Addition Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-09-2020
durchgeführt von ***** (01-10-2020 09:21:03)
Gestartet von C:\Users\*****\Downloads
Windows 10 Home Version 1903 18362.1082 (X64) (2019-08-08 16:19:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3595465751-355325523-2693163947-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3595465751-355325523-2693163947-503 - Limited - Disabled)
Gast (S-1-5-21-3595465751-355325523-2693163947-501 - Limited - Disabled)
***** (S-1-5-21-3595465751-355325523-2693163947-1001 - Administrator - Enabled) => C:\Users\*****
WDAGUtilityAccount (S-1-5-21-3595465751-355325523-2693163947-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Anno 1800 (HKLM-x32\...\Uplay Install 4553) (Version: - Ubisoft)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.4.5 - Electronic Arts, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2504ACC6-F5B6-4F18-B4A9-2AAF48D89D85}) (Version: 14.0.0.29 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Avira (HKLM-x32\...\{47430B15-7CE6-46CF-903E-B85CD2D29A7D}) (Version: 1.2.151.3852 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{f24507a8-a438-4e46-9563-6d53c727bd7e}) (Version: 1.2.151.3852 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2009.1995 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.35.1.21885 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.37.11666 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{073825B9-FF06-4690-8CE4-3C0B72036122}) (Version: 2.0.6.37231 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.7.0.10991 - Avira Operations GmbH & Co. KG) Hidden
Backup and Sync from Google (HKLM\...\{B109BD68-709A-485B-97E6-651FEB234AC9}) (Version: 3.51.3307.8076 - Google, Inc.)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.230.10.1008 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MF8200C Series (HKLM\...\{C2938963-3BB0-41cd-9769-E28814C59075}) (Version: 4.2.0.0 - CANON INC.)
Cisco VideoGuard Player (HKLM-x32\...\{30e4813e-2a86-4e4f-82ea-23df71ca8ffb}) (Version: 10.1.1.6570 - Cisco Systems, Inc)
Citavi 6 (HKLM-x32\...\{6A331045-8FF4-4BC9-9C56-E593ACAE28C2}) (Version: 6.4.0.35 - Swiss Academic Software)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.66.139.1020 - Electronic Arts Inc.)
Discord (HKU\S-1-5-21-3595465751-355325523-2693163947-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{2D833785-910B-4E02-9A6B-51BD3D2F2FCE}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Flugzeuge bauen (HKLM-x32\...\{9F410BC4-DF3E-40F7-8786-6203E3E382BB}) (Version: 1.00.000 - terzio)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
IBM SPSS Statistics 24 (HKLM\...\{4762AE15-E5A3-43BF-8822-1CFC70FB147A}) (Version: 24.0.0.0 - IBM Corp)
iCloud (HKLM\...\{01B1B2F2-22F4-4D1F-9303-8515A7ADD966}) (Version: 7.20.0.17 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.8.1.1007 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
iTunes (HKLM\...\{153A88D8-E890-4F36-A10F-2C87071F70AD}) (Version: 12.10.9.3 - Apple Inc.)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.13127.20408 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.13127.20408 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3595465751-355325523-2693163947-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Grafiktreiber 456.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.55 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.84.43868 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.10.8.1270 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.0907.090217 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8273 - Realtek Semiconductor Corp.)
ROCCAT Swarm (HKLM-x32\...\{9D12397F-45AF-4517-B492-1D1E2FA475EE}) (Version: 1.93.770 - ROCCAT GmbH) Hidden
ROCCAT Swarm (HKLM-x32\...\InstallShield_{9D12397F-45AF-4517-B492-1D1E2FA475EE}) (Version: 1.93.770 - ROCCAT GmbH)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.27.272 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.6.5 - Rockstar Games)
Shape Collage (HKLM-x32\...\ShapeCollage) (Version: - Shape Collage Inc.)
