| |
| |||||||
Log-Analyse und Auswertung: Computer langsam, Programme hängen sich auf, Probleme mit VirenscannerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
03.02.2024, 20:21
| #1 |
| |  Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner Hallo liebes Trojaner-Board-Team, ich habe aktuell folgende Probleme mit meinem Desktop-PC und würde gern wissen, ob diese von einem Virenbefall herrühren und erbitte herzlich eure Unterstützung bei einer Lösung: Es gab einen Bluescreen einer Systemdatei von Bitdefender, im abgesicherten Modus ließ sich Bitdefender nicht deinstallieren. Die Installation von Avast funktionierte auch nicht und startete erst gar nicht. Chrome ist sehr langsam geworden, der Adobe Acrobat Reader hängt sich auf. Hier kommt mein erstes Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.02.2024 01
Ran by ***** (administrator) on GAMERSDREAM (ASUS All Series) (03-02-2024 19:22:21)
Running from D:\*****\Downloads\FRST64.exe
Loaded Profiles: *****
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.863.1\DropboxCrashHandler.exe
(C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe ->) (Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ->) () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Corsair\Corsair iCUE5 Software\crashpad_handler.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\Tablet\Wacom\WacomHost.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(C:\Users\*****\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\*****\AppData\Local\WebEx\WebEx64\Meetings\atmgr.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\*****\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (Elgato Systems -> Elgato Systems) C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(explorer.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\NordVPN.exe
(explorer.exe ->) (ownCloud GmbH -> Hochschulcloud NRW) C:\Program Files\sciebo\sciebo.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <14>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Users\*****\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) () [File not signed] C:\Windows\SysWOW64\ASGT.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\SSDGames\Origin\OriginWebHelperService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe <2>
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(svchost.exe ->) () [File not signed] C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2311.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634288 2014-06-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15818872 2016-04-28] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [Corsair iCUE5 Software] => C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe [184872 2024-01-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11551456 2024-01-23] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134480 2016-06-16] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2044576 2023-12-13] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.2.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.2.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [f.lux] => C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe [1528952 2024-01-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [Remote Control Editor] => C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe [1709128 2010-12-01] (Elgato Systems -> Elgato Systems)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\*****\AppData\Local\WebEx\WebexHost.exe [8083040 2023-12-29] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [sciebo] => C:\Program Files\sciebo\sciebo.exe [2761968 2023-03-09] (ownCloud GmbH -> Hochschulcloud NRW)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44540320 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Run: [MicrosoftEdgeAutoLaunch_17A34A7C34F79183F7BAA79A2292B9BF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.2.0\GoogleDriveFS.exe --startup_mode (No File)
HKLM\...\Windows x64\Print Processors\hpcpp103: C:\Windows\System32\spool\prtprocs\x64\hpcpp103.dll [323584 2010-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5200 series: CNMLMAE.DLL (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.140\Installer\chrmstp.exe [2024-02-03] (Google LLC -> Google LLC)
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {222D2B30-5017-47B9-83D1-F0C8C2595703} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3AD919EF-AFD7-4C4E-8FFA-9DD2EA85B425} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4103BC26-BD25-4B43-B289-B1EA0A7389DA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {60C92016-7909-4E9C-8D8F-BC4D142AE7EF} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {6BD4B6D4-9649-4EB3-9B55-C72E44FE3EFE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {6F46EC32-B8B5-484F-9013-77076D91121A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {766F49B6-4211-4DC6-8554-29598DB5F065} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {7BEF5DA8-60A0-44E6-89AE-92072D51998E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7F454799-7FDE-45B1-9B10-9EF677B86F39} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {8329FC0B-1F1D-4170-8455-A4607E5ED161} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {842CE08D-D006-4774-90DB-37C14814EF56} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {89EF0E20-E0A3-4BB6-95A9-D0F554453FCA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A8BD2F32-A862-4FB9-923D-3AFD961D35DD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B87C2B36-408E-4110-B5EE-1E45D05D4CFF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {BDB6EED7-B636-4508-B668-A6DD7C65118A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D19FC15F-2682-4294-8E0E-CC3DD500ACC8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {83C35DDA-CFAD-43B7-8AF3-20A003FA81F5} - System32\Tasks\{F8359AD5-9055-4E94-9C87-4389B0362F66} => C:\Windows\system32\pcalua.exe [53760 2023-11-16] (Microsoft Windows -> Microsoft Corporation) -> -a L:\Drivers\TERRATEC_H6\TERRATEC_H6_5.09.1202.00_All.exe -d L:\Drivers\TERRATEC_H6
Task: {313099FE-BED2-4EF8-AC45-19C239161262} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {1DD0B790-7251-4B3F-BB78-4741DAD3C1B0} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1134752 2014-03-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {C89DEBDC-356D-4086-9E71-34FE4956EE7D} - System32\Tasks\avfree.migration => C:\Program Files\Bitdefender Antivirus Free\migration_tool\avfree.migration.exe /run (No File)
Task: {63E392E8-C5BF-4119-85E0-DBFCDE5AF6DB} - System32\Tasks\Avira_Security_Installation => C:\Users\*****\AppData\Local\Temp\.CR.12953\Avira.Spotlight.Bootstrapper.Runner.exe -> "C:\Users\*****\AppData\Local\Temp\.CR.12953\avira_de_sptl1_6710f75b3920d603__pavwws-spotlight-release(1).exe" RunMode=Resume <==== ATTENTION
Task: {D11E84AA-4914-4DC9-89CE-1CD776182827} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.266\WatchDog.exe repair (No File)
Task: {CFEDA587-6692-4B6B-BE99-6E8BC0D01C06} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {B632DA8F-C083-4E1A-B992-407CE1C5384A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7C48D885-CDD7-47A3-BA07-F38E8E8AF61C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "c0bfa995-7ddc-495e-8130-f4fe434587bc" --version "6.20.10897" --silent
Task: {8269B225-A78C-44C9-8C85-F78FA5476C7A} - System32\Tasks\CCleanerSkipUAC - ***** => C:\Program Files\CCleaner\CCleaner.exe [38319520 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {245C00E6-BC03-486C-B50F-E2691719D71B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {0E6266FB-C8BE-4C98-99C9-0DCDD953869E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D4DFED7C-6607-457E-BC26-7DF065AEC6DC} - System32\Tasks\G2MUpdateTask-S-1-5-21-392073570-3050404753-1078137296-1001 => C:\Users\*****\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {470C4DE9-088C-4763-8707-FEA4C5E5B8AE} - System32\Tasks\G2MUploadTask-S-1-5-21-392073570-3050404753-1078137296-1001 => C:\Users\*****\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {24BC465C-E8BD-428A-8915-F3919F6C7781} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem123.0.6268.0{49946B6C-67D2-4605-954A-267D4B95A0DC} => C:\Program Files (x86)\Google\GoogleUpdater\123.0.6268.0\updater.exe [4638496 2024-01-27] (Google LLC -> Google LLC) <==== ATTENTION
Task: {D36FFCDD-26FD-4BB3-BD89-8F2D28C76252} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {571F2D2E-F7A0-4A55-ACAA-5FC7703250CB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3434C23-75B5-43A8-B566-1D447CFB3F3B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {04D89E14-1B4E-4869-9924-DB417990102C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {93BFED16-3EAD-41B4-B713-64ECD6753D1B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {1C5DF052-AFCC-4C61-BE79-3A3491AB1CF5} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => %ProgramFiles%\rempl\remsh.exe /RunUsoScanOnly (No File)
Task: {1C32FF9D-5BFC-40AA-9CEB-03D99B68B07F} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {310A6A84-388A-4596-81E6-F3AA01B0ACC8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55AFA7DA-A3FA-49A5-961A-16CE1CF5421F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {288D5A7B-5DA2-49E1-AB7F-33A5CDD36E4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9FC2B33F-AEE5-4CCA-8569-AD74BE8A6314} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File)
Task: {86222EED-431D-481E-8510-327E264DB06F} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34720 2024-01-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {B98363ED-49AA-422E-A124-42FFF86906AD} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [565760 2014-12-06] () [File not signed]
Task: {5AE1E238-98F3-40D0-83D4-4867FC683214} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {06B47ABE-5CF5-47AE-8F5C-26E8D43A348C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B39873B4-6909-42A9-ADB5-5078DD2B8A27} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8B392967-34CD-41FE-B02F-50B16C0C7802} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87A98A1F-91E3-4582-9F7C-39683B5EBBA0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C31E672F-54C2-453F-83D9-DC72FF9C6DB2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CAC92F13-2EF2-44A0-AADB-92B9F6966952} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9CBA9B83-9603-4BEE-8423-B2ECD8A0E4A0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6DCCFC3E-B27A-451C-B3EE-5EB0DA7AF94E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-392073570-3050404753-1078137296-1001.job => C:\Users\*****\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-392073570-3050404753-1078137296-1001.job => C:\Users\*****\AppData\Local\GoToMeeting\19950\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [{DC8AD2A9-03C9-41B8-8605-112665C72711}] => hxxp://www.ub.fernuni-hagen.de/proxy.pac <==== ATTENTION
