LINE.exe => No File
FirewallRules: [{9EDAC0CA-342E-4B98-A3A3-D8FE3768C45B}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.15.0.2962\LineUpdater.exe => No File
FirewallRules: [{E8FF69D3-E7B6-4970-951A-33CF071E11C6}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.15.0.2962\LineUpdater.exe => No File
FirewallRules: [{E6DB9EF5-404B-4EB4-A375-31697FC3F138}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.16.1.3000\LINE.exe => No File
FirewallRules: [{A70793A5-0D2A-4641-BE57-037E0E60464F}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.16.1.3000\LINE.exe => No File
FirewallRules: [{ED5C952E-80C5-4E3F-BF24-CDFC651B56F1}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.16.1.3000\LineUpdater.exe => No File
FirewallRules: [{C49FFA7F-8F88-41DA-A442-C1E10C9D2160}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.16.1.3000\LineUpdater.exe => No File
FirewallRules: [{BEB49696-F7D2-4D5B-BD92-393ACD17CEB5}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.17.0.3030\LINE.exe => No File
FirewallRules: [{8EE69272-CDE0-4072-B4F0-957C9625063C}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.17.0.3030\LINE.exe => No File
FirewallRules: [{723F9887-E9E5-4199-9D55-E195AD780618}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.17.0.3030\LineUpdater.exe => No File
FirewallRules: [{BB08D898-68C8-47E2-AC92-1310FC5C6980}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.17.0.3030\LineUpdater.exe => No File
FirewallRules: [{FB5E9EBF-0AB5-460B-AF83-A176C8738249}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.17.0.3035\LINE.exe => No File
FirewallRules: [{47910B20-512F-46B0-89DC-E2B15CF6C620}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.17.0.3035\LINE.exe => No File
FirewallRules: [{FA5EE6B9-CA92-4DCA-A2CF-30D6AF1A370F}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.17.0.3035\LineUpdater.exe => No File
FirewallRules: [{73196871-FD19-4667-B700-D536B567BDCB}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\7.17.0.3035\LineUpdater.exe => No File
FirewallRules: [TCP Query User{887ABC2F-61E9-4AA0-AC22-828871ACA0BE}C:\users\*****\appdata\roaming\synctrayzor\syncthing.exe] => (Allow) C:\users\*****\appdata\roaming\synctrayzor\syncthing.exe (Stiftelsen Syncthing -> The Syncthing Authors)
FirewallRules: [UDP Query User{8CB05EBC-3491-445F-8D5B-562ADB5BC143}C:\users\*****\appdata\roaming\synctrayzor\syncthing.exe] => (Allow) C:\users\*****\appdata\roaming\synctrayzor\syncthing.exe (Stiftelsen Syncthing -> The Syncthing Authors)
FirewallRules: [{9DFCA52F-BC83-4C33-A1B6-2ED9C7E49DCF}] => (Block) C:\users\*****\appdata\roaming\synctrayzor\syncthing.exe (Stiftelsen Syncthing -> The Syncthing Authors)
FirewallRules: [{7D0C0398-D976-4257-AD83-0DCDA5DB1130}] => (Block) C:\users\*****\appdata\roaming\synctrayzor\syncthing.exe (Stiftelsen Syncthing -> The Syncthing Authors)
FirewallRules: [{C3F7B0C9-D9F1-4A2B-9D1A-611C219AE4E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{653E1444-C5AD-4AC6-8B1A-74EB110289B5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7C23D7E1-EA2C-4779-92CE-35A3B9D967FE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5E41C835-2B4C-438F-A27F-197A9D287B0F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02F94DF1-562B-42A1-8843-0DE854C3350B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9239636B-44C9-442E-A536-596D616F5A20}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\8.0.0.3114\LINE.exe => No File
FirewallRules: [{7133AB5C-45AA-48A3-B14F-54ED945DD879}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\8.0.0.3114\LINE.exe => No File
FirewallRules: [{11F49329-885E-40C5-9F29-1B436FC5E731}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\8.0.0.3114\LineUpdater.exe => No File
FirewallRules: [{A5E9E8E4-E36B-450C-B054-711872CBA22C}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\8.0.0.3114\LineUpdater.exe => No File
FirewallRules: [{052294B8-6D5E-4FF8-88D6-172BEA3D45D3}] => (Allow) C:\Program Files\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{41B90149-A740-42B2-982E-58964100AFE2}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0BD29992-A39F-4866-9BCE-2C750F027931}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{99C7E4B0-67EF-4390-9A82-73BF651F1B9E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD7FCF6A-F31E-493F-98A9-7BC22A1B02EC}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\8.1.1.3145\LINE.exe => No File
FirewallRules: [{359CF708-6134-4237-895A-72250EEBB417}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\8.1.1.3145\LINE.exe => No File
FirewallRules: [{8B141409-513B-4C1C-93EC-6087F0543775}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\8.1.1.3145\LineUpdater.exe => No File
FirewallRules: [{0A90BF05-4FFF-435D-82D3-89DAF10025C2}] => (Allow) C:\Users\*****\AppData\Local\LINE\bin\8.1.1.3145\LineUpdater.exe => No File
FirewallRules: [{149FF591-371B-402D-BA35-BC1B820C3FE0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{77405491-D3C6-4B24-BB31-2BFC9739BA1A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F128B2B6-308E-4D1F-847D-93F2C0F2CC43}] => (Allow) C:\Program Files\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Unknown USB Device (Port Reset Failed)
Description: Unknown USB Device (Port Reset Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: ========================