SimSync Launcher 0.3.7 (HKU\S-1-5-21-3595465751-355325523-2693163947-1001\...\da313879-5037-5841-a9df-e8fb817718b4) (Version: 0.3.7 - SimSync)
SoundField By RODE (HKLM\...\{867F6499-5FB1-4DDB-BB63-60E0F92FBF6B}) (Version: 1.0.2 - RODE) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3595465751-355325523-2693163947-1001\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
Telegram Desktop version 2.3.1 (HKU\S-1-5-21-3595465751-355325523-2693163947-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.3.1 - Telegram FZ-LLC)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 51.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3595465751-355325523-2693163947-1001\...\WhatsApp) (Version: 2.2039.9 - WhatsApp)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3595465751-355325523-2693163947-1001\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-25] (Dolby Laboratories)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_3.1.9160.0_x86__8wekyb3d8bbwe [2020-09-29] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-21] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_20.10908.5422.0_x64__8wekyb3d8bbwe [2020-09-24] (Microsoft Corporation)
MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-29] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-06-25] (NVIDIA Corp.)
Spiegel Online Reader -> C:\Program Files\WindowsApps\39531Devitep.SpiegelOnlineReader_1.0.0.1_x64__55xtp18d0bfqe [2018-06-01] (Devitep)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0 [2020-10-01] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.5.0_x86__xpfg3f7e9an52 [2020-09-25] (New Work SE)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-07-24] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-08-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-08-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9cb6a07d60163933\nvshext.dll [2020-09-26] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-08-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-09-17 17:19 - 2020-09-11 05:55 - 000638976 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\aimo.dll
2020-09-17 17:19 - 2015-12-29 00:25 - 000120334 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\libgcc_s_dw2-1.dll
2020-09-17 17:19 - 2015-12-29 00:25 - 001540622 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\libstdc++-6.dll
2020-09-17 17:19 - 2019-10-24 05:16 - 007523840 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\resource.dll
2018-03-13 15:57 - 2012-11-22 01:00 - 000005120 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUR6.DLL
2018-03-13 15:57 - 2012-09-26 15:02 - 000152064 _____ (CANON INC.) [Datei ist nicht signiert] C:\WINDOWS\System32\CNCENPM6.dll
2020-09-17 17:19 - 2015-12-29 00:25 - 000079360 _____ (MingW-W64 Project. All rights reserved.) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\libwinpthread-1.dll
2020-09-17 17:19 - 2020-07-30 09:43 - 000037376 _____ (ROCCAT GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\AimoEffectWrapper.dll
2018-03-19 11:03 - 2017-05-23 15:59 - 000494080 _____ (Skillbrains) [Datei ist nicht signiert] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2018-03-19 11:03 - 2017-05-23 15:59 - 000256000 _____ (Skillbrains) [Datei ist nicht signiert] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
2020-09-17 17:19 - 2015-12-29 00:52 - 002177536 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\LIBEAY32.dll
2020-09-17 17:19 - 2015-12-29 00:52 - 000462336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ssleay32.dll
2020-09-23 15:43 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] D:\Origin\LIBEAY32.dll
2020-09-23 15:43 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] D:\Origin\ssleay32.dll
2020-09-17 17:19 - 2016-06-10 20:15 - 000058880 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\imageformats\qdds.dll
2020-09-17 17:19 - 2016-06-10 09:32 - 000033792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\imageformats\qgif.dll
2020-09-17 17:19 - 2016-06-10 20:15 - 000046592 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\imageformats\qicns.dll
2020-09-17 17:19 - 2016-06-10 09:33 - 000036352 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\imageformats\qico.dll
2020-09-17 17:19 - 2016-06-10 09:32 - 000258560 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\imageformats\qjpeg.dll
2020-09-17 17:19 - 2016-06-10 19:51 - 000028672 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\imageformats\qsvg.dll
2020-09-17 17:19 - 2016-06-10 20:15 - 000028672 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\imageformats\qtga.dll
2020-09-17 17:19 - 2016-06-10 20:15 - 000495616 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\imageformats\qtiff.dll
2020-09-17 17:19 - 2016-06-10 20:15 - 000027648 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\imageformats\qwbmp.dll
2020-09-17 17:19 - 2016-06-10 20:16 - 000416768 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\imageformats\qwebp.dll
2020-09-17 17:19 - 2016-06-12 21:38 - 000317440 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\mediaservice\dsengine.dll
2020-09-17 17:19 - 2016-06-10 09:34 - 001489920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\platforms\qwindows.dll
2020-09-17 17:19 - 2020-01-13 03:29 - 005384704 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\Qt5Core.dll