AutoConfigURL: [S-1-5-21-392073570-3050404753-1078137296-1001] => hxxp://www.ub.fernuni-hagen.de/proxy.pac <==== ATTENTION
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c8d7a077-453d-4bf7-81f8-a8bb43e82d3c}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c8d7a077-453d-4bf7-81f8-a8bb43e82d3c}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c8d7a077-453d-4bf7-81f8-a8bb43e82d3c}: [DhcpDomain] local
ManualProxies: 0hxxp://www.ub.fernuni-hagen.de/proxy.pac <==== ATTENTION
Edge:
=======
Edge Profile: C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-03]
Edge Extension: (Google Docs Offline) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-19]
Edge Extension: (Edge relevant text changes) - C:\Users\*****\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF DefaultProfile: jfy09e47.default-1423303358260
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260 [2024-02-03]
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\user.js [2016-07-08]
FF DownloadDir: C:\Downloads
FF Homepage: Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260 -> hxxps://www.finanzen.net/
FF NetworkProxy: Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260 -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260 -> hxxps://www.youtube.com; hxxps://outlook.office.com
FF Extension: (Open Livestreamer) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\jid1-Y6BhyMM8GoZ3eA@jetpack.xpi [2016-01-12] [Legacy]
FF Extension: (Language: Deutsch (German)) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\langpack-de@firefox.mozilla.org.xpi [2024-01-26]
FF Extension: (Tab Session Manager) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\Tab-Session-Manager@sienori.xpi [2023-09-14]
FF Extension: (uBlock Origin) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\uBlock0@raymondhill.net.xpi [2024-01-08]
FF Extension: (Black Gray White / desktop, mobile) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{053711cb-beef-49ad-851f-d551298096ab}.xpi [2019-05-13]
FF Extension: (Session Manager) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-01-31] [Legacy]
FF Extension: (Homer Sleeping) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{50069e20-08e2-4e5b-88a1-f70559be77e5}.xpi [2019-05-13]
FF Extension: (Black Abstract Fox) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{7328e8aa-d9b1-4257-a7e1-5b48ab280a88}.xpi [2019-05-13]
FF Extension: (Video Speed Controller) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{7be2ba16-0f1e-4d93-9ebc-5164397477a9}.xpi [2021-04-12]
FF Extension: (DNS Flusher) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{7d575baa-b543-11dc-8314-0800200c9a66}.xpi [2016-03-22] [Legacy]
FF Extension: (Blue Cookie Monster) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{97303cb3-42c8-44af-b940-d3d1bd92b628}.xpi [2019-05-13]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-01-27]
FF Extension: (Dark Fox) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-05-13]
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jfy09e47.default-1423303358260\searchplugins\zonealarm.xml [2016-07-08]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2024-02-02]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-25]
CHR Extension: (Avira Browserschutz) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-10-26]
CHR Extension: (Google Docs Offline) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-15]
CHR Extension: (SuperNova SWF Enabler) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhmphnocemakkjdampibehejoaleebpo [2022-09-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-392073570-3050404753-1078137296-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-392073570-3050404753-1078137296-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mhmphnocemakkjdampibehejoaleebpo]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] (ASUSTeK Computer Inc. -> )
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2024-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairCpuIdService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe [240168 2024-01-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [152616 2024-01-07] (Corsair Memory, Inc. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-01-23] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2019-05-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-11-01] (Bayerisches Landesamt fuer Steuern -> )
S2 GoogleUpdaterInternalService123.0.6268.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6268.0\updater.exe [4638496 2024-01-27] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService123.0.6268.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6268.0\updater.exe [4638496 2024-01-27] (Google LLC -> Google LLC) <==== ATTENTION
R3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [366120 2024-01-07] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-28] (Logitech Inc -> Logitech Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [320088 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
S3 Origin Client Service; C:\SSDGames\Origin\OriginClientService.exe [2556048 2021-08-28] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\SSDGames\Origin\OriginWebHelperService.exe [3474584 2021-08-28] (Electronic Arts, Inc. -> Electronic Arts)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-11-28] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1314448 2020-03-20] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14610864 2022-01-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [11776 2023-11-28] () [File not signed]
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3746584 2016-06-16] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [18944 2023-11-28] () [File not signed]
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114424 2016-05-24] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [310216 2023-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] (ASUSTeK Computer Inc. -> )
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-07-26] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [280064 2022-10-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2022-04-15] (Microsoft Corporation) [File not signed]
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [47032 2024-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22968 2024-01-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44576 2024-02-03] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
R3 mshield; C:\WINDOWS\System32\DRIVERS\mshield.sys [43112 2024-01-10] (nordvpn s.a. -> Nordvpn S.A.)
R2 NDivert; C:\Program Files\NordVPN\7.18.5.0\Drivers\NDivert.sys [131472 2023-08-04] (nordvpn s.a. -> Nordvpn S.A.)
R4 NordDivert10; C:\Program Files\NordVPN\NordSec ThreatProtection\1.4.18.7\NordDivert1064.sys [101240 2024-01-10] (nordvpn s.a. -> NordVPN/Basil)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 silabenm; C:\WINDOWS\system32\DRIVERS\silabenm.sys [23552 2019-12-12] (Silicon Laboratories) [File not signed]
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [49744 2021-06-13] (nordvpn s.a. -> The OpenVPN Project)
S3 USB28xxBGA; C:\WINDOWS\system32\DRIVERS\emBDA64.sys [655680 2010-01-18] (TerraTec Electronic GmbH -> eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\system32\DRIVERS\emOEM64.sys [623424 2010-01-18] (TerraTec Electronic GmbH -> eMPIA Technology, Inc.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2023-12-13] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2017-03-16] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2024-01-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2024-01-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-30] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2022-10-27] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-02-24] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 cpuz157; \??\C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [X] <==== ATTENTION
S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus.sys [X]
S3 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-03 19:19 - 2024-02-03 19:22 - 000000000 ____D C:\FRST
2024-02-02 10:22 - 2024-02-02 10:22 - 000000000 ____D C:\ProgramData\Piriform
2024-02-01 20:16 - 2024-02-02 10:13 - 000003554 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Installation
2024-01-31 17:07 - 2024-01-31 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2024-01-31 17:07 - 2024-01-31 17:07 - 000000000 ____D C:\Program Files\7-Zip
2024-01-31 16:48 - 2024-02-01 20:11 - 000000000 ____D C:\Users\*****\AppData\Local\Avast Software
2024-01-31 16:35 - 2024-02-01 20:11 - 000000000 ____D C:\ProgramData\Avast Software
2024-01-30 11:21 - 2024-01-30 11:21 - 000152716 _____ C:\ProgramData\agent.uninstall.1706610079.bdinstall.v2.bin
2024-01-30 11:13 - 2024-01-30 11:13 - 000044084 _____ C:\ProgramData\agent.1706609616.7036.v2.bin
2024-01-30 11:13 - 2024-01-30 11:13 - 000023544 _____ C:\ProgramData\agent.1706609634.bdinstall.v2.bin
2024-01-30 11:13 - 2024-01-30 11:13 - 000012820 _____ C:\ProgramData\agent.1706609616.17500.v2.bin
2024-01-30 11:04 - 2024-01-30 11:04 - 000456724 _____ C:\ProgramData\cl.uninstall.1706609023.bdinstall.v2.bin
2024-01-30 01:06 - 2024-02-02 10:19 - 000000000 ____D C:\WINDOWS\Minidump
2024-01-29 10:49 - 2024-01-10 10:37 - 000043112 _____ (Nordvpn S.A.) C:\WINDOWS\system32\Drivers\mshield.sys
2024-01-25 10:37 - 2024-01-25 10:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-01-23 03:51 - 2024-01-23 03:51 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-01-18 22:14 - 2024-01-18 22:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-01-15 19:06 - 2024-01-15 19:06 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2024-01-14 13:32 - 2024-01-14 13:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-11 15:33 - 2024-01-11 15:33 - 000000000 ___HD C:\$WinREAgent
2024-01-08 10:29 - 2024-01-08 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2024-01-08 10:29 - 2024-01-08 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-03 19:17 - 2022-10-27 20:14 - 000000000 ____D C:\Users\*****\AppData\Local\NordVPN