Application errors:
==================
Error: (08/09/2023 11:47:19 AM) (Source: COM) (EventID: 10035) (User: )
Description: The COM standard marshaler was unable to fix a mismatch between the IID {618736E0-3C3D-11CF-810C-00AA00389B71} provided by the server and the IID {E89F726E-C4F4-4C19-BB19-B647D7FA8478} requested by the client, with handler CLSID {00000000-0000-0000-0000-000000000000}. The error code was 0x80010114.

Error: (08/09/2023 11:47:19 AM) (Source: COM) (EventID: 10035) (User: )
Description: The COM standard marshaler was unable to fix a mismatch between the IID {618736E0-3C3D-11CF-810C-00AA00389B71} provided by the server and the IID {E89F726E-C4F4-4C19-BB19-B647D7FA8478} requested by the client, with handler CLSID {96D57EB0-0274-0000-C4C5-93F984000000}. The error code was 0x80010114.

Error: (08/09/2023 11:46:55 AM) (Source: COM) (EventID: 10035) (User: )
Description: The COM standard marshaler was unable to fix a mismatch between the IID {618736E0-3C3D-11CF-810C-00AA00389B71} provided by the server and the IID {E89F726E-C4F4-4C19-BB19-B647D7FA8478} requested by the client, with handler CLSID {00000000-0000-0000-0000-000000000000}. The error code was 0x80010114.

Error: (08/09/2023 11:46:55 AM) (Source: COM) (EventID: 10035) (User: )
Description: The COM standard marshaler was unable to fix a mismatch between the IID {618736E0-3C3D-11CF-810C-00AA00389B71} provided by the server and the IID {E89F726E-C4F4-4C19-BB19-B647D7FA8478} requested by the client, with handler CLSID {3F39C830-7FFC-0000-E0EB-143FFC7F0000}. The error code was 0x80010114.

Error: (08/09/2023 10:22:55 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (08/09/2023 10:22:54 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (08/09/2023 10:22:54 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/09/2023 12:39:27 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete erneut optimieren on BIBLIOTHEKA (F:) because: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)


System errors:
=============
Error: (08/09/2023 11:52:29 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.

Error: (08/09/2023 11:46:41 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.

Error: (08/09/2023 11:40:14 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.

Error: (08/09/2023 11:38:14 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.

Error: (08/08/2023 08:59:52 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.

Error: (08/08/2023 12:36:02 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (08/08/2023 11:11:26 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT)
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #2, {16486a00-f8bb-4860-841f-555111c02171}, had event 74

Error: (08/07/2023 07:00:29 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.


Windows Defender:
================
Date: 2023-08-09 09:02:07
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {502DC5D1-99B0-4A71-A571-545623C786F3}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-08-08 11:13:57
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Name: Trojan:Win32/Occamy.C
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_D:\new-maktaba-shamila\shamela_4\1441.095\launcher.bin
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-UIULLTJ\*****
Prozessname: C:\Program Files\7-Zip\7zG.exe
Sicherheitsversion: AV: 1.393.2546.0, AS: 1.393.2546.0, NIS: 1.393.2546.0
Modulversion: AM: 1.1.23060.1005, NIS: 1.1.23060.1005