2020-09-17 17:19 - 2016-06-10 09:23 - 005283840 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\Qt5Gui.dll
2020-09-17 17:19 - 2016-06-12 21:29 - 000853504 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\Qt5Multimedia.dll
2020-09-17 17:19 - 2016-06-10 09:17 - 001610240 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\Qt5Network.dll
2020-09-17 17:19 - 2016-06-10 19:51 - 000348160 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\Qt5Svg.dll
2020-09-17 17:19 - 2016-06-10 09:29 - 006358528 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\Qt5Widgets.dll
2020-09-23 15:43 - 2020-01-11 13:44 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Origin\platforms\qwindows.dll
2020-09-23 15:43 - 2020-01-11 13:44 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Origin\Qt5Core.dll
2020-09-23 15:43 - 2020-01-11 13:44 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Origin\Qt5Gui.dll
2020-09-23 15:43 - 2020-01-11 13:44 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Origin\Qt5Network.dll
2020-09-23 15:43 - 2020-01-11 13:44 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Origin\Qt5WebSockets.dll
2020-09-23 15:43 - 2020-01-11 13:44 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Origin\Qt5Widgets.dll
2020-09-23 15:43 - 2020-01-11 13:44 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Origin\Qt5Xml.dll
2020-09-17 17:19 - 2015-08-24 04:10 - 000110207 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\BASS.dll
2020-09-17 17:19 - 2015-08-24 04:10 - 000012166 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\BASSWASAPI.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKU\S-1-5-21-3595465751-355325523-2693163947-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com/
HKU\S-1-5-21-3595465751-355325523-2693163947-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
SearchScopes: HKU\S-1-5-21-3595465751-355325523-2693163947-1001 -> DefaultScope {5D4130FF-EC65-4291-A860-C50813933FFF} URL =
SearchScopes: HKU\S-1-5-21-3595465751-355325523-2693163947-1001 -> {5D4130FF-EC65-4291-A860-C50813933FFF} URL =
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Program Files (x86)\Internet Explorer\Citavi Picker\x64\SwissAcademic.Citavi.IEPicker.DLL [2020-02-28] (Swiss Academic Software -> Swiss Academic Software)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Program Files (x86)\Internet Explorer\Citavi Picker\SwissAcademic.Citavi.IEPicker.DLL [2020-02-28] (Swiss Academic Software -> Swiss Academic Software)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Users\*****\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;D:\Program Files\IBM\SPSS\Statistics\24\JRE\bin;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\nodejs\
HKU\S-1-5-21-3595465751-355325523-2693163947-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3595465751-355325523-2693163947-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-3595465751-355325523-2693163947-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3595465751-355325523-2693163947-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3595465751-355325523-2693163947-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{91A8860C-626A-4D7E-86BE-0DAE555FECFC}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\24\stats.exe (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [{7D15EB21-0F7F-41C3-9179-C606FAECC79C}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\24\WinWrapIDE.exe (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [{4F01DC45-A1B6-49AF-81C6-1DB4A229116C}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\24\stats.exe (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [{C537B351-732B-4A9C-B0A4-07F4169DE38A}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\24\WinWrapIDE.exe (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [{91CAF894-4989-4502-B615-92AFFA50373D}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\24\stats.com (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [{363C6071-97B1-4BC3-A638-7BD1C56F13DA}] => (Allow) D:\Program Files\IBM\SPSS\Statistics\24\stats.com (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{3BAA2D66-666B-494E-A98A-34336037EA89}D:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{822F5FD4-1C95-456D-BB43-CFA991BF7E43}D:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{B0D17E8D-F219-4E90-88DA-05BDF5436CCF}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{A3839D5E-2C4B-4187-93A1-A093BB668BDC}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [{327599F9-07C5-4540-A024-E5D93FB52A05}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4508EA59-912F-4138-978B-9E67F0239AB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9A0A45EE-0AF5-494E-89B2-10237895812A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{A32A6D26-9309-473F-93C3-E33A0D41C70E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{61618BA8-C3F3-4DDD-ACD6-965D9348F97A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{75A3FDCA-3E88-4A5B-940D-7035951D565E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{F0E204EA-A4D2-44FD-B8E3-0CCA12BEB0F0}] => (Block) D:\users\*****\appdata\local\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [{258AA1B5-44B3-4745-88FF-20C59EBA4454}] => (Block) D:\users\*****\appdata\local\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [UDP Query User{93C62DF7-8C31-48AE-9E25-C60A05B494C7}D:\users\*****\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) D:\users\*****\appdata\local\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [TCP Query User{445929D2-F420-43B4-8637-071C8E3E180B}D:\users\*****\appdata\local\teamspeak 3 client\ts3client_win64.exe] => (Allow) D:\users\*****\appdata\local\teamspeak 3 client\ts3client_win64.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [{437CF3D6-77AC-422E-96F8-22E144AD9C20}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe (Firaxis Games) [Datei ist nicht signiert]