2024-02-03 19:17 - 2021-12-16 02:51 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-03 19:17 - 2021-10-01 20:54 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-03 19:17 - 2018-06-24 14:29 - 000000000 ____D C:\Program Files\CCleaner
2024-02-03 19:17 - 2015-07-05 12:47 - 000000000 ____D C:\Users\*****\AppData\Roaming\Dropbox
2024-02-03 19:17 - 2015-07-05 12:47 - 000000000 ____D C:\Users\*****\AppData\Local\Dropbox
2024-02-03 19:16 - 2022-02-15 21:13 - 000000000 ____D C:\Program Files\TeamViewer
2024-02-03 19:16 - 2022-02-08 19:11 - 000000000 ___SD C:\Users\*****\sciebo
2024-02-03 19:16 - 2022-02-08 19:05 - 000000000 ____D C:\Users\*****\AppData\Roaming\sciebo
2024-02-03 19:16 - 2021-10-01 20:04 - 000000000 ____D C:\Users\*****\AppData\Local\WebEx
2024-02-03 19:16 - 2021-03-23 13:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-03 19:16 - 2021-03-23 12:52 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-03 19:16 - 2020-04-02 10:42 - 000000000 ____D C:\Users\*****\AppData\Roaming\WTablet
2024-02-03 19:16 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-03 19:16 - 2017-05-13 20:44 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-02 22:40 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-02 22:39 - 2021-03-23 13:00 - 000003136 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2024-02-02 22:10 - 2021-03-23 12:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-02 13:24 - 2021-09-30 00:21 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Word
2024-02-02 13:18 - 2021-09-29 22:13 - 000000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Excel
2024-02-02 10:39 - 2021-03-23 13:39 - 000971502 _____ C:\WINDOWS\system32\perfh007.dat
2024-02-02 10:39 - 2021-03-23 13:39 - 000220938 _____ C:\WINDOWS\system32\perfc007.dat
2024-02-02 10:39 - 2021-03-23 12:59 - 000006020 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-02 10:34 - 2015-07-05 12:48 - 000000000 ___RD C:\Users\*****\Dropbox
2024-02-02 10:30 - 2021-10-11 19:01 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-02-02 10:27 - 2016-07-08 15:20 - 000000000 ___RD C:\Users\*****\OneDrive
2024-02-02 10:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-02 10:19 - 2021-03-14 23:55 - 000000000 ___DC C:\WINDOWS\Panther
2024-02-02 10:19 - 2016-07-08 15:36 - 000000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2024-02-01 20:11 - 2023-05-05 08:08 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-02-01 20:11 - 2022-04-27 09:03 - 000000664 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-392073570-3050404753-1078137296-1001.job
2024-02-01 20:11 - 2022-04-27 09:03 - 000000568 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-392073570-3050404753-1078137296-1001.job
2024-02-01 20:11 - 2015-07-05 12:47 - 000001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2024-02-01 20:11 - 2015-07-05 12:47 - 000001234 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2024-02-01 20:10 - 2021-03-23 13:00 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-01 20:10 - 2021-03-23 13:00 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-01 19:52 - 2023-05-05 08:08 - 000002952 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-02-01 19:52 - 2023-05-05 08:08 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - *****
2024-02-01 19:52 - 2022-04-27 09:03 - 000003258 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-392073570-3050404753-1078137296-1001
2024-02-01 19:52 - 2022-04-27 09:03 - 000003162 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-392073570-3050404753-1078137296-1001
2024-02-01 19:52 - 2022-03-31 22:36 - 000002662 _____ C:\WINDOWS\system32\Tasks\avfree.migration
2024-02-01 19:52 - 2021-03-23 13:00 - 000003752 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2024-02-01 19:52 - 2021-03-23 13:00 - 000003528 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2024-02-01 19:52 - 2021-03-23 13:00 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-01 19:52 - 2021-03-23 13:00 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-02-01 19:52 - 2021-03-23 13:00 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002964 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2024-02-01 19:52 - 2021-03-23 13:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002750 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-392073570-3050404753-1078137296-1001
2024-02-01 19:52 - 2021-03-23 13:00 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-01 19:52 - 2021-03-23 13:00 - 000002708 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2024-02-01 19:52 - 2021-03-23 13:00 - 000002094 _____ C:\WINDOWS\system32\Tasks\{F8359AD5-9055-4E94-9C87-4389B0362F66}
2024-02-01 19:45 - 2015-02-06 11:14 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2024-02-01 19:45 - 2015-02-06 11:13 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2024-02-01 19:03 - 2022-10-27 20:14 - 000000000 ____D C:\Program Files\NordVPN
2024-02-01 14:32 - 2015-07-05 13:37 - 000000000 ____D C:\Users\*****\AppData\Roaming\texstudio
2024-01-31 16:40 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-31 14:36 - 2021-12-16 18:53 - 000000000 ____D C:\Users\*****\AppData\LocalLow\WebEx
2024-01-31 14:35 - 2021-12-16 18:52 - 000000000 ____D C:\Users\*****\AppData\Local\CiscoSpark
2024-01-31 14:35 - 2016-10-26 17:07 - 000000000 ____D C:\Users\*****\AppData\Roaming\webex
2024-01-31 13:50 - 2015-06-01 17:13 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-01-30 15:54 - 2021-12-16 18:52 - 000000000 ____D C:\Users\*****\AppData\Local\CiscoSparkLauncher
2024-01-30 11:36 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-30 11:33 - 2018-05-10 11:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-01-30 11:16 - 2023-03-30 13:45 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-01-30 11:09 - 2019-03-21 21:50 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-30 11:04 - 2021-03-23 12:53 - 000000000 ____D C:\Users\*****
2024-01-30 11:04 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-01-30 11:04 - 2019-04-22 19:49 - 000000000 ____D C:\ProgramData\Bitdefender
2024-01-30 11:04 - 2017-04-24 22:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-01-30 10:46 - 2019-12-07 10:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2024-01-30 01:10 - 2022-10-27 20:14 - 000000000 ____D C:\ProgramData\NordVPN
2024-01-27 17:50 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-27 11:11 - 2020-06-23 09:12 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-27 10:50 - 2018-03-09 10:09 - 000002161 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2024-01-27 10:49 - 2015-02-05 12:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-01-26 23:34 - 2015-02-05 12:40 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-01-25 10:38 - 2015-07-05 12:47 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-01-23 21:17 - 2015-02-10 19:50 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-17 14:27 - 2022-10-12 23:10 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-15 19:47 - 2018-01-28 11:14 - 000000000 ____D C:\Users\*****\AppData\Local\Packages
2024-01-15 19:06 - 2020-05-04 14:02 - 000000000 ____D C:\Users\*****\AppData\Roaming\Zoom
2024-01-14 14:32 - 2018-05-10 11:36 - 000000000 ____D C:\Users\*****\AppData\Local\D3DSCache
2024-01-14 13:31 - 2021-09-29 13:54 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-11 20:06 - 2015-08-20 18:48 - 000000000 ____D C:\Users\*****\AppData\Roaming\vlc
2024-01-10 22:18 - 2021-03-23 12:52 - 000652384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-10 22:17 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-10 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-10 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-10 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-10 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-10 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-10 11:20 - 2015-02-06 20:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-10 11:18 - 2015-02-06 20:43 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-08 10:38 - 2015-02-25 11:07 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Adobe
2024-01-07 18:59 - 2015-02-05 12:23 - 000000000 ___SD C:\Users\*****\AppData\Roaming\Microsoft\Credentials
==================== Files in the root of some directories ========
2017-11-21 22:29 - 2020-12-09 19:05 - 000011264 _____ () C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-02-04 18:39 - 2021-04-26 15:36 - 000000337 _____ () C:\Users\*****\AppData\Local\Perfmon.PerfmonCfg
2020-09-10 17:42 - 2020-09-10 17:42 - 000007605 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2017-11-20 19:57 - 2022-03-27 00:45 - 003591168 _____ () C:\Users\*****\AppData\Local\WebpageIcons.db
2022-01-23 15:18 - 2022-01-23 15:18 - 000000000 _____ () C:\Users\*****\AppData\Local\{071B7347-B8F0-4474-954C-D9476A51B22F}
2022-01-23 15:16 - 2022-01-23 15:16 - 000000000 _____ () C:\Users\*****\AppData\Local\{1D132510-2214-4348-A17A-51CB3F239EA4}
2022-01-23 15:20 - 2022-01-23 15:20 - 000000000 _____ () C:\Users\*****\AppData\Local\{59B32BA5-B930-4088-AFF5-2E1BDED427B8}
2020-11-18 07:40 - 2020-11-18 07:41 - 000000000 _____ () C:\Users\*****\AppData\Local\{C3279B87-B808-4A89-9936-2D63F7D08C22}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
|
|
03.02.2024, 20:23
| #2 |
| | Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner Hier kommt mein zweites Log-File:
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.02.2024 01
Ran by ***** (03-02-2024 19:23:20)
Running from D:\*****\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2021-03-23 12:00:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-392073570-3050404753-1078137296-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-392073570-3050404753-1078137296-503 - Limited - Disabled)
Guest (S-1-5-21-392073570-3050404753-1078137296-501 - Limited - Disabled)
***** (S-1-5-21-392073570-3050404753-1078137296-1001 - Administrator - Enabled) => C:\Users\*****
WDAGUtilityAccount (S-1-5-21-392073570-3050404753-1078137296-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D Youtube Downloader (x64) (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\3D Youtube Downloader (x64)) (Version: 1.19.15 - 3DYD Soft)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 23.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2301-000001000000}) (Version: 23.01.00.0 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.008.20470 - Adobe)
Adobe Connect (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.7.5.0 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.220.0.1109 - BlueStack Systems, Inc.)