Date: 2023-08-08 08:57:42
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {670A039C-E493-48D3-80A3-6596C7F12BC1}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2023-08-07 11:42:37
Description: 
C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\OneDrive\Documents\tmp00000001 zu ändern.
Erkennungszeit: 2023-08-07T09:42:37.983Z
Benutzer: DESKTOP-UIULLTJ\*****
Pfad: %userprofile%\OneDrive\Documents\tmp00000001
Prozessname: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe
Sicherheitsversion: 1.393.2455.0
Modulversion: 1.1.23060.1005
Produktversion: 4.18.23050.9

Date: 2023-08-06 18:17:58
Description: 
C:\Program Files\PowerFolder.com\PowerFolder\jre\bin\javaw.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\OneDrive\Documents\Privat\.PowerFolder\meta\.PowerFolder\ zu ändern.
Erkennungszeit: 2023-08-06T16:17:58.880Z
Benutzer: DESKTOP-UIULLTJ\*****
Pfad: %userprofile%\OneDrive\Documents\Privat\.PowerFolder\meta\.PowerFolder\
Prozessname: C:\Program Files\PowerFolder.com\PowerFolder\jre\bin\javaw.exe
Sicherheitsversion: 1.393.2424.0
Modulversion: 1.1.23060.1005
Produktversion: 4.18.23050.9
Event[0]:

Date: 2023-07-15 10:32:14
Description: 
Fehler des Microsoft Defender Antivirus-Echtzeitschutz-Features.
Feature: Bei Zugriff
Fehlercode: 0x80004005
Fehlerbeschreibung: Unbekannter Fehler 
Ursache: Die Elementenüberprüfung des Filtertreibers wurde übersprungen, und er befindet sich nun im Durchleitungsmodus. Dies ist möglicherweise auf Ressourcenmangel zurückzuführen.

Date: 2023-05-31 10:21:05
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.391.20.0
%Vorherige Version der Sicherheitsinformationen: 1.389.2778.0
Update Source: Benutzer
Sicherheitstyp: AntiSpyware
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.20300.3
%Vorherige Modulversion: 1.1.20300.3
Fehlercode: 0x80070666
Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen. 

Date: 2023-05-31 10:21:05
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.391.20.0
%Vorherige Version der Sicherheitsinformationen: 1.389.2778.0
Update Source: Benutzer
Sicherheitstyp: AntiVirus
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.20300.3
%Vorherige Modulversion: 1.1.20300.3
Fehlercode: 0x80070666
Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen. 

Date: 2023-05-31 10:20:08
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.391.20.0
%Vorherige Version der Sicherheitsinformationen: 1.389.2778.0
Update Source: Benutzer
Sicherheitstyp: AntiSpyware
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.23050.3
%Vorherige Modulversion: 1.1.20300.3
Fehlercode: 0x80509004
Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support". 

Date: 2023-05-31 10:20:08
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.391.20.0
%Vorherige Version der Sicherheitsinformationen: 1.389.2778.0
Update Source: Benutzer
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.23050.3
%Vorherige Modulversion: 1.1.20300.3
Fehlercode: 0x80509004
Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support". 

CodeIntegrity:
===============
Date: 2023-08-09 11:51:57
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d56593f46e53a9ee\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

BIOS: Insyde Corp. V1.13 06/28/2021
Motherboard: IL Lenny_IL
Processor: Intel(R) Core(TM) i5-1035G4 CPU @ 1.10GHz
Percentage of memory in use: 96%
Total physical RAM: 7980.05 MB
Available physical RAM: 275.59 MB
Total Virtual: 21975.88 MB
Available Virtual: 8539.04 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:237.35 GB) (Free:17.43 GB) (Model: NVMe KINGSTON RBUSNS8) (Protected) NTFS
Drive d: () (Removable) (Total:238.23 GB) (Free:126.08 GB) exFAT
Drive f: (BIBLIOTHEKA) (Fixed) (Total:931.51 GB) (Free:538.07 GB) (Model: TOSHIBA External USB 3.0 USB Device) NTFS
Drive h: (Intenso) (Fixed) (Total:476.92 GB) (Free:395 GB) (Model: Intenso Portable SSD SCSI Disk Device) exFAT

\\?\Volume{6977ce3a-8aab-4d25-b7fb-3d7fca67f04f}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.29 GB) NTFS
\\?\Volume{080a0e14-cf2a-4f36-bf0d-a6d5f5cfe7fe}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 8B83DD96)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 4 (Protective MBR) (Size: 238.3 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================