FirewallRules: [{B91FA17A-C6F7-4B82-99B5-59387595BFCE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe (Firaxis Games) [Datei ist nicht signiert]
FirewallRules: [{92306647-FB35-4CBD-96D0-EAE1756C56CA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games) [Datei ist nicht signiert]
FirewallRules: [{D2043AF6-7631-4F6D-8329-E52FF48BB316}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games) [Datei ist nicht signiert]
FirewallRules: [{737FFE49-C6C1-4A79-B929-ADE90FCA31B3}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6488BAF7-A25C-4890-9870-3BFB67DF52E3}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8EBBFD18-2D0D-40C4-AF82-8F0CA6DB5947}] => (Block) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{198158B6-DEDB-42B6-BC80-EC475151EA58}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{61763500-F26D-400B-B1D7-B41657AE1EA1}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{BE72D99F-C2F2-4A1E-B295-D49152712D51}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{D9AE6A7B-AF01-4530-8E77-759CF8399576}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{7ACC91E2-B335-4B1D-9F5B-0E209FC14EE1}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D1EE2960-609D-4F12-8B37-4DC1714C6C9F}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D107273F-4CB5-4049-8E40-58A87D1CD5E7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{72BA8365-EF90-4D14-BBA4-B4869A84758A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [Datei ist nicht signiert]
FirewallRules: [{5D88A353-361E-4861-8F4D-B4A3133C3C4F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{211A1B0C-CC8D-45D6-A6A3-706C723D1ED5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ED08D51C-309B-4CBC-9A0C-03E3942118A0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EEE4B679-BE4C-4F8D-BE48-8A5322B2EDB9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{69C84875-73CF-4E12-8813-4220A19B832A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BDEF3D3A-EDD4-4D2A-BA49-CEE2F332CD16}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{C7EA134F-46B3-49AC-BAF6-6D43D840CC2D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{ABEB50C7-66D5-48A2-9F70-3E870B5BFBAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FF97FFB5-4631-4D15-9275-8E0D65F85CE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F63F11B2-2E32-417B-B6DC-F321B1B739E8}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{C08F7AC0-482A-4FA0-B614-FD1B38BAA1EB}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{1A6104AE-A27D-4BC2-BC9C-A2007054623C}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{9BE9F674-83B3-4766-8BE1-0DEBC0949AEB}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{B2E3A83B-7B0C-465A-BB01-062E78F38119}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{CCB78ED1-39F8-4C75-90DA-9B101979241F}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{D7534AB5-A3FE-4DA3-9270-3EF570515093}] => (Allow) D:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{03915887-E6A5-4C39-B00D-44802263BF48}] => (Allow) D:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{28B1C5DC-27CB-481F-A700-27768874437A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{CE2FD9FA-FCD5-43B9-ABD0-E979A3AAD22D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [TCP Query User{60FB70D1-2FEB-452B-8846-3BB4FC54E0FA}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{099D0558-16A4-4AEB-8873-17820D048C66}D:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) D:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [TCP Query User{9AB2675E-48A1-4AED-BC38-828E5A57B801}D:\program files\ibm\spss\statistics\24\stats.exe] => (Allow) D:\program files\ibm\spss\statistics\24\stats.exe (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{D0FF2C87-EDCB-44C3-B3AF-3A217FDEE7F6}D:\program files\ibm\spss\statistics\24\stats.exe] => (Allow) D:\program files\ibm\spss\statistics\24\stats.exe (IBM -> IBM Corp.) [Datei ist nicht signiert]
FirewallRules: [{7B6A5C37-FE2C-4C03-BD01-D77280384A0F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{61BB99A1-7A8C-46A7-9A21-E2641A84BD2E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{2849F2D2-D07F-4920-A59A-E7B71341DB5D}C:\users\*****\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\*****\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{43351D85-317C-4037-82EF-64C618566300}C:\users\*****\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\users\*****\twitch\minecraft\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{8EF3FE2D-F862-46EF-99E1-207B61019ABF}D:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{0E2F813B-E4F5-4C9D-BE22-B2AF9CDF7C41}D:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{E3D282A7-9AE7-4D4C-A3C9-6C3EA2B54A31}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{9315BA62-2177-43B8-B708-7CC8D0FB455F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{388DD67A-8496-44D5-AC2E-5DFFAF149F93}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{9AAC67A1-09F1-4F06-9BDD-8926D4926809}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe (Microsoft Corporation -> Ensemble Studios)