Brother iPrint&Scan (HKLM-x32\...\{6a05ac5a-2963-4a6b-aff2-77bdf51ff082}) (Version: 11.0.2.3 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{C16B1697-EEE8-4701-81A1-58FF51E00B93}) (Version: 11.0.2.3 - Brother Industries, Ltd.) Hidden
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Camtasia 2022 (HKLM\...\{B27D7CEB-AB23-4608-86AD-57B10BC790F8}) (Version: 22.4.1.42246 - TechSmith Corporation) Hidden
Camtasia 2022 (HKLM-x32\...\{3f71e02b-b7d1-4a73-88da-6929e0bdb137}) (Version: 22.4.1.42246 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 6.20 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.08025 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{ECB9C055-4ECE-438C-AC50-2B09D76377D6}) (Version: 4.10.08025 - Cisco Systems, Inc.) Hidden
Cisco Webex Meetings (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\ActiveTouchMeetingClient) (Version: 42.8.0 - Cisco Webex LLC)
Coh3 Stats Desktop App (HKLM\...\{57AAD44E-E635-4046-B931-B92BFBDBC648}) (Version: 1.2.3 - coh3stats)
Corsair iCUE5 Software (HKLM\...\{A9B0B2D7-8C59-4413-A2FB-99EDBE65A608}) (Version: 5.10.82 - Corsair)
Discord (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 191.4.4995 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.863.1 - Dropbox, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 21.3 - Thüringer Landesfinanzdirektion)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
f.lux (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\Flux) (Version: 4.131 - f.lux Software LLC)
FreeFileSync 10.9 (HKLM-x32\...\FreeFileSync_is1) (Version: 10.9 - FreeFileSync.org)
Garmin BaseCamp (HKLM-x32\...\{81b2cc47-20b3-428b-aa1b-6bd3086c1534}) (Version: 4.7.5.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{AC8BE850-53C1-4EB0-89C8-501A72DB8983}) (Version: 4.7.5.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapInstall (HKLM-x32\...\{36F25097-B8BC-4645-8CC0-40F4490CFDB2}) (Version: 4.2.4 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapInstall (HKLM-x32\...\{b7c1eb04-cd51-4a16-9c92-489dfb014820}) (Version: 4.2.4 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.140 - Google LLC)
GoTo 4.2.1 (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\b5746384-3503-4fbf-824a-0a42d1bd0639) (Version: 4.2.1 - GoTo Group, Inc.)
GoTo Opener (HKLM-x32\...\{BACEC672-5D44-4501-9F3A-317E17E09EFB}) (Version: 1.0.564 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
HttpToUsbBridge (HKLM-x32\...\{A92EB32D-F0D1-45D8-A071-262D1229D400}) (Version: 2.0.33.1 - Brother Industries Ltd.)
Intel(R) Chipset Device Software (HKLM\...\{46C478DE-C381-4200-9627-0DA025B555EB}) (Version: 10.0.17 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}) (Version: 10.0.17 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{D4FC649C-0247-4873-930D-D9E6904DCAF5}) (Version: 10.0.0.1204 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E1CBE9A2-1323-488E-9F3B-736DF6399F38}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Network Connections 19.1.51.0 (HKLM\...\{FD42EE05-18F9-459F-935D-770E75B3BEE5}) (Version: 19.1.51.0 - Intel) Hidden
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{EAF826C0-245E-4D02-9D51-BA4C98717EAE}) (Version: 13.1.0.1058 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (x64): Core (HKLM\...\{37D41A97-6B02-4C30-8753-85107BE1D674}) (Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{3DE97849-544D-4D68-9255-11DF6F9F10D8}) (Version: 1.35.127.1 - Intel Corporation) Hidden
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
LibreOffice 5.2.2.2 (HKLM-x32\...\{69751441-D5E0-4668-893F-CB797B082D09}) (Version: 5.2.2.2 - The Document Foundation)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: - )
Logitech Gaming Software (HKLM\...\{690285C2-2481-44FB-8402-162EA970A6DD}) (Version: 8.30.28 - Logitech Inc.) Hidden
Logitech Gaming Software 8.83 (HKLM\...\Logitech Gaming Software) (Version: 8.83.85 - Logitech Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Loom 0.190.0 (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\3643b966-bc28-5bc8-95ff-3d47d66438db) (Version: 0.190.0 - Loom, Inc.)
LWS Facebook (HKLM-x32\...\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}) (Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (HKLM-x32\...\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}) (Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (HKLM-x32\...\{1651216E-E7AD-4250-92A1-FB8ED61391C9}) (Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (HKLM-x32\...\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}) (Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (HKLM-x32\...\{71E66D3F-A009-44AB-8784-75E2819BA4BA}) (Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (HKLM-x32\...\{08610298-29AE-445B-B37D-EFBE05802967}) (Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (HKLM-x32\...\{174A3B31-4C43-43DD-866F-73C9DB887B48}) (Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (HKLM-x32\...\{8937D274-C281-42E4-8CDB-A0B2DF979189}) (Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (HKLM-x32\...\{9DAEA76B-E50F-4272-A595-0124E826553D}) (Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (HKLM-x32\...\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}) (Version: 13.31.1038.0 - Logitech) Hidden
MediathekView 13.7.1 (HKLM\...\1927-5045-2127-3394) (Version: 13.7.1 - MediathekView Team)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.83 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
MiKTeX (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\MiKTeX) (Version: 21.1 - MiKTeX.org)
MiKTeX 2.9 (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 122.0 (x64 en-US)) (Version: 122.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
Mp3tag v3.11 (HKLM-x32\...\Mp3tag) (Version: 3.11 - Florian Heidenreich)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.0.132 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.18.5.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Graphics Driver 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenBoard (1.5.4.240) (HKLM-x32\...\{8CCA6AC7-BBF9-4DD2-8E70-A907E0FCA38F}}_is1) (Version: 1.5.4.240 - Open Education Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.102.48654 - Electronic Arts, Inc.)
PDF24 Creator 9.2.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 9.2.2 - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
R for Windows 4.0.1 (HKLM\...\R for Windows 4.0.1_is1) (Version: 4.0.1 - R Core Team)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7272 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.0.0 Beta 19 (HKLM-x32\...\RTSS) (Version: 7.0.0 Beta 19 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.19.234 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
RStudio (HKLM-x32\...\RStudio) (Version: 1.1.383 - RStudio)
sciebo (HKLM\...\{737BB06F-5C81-4077-96CE-FF0707240F99}) (Version: 3.2.1.10371 - Hochschulcloud NRW )
Skype version 8.72 (HKLM-x32\...\Skype_is1) (Version: 8.72 - Skype Technologies S.A.)
Slido for Windows (HKLM\...\{17C22849-5FB6-4B62-AF61-A9F585A2F67E}) (Version: 1.7.0 - Slido) Hidden
Slido for Windows (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\{e800a6a4-436a-4ee0-b724-f6499760eb06}) (Version: 1.7.0.4528 - Slido)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SuperNova Player (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\TacticsTechnologySuperNova) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer (HKLM\...\TeamViewer) (Version: 15.26.4 - TeamViewer)
TERRATEC H6 V5.09.1202.00 (HKLM-x32\...\TERRATEC H6) (Version: 5.09.1202.00 - )
TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.20.4 - )
TeXstudio - TeXstudio is a fully featured LaTeX editor. (HKLM\...\TeXstudio) (Version: 3.0.4 - Benito van der Zander)
THC Codec Patch (HKLM-x32\...\{03DF2CB2-FF23-47F7-8754-8C3938A5F44C}) (Version: 1.00.0000 - )
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.38-2 - Wacom Technology Corp.)
Webex (HKLM\...\{611AD18D-000D-4ABB-84FD-CC503FDE8EC6}) (Version: 41.12.0.20899 - Cisco Systems, Inc)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WISO Steuer 2023 (HKLM-x32\...\{D961EEB8-46B8-4601-AF04-88013FACD426}) (Version: 30.08.3660 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2021 (HKLM-x32\...\{85083A9D-48B0-463C-B6B5-2191DA4C174D}) (Version: 28.06.2220 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2022 (HKLM-x32\...\{2E4A4332-641B-44CE-B887-C5934946F070}) (Version: 29.10.3460 - Buhl Data Service GmbH)
XEOX Gamepad SL-6556-BK (HKLM-x32\...\{5E7F3FD4-503B-4451-B2EB-AC8C82DBA32F}) (Version: 1.00.0000 - )
ZoneAlarm Firewall (HKLM-x32\...\{36468F43-D2D6-486A-BEB3-349985A16F36}) (Version: 14.2.255.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 14.2.255.000 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{ED1F03F6-ABEA-4337-B6F0-EEBCE5955C21}) (Version: 14.2.255.000 - Check Point Software Technologies Ltd.) Hidden
Zoom (HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\ZoomUMX) (Version: 5.16.10 (26186) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-07] ()
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2016-07-08] (ASUSTeK COMPUTER INC.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.1173.0_x64__rz1tebttyb220 [2024-01-18] (Dolby Laboratories)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-01-25] (Dropbox Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_151.3.1092.0_x64__v10z8vjag6ke6 [2024-01-20] (HP Inc.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe [2023-12-13] (Microsoft) [Startup Task]
MSN Gesundheit & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2023-09-26] (Microsoft Corporation) [MS Ad]
MSN Kochen & Genuss -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2023-09-26] (Microsoft Corporation) [MS Ad]
MSN Reisen -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2023-09-26] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-30] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-06] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-13] (Twitter Inc.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.4.0_x64__cv1g1gvanyjgm [2024-01-27] (WhatsApp Inc.) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2023-09-26] (New Work SE)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-392073570-3050404753-1078137296-1001_Classes\CLSID\{28c6c807-4e8c-4241-9681-2a418e241b82} -> [sciebo] => C:\Users\*****\sciebo [2022-02-08 19:11]
CustomCLSID: HKU\S-1-5-21-392073570-3050404753-1078137296-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\*****\AppData\Local\WebEx\WebEx64\Meetings_slow\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-392073570-3050404753-1078137296-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-392073570-3050404753-1078137296-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> nordvpn S.A.)