FirewallRules: [{9F086F25-1BE2-473B-B7CC-29009473A07C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1B29F10C-D8DC-496D-AC20-978E33D838F8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F910809D-45CE-41BB-9E30-906C423A18F5}D:\program files (x86)\steam\steamapps\common\aoede\aoede_s.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\aoede\aoede_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{59C88388-1AB4-4071-91EA-823DF0811803}D:\program files (x86)\steam\steamapps\common\aoede\aoede_s.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\aoede\aoede_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6BF28A6C-5EC4-4F93-BF6F-0CBBC86C4B8A}D:\program files (x86)\steam\steamapps\common\aoede\battleserver.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\aoede\battleserver.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B34223C2-1809-453F-BECC-700FB31C8A77}D:\program files (x86)\steam\steamapps\common\aoede\battleserver.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\aoede\battleserver.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{4075AFFE-373A-4092-976B-CE0C0AD3F495}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{1B340BB8-80BE-49C8-8EEC-6302811C0868}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{160F9C11-F691-4B8B-97A7-03F65123008F}C:\windows\system32\sihost.exe] => (Allow) C:\windows\system32\sihost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{FFB9CC7F-01B5-49F9-812E-B4A76B3A0648}C:\windows\system32\sihost.exe] => (Allow) C:\windows\system32\sihost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9D40157D-9F5E-45AF-84CE-EAEF8CDFBEAE}] => (Block) C:\windows\system32\sihost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C8921D2A-A956-43A3-9304-814E93AA84D7}] => (Block) C:\windows\system32\sihost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{E1D4A8FC-16E2-4017-B403-232370032FF7}C:\users\*****\appdata\roaming\simsync\server\jre11\bin\java.exe] => (Allow) C:\users\*****\appdata\roaming\simsync\server\jre11\bin\java.exe
FirewallRules: [UDP Query User{8945ECEF-7337-4D36-B4BB-014A3EBF6A1E}C:\users\*****\appdata\roaming\simsync\server\jre11\bin\java.exe] => (Allow) C:\users\*****\appdata\roaming\simsync\server\jre11\bin\java.exe
FirewallRules: [{44E77A18-3402-4B92-A986-274DE90E8B0D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E217850B-A3EE-494C-8FD9-D1DEBBDDDEBE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C7C71140-2315-46B9-9837-25554DF2DBCD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe () [Datei ist nicht signiert]
FirewallRules: [{9FB8782D-1FF3-4DD2-8A10-16FBE72A99F8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\AoE2DE\BattleServer\BattleServer.exe () [Datei ist nicht signiert]
FirewallRules: [{32F38021-5D95-4BB1-A599-559F77DDF4EC}] => (Allow) C:\Users\*****\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CD5EE5C6-E901-4863-A2C5-63FBF34C3C61}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Pharaoh + Cleopatra\Pharaoh.exe (Sierra) [Datei ist nicht signiert]
FirewallRules: [{E3B2D0C1-B6F4-41AA-95A6-3C2D6A893852}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Pharaoh + Cleopatra\Pharaoh.exe (Sierra) [Datei ist nicht signiert]
FirewallRules: [{C0D2E8A0-6511-43EF-86B1-3503E1CFA3A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{02ECC64F-635B-4D38-B971-26EF1063FE88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{108D2EBD-285B-46DE-8F54-3EA10B663BCC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DEC27999-D958-4A64-A20A-7575EBDFFA7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{BCC17419-0397-4BE8-9298-1BF7C91ECD65}D:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) D:\program files\epic games\totalwarsagatroy\troy.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{8CF43E26-B607-4589-8ACF-263D81990194}D:\program files\epic games\totalwarsagatroy\troy.exe] => (Allow) D:\program files\epic games\totalwarsagatroy\troy.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{C28EC10B-B17C-4F37-A6B7-50A19659B186}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{022ED7E3-C8CA-485C-BAB1-ED6107BA52FA}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{0F0CE875-820A-4E21-A87B-359FE9AC65DF}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{56CD3348-F555-4A06-8D20-2A6D1853AC07}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{D5557B2B-8A33-4D90-83B8-8AA2EF518372}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{9294D446-65E4-41F1-82BA-B9B73C9D5B19}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{C79C4517-6712-4FC7-B7F4-F40492617B4C}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{A342DD57-4072-40E2-BDCF-C06285480708}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{0F1B67D7-2A68-4276-9A26-F77330F4DE4E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{F6129AE8-D4C8-4C03-9242-9B26CEBE58B2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Total War Attila\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [TCP Query User{9AE9E723-020C-4FC7-A753-25541D1FBBF9}D:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\total war attila\attila.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{AD120DAE-2C27-48CC-927B-8E6F8EE71740}D:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\total war attila\attila.exe (SEGA EUROPE LIMITED -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{908203A2-BBDA-4C7B-B7CD-80922DA44C0E}D:\program files\epic games\railwayempire\railwayempire.exe] => (Allow) D:\program files\epic games\railwayempire\railwayempire.exe (Kalypso Media Group -> Gaming Minds Studios GmbH)
FirewallRules: [UDP Query User{18D31735-C243-4E39-BA7E-6E47ED2E7823}D:\program files\epic games\railwayempire\railwayempire.exe] => (Allow) D:\program files\epic games\railwayempire\railwayempire.exe (Kalypso Media Group -> Gaming Minds Studios GmbH)
FirewallRules: [{644808A4-84E4-40CB-8C93-20E889FD14F1}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{E581D881-C944-4332-828F-BC8A575960A0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9691BFE3-367D-407C-9B07-48FD401484EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E7988158-7891-4DCF-B69A-F8A7631D0631}] => (Allow) D:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E3CC4B0D-673A-4198-9548-8D27CF9FB85E}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 1800\Bin\Win64\Anno1800.exe (Ubisoft Blue Byte GmbH -> Ubisoft)
FirewallRules: [{72B12B24-E60F-434E-85F5-2EC799C2BC22}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{738EB372-3E12-4EC0-A1F1-569BC4BE86FF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{031F1325-00D0-4741-9FD8-5808363A374A}] => (Allow) D:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{D215071B-85DE-432E-88EF-48E30DFF1FF8}] => (Allow) D:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{155A192F-C072-41F4-9603-14CE1D3E752F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7B781D0A-984D-471E-9CB2-27FD51C29AAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F880EAF5-D03F-4782-A4ED-5CF6DC60A4DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56D47F00-1766-4080-9906-41CFD998E2C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6BF3774F-A6D2-4D4F-AD0F-E0B97389F8B2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7DA4BEB5-476E-43AE-B717-33B19FA47C0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4D17EAF3-C3EF-4FCD-B294-2FFB800D542B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BEA723FD-8081-4CDD-ABA6-577227446BE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F483865E-9935-4508-981C-577ED0AFB060}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{B5B5EA79-265B-4D79-8DB8-638D1E98FEF3}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{684BE3F5-CCA1-4FFC-8ECC-4DA6BADC1FCF}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Wiederherstellungspunkte =========================
24-09-2020 09:21:53 Geplanter Prüfpunkt
27-09-2020 13:33:17 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016
30-09-2020 16:31:05 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Microsoft Wi-Fi Direct Virtual Adapter #2
Description: Virtueller Microsoft Wi-Fi Direct-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (10/01/2020 09:21:02 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7288,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (10/01/2020 09:11:33 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (10/01/2020 09:04:16 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7276,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (10/01/2020 08:50:14 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Error: (09/30/2020 11:05:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (09/30/2020 11:05:12 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (09/30/2020 10:40:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (512,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/30/2020 09:17:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19832,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Systemfehler:
=============
Error: (10/01/2020 09:07:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/01/2020 09:07:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Chroma SDK Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/01/2020 09:07:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Nahimic service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/01/2020 09:07:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/01/2020 09:07:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Razer Game Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/01/2020 09:07:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Razer Central Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/01/2020 09:07:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Razer Synapse Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/01/2020 09:07:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
===================================
Date: 2020-03-24 16:06:15.590
Description:
Bei Windows Defender Antivirus ist ein Fehler beim Laden der Sicherheitsinformationen aufgetreten. Es wird versucht, zu einer als fehlerfrei bekannten Version zurückzukehren.