CustomCLSID: HKU\S-1-5-21-392073570-3050404753-1078137296-1001_Classes\CLSID\{4EC1DC1A-D44C-44D8-9C88-B2C957A53583}\localserver32 -> C:\Users\*****\AppData\Local\Programs\goto\GoTo.exe (LogMeIn, Inc. -> GoTo Group, Inc.)
CustomCLSID: HKU\S-1-5-21-392073570-3050404753-1078137296-1001_Classes\CLSID\{52198ba3-aef2-4fea-a304-b2b2edc7cdb1}\localserver32 -> C:\Program Files\TechSmith\Camtasia 2022\CamtasiaStudio.exe (TechSmith Corporation -> TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-392073570-3050404753-1078137296-1001_Classes\CLSID\{68ABB5C8-D4CA-4795-8385-DF1EC13A46C4}\InprocServer32 -> C:\Users\*****\AppData\Local\Slido\Slido for Windows\SlidoAddin.dll (sli.do s. r. o. -> Slido)
CustomCLSID: HKU\S-1-5-21-392073570-3050404753-1078137296-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\*****\AppData\Local\GoToMeeting\19950\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-392073570-3050404753-1078137296-1001_Classes\CLSID\{E17AF012-6848-454B-9DE2-2DF44C76A3EB}\InprocServer32 -> C:\Users\*****\AppData\Local\Slido\Slido for Windows\SlidoAddin.dll (sli.do s. r. o. -> Slido)
CustomCLSID: HKU\S-1-5-21-392073570-3050404753-1078137296-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\*****\Dropbox [2015-07-05 12:48]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files\sciebo\OCOverlays.dll [2023-03-09] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files\sciebo\OCOverlays.dll [2023-03-09] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files\sciebo\OCOverlays.dll [2023-03-09] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files\sciebo\OCOverlays.dll [2023-03-09] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files\sciebo\OCOverlays.dll [2023-03-09] (ownCloud GmbH -> ownCloud GmbH)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2021-10-29] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2021-10-29] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Program Files\sciebo\OCContextMenu.dll [2023-03-09] (ownCloud GmbH -> ownCloud GmbH)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2021-10-29] (Florian Heidenreich) [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\nvshext.dll [2023-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2014-12-06 08:02 - 2014-12-06 08:02 - 000217600 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 000056832 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2014-12-06 08:02 - 2014-12-06 08:02 - 000649216 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 000071680 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 000353792 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2017-04-08 15:34 - 2017-04-08 15:34 - 000055808 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2017-04-08 15:35 - 2017-04-08 15:35 - 000071680 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2017-04-08 15:35 - 2017-04-08 15:35 - 000353792 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2022-06-28 09:31 - 2022-06-28 09:31 - 002070016 _____ () [File not signed] C:\Program Files\sciebo\harfbuzz.dll
2022-06-28 08:55 - 2022-06-28 08:55 - 000833536 _____ () [File not signed] C:\Program Files\sciebo\jpeg62.dll
2022-06-28 08:55 - 2022-06-28 08:55 - 000104960 _____ () [File not signed] C:\Program Files\sciebo\libbzip2.dll
2022-06-28 08:55 - 2022-06-28 08:55 - 000258048 _____ () [File not signed] C:\Program Files\sciebo\libpng16.dll
2022-06-28 08:41 - 2022-06-28 08:41 - 001274368 _____ () [File not signed] C:\Program Files\sciebo\libsqlite.dll
2022-06-28 08:56 - 2022-06-28 08:56 - 000388096 _____ () [File not signed] C:\Program Files\sciebo\pcre2-16.dll
2022-06-29 03:56 - 2022-06-29 03:56 - 000088576 _____ () [File not signed] C:\Program Files\sciebo\qt5keychain.dll
2022-06-28 08:41 - 2022-06-28 08:41 - 000129024 _____ () [File not signed] C:\Program Files\sciebo\zlib1.dll
2017-05-13 20:44 - 2024-02-03 19:16 - 000043152 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-02-09 02:55 - 2010-10-11 10:32 - 000021504 _____ (eMPIA Technology, Inc.) [File not signed] C:\Program Files (x86)\Common Files\TerraTec\Remote\BDADLL.dll
2021-10-29 16:44 - 2021-10-29 16:44 - 000466944 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2010-01-18 12:29 - 2010-01-18 12:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-01-18 12:29 - 2010-01-18 12:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2023-06-20 13:00 - 2023-06-20 13:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-05-28 10:10 - 2014-05-28 10:10 - 000296960 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2014-05-28 10:10 - 2014-05-28 10:10 - 000526336 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-11-19 21:55 - 2015-11-19 21:55 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
2022-07-27 08:45 - 2022-07-27 08:45 - 000825856 _____ (The FreeType Project) [File not signed] C:\Program Files\sciebo\freetype.dll
2015-10-08 20:58 - 2021-08-28 08:45 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\SSDGames\Origin\LIBEAY32.dll
2015-10-08 20:58 - 2021-08-28 08:45 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\SSDGames\Origin\ssleay32.dll
2022-07-29 01:35 - 2022-07-29 01:35 - 003470336 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\sciebo\libcrypto-1_1-x64.dll
2022-07-29 01:35 - 2022-07-29 01:35 - 000689664 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\sciebo\libssl-1_1-x64.dll
2015-10-08 20:58 - 2021-08-28 08:45 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\SSDGames\Origin\platforms\qwindows.dll
2021-08-28 08:45 - 2021-08-28 08:45 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\SSDGames\Origin\Qt5Core.dll
2021-08-28 08:45 - 2021-08-28 08:45 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\SSDGames\Origin\Qt5Gui.dll
2021-08-28 08:28 - 2021-08-28 08:45 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\SSDGames\Origin\Qt5Network.dll
2021-08-28 08:45 - 2021-08-28 08:45 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\SSDGames\Origin\Qt5WebSockets.dll
2015-10-08 20:58 - 2021-08-28 08:45 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\SSDGames\Origin\Qt5Widgets.dll
2015-10-08 20:58 - 2021-08-28 08:45 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\SSDGames\Origin\Qt5Xml.dll
2022-09-27 05:37 - 2022-09-27 05:37 - 000032256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\imageformats\qgif.dll
2022-09-27 05:37 - 2022-09-27 05:37 - 000030720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\imageformats\qico.dll
2022-09-27 05:37 - 2022-09-27 05:37 - 000039936 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\imageformats\qjpeg.dll
2022-06-28 09:40 - 2022-06-28 09:40 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\imageformats\qsvg.dll
2022-09-27 05:38 - 2022-09-27 05:38 - 000825856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\platforms\qwindows.dll
2023-03-09 07:57 - 2023-03-09 07:57 - 005900800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\Qt5Core.dll
2022-09-27 05:34 - 2022-09-27 05:34 - 006772736 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\Qt5Gui.dll
2022-09-27 05:33 - 2022-09-27 05:33 - 001342976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\Qt5Network.dll
2022-06-28 09:40 - 2022-06-28 09:40 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\Qt5Svg.dll
2022-09-27 05:36 - 2022-09-27 05:36 - 005686784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\Qt5Widgets.dll
2022-06-29 03:51 - 2022-06-29 03:51 - 000261120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\Qt5WinExtras.dll
2022-09-27 05:33 - 2022-09-27 05:33 - 000208384 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\Qt5Xml.dll
2022-09-27 05:37 - 2022-09-27 05:37 - 000137728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\sciebo\styles\qwindowsvistastyle.dll
2022-06-28 08:55 - 2022-06-28 08:55 - 001330688 _____ (Yann Collet, Facebook, Inc.) [File not signed] C:\Program Files\sciebo\zstd.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Reprise:qylgldjulgxlcefubdife`efnp`4euwqmbzifh [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-392073570-3050404753-1078137296-1001 -> {1B5B3B37-736E-4C5B-87E3-BB415206C219} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=EN&q={searchTerms}&gu=15b20b7013af4f718541b8e5b7a87f9e&tu=10G9y00Qc2D33N0&sku=&tstsId=&ver=&&r=421
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll [2010-10-11] (TerraTec Electronic GmbH) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-392073570-3050404753-1078137296-1001\...\sharepoint.com -> hxxps://fhagen-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Livestreamer;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-392073570-3050404753-1078137296-1001\Control Panel\Desktop\\Wallpaper -> D:\*****\Pictures\Wallpapers\Dual Monitor wrong res\lakepowell.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
Windows Firewall is disabled.
Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{BA65315F-4780-47A6-97F7-943B1190B692}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Armor Of Heroes\ArmorOfHeroes.exe (SEGA Europe Limited -> ) [File not signed]
FirewallRules: [{24677823-7072-452F-A438-E37636064A89}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Armor Of Heroes\ArmorOfHeroes.exe (SEGA Europe Limited -> ) [File not signed]
FirewallRules: [{EDE9F0E6-FD1D-44C2-8AA7-21D867FFC00C}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{D5480148-9BB7-4919-83EF-2F472D7CF2EE}] => (Allow) C:\Users\*****\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{480190AA-B913-4DF7-8FE8-4535E824F5A8}] => (Allow) C:\Users\*****\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B26A698D-8CFE-4A42-9665-CEBFE033AD9A}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{A28B6E51-C33A-47E9-AECC-9A6E23537A4C}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [{1852FD2A-B38D-4457-B7BE-6BA9B32644A3}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Lara Croft and the Temple of Osiris\LC2.exe (Square Enix Ltd.) [File not signed]
FirewallRules: [{DCA80796-00B4-4136-9625-FA43BFF5B1C5}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Lara Croft and the Temple of Osiris\LC2.exe (Square Enix Ltd.) [File not signed]
FirewallRules: [{7959879C-5837-41FD-8340-ED1CCB66B065}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Broforce The Expendables Missions\Expendabros.exe () [File not signed]
FirewallRules: [{DA5C882C-22FB-4A0A-B390-F1FFF3F89BCF}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Broforce The Expendables Missions\Expendabros.exe () [File not signed]
FirewallRules: [{F4266CA8-26B1-4B42-829B-495767A5D3CC}] => (Allow) D:\GamesHDD\Steam\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{37CE7A00-991E-4283-B374-46F056A9B591}] => (Allow) D:\GamesHDD\Steam\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{C67DB204-62BA-4D59-8B46-83D6A9EE85E9}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Lara Croft and the Guardian of Light\lcgol.exe (Valve Corp. -> Square Enix Limited) [File not signed]
FirewallRules: [{7CED6717-FFFB-4C61-8787-20B512F6E9F3}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Lara Croft and the Guardian of Light\lcgol.exe (Valve Corp. -> Square Enix Limited) [File not signed]
FirewallRules: [{1683D723-74A5-4D4F-B467-E0C7F86A7E1D}] => (Allow) C:\SSDGames\Steam\steamapps\common\Call of Duty WWII\s2_sp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{D7D7AB18-1678-4CF2-A188-05BED68ACE74}] => (Allow) C:\SSDGames\Steam\steamapps\common\Call of Duty WWII\s2_sp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{D27466CB-E271-4AAA-862F-BE79FCB800B0}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe (Valve Corp. -> Io Interactive A/S) [File not signed]
FirewallRules: [{2AF9D287-3A99-4386-B7BA-E29981F68DA7}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe (Valve Corp. -> Io Interactive A/S) [File not signed]
FirewallRules: [UDP Query User{ED5C7AD1-B855-47FE-8664-37F61FFF008C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{932F6B52-1F60-484C-841F-56E71F782F9A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{37A6433D-553F-49A7-B411-CF87D9DB4900}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{63C3B5B8-F409-4178-91F1-A82AC09D7FBE}] => (Allow) C:\SSDGames\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{27F4E911-16E2-4068-B647-0B0614D83865}] => (Allow) C:\SSDGames\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A8EA0BFE-D585-4AF3-92E1-E241CB099324}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{34F8BEC5-8CFB-41AD-997B-897BDBA5163C}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{09D2BC24-1294-4FAA-A374-BCB325053328}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe () [File not signed]
FirewallRules: [{C211BFFA-60EC-4690-9A78-603475A72F1B}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe () [File not signed]
FirewallRules: [{DE61EB48-E2EE-4B53-9C14-F3CD2D2CDE9E}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Street Fighter X Tekken\SFTK.exe (QLOC S.A. -> CAPCOM U.S.A, INC.)
FirewallRules: [{9874DB8D-3289-459F-8751-706120C781C1}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Street Fighter X Tekken\SFTK.exe (QLOC S.A. -> CAPCOM U.S.A, INC.)
FirewallRules: [{6DE7795C-E45F-4249-A3AB-EEF2D8B8E419}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe (Arkedo) [File not signed]
FirewallRules: [{89DFD9D9-F387-40BD-ABEB-3008EA720BC4}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe (Arkedo) [File not signed]
FirewallRules: [{C201D197-FE33-463C-A3FA-53607BABD7C5}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Jet Set Radio\jsrsetup.exe (SEGA) [File not signed]
FirewallRules: [{D1DAD565-FE8B-437B-93CF-25DD0982C008}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Jet Set Radio\jsrsetup.exe (SEGA) [File not signed]
FirewallRules: [{26FE6F35-0AFB-4D23-97D7-32296D468CF8}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe (Sega Europe Limited -> )
FirewallRules: [{F1C6A0F8-0268-4D3C-806B-38E45865515F}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe (Sega Europe Limited -> )
FirewallRules: [{7FEBC4DC-B79A-4BF4-AE1F-0872166C0423}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{71E6923B-EA5B-48ED-BB72-FABF4F8811FA}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{1E40834C-EB18-4632-BBC9-30E70EDAF750}] => (Allow) D:\GamesHDD\Steam\steamapps\common\RAGE\Rage64.exe (Bethesda Softworks -> id Software)
FirewallRules: [{A2F4A132-EA00-460D-8624-F990EBE6E9EE}] => (Allow) D:\GamesHDD\Steam\steamapps\common\RAGE\Rage64.exe (Bethesda Softworks -> id Software)
FirewallRules: [{FAC27574-227F-462F-B733-17E1C6C40D98}] => (Allow) D:\GamesHDD\Steam\steamapps\common\RAGE\Rage.exe (Bethesda Softworks -> id Software) [File not signed]
FirewallRules: [{EFA31159-9AB6-4004-B827-A7B3B3EACA77}] => (Allow) D:\GamesHDD\Steam\steamapps\common\RAGE\Rage.exe (Bethesda Softworks -> id Software) [File not signed]
FirewallRules: [{7E8B31D6-46EB-4F48-A38F-319CE041620C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{218ADCBB-826C-4775-B3A1-8E349CF3267D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{68498E75-09E8-4AAC-A9E5-D6DA52FF2EC2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{F20F2975-C74C-4EB6-9591-62477BEB6A5D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{28070ADA-6512-4A66-91DF-03E7EFD07E99}] => (Allow) C:\SSDGames\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{FE15B9FD-A7BC-4933-890A-20DEA5B15F77}] => (Allow) C:\SSDGames\Steam\steamapps\common\Call of Duty World at War\CoDWaWmp.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{9F65B06E-4489-488D-8340-CDD509DEEF93}] => (Allow) C:\SSDGames\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{EB1C26A8-9FF9-4BBE-80C7-D077F2D27652}] => (Allow) C:\SSDGames\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{D52AF0C5-E6DF-433C-B516-6402BDAD2557}] => (Allow) D:\GamesHDD\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{BA072587-30A2-4F51-BCA9-5F4DB9D9D7AB}] => (Allow) D:\GamesHDD\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{031A39FD-C221-4367-8769-902EE60734B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{88804249-2383-4BAE-BBD0-89A4B76083F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{49F1C86A-8772-472E-AEA6-B9274CE6716A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F70F88A9-A484-4B31-83FC-F0053A2C9E2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B70D366A-53F3-484C-A1E9-1773CE56415A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{7A52DDA2-996D-4ABC-9028-C537FEE5E2E1}] => (Allow) D:\GamesHDD\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Irrational Games) [File not signed]
FirewallRules: [{F416B219-E981-42A7-BA80-F9BC1B30101B}] => (Allow) D:\GamesHDD\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Irrational Games) [File not signed]
FirewallRules: [{1F60D682-A2CC-4825-93CD-0CBDBAB50A9B}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Tropico 5\Tropico5Steam.exe (Haemimont Games) [File not signed]
FirewallRules: [{A465E624-0957-4AF8-851D-F3795806BE00}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Tropico 5\Tropico5Steam.exe (Haemimont Games) [File not signed]
FirewallRules: [{7509A0C6-037B-43C9-81AE-23CDC5AC0F8C}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe () [File not signed]
FirewallRules: [{1D2C80F6-E3E1-4778-8D49-72BE2FB69137}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe () [File not signed]
FirewallRules: [{BD04FF80-1252-432B-824E-86B2B7981368}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [{18C8B219-AEE7-47E5-A1B8-B6139C278DA6}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Trine 2\trine2_launcher.exe () [File not signed]
FirewallRules: [{F8AF79E4-CC59-406A-817A-E065C6A9BC9A}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{6026D6B7-97E6-47C0-B5FC-B9695F3762D3}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{347813F1-9FFE-49B5-971F-090647B6FFF4}] => (Allow) D:\GamesHDD\Steam\steamapps\common\DiRT Showdown\showdown.exe (Valve Corp. -> Codemasters Software Company Limited) [File not signed]
FirewallRules: [{46FED257-AF26-4282-B06D-F71D47F8916E}] => (Allow) D:\GamesHDD\Steam\steamapps\common\DiRT Showdown\showdown.exe (Valve Corp. -> Codemasters Software Company Limited) [File not signed]
FirewallRules: [{4AFE2428-B98D-4A1D-90BD-1B951BEDC182}] => (Allow) D:\GamesHDD\Steam\steamapps\common\grid 2\grid2.exe (Valve Corp. -> Codemasters Software Company Limited) [File not signed]
FirewallRules: [{AEF9EEF5-7B4B-4F65-ACFC-CAE52C097078}] => (Allow) D:\GamesHDD\Steam\steamapps\common\grid 2\grid2.exe (Valve Corp. -> Codemasters Software Company Limited) [File not signed]
FirewallRules: [{E01B3B59-D6DE-4812-8C40-9880ED965313}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{FD01957D-7B6D-4056-B138-F20CC66D3C84}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [UDP Query User{079416D1-6C7B-447C-B8B7-BCBE4BA08D30}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{36E01B8C-F751-488C-9BA0-EBBA3266B5DA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E9F5350D-D87D-474B-95B3-9EC46E9175F6}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{5EAAAA5A-410C-4A90-B3BE-1F91116CDB76}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{C146B274-10B6-4601-9A1B-2290E146FA66}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{BA3E100F-19AF-46BF-BFE5-13D8EBBEC7DD}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{B426FE37-909F-4FC5-A27D-FC34CE72A21E}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe (TerraTec Electronic GmbH) [File not signed]
FirewallRules: [{4C30B7BA-AFDF-41C7-AE8A-5BD06D69702C}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe (TerraTec Electronic GmbH) [File not signed]
FirewallRules: [{8699EC9B-57DE-4D36-8C28-50F426EC052B}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe (TerraTec Electronic GmbH) [File not signed]
FirewallRules: [{EAF9EDB2-0FC3-4665-8770-18E6BBF3913F}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe (TerraTec Electronic GmbH) [File not signed]
FirewallRules: [{9DF27269-5776-4A35-8302-781E75FB0A48}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe (TerraTec Electronic GmbH) [File not signed]
FirewallRules: [{60C27013-0837-4BB4-897D-82CBF360B463}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe (TerraTec Electronic GmbH) [File not signed]
FirewallRules: [{63995F10-CBBE-49B2-8630-A65C82A311B2}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe () [File not signed]
FirewallRules: [{20949218-5616-46A6-90BE-555690405903}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe () [File not signed]
FirewallRules: [{F2007EDF-F53F-4DBC-A362-37AA79D5A54A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{7829425B-24A2-49BD-A1E9-B175E698047B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{C67B7356-D80C-48D2-A57F-29B0F14EF423}] => (Allow) C:\SSDGames\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe (Valve Corp. -> Activision Publishing Inc.) [File not signed]
FirewallRules: [{C2034B45-F479-4804-90BF-7EC4A30EEC17}] => (Allow) C:\SSDGames\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe (Valve Corp. -> Activision Publishing Inc.) [File not signed]
FirewallRules: [{EC344DC0-476A-48DE-AF1A-74DD83D04B78}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Enslaved\Binaries\Win32\Enslaved.exe () [File not signed]
FirewallRules: [{376E5ADC-AE83-40DD-A4C9-C7B6ADD6C8F3}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Enslaved\Binaries\Win32\Enslaved.exe () [File not signed]
FirewallRules: [{EF054FAC-F6E2-49A9-841E-8FDE5808E349}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe (Activision) [File not signed]
FirewallRules: [{988834D6-6B30-45CC-92C9-89B095BBBA80}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe (Activision) [File not signed]
FirewallRules: [{C0313F44-7415-4C43-91A7-F4ED0D35A4EF}] => (Allow) C:\SSDGames\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment Inc.)
FirewallRules: [{A8F08949-D414-451B-AFE6-94C2BDE68CE0}] => (Allow) C:\SSDGames\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment Inc.)
FirewallRules: [UDP Query User{783AEBAF-4D96-49B8-9790-DAB31C14118A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{547555F9-BF90-41EA-B554-A90A03454943}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{D5D7E387-3BD4-4BDA-9007-5F3DE1E9703F}] => (Allow) C:\SSDGames\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2C8958EA-4010-474B-97E7-A4FC91443DF2}] => (Allow) C:\SSDGames\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A4E5ECE9-56C4-4DB5-AA5D-A35F6ECD2D5A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8115D1BF-E90C-45D5-9EE7-7CD1E5D8313E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4F834319-1B9B-4E94-85A8-4EBA897B0EF9}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{417E24C9-55DB-454E-9CB8-037021565C5B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{29064783-B53B-4FCF-901D-AC2E2B402685}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{DACDC1E4-4CB4-4C93-8464-2D5DC3820ED5}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{232BCFA6-392C-4D28-A5E9-04775A2F2656}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe (TerraTec Electronic GmbH) [File not signed]
FirewallRules: [{B1981F4F-8B23-42FD-A591-9E436B6F4DF5}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe (TerraTec Electronic GmbH) [File not signed]
FirewallRules: [{29DFAABB-EF14-475C-BCCD-64FBF4DC00CC}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Rayman Legends\Rayman Legends.exe (Ubisoft Chengdu Co., Ltd. -> )
FirewallRules: [{03C4749A-A737-4367-9713-B7A3AAAEA52E}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Rayman Legends\Rayman Legends.exe (Ubisoft Chengdu Co., Ltd. -> )
FirewallRules: [{79354EF0-4C0D-4329-ACCB-0DF64AA5A889}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{99036D98-33AE-4804-8EA4-F922B5DCA296}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{DC3DF390-CF20-43BB-9C01-88C7E3C75603}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Wildlands\GRW.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{4DC2DC37-AECE-4FA3-9C9A-E7285EC09647}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Wildlands\GRW.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{0233CB54-11EA-476D-ACCD-5499345D7F23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B29B61D9-22D9-4B80-B9DF-5123CD85C9D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5E3FEC6B-7D98-4684-A7C9-6C3F8C9464D2}] => (Allow) C:\SSDGames\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8343FD52-F316-408F-B557-2DD9C123569D}] => (Allow) C:\SSDGames\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EDBB8FDE-8D4E-4CF3-BF9F-DB026CE2BCE9}] => (Allow) C:\SSDGames\Steam\steamapps\common\Commander Keen\base1\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{CC137AB4-D940-40BD-8D73-3949FA25C527}] => (Allow) C:\SSDGames\Steam\steamapps\common\Commander Keen\base1\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{3E76823B-742C-49CD-A33B-2E05081DA4FF}] => (Allow) C:\SSDGames\Steam\steamapps\common\Commander Keen\base2\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{C9B64C30-2827-43DC-9A3E-492FC95E18F9}] => (Allow) C:\SSDGames\Steam\steamapps\common\Commander Keen\base2\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{FBAD6793-101F-41D8-8F6C-BDA4A3BBC857}] => (Allow) C:\SSDGames\Steam\steamapps\common\Commander Keen\base3\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{9E4B0476-90EF-4A29-B7F0-E15E0F095277}] => (Allow) C:\SSDGames\Steam\steamapps\common\Commander Keen\base3\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{CDAC8085-3329-4B7E-8A19-74F7F2493E62}] => (Allow) C:\SSDGames\Steam\steamapps\common\Commander Keen\base4\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{AFF57D2F-5551-47F2-B022-244B702BE358}] => (Allow) C:\SSDGames\Steam\steamapps\common\Commander Keen\base4\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{1ED83894-6801-45B3-83C9-83A4A69D3A07}] => (Allow) C:\SSDGames\Steam\steamapps\common\Commander Keen\base5\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{FC3788B4-4CAC-428F-999C-21C8C5ECBE8E}] => (Allow) C:\SSDGames\Steam\steamapps\common\Commander Keen\base5\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{85B46A9B-3560-4378-B115-FA74F9C00DC7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{46350563-649A-40D1-827B-9DCC0C0D17C8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{4FC2DAA2-53C5-42BF-84A1-45E3543697FC}] => (Allow) C:\SSDGames\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{F6DAF734-8E4D-4E2D-A7E8-C2DF4D35172D}] => (Allow) C:\SSDGames\Steam\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{E3AE5244-C57A-4D85-A490-EF8E6D19AB02}] => (Allow) D:\GamesHDD\Steam\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{0F4C8DA8-68AB-4065-9C34-A895F44DB15A}] => (Allow) D:\GamesHDD\Steam\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{B4FF9FC2-A7EF-4AC5-9368-7AF64BD08B2A}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{8B91D434-B892-46DB-AD72-43F4A6D26C79}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{9FBA6F0D-5651-4517-9A16-7B46ED7CA70F}] => (Allow) D:\GamesHDD\Steam\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{3F2107A2-C1DC-47D3-BA58-D2039C5FB4D9}] => (Allow) D:\GamesHDD\Steam\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{70770847-E75F-4842-9233-E420D90DFCAF}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Warhammer 40,000 Regicide\Warhammer 40K Regicide.exe () [File not signed]
FirewallRules: [{3EE975EE-3EF7-4908-962E-C0ED3ADB5EA1}] => (Allow) D:\GamesHDD\Steam\steamapps\common\Warhammer 40,000 Regicide\Warhammer 40K Regicide.exe () [File not signed]
FirewallRules: [{5533C21E-3239-464D-A352-E2E965C7BF08}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13AC7731-B7B8-4BCF-84DA-84587D54715B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CAB6EEBB-0396-46CA-9945-6B3D4EBF2FFB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E3DDF2E9-AF7A-460B-94B0-F3F72F6F3F41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7657DCB9-0FE4-451D-87ED-251335E39DB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{39788CA6-5A4B-48AC-99B6-143A275F20AD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{350CB7F6-0055-49AC-B3FC-015836881C50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{94D8D2EA-81D3-4D8A-A2E3-CC1AFAC2384C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.114.475.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5D099F95-7D9F-422D-B7A4-553D0DFBD65C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{622CC4CD-ABED-4244-9B67-9C167A826EFE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D35F55B6-B3C7-463E-9E24-995DE353FA79}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42D30D75-56C2-4BCC-BA6D-AB52B1060DB6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C7DCCBD6-BB96-4863-80C1-4BD9FF7B572B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EF1E87D8-88F3-4D22-94F8-E53A7084B85F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6FE90DCE-947A-4AA5-A72F-70B5C4BF3385}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9DF7296B-EB11-4C8B-943D-2474773E321D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EC411B80-45D2-43C1-8B27-37273B1F3EFF}] => (Allow) D:\GamesHDD\Steam\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{9163BBFB-47DC-4A41-B121-EABAA709D49B}] => (Allow) D:\GamesHDD\Steam\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{E3FB075E-E7A4-45A7-857F-B517E520741C}] => (Allow) D:\GamesHDD\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{88B34989-B376-484E-928D-DF1EACDE83DF}] => (Allow) D:\GamesHDD\Steam\steamapps\common\FarCry5\bin\ArcadeEditor64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{94F66960-8C4D-45EE-8628-0CE740F48FAB}] => (Allow) D:\GamesHDD\Steam\steamapps\common\BioShock Infinite\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{59ACFDB8-3277-489A-A1C8-324F089FB566}] => (Allow) D:\GamesHDD\Steam\steamapps\common\BioShock Infinite\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{52765BAC-3000-4BDF-98CD-4E3C75E449FD}] => (Allow) C:\SSDGames\Steam\steamapps\common\Company of Heroes 3\RelicCoH3.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{87BD0C00-BA80-4912-A7B8-8B77133C472E}] => (Allow) C:\SSDGames\Steam\steamapps\common\Company of Heroes 3\RelicCoH3.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{409E7659-580B-4914-A8DB-5D71E1530D3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5EDA95F0-BB15-42C7-AC61-92D029C23379}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{0011B749-5862-4B9C-8569-2E8FF67ACC6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{1467E2AF-6E55-4470-B993-2B9E7743FB00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A78FD483-5A52-4466-81FA-92B6066E3051}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0FBA95BC-7358-4FFA-B303-442C5EBBC7CC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{60770310-A33B-41B7-A0D7-941BE93805C2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4C42356A-35BD-46AE-B0FC-E69ACDE045B1}] => (Allow) LPort=8323
FirewallRules: [{8FEB678A-EE82-4B82-9450-2964703C2115}] => (Allow) LPort=54950
FirewallRules: [{521EF216-2235-4215-B0F5-3D0FE36D80AC}] => (Allow) LPort=54955
FirewallRules: [{88C58B35-5AED-4A0D-9C61-219D90604ADE}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{119E2225-BD9B-4FCB-81D8-1E3183242B53}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8BB9F895-2EAD-442F-AC3C-E8D7816DC104}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C7A64155-5A3A-4D8E-9F6A-74AF9C078D8D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{BB38C713-A589-4CD7-8CAA-BD42A69019C7}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{947D1C14-F13F-4992-83AB-3A035632B948}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D0A3406-6F60-4286-8C47-A7F60287E68C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6323A09E-72C1-49BE-839F-8201CE826C52}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D2CB3B3-B455-483D-9035-609A147B840C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95760FC3-08DA-4B41-908C-5A8FF7D42C6B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9E533E86-9AA6-4C2A-BF0E-DEA754698553}] => (Allow) C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe (nordvpn s.a. -> nordvpn S.A.)
FirewallRules: [{4794EA59-5685-404F-AD32-BEF17F771A58}] => (Allow) C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe (nordvpn s.a. -> nordvpn S.A.)
==================== Restore Points =========================
25-01-2024 14:38:21 Scheduled Checkpoint
30-01-2024 11:36:35 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/03/2024 07:24:31 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (02/03/2024 07:23:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (02/03/2024 07:23:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (02/03/2024 07:23:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (02/03/2024 07:16:34 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (02/03/2024 07:16:34 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (02/03/2024 07:16:34 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (02/03/2024 07:16:34 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
System errors:
=============
Error: (02/03/2024 07:19:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update-Dienst (gupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (02/03/2024 07:19:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update-Dienst (gupdate) service to connect.
Error: (02/02/2024 10:39:42 PM) (Source: DCOM) (EventID: 10010) (User: GamersDream)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca did not register with DCOM within the required timeout.
Error: (02/02/2024 10:35:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update-Dienst (gupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (02/02/2024 10:35:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update-Dienst (gupdate) service to connect.
Error: (02/02/2024 10:31:52 AM) (Source: DCOM) (EventID: 10010) (User: GamersDream)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (02/02/2024 10:31:52 AM) (Source: DCOM) (EventID: 10010) (User: GamersDream)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (02/02/2024 10:31:52 AM) (Source: DCOM) (EventID: 10010) (User: GamersDream)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2024-02-01 20:08:37
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {8745F9BB-68DA-4ACA-B236-CF71388AF6B9}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
Date: 2024-01-30 12:15:44
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {6C7022B3-75DC-45EB-9FE0-AF25CD43DB98}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
Date: 2024-01-30 11:52:24
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {CE6AF000-A4A1-4844-97F1-CEA6086E049F}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
Date: 2024-01-30 11:37:30
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {0CE76D22-7F97-4971-BCC9-D793BB35BE23}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
Date: 2024-01-30 11:33:49
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {E2A143AA-BB33-4AC5-9EAA-410CC1005026}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: GamersDream\*****
Event[0]:
Date: 2024-01-30 11:16:51
Description:
Fehler des Microsoft Defender Antivirus-Echtzeitschutz-Features.
Feature: On Access
Fehlercode: 0x8007043c
Fehlerbeschreibung: This service cannot be started in Safe Mode
Ursache: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2022-03-08 08:28:07
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.359.128.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT AUTHORITY\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.18900.3
Fehlercode: 0x8024000b
Fehlerbeschreibung: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===============
Date: 2024-02-01 19:47:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2024-02-01 19:47:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2024-02-01 19:45:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2012 10/01/2014
Motherboard: ASUSTeK COMPUTER INC. MAXIMUS VII RANGER
Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 43%
Total physical RAM: 16326.89 MB
Available physical RAM: 9165.69 MB
Total Virtual: 19014.89 MB
Available Virtual: 9762.16 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.08 GB) (Free:150.38 GB) (Model: Crucial_CT512MX100SSD1) NTFS
Drive d: (Data) (Fixed) (Total:1863.01 GB) (Free:548.26 GB) (Model: WDC WD20EZRX-00D8PB0) NTFS
\\?\Volume{986592ab-ad26-11e4-824b-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS
\\?\Volume{b8f807af-0000-0000-0000-501b77000000}\ () (Fixed) (Total:0.51 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: B8F807AF)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=524 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 777A271D)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Beste Grüße Estellarita |
|
03.02.2024, 20:59
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner System aufräumen: unnötige und veraltete Programme deinstallieren
__________________Bitte über Einstellungen/Apps folgende Programme/Apps deinstallieren:
__________________ |
|
03.02.2024, 21:10
| #4 |
| | Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner Hallo cosinus, herzlichen Dank für deine schnelle Antwort!  Noch eine Info zu meinem Problem: Malwarebytes hatte übrigens nichts an Viren gefunden (vergaß ich leider, zu schreiben). Ich nutze auch NordVPN und die Probleme tauchten zeitlich assoziiert mit einem dortigen Update auf. Könnte es damit zusammenhängen? Danke dir! Beste Grüße Estellarita |
|
03.02.2024, 21:12
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner Klar. Alles kann mit allem zusammenhänge. Aber in keiner Konstallation mach diese von mir genannten Programme einen Sinn, also bitte deinstallieren.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.02.2024, 11:45
| #6 |
| | Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner Hallo cosinus, welche Firewall würdest du dann statt ZoneAlarm empfehlen (wenn ich diese lösche, wie du geraten hast)? Dir einen schönen Sonntag! Beste Grüße Estellarita |
|
04.02.2024, 13:31
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner Noch nie davon gehört, dass Windows sowas schon eingebaut hat? Seit Windows XP, also seit über 20 Jahren, gibt es die Windows-Firewall schon.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2024, 17:40
| #8 |
| /// TB-Ausbilder | Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner Fehlende Rückmeldung Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und ein eigenes Thema erstellen! |
|
| Themen zu Computer langsam, Programme hängen sich auf, Probleme mit Virenscanner |
| antivirus, avira, bluescreen, browser, computer, defender, firefox, homepage, hängen, hängt, installation, internet, langsam, logfile, mozilla, performance, realtek, rundll, scan, security, server, services.exe, software, svchost.exe, windows |
Linear-Darstellung