Sicherheitsversion versucht: Sicherung
Fehlercode: 0x80508001
Fehlerbeschreibung: Aufgrund eines Problems konnte das Programm nicht gestartet werden. Installieren Sie alle verfügbaren Updates, und starten Sie das Programm erneut. Informationen über die Installation von Updates erhalten Sie unter Hilfe und Support.
tSicherheitsversion: 1.291.2470.0;1.291.2470.0
Modulversion: 1.1.15800.1
Date: 2020-03-24 16:06:15.336
Description:
Bei Windows Defender Antivirus ist ein Fehler beim Laden der Sicherheitsinformationen aufgetreten. Es wird versucht, zu einer als fehlerfrei bekannten Version zurückzukehren.
Sicherheitsversion versucht: Aktuell
Fehlercode: 0x80508001
Fehlerbeschreibung: Aufgrund eines Problems konnte das Programm nicht gestartet werden. Installieren Sie alle verfügbaren Updates, und starten Sie das Programm erneut. Informationen über die Installation von Updates erhalten Sie unter Hilfe und Support.
tSicherheitsversion: 1.291.2470.0;1.291.2470.0
Modulversion: 1.1.15900.4
CodeIntegrity:
===================================
Date: 2020-10-01 09:00:40.527
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-08 17:20:35.466
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-08-05 10:07:39.340
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 15:25:28.860
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-07 22:14:54.608
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\CastSrv.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Razer\Razer Cortex\x64\K_FPS64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-07-07 22:14:54.597
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\CastSrv.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Razer\Razer Cortex\x64\K_FPS64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-07-07 22:14:54.582
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\CastSrv.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Razer\Razer Cortex\x64\K_FPS64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-07-07 22:14:54.571
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\CastSrv.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Razer\Razer Cortex\x64\K_FPS64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. A.30 12/26/2017
Hauptplatine: Micro-Star International Co., Ltd. Z370 GAMING PRO CARBON (MS-7B45)
Prozessor: Intel(R) Core(TM) i5-8600K CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 16342.05 MB
Verfügbarer physikalischer RAM: 9424.38 MB
Summe virtueller Speicher: 25046.05 MB
Verfügbarer virtueller Speicher: 15387.71 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:255.46 GB) (Free:83.6 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (D1-P1) (Fixed) (Total:1862.89 GB) (Free:1405.6 GB) NTFS
\\?\Volume{7a21053f-3fc1-45fb-a469-8d51223d91c8}\ (Recovery image) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{d0efea0a-332a-4e74-899e-147c13ea3600}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 256.2 GB) (Disk ID: 38B61B05)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt =======================
Malwarebytes Code:
Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 01.10.20
Scan-Zeit: 09:01
Protokolldatei: e2a6d020-03b3-11eb-9c16-309c236592f1.json
-Softwaredaten-
Version: 4.2.1.89
Komponentenversion: 1.0.1045
Version des Aktualisierungspakets: 1.0.30610
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 18362.1082)
CPU: x64
Dateisystem: NTFS
Benutzer: ****
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 382630
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 4 Min., 9 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
|
Lesestoff: