| |
| |||||||
Log-Analyse und Auswertung: Win 10 Start dauert sehr langeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
13.11.2021, 11:07
| #1 |
 |  Win 10 Start dauert sehr lange Hallo in die Runde, der Start meines Rechners dauert seit einiger Zeit sehr lange, daher habe ich nach der hier geposteten Anleitung Malwarebytes sein Werk tun lassen. Die drei Funde habe ich in die Quarantäne verfrachtet. Bin ich dann fertig und muss woanders nach einer Lösung suchen (z.B. Win neu aufsetzen)? Vielen Dank für einen kurzen Kommentar! Gruß, Rufuz Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 13.11.21
Scan-Zeit: 10:16
Protokolldatei: 5da3cf23-4462-11ec-81e7-7085c2dc969c.json
-Softwaredaten-
Version: 4.4.10.144
Komponentenversion: 1.0.1499
Version des Aktualisierungspakets: 1.0.47160
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10 (Build 19043.1348)
CPU: x64
Dateisystem: NTFS
Benutzer: ...
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 891025
Erkannte Bedrohungen: 3
In die Quarantäne verschobene Bedrohungen: 3
Abgelaufene Zeit: 22 Min., 14 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 3
Malware.AI.1628784819, C:\$RECYCLE.BIN\S-1-5-21-1354302738-180291989-3184307785-1001\$R3RSPWK.EXE, In Quarantäne, 1000000, 0, 1.0.47160, 2424C5E6C2124593611548B3, dds, 01507804, 4FAA00494370578C3C15061BD87E3347, BC47F7C558DBA51BD6150AD39BC6A21406A0831618F44C3420DD07B8D17E2169
PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-1354302738-180291989-3184307785-1001\$RUGU51I.EXE, In Quarantäne, 616, 557991, 1.0.47160, , ame, , 5F5B877DFAC2A4EC5AF890F33D7801C6, 5C3022D3CEDD37473E7FA598742CA27DA5B07C1E658A801CC64686F2E1FCB729
Adware.FusionCore, C:\$RECYCLE.BIN\S-1-5-21-1354302738-180291989-3184307785-1001\$RU6E523.EXE, In Quarantäne, 7160, 880869, 1.0.47160, , ame, , FAADC03D9A58925BA4784002DC48A81F, DB5B1CC525BC2F57876667CD8B67E99EEEAB7784CFCBD1CCFFB9104FB317BCC9
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Geändert von cosinus (14.11.2021 um 12:41 Uhr) Grund: code tags |
|
13.11.2021, 11:32
| #2 | |
| /// TB-Ausbilder   | Win 10 Start dauert sehr lange Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen. Zitat:
Dann kann man mehr sagen. |
|
13.11.2021, 12:27
| #3 |
| | Win 10 Start dauert sehr lange Hallo Matthias,
__________________vorab möchte ich dir noch einmal danken, dass du dich hier engagierst. Hier die FRST Dateien. Darüber hinaus habe ich gerade festgestellt, dass der Defender offenbar schon fündig geworden ist. Dazu habe ich zwei Screenshots gemacht. |
|
13.11.2021, 18:04
| #4 | |
| /// TB-Ausbilder | Win 10 Start dauert sehr lange Ein großes Problem bei dir sind deine Downloadquellen. Sowas wie "OpenCandy" oder "DownloadSponsor" sagt eigentlich schon alles aus. Auch solche Downloads zeugen von unsicheren Quellen: Zitat:
 Ich sehe aktuell nur etwas Adware/PUP auf dem System, nichts Schlimmes. Wir kümmern uns darum.  Schritt 1 Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 2 Führe RogueKiller Anti-Malware gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 3
Bitte poste mit deiner nächsten Antwort:
|
|
13.11.2021, 18:52
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 10 Start dauert sehr langeCode:
ATTFilter 2015-10-30 08:24 - 2021-02-12 00:16 - 000001043 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
13.11.2021, 21:21
| #6 |
| /// TB-Ausbilder | Win 10 Start dauert sehr lange Ja, habe ich auch gesehen.  Aktuell ist aber kein Adobe auf dem System. |
|
14.11.2021, 03:23
| #7 |
| | Win 10 Start dauert sehr lange Sind getarnte Urlaubsfilme. Und längst bin ich zu Gimp bekehrt worden.Ja, dass ich hier die Hosen runter lasse war mir irgendwie klar. Hie die log vom AdwCleaner Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-14-2021
# Duration: 00:00:09
# OS: Windows 10 Pro
# Scanned: 32013
# Detected: 9
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.SamsungSmartSwitch File C:\Users\Rufuz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk
Preinstalled.SamsungSmartSwitch Folder C:\Program Files (x86)\SAMSUNG\SMART SWITCH PC
Preinstalled.SamsungSmartSwitch Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC
Preinstalled.SamsungSmartSwitch Folder C:\Users\Rufuz\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
AdwCleaner[S00].txt - [1656 octets] - [13/02/2019 20:52:27]
AdwCleaner[C00].txt - [1766 octets] - [13/02/2019 20:52:49]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Code:
ATTFilter Program : RogueKiller Anti-Malware
Version : 15.1.3.0
x64 : Yes
Program Date : Nov 9 2021
Location : C:\Users\Rufuz\Downloads\RogueKiller_portable64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19043) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : Rufuz
User is Admin : Yes
Date : 2021/11/14 02:15:36
Type : Removal
Aborted : No
Scan Mode : Standard
Duration : 1409
Found items : 3
Total scanned : 702290
Signatures Version : 20211112_123736
Truesight Driver : Yes
Updates Count : 16
************************* Warnings *************************
(16:837) C:\Users\Rufuz\AppData\Local\Temp, LONG_FOLDER_SCAN
[+] path : C:\Users\Rufuz\AppData\Local\Temp
[+] message : LONG_FOLDER_SCAN
[+] int1 : 16
[+] int2 : 837
************************* Removal *************************
[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\.DEFAULT\Software\OCS -- -> Gelöscht
[+] scan_what : 2
[+] vendors : PUP.Gen1
[+] Name : HKEY_USERS\.DEFAULT\Software\OCS
[+] Type : Registry
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 0
[+] status : 3
[+] status_str : Gelöscht
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1
[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-1354302738-180291989-3184307785-1001\Software\OCS -- -> Gelöscht
[+] scan_what : 2
[+] vendors : PUP.Gen1
[+] Name : HKEY_USERS\S-1-5-21-1354302738-180291989-3184307785-1001\Software\OCS
[+] Type : Registry
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 1
[+] status : 3
[+] status_str : Gelöscht
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1
[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-18\Software\OCS -- -> Gelöscht
[+] scan_what : 2
[+] vendors : PUP.Gen1
[+] Name : HKEY_USERS\S-1-5-18\Software\OCS
[+] Type : Registry
[+] file_vtscore : -1
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 2
[+] status : 3
[+] status_str : Gelöscht
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2021
durchgeführt von Rufuz (Administrator) auf DURANIUM (14-11-2021 03:17:28)
Gestartet von C:\Users\Rufuz\Desktop
Geladene Profile: Rufuz
Plattform: Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(3 Play Networks, Inc. -> Sphinx Software) C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe
(3 Play Networks, Inc. -> Sphinx Software) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
(Electronic Arts, Inc. -> Electronic Arts) E:\Origin\OriginWebHelperService.exe
(Endor AG -> ) C:\Program Files\Fanatec\Fanatec Wheel\FWPnpService.exe
(geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\52.0.6.0\crashpad_handler.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe <7>
(Greenshot) [Datei ist nicht signiert] C:\Program Files\Greenshot\Greenshot.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.10202.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.10202.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Spectrum.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6>
(Nextcloud GmbH -> Nextcloud GmbH) C:\Program Files\Nextcloud\nextcloud.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NvVirtualCamera\NVIDIA Broadcast.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe <2>
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Scarlet.Crush Productions) [Datei ist nicht signiert] F:\_Portable\PS3 Controller\bin\ScpService.exe
(Shenzhen Huion Animation Technology Co.,LTD -> ) C:\Huion Tablet\x64\TabletDriverCore.exe
(Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tobii AB -> ) C:\Program Files (x86)\Tobii\Tobii VRU02 Runtime\platform_runtime_VR4U2P2_service.exe
(Virtual Desktop, Inc. -> Virtual Desktop, Inc.) C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot) [Datei ist nicht signiert]
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [878584 2019-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Windows10FirewallControl] => C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe [1803824 2019-07-28] (3 Play Networks, Inc. -> Sphinx Software)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [TabletDriver] => C:\Huion Tablet\x64\TabletDriverCore.exe [333544 2020-10-24] (Shenzhen Huion Animation Technology Co.,LTD -> )
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443968 2021-11-03] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [2739008 2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [HueSync] => C:\Program Files\Hue Sync\HueSync.exe [20154280 2021-08-23] (Signify Netherlands B.V. -> Signify Netherlands B.V.)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [Magnet.bootstrap_Vive] => "C:\Program Files (x86)\VIVE\PCClient\Vive.exe" --silent (Keine Datei)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [BakkesMod] => C:\Program Files\BakkesMod\BakkesMod.exe [16066560 2021-05-04] () [Datei ist nicht signiert]
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\Signal.exe [136232376 2021-11-10] (Signal Messenger, LLC -> Open Whisper Systems)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1806680 2021-10-31] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2020-12-06] (pdfforge GmbH) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-10-28] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HideVolumeOSD.lnk [2017-07-22]
ShortcutTarget: HideVolumeOSD.lnk -> C:\Program Files (x86)\HideVolumeOSD\HideVolumeOSD.exe (Venturi) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Huion Tablet.lnk [2020-12-30]
ShortcutTarget: Huion Tablet.lnk -> C:\Huion Tablet\Huion Tablet.exe (Shenzhen Huion Animation Technology Co.,LTD -> )
BootExecute: autocheck autochk * bddel.exe
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05D71B87-D9D0-465B-B501-D7DC12519DDF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22655904 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {1BDF682C-9847-40A3-9074-4A3C6C96EBB7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314256 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {1CDC08B6-AA17-46BE-8F00-F6F58DCCB450} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {216D93D7-6AE1-4652-AE4A-102910A452DA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {21E14460-042B-456E-B711-E90D1491C7E1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {242507AC-76A8-4967-90A9-26D4D667D381} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {260F3033-CD8A-42E1-A91A-A45373D426C0} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {287FA373-DDD1-4C4C-8439-FDBA944ADFEC} - System32\Tasks\Core Temp Autostart Rufuz => C:\Program Files\Core Temp\Core Temp.exe [1031512 2021-04-01] (ALCPU -> ALCPU)
Task: {2AC8F50D-84ED-4BFE-91F1-C4452F045471} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [22267088 2021-09-01] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2E41A145-077C-4011-BE9C-E3A5810B215E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {318676CD-3B2A-4E70-BF19-D5855AA58963} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-31] (Overwolf Ltd -> Overwolf LTD)
Task: {31E71847-2604-464D-B777-A6BDEACB8861} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {586A2693-EE96-49A1-8E3C-584C153B4C85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5DC7B3AA-5941-476D-9E5F-5A5DB045DE75} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22655904 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {644EC301-90E6-4333-B017-ED24CC34D3B2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D3A225A-5A2C-458B-96CF-1E634104DD52} - System32\Tasks\{D97764FA-C04F-472B-9BF2-3B712677EF82} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {6DFEC72F-9CA7-475D-B2B1-E927541AAD2A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E0254FE-CE84-4F15-B74B-FFA47916E868} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {842D6D20-4D20-4E1A-B7BD-B6281AD84463} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9084BCE0-F4F5-46B2-A729-2C8659420242} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-25] (Google Inc -> Google Inc.)
Task: {909EA4A5-1859-485C-9E7B-9ADBF44589D3} - System32\Tasks\SafeZone scheduled Autoupdate 1464429621 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei)
Task: {A1C66833-1B7A-4F99-B8D5-DD71489D693A} - System32\Tasks\GPU Temp\Startup => C:\Program Files (x86)\GPU Temp\GPUTemp.exe [1032192 2011-10-01] (gputemp.com) [Datei ist nicht signiert]
Task: {A9465F63-FD74-4A24-813A-A2A950BCC071} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AAF982D1-4C4C-402E-A5BE-B5C396CB3B4B} - System32\Tasks\elevator_b58b0b144169daf1a5b3ae13ea6f5142 => C:\Program Files (x86)\SimHub\SimHubWPF.exe [2995200 2020-10-11] () [Datei ist nicht signiert]
Task: {ACD24385-C79A-4362-99DB-B447FD921C20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-25] (Google Inc -> Google Inc.)
Task: {AD5AA462-DE7B-4664-90A2-5BF1646BFD0F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314256 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0B57FA7-3524-4AB8-8060-0EE5FED22BDE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {C999D290-0D1E-4CF6-BC43-B2C5642E4FD7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CA7380EC-BBC6-48A6-BBE6-018A3553F891} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {CD9F3423-1FEC-4711-8D81-D326CE095E06} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {D418ACA5-9373-4766-9E06-9376C0157677} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E1E50819-412A-42CE-A697-2A627195A00F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4487904 2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
Task: {F1387320-E286-44DD-93A5-8AC5F76EDE71} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4142315-99D1-4D76-BFCF-66965117A6D2} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {FA00E159-5FB4-4572-A406-90D11DFDE23D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{430afc92-c19b-4475-b66c-ee649c05e911}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6a9f485a-f821-43c2-a828-e1e22575ec8c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9aef3068-3555-4aab-9389-f3da809d5d4a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{bb73d5f1-614a-49e7-aa81-a6c312f842fb}: [DhcpNameServer] 192.168.178.1
Edge:
=======
DownloadDir: C:\Users\Rufuz\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Rufuz\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-05]
Edge DownloadDir: Default -> C:\Users\Rufuz\Downloads
Edge StartupUrls: Default -> "hxxps://google.de/"
Edge Profile: C:\Users\Rufuz\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2020-12-17]
FireFox:
========
FF DefaultProfile: b3mulky7.default
FF ProfilePath: C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\ou1uqo97.Anonym [2021-11-07]
FF ProfilePath: C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\paukqpxj.CRL [2021-11-08]
FF Homepage: Mozilla\Firefox\Profiles\paukqpxj.CRL -> Google
FF ProfilePath: C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default [2021-11-14]
FF Homepage: Mozilla\Firefox\Profiles\b3mulky7.default -> Google
FF Notifications: Mozilla\Firefox\Profiles\b3mulky7.default -> hxxps://rltracker.pro; hxxps://www.hardwareluxx.de; hxxps://forums.newworld.com
FF Extension: (Netflix Super Browse) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\@cyris.xpi [2017-10-21] []
FF Extension: (AdBlocker Ultimate) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\adblockultimate@adblockultimate.net.xpi [2021-10-08]
FF Extension: (Tampermonkey) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\firefox@tampermonkey.net.xpi [2021-07-08]
FF Extension: (Netflix Plus) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\jid0-thbzZj1IIKe4A7ggnuyqMnmaa5U@jetpack.xpi [2017-10-21]
FF Extension: (Decentraleyes) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2021-09-03]
FF Extension: (I don't care about cookies) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-10-28]
FF Extension: (Dark Background and Light Text) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\jid1-QoFqdK4qzUfGWQ@jetpack.xpi [2021-02-09]
FF Extension: (FindFlix: Netflix Secret Category Finder) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\njgopmododdceghkcgbmgfffamnjbjno@chrome-store-foxified-unsigned.xpi [2017-10-21]
FF Extension: (uMatrix) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\uMatrix@raymondhill.net.xpi [2021-07-20]
FF Extension: (Dark Theme for Google™) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{026cca71-a2e2-4020-840d-f2759849d62e}.xpi [2021-09-12]
FF Extension: (All-in-One Sidebar) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2017-08-18] []
FF Extension: (Stylus Blue) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{11a41736-a1d5-4b1d-9cc3-983ed6a3ad30}.xpi [2019-06-30]
FF Extension: (Firefox Carbon) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{155bf27e-5389-49ee-bda7-b7a91631b899}.xpi [2019-06-30]
FF Extension: (NoScript) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-08-31]
FF Extension: (Tab Auto Refresh) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{7fee47a1-8299-4576-90bf-5fd88d756926}.xpi [2021-07-21]
FF Extension: (ReloadEvery) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2017-03-12] []
FF Extension: (Password Exporter) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-07-04] []
FF Extension: (Video DownloadHelper) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-03]
FF Extension: (Greasemonkey) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-07-08]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => nicht gefunden
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-16] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1354302738-180291989-3184307785-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1354302738-180291989-3184307785-1001: jpl.nasa.gov/NASAEyes -> C:\Users\Rufuz\AppData\Roaming\JPL-NASA-Caltech\NASA's Eyes\npNASAEyes.dll [2018-12-05] (NASA Jet Propulsion Laboratory -> Jet Propulsion Laboratory)
FF Plugin HKU\S-1-5-21-1354302738-180291989-3184307785-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Rufuz\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1354302738-180291989-3184307785-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Rufuz\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default [2021-11-01]
CHR HomePage: Default -> hxxp://www.google.de/
CHR Extension: (Präsentationen) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-09]
CHR Extension: (Docs) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-09]
CHR Extension: (Google Drive) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-09]
CHR Extension: (YouTube) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-09]
CHR Extension: (Tabellen) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-09]
CHR Extension: (Google Docs Offline) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-01]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-11-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-09]
CHR Extension: (Benutzerdefiniertes Profilbild für Netflix™) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\olimcenppncifgiahopimblidefpdffi [2021-11-01]
CHR Extension: (Google Mail) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-09]
CHR HKU\S-1-5-21-1354302738-180291989-3184307785-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-11-21] (BattlEye Innovations e.K. -> )
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144784 2018-04-18] (Canon Inc. -> CANON INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2017-04-23] (Creative Labs) [Datei ist nicht signiert]
R2 Ds3Service; F:\_Portable\PS3 Controller\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-09-20] (Bayerisches Landesamt fuer Steuern -> )
S3 fpsVR Service - CPU Temperature Counter; C:\Program Files\fpsVR\fpsvrCPUTempCounterService.exe [10752 2021-05-13] () [Datei ist nicht signiert]
R2 FWPnpService; C:\Program Files\Fanatec\Fanatec Wheel\FWPnpService.exe [423288 2021-01-06] (Endor AG -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11148864 2021-11-03] (Logitech Inc -> Logitech, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-13] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2523448 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3478336 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-31] (Overwolf Ltd -> Overwolf LTD)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1897456 2016-11-08] (Plex, Inc -> Plex, Inc.)
S3 Rockstar Service; E:\Rockstar Games\Launcher\RockstarService.exe [1676696 2021-03-15] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 Tobii VRU02 Runtime; C:\Program Files (x86)\Tobii\Tobii VRU02 Runtime\platform_runtime_VR4U2P2_service.exe [4010344 2020-01-29] (Tobii AB -> )
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [253912 2019-10-30] (Synology Inc. -> )
R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [1964824 2021-05-26] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Windows10FirewallService; C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe [4170264 2019-07-28] (3 Play Networks, Inc. -> Sphinx Software)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 SRanipalService; "C:\Program Files (x86)\VIVE\SRanipal\SRanipalService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2017-02-05] (ASROCK Incorporation -> ASRock Incorporation)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-05-27] (Bitdefender SRL -> BitDefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [75560 2021-06-17] (Broadcom Corporation -> Broadcom Corporation.)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 FanatecWheelFilterUsb; C:\WINDOWS\System32\drivers\FWFilterUsb.sys [91152 2020-08-11] (Endor AG -> Endor AG)
R3 FWVirtualInputDevice; C:\WINDOWS\System32\drivers\FWVirtualInputDevice.sys [35344 2020-08-11] (Endor AG -> Endor AG)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-05-16] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-05-16] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-05-16] (Logitech Inc -> Logitech)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-13] (Malwarebytes Inc -> Malwarebytes)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
S3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [74248 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 vdvad_WaveExtensible; C:\WINDOWS\System32\drivers\vdvad.sys [41072 2019-12-21] (Virtual Desktop, Inc. -> Virtual Desktop)
R3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [67448 2019-07-14] (On-site Dental Systems (Justin Shafer) -> Shaul Eizikovich)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S1 UimBus; \SystemRoot\System32\drivers\uimbus.sys [X]
S1 Uim_DEVIM; \SystemRoot\System32\drivers\uimdevim.sys [X]
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-11-14 02:36 - 2021-11-14 03:02 - 000000000 ____D C:\ProgramData\RogueKiller
2021-11-14 02:36 - 2021-11-14 02:36 - 032596312 _____ C:\Users\Rufuz\Downloads\RogueKiller_portable64.exe
2021-11-14 02:30 - 2021-11-14 02:30 - 008553680 _____ (Malwarebytes) C:\Users\Rufuz\Desktop\adwcleaner_8.3.0(1).exe
2021-11-13 12:12 - 2021-11-13 12:15 - 000072899 _____ C:\Users\Rufuz\Desktop\Shortcut.txt
2021-11-13 12:11 - 2021-11-14 03:17 - 000042119 _____ C:\Users\Rufuz\Desktop\FRST.txt
2021-11-13 12:11 - 2021-11-13 12:15 - 000099473 _____ C:\Users\Rufuz\Desktop\Addition.txt
2021-11-13 12:10 - 2021-11-14 03:17 - 000000000 ____D C:\FRST
2021-11-13 12:09 - 2021-11-13 12:09 - 002312192 _____ (Farbar) C:\Users\Rufuz\Desktop\FRST64.exe
2021-11-13 10:49 - 2021-11-13 10:54 - 000002137 _____ C:\Users\Rufuz\Desktop\mbam.txt
2021-11-13 10:16 - 2021-11-13 10:38 - 000000000 ____D C:\Users\Rufuz\AppData\LocalLow\IGDump
2021-11-13 10:14 - 2021-11-13 10:14 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-13 10:14 - 2021-11-13 10:14 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-13 10:14 - 2021-11-13 10:14 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-11-13 10:14 - 2021-11-13 10:14 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-13 10:14 - 2021-11-13 10:14 - 000002027 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-13 10:13 - 2021-11-13 10:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-13 10:13 - 2021-11-13 10:13 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-13 10:05 - 2021-11-13 10:05 - 002101944 _____ (Malwarebytes) C:\Users\Rufuz\Desktop\MBSetup.exe
2021-11-12 15:14 - 2021-11-13 10:43 - 000002323 _____ C:\Users\Rufuz\Desktop\NWMM - New World MiniMap.lnk
2021-11-12 15:14 - 2021-11-12 15:14 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2021-11-12 15:13 - 2021-11-13 10:43 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Overwolf
2021-11-12 15:13 - 2021-11-12 15:13 - 000004382 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2021-11-12 15:13 - 2021-11-12 15:13 - 000000000 ____D C:\ProgramData\Overwolf
2021-11-12 15:13 - 2021-11-12 15:13 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-11-12 08:13 - 2021-11-12 08:13 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-12 08:13 - 2021-11-12 08:13 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-12 08:13 - 2021-11-12 08:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-12 08:13 - 2021-11-12 08:13 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-12 08:11 - 2021-11-12 08:11 - 000000000 ___HD C:\$WinREAgent
2021-11-09 11:31 - 2021-11-09 11:31 - 000020518 _____ C:\Users\Rufuz\AppData\Local\recently-used.xbel
2021-11-05 01:11 - 2021-11-05 01:11 - 000005446 _____ C:\Users\Rufuz\Desktop\New-World-Server.xlsx - Verknüpfung.lnk
2021-11-04 19:29 - 2021-11-05 08:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-11-03 08:03 - 2021-11-03 08:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-11-03 08:03 - 2021-11-03 08:03 - 000000000 ____D C:\Program Files\LGHUB
2021-11-01 20:21 - 2021-11-01 20:21 - 011792608 _____ (Tim Kosse) C:\Users\Rufuz\Downloads\FileZilla_3.56.2_win64-setup.exe
2021-11-01 01:16 - 2021-11-01 01:16 - 000000952 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.28.lnk
2021-11-01 01:14 - 2021-11-01 01:14 - 043472272 _____ ( ) C:\Users\Rufuz\Downloads\gimp-help-2.10.0-de-setup.exe
2021-11-01 01:13 - 2021-11-01 01:13 - 249654104 _____ (The GIMP Team ) C:\Users\Rufuz\Downloads\gimp-2.10.28-setup.exe
2021-10-31 13:07 - 2021-10-31 13:07 - 000062159 _____ C:\Users\Rufuz\Downloads\CRL -
2021-10-30 07:50 - 2021-10-30 07:50 - 000001930 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2021-10-30 07:50 - 2021-10-30 07:50 - 000000000 ____D C:\Program Files\Nextcloud
2021-10-26 19:25 - 2021-10-26 19:25 - 000000931 _____ C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UCR.lnk
2021-10-26 19:00 - 2021-10-21 18:49 - 001874648 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-10-26 19:00 - 2021-10-21 18:49 - 001874648 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-10-26 19:00 - 2021-10-21 18:49 - 001464952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-10-26 19:00 - 2021-10-21 18:49 - 001450232 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-10-26 19:00 - 2021-10-21 18:49 - 001450232 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-10-26 19:00 - 2021-10-21 18:49 - 001206384 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-10-26 19:00 - 2021-10-21 18:49 - 001111256 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-10-26 19:00 - 2021-10-21 18:49 - 001111256 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-10-26 19:00 - 2021-10-21 18:49 - 000965336 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-10-26 19:00 - 2021-10-21 18:49 - 000965336 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 001523336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 001172608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 000800368 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 000707728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-10-26 19:00 - 2021-10-21 18:45 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 000656512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 000635000 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 008724080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 007843984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 004938896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 002114688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 001597584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 000981112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 000452216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-10-26 19:00 - 2021-10-21 18:43 - 005727376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-10-26 19:00 - 2021-10-21 18:43 - 000849016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-10-26 19:00 - 2021-10-21 18:39 - 006430824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-10-26 19:00 - 2021-10-21 01:48 - 000085748 _____ C:\WINDOWS\system32\nvinfo.pb
2021-10-25 12:10 - 2021-10-25 12:10 - 000008858 _____ C:\Users\Rufuz\Downloads\CCIP_Abstande.xlsx
2021-10-21 17:58 - 2021-10-07 01:58 - 000038016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-10-17 09:41 - 2021-10-17 19:19 - 000017949 _____ C:\Users\Rufuz\Desktop\Crafting Ränge.xlsx
2021-10-16 15:11 - 2021-10-16 15:11 - 001372912 _____ (Overwolf Ltd.) C:\Users\Rufuz\Downloads\NWMM - New World MiniMap - Installer.exe
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-11-14 03:17 - 2020-11-17 12:22 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\vlc
2021-11-14 03:14 - 2016-11-19 09:35 - 000000000 ____D C:\Users\Rufuz\AppData\LocalLow\Mozilla
2021-11-14 03:11 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-14 02:38 - 2021-06-28 14:39 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\HueSync
2021-11-14 02:38 - 2021-05-16 09:14 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\LGHUB
2021-11-14 02:38 - 2021-05-16 09:14 - 000000000 ____D C:\Users\Rufuz\AppData\Local\LGHUB
2021-11-14 02:38 - 2021-01-11 13:36 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Signal
2021-11-14 02:38 - 2017-11-20 22:13 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\discord
2021-11-14 02:37 - 2021-09-24 11:22 - 000000000 ____D C:\Users\Rufuz\Desktop\New World
2021-11-14 02:22 - 2018-10-25 16:03 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-14 02:09 - 2019-01-09 20:57 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Discord
2021-11-13 21:54 - 2017-04-23 09:23 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-13 21:33 - 2021-06-28 21:06 - 000000000 ____D C:\Users\Rufuz\Documents\Tacview
2021-11-13 21:33 - 2020-05-23 10:05 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\AdvancedSettings-Team
2021-11-13 19:52 - 2021-09-01 19:04 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR
2021-11-13 18:59 - 2021-01-20 09:41 - 000000000 ___RD C:\Users\Rufuz\Google Drive
2021-11-13 10:48 - 2021-03-13 18:37 - 001722788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-13 10:48 - 2019-12-07 15:51 - 000743670 _____ C:\WINDOWS\system32\perfh007.dat
2021-11-13 10:48 - 2019-12-07 15:51 - 000150092 _____ C:\WINDOWS\system32\perfc007.dat
2021-11-13 10:48 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-13 10:43 - 2021-06-24 09:32 - 000000000 ___SD C:\Users\Rufuz\HAVERdrive
2021-11-13 10:43 - 2021-02-14 09:31 - 000000000 ___RD C:\Users\Rufuz\Google Drive (casual.racing.league@gmail.com)
2021-11-13 10:41 - 2021-03-13 18:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-13 10:41 - 2021-03-13 18:27 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-13 10:41 - 2021-03-13 18:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-13 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-13 10:41 - 2016-08-20 09:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-11-13 10:14 - 2021-06-24 08:50 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Nextcloud
2021-11-13 10:14 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-13 09:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-13 02:25 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-13 00:18 - 2016-05-29 11:05 - 000000000 ____D C:\Users\Rufuz\AppData\Local\CrashDumps
2021-11-12 18:38 - 2021-03-03 18:38 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\obs-studio
2021-11-12 09:27 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-12 09:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-12 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-12 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-12 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-12 08:13 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-12 08:10 - 2016-05-29 11:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-12 08:09 - 2016-05-29 11:44 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-11 01:28 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-10 17:26 - 2017-11-19 12:13 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Packages
2021-11-09 16:55 - 2020-11-26 19:09 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\FileZilla
2021-11-09 11:31 - 2020-04-24 09:23 - 000000000 ____D C:\Users\Rufuz\AppData\Local\gtk-2.0
2021-11-09 11:31 - 2020-04-24 09:02 - 000000000 ____D C:\Users\Rufuz\AppData\Local\babl-0.1
2021-11-08 20:31 - 2021-10-09 23:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-08 20:31 - 2019-02-02 01:09 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-08 18:27 - 2021-05-23 22:10 - 000002278 _____ C:\Users\Rufuz\Desktop\Teglami.rdp
2021-11-07 19:36 - 2020-06-18 05:47 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-07 15:45 - 2021-09-12 10:18 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Deployment
2021-11-07 15:42 - 2021-09-12 10:20 - 000000000 ____D C:\Users\Rufuz\AppData\Local\ACC_TV
2021-11-07 15:18 - 2021-03-13 18:40 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1354302738-180291989-3184307785-1001
2021-11-07 15:18 - 2021-03-13 18:29 - 000002441 _____ C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-06 01:11 - 2017-04-29 23:04 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Spotify
2021-11-06 01:11 - 2017-04-29 23:03 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Spotify
2021-11-05 16:31 - 2021-03-13 18:27 - 005149232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-05 16:30 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-05 16:30 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-05 15:53 - 2018-05-31 03:56 - 000000000 ____D C:\Users\Rufuz\AppData\Local\PlaceholderTileLogoFolder
2021-11-05 15:47 - 2018-07-14 18:55 - 000000000 ____D C:\Users\Rufuz\AppData\Local\D3DSCache
2021-11-05 08:11 - 2016-05-28 11:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-04 21:30 - 2021-06-25 21:32 - 002220464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-11-04 21:30 - 2021-06-25 21:32 - 000324016 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-11-04 21:30 - 2021-06-25 21:32 - 000217520 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-11-04 21:30 - 2021-06-25 21:32 - 000197048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-11-04 21:30 - 2021-06-25 21:32 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-11-04 21:30 - 2021-06-25 21:32 - 000061872 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-11-04 20:40 - 2016-05-28 11:05 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-03 08:04 - 2018-05-24 16:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-02 07:40 - 2016-10-25 18:38 - 000000000 ____D C:\Program Files\Microsoft Office
2021-11-01 20:21 - 2020-11-26 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2021-11-01 20:21 - 2020-11-26 19:09 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2021-11-01 01:27 - 2018-10-25 16:03 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Google
2021-10-31 10:04 - 2016-06-03 21:57 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Greenshot
2021-10-28 23:23 - 2021-10-09 23:51 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-28 23:23 - 2021-10-09 23:51 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-26 19:25 - 2021-09-16 18:17 - 000000837 _____ C:\Users\Rufuz\Desktop\UCR.lnk
2021-10-25 17:23 - 2021-09-13 07:18 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-10-25 17:23 - 2021-09-13 07:18 - 000001905 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-10-25 17:23 - 2021-09-13 07:18 - 000001905 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-10-25 17:23 - 2021-09-13 07:18 - 000001893 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-10-22 00:44 - 2018-07-11 16:52 - 000000000 ____D C:\ProgramData\Packages
2021-10-21 18:44 - 2021-09-29 00:21 - 000792208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-10-21 18:44 - 2021-01-20 19:57 - 002850416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-10-21 18:39 - 2021-01-20 19:57 - 007578560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-10-21 18:00 - 2021-06-28 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hue Sync
2021-10-21 18:00 - 2021-06-28 14:39 - 000000000 ____D C:\Program Files\Hue Sync
2021-10-19 11:51 - 2020-11-06 09:14 - 000000000 ____D C:\Users\Rufuz\Scan
2021-10-15 01:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-15 01:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-15 01:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-15 01:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2016-05-29 01:25 - 2020-03-19 13:38 - 000107161 _____ () C:\Users\Rufuz\IP_Log_Data.js
2016-05-29 02:00 - 2020-03-19 13:05 - 000240855 _____ () C:\Users\Rufuz\Network_Meter_Data.js
2019-12-26 14:16 - 2019-12-26 23:21 - 000000000 _____ () C:\Users\Rufuz\AppData\Roaming\.OculusDebugToolGUI
2021-06-12 15:52 - 2021-06-12 15:52 - 000000764 _____ () C:\Users\Rufuz\AppData\Roaming\.syncplay.log
2016-05-28 22:43 - 2019-12-30 13:04 - 000000626 _____ () C:\Users\Rufuz\AppData\Roaming\All CPU MeterV3_Settings.ini
2016-06-01 19:32 - 2016-10-17 10:23 - 000000841 _____ () C:\Users\Rufuz\AppData\Roaming\Drives Meter_Settings.ini
2016-05-28 22:44 - 2016-05-28 22:44 - 000000541 _____ () C:\Users\Rufuz\AppData\Roaming\Drives Monitor_Settings.ini
2016-05-29 01:26 - 2020-03-08 19:52 - 000000283 _____ () C:\Users\Rufuz\AppData\Roaming\GPU MeterV2_Settings.ini
2016-05-29 01:26 - 2019-12-26 12:04 - 000001178 _____ () C:\Users\Rufuz\AppData\Roaming\Network Meter_Settings.ini
2016-05-29 03:18 - 2020-03-19 12:38 - 000000030 _____ () C:\Users\Rufuz\AppData\Roaming\Network Meter_Usage.ini
2016-09-20 16:48 - 2017-02-04 19:27 - 000000897 _____ () C:\Users\Rufuz\AppData\Roaming\Network Monitor II_#0_Settings.ini
2016-09-21 01:43 - 2017-11-19 10:27 - 000000143 _____ () C:\Users\Rufuz\AppData\Roaming\Network Monitor II_#0_Traffic.ini
2021-05-25 18:32 - 2021-05-25 18:32 - 000000016 _____ () C:\Users\Rufuz\AppData\Roaming\obs-virtualcam.txt
2019-11-24 19:58 - 2019-12-26 12:02 - 000001760 _____ () C:\Users\Rufuz\AppData\Roaming\Ping Monitor_Settings.ini
2019-12-31 09:31 - 2019-12-31 09:31 - 000003984 _____ () C:\Users\Rufuz\AppData\Roaming\System Monitor II_CPU0_Settings.ini
2019-12-31 09:31 - 2019-12-31 15:59 - 000000116 _____ () C:\Users\Rufuz\AppData\Roaming\System Monitor II_UptimeRecord.ini
2021-05-04 20:09 - 2021-05-04 20:25 - 000006135 _____ () C:\Users\Rufuz\AppData\Roaming\VoiceMeeterDefault.xml
2016-09-20 16:51 - 2016-09-20 16:54 - 000000367 _____ () C:\Users\Rufuz\AppData\Roaming\Weather Meter_Settings.ini
2020-03-15 01:02 - 2020-03-15 01:38 - 000021547 _____ () C:\Users\Rufuz\AppData\Local\.starboard.aHR0cHM6Ly93d3cueW91dHViZS5jb20vdHY=.storage
2020-03-15 01:02 - 2020-03-15 01:02 - 000000000 _____ () C:\Users\Rufuz\AppData\Local\.starboard.storage
2016-07-03 21:06 - 2020-04-17 09:51 - 000001456 _____ () C:\Users\Rufuz\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2021-06-12 08:21 - 2021-06-12 08:21 - 000000128 _____ () C:\Users\Rufuz\AppData\Local\PUTTY.RND
2021-11-09 11:31 - 2021-11-09 11:31 - 000020518 _____ () C:\Users\Rufuz\AppData\Local\recently-used.xbel
2016-06-03 21:02 - 2019-07-23 23:32 - 000007629 _____ () C:\Users\Rufuz\AppData\Local\Resmon.ResmonCfg
2021-06-17 12:41 - 2021-06-17 12:41 - 000012288 _____ () C:\Users\Rufuz\AppData\Local\vita_uranus.data
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Geändert von cosinus (14.11.2021 um 12:41 Uhr) Grund: code tags |
|
14.11.2021, 03:24
| #8 |
| | Win 10 Start dauert sehr lange Und die Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-11-2021
durchgeführt von Rufuz (14-11-2021 03:18:18)
Gestartet von C:\Users\Rufuz\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) (2021-03-13 17:40:21)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1354302738-180291989-3184307785-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1354302738-180291989-3184307785-503 - Limited - Disabled)
Gast (S-1-5-21-1354302738-180291989-3184307785-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1354302738-180291989-3184307785-1003 - Limited - Enabled)
Rufuz (S-1-5-21-1354302738-180291989-3184307785-1001 - Administrator - Enabled) => C:\Users\Rufuz
WDAGUtilityAccount (S-1-5-21-1354302738-180291989-3184307785-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1C Online Games Launcher version 0.3.13.0 (HKLM-x32\...\{94A3D295-C31D-4A69-8C70-AE6973FB0FF9}_is1) (Version: 0.3.13.0 - 1C Online Games , LLC)
4K Video Downloader (HKLM\...\{180B9AE1-F87B-4107-8C68-4265E927D6A8}) (Version: 4.18.2.4520 - Open Media LLC)
5KPlayer (HKLM-x32\...\5KPlayer) (Version: 6.2 - DearMob, Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
ACC Results Companion (HKLM-x32\...\{3EE65D51-9B17-4C27-AEAA-E1FC9FFF7DC0}) (Version: 1.11.3 - BoHo)
ACCSetupTool (HKLM-x32\...\{AEF584B1-EFEE-4787-9AB1-24A3282A1D77}) (Version: 1.0.0 - Wally Masterson)
ACCTV (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\08cef7feea6e5132) (Version: 2.10.0.0 - ACCTV)
Advanced IP Scanner 2.5 (HKLM-x32\...\{CB67C185-D2DF-455E-B9B7-00C8E505186F}) (Version: 2.5.3850 - Famatech)
Amazon Games (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.0.4983.3 - Amazon.com Services, Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.04.28.626 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{6f87e20b-2c1c-4788-9380-541e79886292}) (Version: 2.04.28.626 - Advanced Micro Devices, Inc.) Hidden
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield V™ Open Beta (HKLM-x32\...\{2B3B5324-E6E1-4E32-9938-898AD1CA8D8A}) (Version: 1.0.57.30348 - Electronic Arts)
Breitbandmessung 2.0.3 (HKLM\...\14607473-30db-509f-94f0-bb7c085c619e) (Version: 2.0.3 - zafaco GmbH)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.0.69 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
CanoScan LiDE 400 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4813S) (Version: 1.00 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6282 - CDBurnerXP)
Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.)
CloneBD (HKLM-x32\...\CloneBD) (Version: 1.2.4.0 - Elaborate Bytes)
Core Temp 1.17 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17 - ALCPU)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Designer 2.0 (HKLM-x32\...\Designer 2.0_is1) (Version: 7.9.8 - Fomanu AG)
Discord (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
ElsterFormular (HKLM-x32\...\{1E78D7AC-9C74-4644-8DDD-4173D10CF4F4}) (Version: 21.3 - Thüringer Landesfinanzdirektion)
Epic Games Launcher (HKLM-x32\...\{CB809CC8-FB0E-4947-8BAE-749A5113CF21}) (Version: 1.1.149.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
EXIF Date Changer v3.3.6 (HKLM-x32\...\{26CA1B07-BC53-4196-B9C2-A11C6F6F3E08}_is1) (Version: - Rellik Software)
FANATEC driver package (HKLM\...\{10DC60FB-89A2-4EB7-B4F2-9E103CEE2030}) (Version: 8.41.2 - Endor AG Fanatec)
FileZilla Client 3.56.2 (HKLM-x32\...\FileZilla Client) (Version: 3.56.2 - Tim Kosse)
GIMP 2.10.28 (HKLM\...\GIMP-2_is1) (Version: 2.10.28 - The GIMP Team)
G'MIC-Qt for GIMP Version 2.9.6 (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\G'MIC-Qt for GIMP_is1) (Version: 2.9.6 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.69 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 52.0.6.0 - Google LLC)
Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google)
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
GrabIt 1.7.2 Beta 6 (build 1008) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes)
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HideVolumeOSD 1.2 (HKLM-x32\...\HideVolumeOSD_is1) (Version: 1.2 - Venturi)
HTC Package for DirectX 9.0 (HKLM-x32\...\{1f4410e4-d28c-48e1-8745-e4a2cb505d5f}) (Version: 1.3.0.0 - HTC Corp.) Hidden
HTC Package for DirectX 9.0 (x86/x64) (HKLM-x32\...\{C36F2FA2-BF52-4D61-9812-CFEF43D2EE2C}) (Version: 1.3.0.0 - HTC Corp.) Hidden
Hue Sync (HKLM\...\{C0270355-35E2-4862-8B57-A7C1A258AF77}) (Version: 1.7.0.19 - Signify Netherlands B.V.)
Huion Tablet v14.8.166.1482 (HKLM\...\{62047893-F186-48B8-83A5-1C74D8666D19}_is1) (Version: v14.8.166.1482 - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{94A137EA-92EF-441C-A7E2-6757CC08EA82}) (Version: 5.0.10.2907 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
JiveX DICOM Viewer Light 4.7.2 (HKLM-x32\...\JiveX DICOM Viewer Light 4.7.2) (Version: - VISUS Technology Transfer GmbH)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kodi (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Kodi) (Version: - XBMC Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Leawo Blu-ray Player Version 1.10.0.2 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.10.0.2 - Leawo Software)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.11.8744 - Logitech)
Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.14527.20234 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x86) (HKLM-x32\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (de-DE) (HKLM-x32\...\{955F43D9-38C4-4C22-BEE3-1A6C63F968FA}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (de-DE, Hedda) (HKLM-x32\...\{ACFCC7B5-C028-40AE-A5F5-9778B41F22A2}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.7 (x64) (HKLM-x32\...\{4545d600-b3a9-467c-a68b-e70ae51c8382}) (Version: 5.0.7.30113 - Microsoft Corporation)
MoTeC i2 Pro (x64) 1.1 (HKLM\...\{DB478073-FDF0-4544-AAA5-14D84EE17084}) (Version: 7.01.5255 - MoTeC)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 94.0.1 (x64 de)) (Version: 94.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 94.0.1.7977 - Mozilla)
Mp3tag v2.90a (HKLM-x32\...\Mp3tag) (Version: 2.90a - Florian Heidenreich)
MPC-HC 1.9.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.8 - MPC-HC Team)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger)
Nextcloud (HKLM\...\{3A99002F-BABA-4378-BB20-44C94A159696}) (Version: 3.3.6.20211028 - Nextcloud GmbH)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.2 - Notepad++ Team)
NVIDIA Broadcast 1.3.0.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.3.0.45 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 496.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.49 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.38.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.92 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
NWMM - New World MiniMap (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Overwolf_mdhcjmlgojogdppbljcopjlggkpgnhhjedllcecm) (Version: 0.1.5 - Overwolf app)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenVR Advanced Settings (HKLM-x32\...\OpenVRAdvancedSettings) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.90.45798 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.184.0.35 - Overwolf Ltd.)
OvGME version 1.7.4 (HKLM\...\{B1539DF0-0BB5-48A8-BF6F-1099D861B4F8}_is1) (Version: 1.7.4 - Ovoid)
PDF24 Creator 10.0.12 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.12 - PDF24.org)
PDFCreator (HKLM\...\{00010FEF-82A2-497E-983A-7105A0364FA7}) (Version: 4.2.0 - pdfforge GmbH)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd)
Plex Media Server (HKLM-x32\...\{6713f73b-dbfe-45da-a517-33a93ff8c390}) (Version: 1.2.7.2987 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{D2C8A865-4227-46D0-AD2B-D2BDFE3CFF48}) (Version: 1.2.2987 - Plex, Inc.) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8710.1 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
Riftcat 2 (HKLM-x32\...\{e09280fa-4176-4170-8c77-f600baec4e38}) (Version: 2.0.3 - Riftcat)
Riftcat 2.0 Client (HKLM-x32\...\{79E6C20C-D6F7-4F9E-997E-A62398ED4591}) (Version: 2.0.0.0 - Riftcat) Hidden
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.36.344 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung DeX (HKLM-x32\...\{5E2BEDEC-EEE1-49B7-A9D0-6971AFA9B5F2}) (Version: 1.0.2.26 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{bc458b5f-1945-4287-8fae-353650fd3109}) (Version: 1.0.2.26 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.31.0 - Samsung Electronics Co., Ltd.)
Self-Service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
Shotcut (HKLM\...\Shotcut) (Version: 20.11.28 - Meltytech, LLC)
Signal 5.23.1 (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.23.1 - Open Whisper Systems)
SimHub version 7.1.4 (HKLM-x32\...\{019253FE-5A17-42BE-A6B8-D71A729FA5DE}_is1) (Version: 7.1.4 - Wotever)
Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)
Skype Version 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18124.4 - Samsung Electronics Co., Ltd.)
Smart View (HKLM-x32\...\{C7B50A89-F1D6-41C1-9375-0AF0C4CFE66F}) (Version: 1.0.0.0 - Samsung )
Spotify (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Spotify) (Version: 1.1.44.538.g8057de92 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{B0ACB88E-38A1-4712-BD0C-C5463959127F}) (Version: 1.2.2987 - Plex, Inc.) Hidden
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-24922 - Synology)
Tacview (beta) (HKLM-x32\...\{96BA4CFE-E018-44D2-B04D-4272A6C807E7}) (Version: 1.8.7 beta 8 - Raia Software Inc.)
Tacview (HKLM-x32\...\{0C8810C3-63D0-4B23-BAB3-257FF8AF8BCC}) (Version: 1.8.6 - Raia Software Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Tobii VRU02 Runtime (HKLM-x32\...\{E74E378C-4C07-416C-A6CC-B241BD002E1F}) (Version: 1.16.36 - Tobii AB)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
TreeSize Free V4.5.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.5.2 - JAM Software)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 29.0 - Ubisoft)
VAICOM PRO for DCS World (HKLM-x32\...\{032E60E8-A323-445C-B0D6-53ADDD09072A}) (Version: 2.5.23 - 315 Interactive Software)
VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Virtual Desktop Service (HKLM\...\{EC4A7B11-5AD2-49A7-BB93-15D0EB9E7106}) (Version: 1.18.5 - Virtual Desktop, Inc.)
vJoy Device Driver 2.1.9.1 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 2.1.9.1 - Shaul Eizikovich)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VPC Software Suite version 20210102 (HKLM-x32\...\{2D922289-8AA1-49FF-9CCF-F2833A69D857}_is1) (Version: 20210102 - VIRPIL Controls)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Wargaming.net Game Center) (Version: 21.1.1.4281 - Wargaming.net)
WebP Codec for Windows 0.19 (HKLM\...\{9D2F4EB8-98AD-4C8B-A0C5-4C114B3F1287}) (Version: 0.19.9 - Google Inc)
Windows10FirewallControl Free 8.4.0.79 (HKLM\...\Windows10FirewallControl_is1) (Version: 8.4.0.79 - BTR Technologies Corp)
Windows-PC-Integritätsprüfung (HKLM\...\{63EFBDB5-01B0-4614-BE9F-7F1908E42275}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Windows-Treiberpaket - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Windows-Treiberpaket - Graphics Tablet (WinUsb) USBDevice (04/10/2017 8.33.30.0) (HKLM\...\C1E56E8DB50F6668739EA600882230E1A899978E) (Version: 04/10/2017 8.33.30.0 - Graphics Tablet)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World_of_Warships_Eu (HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-20] (Canon Inc.)
Forza Horizon 5 -> C:\Program Files\WindowsApps\Microsoft.624F8B84B80_3.405.2.0_x64__8wekyb3d8bbwe [2021-10-31] (Microsoft Studios)
Forza Horizon 5 Expansion 1 -> C:\Program Files\WindowsApps\Microsoft.Expansion1FH5_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-22] (Microsoft Studios)
Forza Horizon 5 Expansion 2 -> C:\Program Files\WindowsApps\Microsoft.Expansion2FH5_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-22] (Microsoft Studios)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Free Color Picker -> C:\Program Files\WindowsApps\AnywaySoftInc.FreeColorPicker_1.2.0.0_x64__0qkrc2qacwvfm [2021-11-11] (AnywaySoft, Inc.) [MS Ad]
HoloTour -> C:\Program Files\WindowsApps\Microsoft.6191099C588EB_100.1803.9001.0_x64__8wekyb3d8bbwe [2021-11-11] (Microsoft Corporation)
HP Reverb G2 VR Headset Setup -> C:\Program Files\WindowsApps\AD2F1837.HPReverbG2VRHeadsetSetup_1.0.8.0_x64__v10z8vjag6ke6 [2021-11-11] (HP Inc.)
Image Resizer for Windows 10 -> C:\Program Files\WindowsApps\22450.ImageResizerforWindows10_2.0.0.0_x64__0aqw1zw0x2snt [2021-11-11] (韵华软件)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-11] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-08-12] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-26] (NVIDIA Corp.)
OpenXR Entwicklertools für Windows Mixed Reality -> C:\Program Files\WindowsApps\Microsoft.MixedRealityRuntimeDeveloperPreview_108.2109.21002.0_x64__8wekyb3d8bbwe [2021-09-27] (Microsoft Corporation)
OpenXR Preview Runtime for Windows Mixed Reality -> C:\Program Files\WindowsApps\Microsoft.WindowsMixedReality.PreviewRuntime_108.2109.21002.0_x64__8wekyb3d8bbwe [2021-09-27] (Microsoft Platform Extensions)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2020-06-12] (Realtek Semiconductor Corp)
Resize Image -> C:\Program Files\WindowsApps\8273mfetzel.ResizeImage_21.3.426.0_x64__c0krq7an0ms3c [2021-03-21] (Get-the-solution)
SBB Uhr -> C:\Program Files\WindowsApps\SchweizerischeBundesbahne.SBBUhr_2.1.1.21_neutral__cacfmp0t4hxer [2021-05-19] (Schweizerische Bundesbahnen SBB)
Search Bar Connector -> C:\Program Files\WindowsApps\35998AlexanderSworski.CortanaConnector_1.4.7.0_x64__f1p03rq2y10n8 [2021-11-11] (Alexander Sworski)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2021-11-11] (Ookla)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-13] (Twitter Inc.)
Windbg Preview -> C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe [2021-11-11] (Microsoft Corporation)
Xbox Zubehör -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.2110.13001.0_x64__8wekyb3d8bbwe [2021-10-24] (Microsoft Corporation)
XboxInsiderHub -> C:\Program Files\WindowsApps\Microsoft.XboxInsider_1.2110.21001.0_x64__8wekyb3d8bbwe [2021-11-11] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{07474513-7B58-45c7-B3E6-13A3669B1AFD}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\IntelDTSReader.dll (Orbmu2k) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CoreTempGadget2.8.gadget\CoreTempReader.dll () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{0d049955-5051-42fe-a154-85670ad2d993} -> [Nextcloud] => C:\Users\Rufuz\HAVERdrive [2021-06-24 09:32]
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Network_Meter_V8.4.gadget\netlib.dll (AddGadgets IT -> Jonathan Abbott)
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{2F5DA951-82C6-471e-90BD-CAB15552A932}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\QuadCoreUsage18.gadget\SharedMemoryReader.dll (Orbmu2k) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPU_Meter.gadget\GPUStatusReader.dll (AddGadgets IT -> Orbmu2k)
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{771CF1A6-FC96-45cf-B011-6469F0E56F64}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\SpeedfanMeter.gadget\SpeedfanReader.dll (Orbmu2k) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GPUObserver36c.gadget\GPUStatusReader.dll (Orbmu2k) [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-1354302738-180291989-3184307785-1001_Classes\CLSID\{A4FEF2CE-E494-419e-ABCC-B2E993FB6BC0}\InprocServer32 -> C:\Users\Rufuz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GlassyCPUMonitor.gadget\Release\ProcessMonitor64.dll (TODO: <Firmenname>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [ NextcloudError] -> {E0342B74-7593-4C70-9D61-22F294AAFE05} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOK] -> {E1094E94-BE93-4EA2-9639-8475C68F3886} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOKShared] -> {E243AD85-F71B-496B-B17E-B8091CBE93D2} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudSync] -> {E3D6DB20-1D83-4829-B5C9-941B31C0C35A} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudWarning] -> {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-07-16] (Notepad++ -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [Datei ist nicht signiert]
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2020-07-10] (Dev Code-Sign -> pdfforge GmbH) [Datei ist nicht signiert] [Datei wird verwendet]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [NextcloudContextMenuHandler] -> {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} => C:\Program Files\Nextcloud\shellext\NCContextMenu.dll [2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-09-23] (Florian Heidenreich) [Datei ist nicht signiert]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\52.0.6.0\drivefsext.dll [2021-10-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\nvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2021-10-28 12:29 - 2021-10-28 12:29 - 000099328 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_cfapi.dll
2021-10-28 12:30 - 2021-10-28 12:30 - 000030208 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_suffix.dll
2018-09-23 12:23 - 2018-09-23 12:23 - 000424448 _____ (Florian Heidenreich) [Datei ist nicht signiert] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2018-05-04 17:47 - 2020-09-08 09:59 - 000221184 _____ (Graphics Tablet) [Datei ist nicht signiert] C:\WINDOWS\system32\wintab32.dll
2016-12-27 10:22 - 2016-10-04 15:51 - 000076800 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
2020-12-06 10:04 - 2020-12-06 10:04 - 000116736 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\pdfcmon.dll
2021-01-05 00:34 - 2020-03-16 14:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] E:\Origin\LIBEAY32.dll
2021-01-05 00:34 - 2020-03-16 14:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] E:\Origin\ssleay32.dll
2021-01-05 00:34 - 2020-01-15 11:24 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\platforms\qwindows.dll
2021-01-05 00:34 - 2020-01-15 11:24 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Core.dll
2021-01-05 00:34 - 2020-01-15 11:24 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Gui.dll
2021-01-05 00:34 - 2020-01-15 11:24 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Network.dll
2021-01-05 00:34 - 2020-01-15 11:25 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5WebSockets.dll
2021-01-05 00:34 - 2020-01-15 11:25 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Widgets.dll
2021-01-05 00:34 - 2020-01-15 11:25 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] E:\Origin\Qt5Xml.dll
2021-10-28 12:34 - 2021-10-28 12:34 - 005972464 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Nextcloud\Qt5Core.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [464]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKU\S-1-5-21-1354302738-180291989-3184307785-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-1354302738-180291989-3184307785-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO: Kein Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> Keine Datei
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 08:24 - 2021-02-12 00:16 - 000001043 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\Control Panel\Desktop\\Wallpaper -> \\beryllium\photo\sonstige\wallpapers\5120x1440\0sjha6.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "Huion Tablet.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "TabletDriver"
HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\StartupApproved\Run: => "Magnet.bootstrap_Vive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{6DFCE2A7-84B6-4836-9CB7-0D338205ACCB}] => (Allow) D:\Steam\SteamApps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{663F25F9-4658-4D03-BD65-29411817C6A1}] => (Allow) D:\Steam\SteamApps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{2BE017DF-DF8B-487C-B1D2-B35CF2FC4004}] => (Allow) D:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [Datei ist nicht signiert]
FirewallRules: [{80615B34-4507-4359-9448-94ADD0A76896}] => (Allow) D:\Steam\SteamApps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B1643D93-F033-4890-A76C-DE96317A274C}C:\program files (x86)\simhub\simhubwpf.exe] => (Allow) C:\program files (x86)\simhub\simhubwpf.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{A2D2E195-EAB7-45AB-9568-701FC782D935}C:\program files (x86)\simhub\simhubwpf.exe] => (Allow) C:\program files (x86)\simhub\simhubwpf.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{9C860FD9-FFC2-4935-9704-206D70CD6CBB}D:\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) D:\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe => Keine Datei
FirewallRules: [TCP Query User{F1D52B6E-F626-480E-BFCB-69E269FDF443}D:\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) D:\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe => Keine Datei
FirewallRules: [{60115772-AA16-433E-9369-0E554BE30382}] => (Allow) E:\SteamLibrary\steamapps\common\OVR_AdvancedSettings\AdvancedSettings.exe () [Datei ist nicht signiert]
FirewallRules: [{CDF908F8-FAA9-4039-B580-8648AB8AEE4D}] => (Allow) E:\SteamLibrary\steamapps\common\OVR_AdvancedSettings\AdvancedSettings.exe () [Datei ist nicht signiert]
FirewallRules: [{7944A3A7-7FCF-4B4D-AE3C-04A3184FD00B}] => (Allow) D:\Steam\SteamApps\common\MicrosoftFlightSimulator\FlightSimulator.exe (Asobo Studio) [Datei ist nicht signiert]
FirewallRules: [{5BF94A08-C4A1-4620-B222-6DFA592319D3}] => (Allow) D:\Steam\SteamApps\common\MicrosoftFlightSimulator\FlightSimulator.exe (Asobo Studio) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{7D42D9E3-3D99-41BA-92F7-16220DCCE0F3}C:\program files\motec\discovery\1.0\motec.discovery.exe] => (Allow) C:\program files\motec\discovery\1.0\motec.discovery.exe (MoTeC Pty Ltd -> MoTeC Pty Ltd)
FirewallRules: [TCP Query User{B93F3C7E-36F7-4208-B00B-9AD5F61E51D8}C:\program files\motec\discovery\1.0\motec.discovery.exe] => (Allow) C:\program files\motec\discovery\1.0\motec.discovery.exe (MoTeC Pty Ltd -> MoTeC Pty Ltd)
FirewallRules: [{7FEAD71B-AC35-4069-9135-494B9D1BBEE6}] => (Allow) D:\Steam\SteamApps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [Datei ist nicht signiert]
FirewallRules: [{D215CB7A-6178-46C0-B6CB-6C6C9A5FAB24}] => (Allow) D:\Steam\SteamApps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [Datei ist nicht signiert]
FirewallRules: [{DC83D692-CD9F-4FC3-82FA-DE604EBE0827}] => (Allow) E:\SteamLibrary\steamapps\common\respawn-entertainment-medal-of-honor-above-and-beyond\Mohab.exe (Respawn) [Datei ist nicht signiert]
FirewallRules: [{DB1F597E-30C9-46AC-B1AF-859B65DE0B13}] => (Allow) E:\SteamLibrary\steamapps\common\respawn-entertainment-medal-of-honor-above-and-beyond\Mohab.exe (Respawn) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{3BE9AE5B-EA8A-4486-93FE-065438E1CAB6}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{047B7161-C565-4EB0-8EF6-7086A7519461}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{693EB636-F90C-4233-B947-C7953C46FA48}] => (Allow) D:\Steam\SteamApps\common\Assetto Corsa Competizione\acc.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{04F13AFB-6715-4716-A034-D80EDB014A37}] => (Allow) D:\Steam\SteamApps\common\Assetto Corsa Competizione\acc.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{EA9BEE2F-5E8E-4EBA-8B15-DDF5F32FD760}C:\users\rufuz\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\rufuz\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3A1FD87C-D149-45B6-9C44-B06C95F77D38}C:\users\rufuz\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\rufuz\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{825D23AF-31EC-4AAC-883E-DAE159D46861}] => (Allow) D:\Steam\SteamApps\common\IL-2 Sturmovik Battle of Stalingrad\bin\game\Il-2.exe (1C-777 Limited) [Datei ist nicht signiert]
FirewallRules: [{39CFD715-9D21-46C2-9CC7-504CA47F46E2}] => (Allow) D:\Steam\SteamApps\common\IL-2 Sturmovik Battle of Stalingrad\bin\game\Il-2.exe (1C-777 Limited) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{70515237-DE72-48EE-945F-74B26CED7E38}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [TCP Query User{9870F2AD-F1FC-4CCD-8BF7-4CB377610EDB}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [UDP Query User{9995B9DA-A6A9-4477-98D5-D0BB668F3DA1}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [TCP Query User{D496B77A-9622-4D34-BB50-3D6160C20118}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{349ED576-32E3-4F50-A48D-FB395D775A35}] => (Allow) D:\Steam\SteamApps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert]
FirewallRules: [{7207B2BB-3940-48D5-8CF3-23056AC24B6B}] => (Allow) D:\Steam\SteamApps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert]
FirewallRules: [{D8976998-DB13-49AB-BED1-56DE561E7BF7}] => (Allow) E:\SteamLibrary\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments) [Datei ist nicht signiert]
FirewallRules: [{FF8707FB-0D8F-4759-B7C2-68B24A4D6C31}] => (Allow) E:\SteamLibrary\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments) [Datei ist nicht signiert]
FirewallRules: [{A90707E5-D197-47C4-A4D0-0252C27A28B1}] => (Allow) D:\Steam\SteamApps\common\Phoenix\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02F9DB18-D7AD-4A6A-BB12-1A65065E6E4A}] => (Allow) D:\Steam\SteamApps\common\Phoenix\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6BC64586-955F-49C3-B48D-1AE6D581D1EB}] => (Allow) D:\Steam\SteamApps\common\Cyberpunk 2077\REDprelauncher.exe => Keine Datei
FirewallRules: [{4F6965D0-E268-496B-A7BF-7B950DFA1F41}] => (Allow) D:\Steam\SteamApps\common\Cyberpunk 2077\REDprelauncher.exe => Keine Datei
FirewallRules: [{EAC02788-848D-44B5-8E5A-3A1EEEA9820C}] => (Allow) D:\Steam\SteamApps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert]
FirewallRules: [{D53134ED-4DF4-49EF-9BF9-601A5925E4E4}] => (Allow) D:\Steam\SteamApps\common\Beat Saber\Beat Saber.exe () [Datei ist nicht signiert]
FirewallRules: [{38574E4A-D984-471F-A9EF-1E133EE0798B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DCD531B3-9CDE-4F84-8FCC-A9607F5F6C5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{51C70A05-8C21-4D79-A058-11EF626F4C45}] => (Allow) D:\Steam\SteamApps\common\F1 2020\F1_2020.exe => Keine Datei
FirewallRules: [{98AE7DF9-873C-4BDF-B98F-9F1E93649F6D}] => (Allow) D:\Steam\SteamApps\common\F1 2020\F1_2020.exe => Keine Datei
FirewallRules: [{89EC73F4-0B65-4F9C-BBBD-002F5AC264A2}] => (Allow) D:\Steam\SteamApps\common\F1 2020\F1_2020_dx12.exe => Keine Datei
FirewallRules: [{CC378F5B-6C27-4481-8E53-0FFB6D6885F0}] => (Allow) D:\Steam\SteamApps\common\F1 2020\F1_2020_dx12.exe => Keine Datei
FirewallRules: [{106397BE-F0C7-4C71-9E82-8275E8081175}] => (Allow) E:\SteamLibrary\steamapps\common\STAR WARS Squadrons\starwarssquadrons_launcher.exe (Electronic Arts, Inc. -> Epic Games, Inc)
FirewallRules: [{36676DB2-C137-468C-AD0F-DC494C047F35}] => (Allow) E:\SteamLibrary\steamapps\common\STAR WARS Squadrons\starwarssquadrons_launcher.exe (Electronic Arts, Inc. -> Epic Games, Inc)
FirewallRules: [{264B52AB-5267-4F16-849F-18DEE6D7887F}] => (Allow) D:\Steam\SteamApps\common\Assetto Corsa Competizione Dedicated Server\server\accServer.exe () [Datei ist nicht signiert]
FirewallRules: [{EF175CFB-05BA-45AC-9B5E-6F4719B8C4F0}] => (Allow) D:\Steam\SteamApps\common\Assetto Corsa Competizione Dedicated Server\server\accServer.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{CF73872B-856A-438A-9250-A7DD90DB51FF}D:\steam\steamapps\common\raw data\rawdata\binaries\win64\rawdata-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\raw data\rawdata\binaries\win64\rawdata-win64-shipping.exe (Survios) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{4B9A381E-C673-46D0-A450-F4959672CCCA}D:\steam\steamapps\common\raw data\rawdata\binaries\win64\rawdata-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\raw data\rawdata\binaries\win64\rawdata-win64-shipping.exe (Survios) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4D2EA82C-93CA-4D34-9F8C-AE59FF391203}E:\steamlibrary\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe (NordicTrolls) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{0CCEF87B-94B6-4E65-BA79-CF4E46A81FD9}E:\steamlibrary\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\karnage chronicles\karnagevr\binaries\win64\karnagevr-win64-shipping.exe (NordicTrolls) [Datei ist nicht signiert]
FirewallRules: [{0F3C6704-A05D-40CA-91CF-2AE8CC0696FE}] => (Allow) E:\SteamLibrary\steamapps\common\IronWolf\IW.exe () [Datei ist nicht signiert]
FirewallRules: [{A337BE97-CA76-41FA-97B1-31C364F901DF}] => (Allow) E:\SteamLibrary\steamapps\common\IronWolf\IW.exe () [Datei ist nicht signiert]
FirewallRules: [{015EF755-4C03-494A-9858-D0CA82F073E7}] => (Allow) D:\Steam\SteamApps\common\Bigscreen\Bigscreen.exe () [Datei ist nicht signiert]
FirewallRules: [{213D12B3-8CF4-40B0-9E3B-879A0FAE909D}] => (Allow) D:\Steam\SteamApps\common\Bigscreen\Bigscreen.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{1C6BA039-6DE7-41C4-9C01-D7F1B0A9DFA6}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty Software, Inc. -> DearMob)
FirewallRules: [TCP Query User{F4238CE6-330F-4020-BBE9-03804CAF8287}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty Software, Inc. -> DearMob)
FirewallRules: [{C1A2B18A-B673-4788-A3C6-23FF6A42B66C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EABE0C5C-4B2F-4DA8-A8A3-DD72A4EF567F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F0D60AA1-1CBE-43A0-8599-460873FC1120}C:\users\rufuz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rufuz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{46813E09-5D20-442B-9EC9-DB184ABAC332}C:\users\rufuz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rufuz\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DE845DC-BFB8-4908-9AD6-5ECDD1FBFC58}] => (Allow) D:\Steam\SteamApps\common\DCSWorld\bin\DCS.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [{22E619AB-B972-429E-8AA2-9CDFE7BF2E0F}] => (Allow) D:\Steam\SteamApps\common\DCSWorld\bin\DCS.exe (Eagle Dynamics SA -> Eagle Dynamics)
FirewallRules: [UDP Query User{79E1537D-C5A0-4FB8-9820-C8B1A3AC72BF}D:\steam\steamapps\common\skybox vr video player\steamvr_sourcevrplayer.exe] => (Allow) D:\steam\steamapps\common\skybox vr video player\steamvr_sourcevrplayer.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{29B0749B-AC4C-4D1F-AC08-C31AE47A13F8}D:\steam\steamapps\common\skybox vr video player\steamvr_sourcevrplayer.exe] => (Allow) D:\steam\steamapps\common\skybox vr video player\steamvr_sourcevrplayer.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4C168705-ACC7-4FC9-B524-7EA0D905E2C5}D:\steam\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe (Kunos Simulazioni) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{84DB46CA-9C4C-4B38-A972-E3B2B4CC076A}D:\steam\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe (Kunos Simulazioni) [Datei ist nicht signiert]
FirewallRules: [{CB87A5E3-C403-44A5-9844-F1A0D4249ABA}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{464F19C7-4E7A-4623-AB0D-9E6871B051F8}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{270BD580-2386-40DD-BB85-272227BDB5B0}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{EDA14681-8DB2-4D7F-94B3-73028C154560}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{B9917407-9239-486B-B697-E6BAE76D291E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => Keine Datei
FirewallRules: [TCP Query User{6F913F71-6935-4251-A29A-874B6440FA9A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => Keine Datei
FirewallRules: [TCP Query User{433503CA-7315-4FEC-BDAE-C2ECDDBEDAAB}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe (NADEO SASU -> Nadeo)
FirewallRules: [UDP Query User{7180A4BB-7662-4DC4-84DE-AD89D129DB90}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe (NADEO SASU -> Nadeo)
FirewallRules: [{48CAFA87-21C2-4B4D-91FD-EF38D63532B7}] => (Allow) D:\Steam\SteamApps\common\Star Trek Bridge Crew\stbc.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{ED26BFD9-A618-4229-AE64-E8C60357D1B6}] => (Allow) D:\Steam\SteamApps\common\Star Trek Bridge Crew\stbc.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{5EDE037A-8CCA-4F22-B80E-99D7A07B8697}] => (Allow) D:\Steam\SteamApps\common\VTOL VR\VTOLVR.exe () [Datei ist nicht signiert]
FirewallRules: [{95E31994-1A77-4BC9-857E-349492402F00}] => (Allow) D:\Steam\SteamApps\common\VTOL VR\VTOLVR.exe () [Datei ist nicht signiert]
FirewallRules: [{C1C42096-77B6-4B28-93CA-719C6C0EE86D}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{A8E20B8E-8273-404C-8219-873B7773C39E}] => (Allow) E:\SteamLibrary\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{EDADD362-EDF2-405C-A94F-098D7DEAC5DB}] => (Allow) D:\Steam\SteamApps\common\Eleven Table Tennis VR\pong_waves_vr.exe () [Datei ist nicht signiert]
FirewallRules: [{2E2D951D-F2F5-4AB2-92CB-DEF04885EE04}] => (Allow) D:\Steam\SteamApps\common\Eleven Table Tennis VR\pong_waves_vr.exe () [Datei ist nicht signiert]
FirewallRules: [{C5C859BA-0688-4825-B7FC-A175C98B1AD8}] => (Allow) D:\Steam\SteamApps\common\Virtual Desktop\Virtual Desktop.exe (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
FirewallRules: [{1478A62E-698C-4324-ACC2-1959F8C982EC}] => (Allow) D:\Steam\SteamApps\common\Virtual Desktop\Virtual Desktop.exe (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
FirewallRules: [{EDA26395-947E-48F5-9D12-C6D37240FBB1}] => (Allow) E:\SteamLibrary\steamapps\common\Black Mesa\bms.exe () [Datei ist nicht signiert]
FirewallRules: [{227DED97-1373-4585-AE41-BEB933BCABDD}] => (Allow) E:\SteamLibrary\steamapps\common\Black Mesa\bms.exe () [Datei ist nicht signiert]
FirewallRules: [{8A0DCA61-C03E-4E5C-B028-45140272B3D4}] => (Allow) D:\Steam\SteamApps\common\Portal Reloaded\portal2.exe () [Datei ist nicht signiert]
FirewallRules: [{017C8944-4C80-4115-965A-C5A7E0ED5BA6}] => (Allow) D:\Steam\SteamApps\common\Portal Reloaded\portal2.exe () [Datei ist nicht signiert]
FirewallRules: [{6DFFF3B8-4654-48DC-9197-C30036930497}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F54CE614-413C-4A64-8F12-5945AC6B89B0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D600DDA3-0D5D-46C6-8E24-22A564BE7529}] => (Allow) D:\Steam\SteamApps\common\fpsVR\fpsVR.exe (SBSoftLab) [Datei ist nicht signiert]
FirewallRules: [{D87E2FE5-41BB-4BCB-8870-06F9BFED25A6}] => (Allow) D:\Steam\SteamApps\common\fpsVR\fpsVR.exe (SBSoftLab) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{93F2ED1B-ABB1-47A6-92B4-9E2CF28D7570}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{871C2B86-168D-4089-9514-516EC42B70B7}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{5EE7885F-AA1A-4384-8447-F8BD80B28B21}] => (Allow) D:\Steam\SteamApps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{81DF333E-8785-4893-A2B7-94050CA15F8D}] => (Allow) D:\Steam\SteamApps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [TCP Query User{D1643BAF-A0C0-49B3-B289-56FACFC10AD3}D:\steam\steamapps\common\voiceattack\apps\vaicompro\vaicompro.exe] => (Allow) D:\steam\steamapps\common\voiceattack\apps\vaicompro\vaicompro.exe (315 Interactive Software) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{9A10DB95-9F8A-4052-B157-CCA54BB0A140}D:\steam\steamapps\common\voiceattack\apps\vaicompro\vaicompro.exe] => (Allow) D:\steam\steamapps\common\voiceattack\apps\vaicompro\vaicompro.exe (315 Interactive Software) [Datei ist nicht signiert]
FirewallRules: [{555BA286-40C9-4B06-8B3A-EFBF0FABBAC3}] => (Allow) D:\Steam\SteamApps\common\raceroom racing experience\Game\x64\RRRE64.exe => Keine Datei
FirewallRules: [{734A9EE3-60D8-4FD2-B7FC-21BABEDD989E}] => (Allow) D:\Steam\SteamApps\common\raceroom racing experience\Game\x64\RRRE64.exe => Keine Datei
FirewallRules: [{BD85B917-A7DA-4B1F-8F99-56F466B4C3D7}] => (Allow) D:\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe => Keine Datei
FirewallRules: [{30A70D26-E6BD-41AA-8E67-967B3405445D}] => (Allow) D:\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe => Keine Datei
FirewallRules: [TCP Query User{875DC99B-E17B-4483-B210-E8D83B605B8D}C:\program files\dcs-simpleradio-standalone\sr-clientradio.exe] => (Allow) C:\program files\dcs-simpleradio-standalone\sr-clientradio.exe (Open Source Developer, Ciaran Fisher -> Ciribob - GitHub.com/Ciribob)
FirewallRules: [UDP Query User{AB4ADB19-0434-4515-8EBC-C3B765043679}C:\program files\dcs-simpleradio-standalone\sr-clientradio.exe] => (Allow) C:\program files\dcs-simpleradio-standalone\sr-clientradio.exe (Open Source Developer, Ciaran Fisher -> Ciribob - GitHub.com/Ciribob)
FirewallRules: [{1F1974EA-EE4C-40C5-BE5F-F43411D3C7D7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{86D3DA85-E242-4233-8367-7D9889A35851}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [TCP Query User{0836BB90-FAEE-4107-81DC-5653D548502D}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{8EBD0CA8-D83E-430F-B93E-4E8A164F9EA7}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{8BB8D9FD-27F7-47E4-A2E6-6B03A38DA2A0}] => (Allow) D:\Steam\SteamApps\common\ContractorsVR\Contractors.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{4D49DBA0-FF2C-4C44-B9B0-E47B416EED06}] => (Allow) D:\Steam\SteamApps\common\ContractorsVR\Contractors.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{BAB50C1B-73C3-4088-84DD-92F070AD017F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{371216CB-A92D-4958-99E7-561C63DB5BC5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{DADB2C9E-F897-475A-8154-5C3CD0E4071F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{BFAEC499-D9F7-401C-B75D-69B8E40C1F62}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => Keine Datei
FirewallRules: [{EEEC2BE4-175F-4EA7-B30D-893C5B3D8C67}] => (Allow) D:\Steam\SteamApps\common\EarthVR\Earth.exe (Google Inc -> Google Inc)
FirewallRules: [{0C9BD9F9-867B-4337-96F1-7A148DFE64A1}] => (Allow) D:\Steam\SteamApps\common\EarthVR\Earth.exe (Google Inc -> Google Inc)
FirewallRules: [{FFCD1FA2-D8EE-4C73-AB8A-F573F05AF2F0}] => (Allow) E:\SteamLibrary\steamapps\common\KartKraft\project_k.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{E44C6044-7289-4532-AC13-4B570A34E4F7}] => (Allow) E:\SteamLibrary\steamapps\common\KartKraft\project_k.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{E0FFEFA6-201B-4F2C-881A-2F6F21265010}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{096CAD80-CE33-4140-9B26-9AE6EA0DB72E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0B2D0545-127F-4930-A6AA-7B74AA2E1CB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D9E20C33-7F0E-409A-8E4D-7598B486BCD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{207B2904-1B1A-4CCC-A5F4-66C3CEE2DF5C}] => (Allow) D:\Steam\SteamApps\common\rocketleague\Binaries\Win64\RocketLeague.exe => Keine Datei
FirewallRules: [{916D2D99-0184-475B-AF89-089F617737A6}] => (Allow) D:\Steam\SteamApps\common\rocketleague\Binaries\Win64\RocketLeague.exe => Keine Datei
FirewallRules: [TCP Query User{3F864BD7-DB25-483A-8C0A-3661F7C1E086}C:\program files\hue sync\huesync.exe] => (Allow) C:\program files\hue sync\huesync.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.)
FirewallRules: [UDP Query User{58158E38-10B5-47E4-A2EA-C4712715036B}C:\program files\hue sync\huesync.exe] => (Allow) C:\program files\hue sync\huesync.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.)
FirewallRules: [{CFE662B8-9720-4546-B6ED-EF99009BD4BF}] => (Allow) C:\Program Files (x86)\Tacview\Tacview64.exe (Raia Software Inc. -> )
FirewallRules: [{F1C91DEE-46B1-4E9B-8038-10C1F93CC792}] => (Allow) C:\Program Files (x86)\Tacview\Tacview64.exe (Raia Software Inc. -> )
FirewallRules: [{ED1C5A47-EA3B-449F-83A1-5CA1095EA345}] => (Allow) E:\SteamLibrary\steamapps\common\Vox Machinae\vm.exe () [Datei ist nicht signiert]
FirewallRules: [{A3C7B38B-D1E2-40E6-9C60-9C930B16FB8E}] => (Allow) E:\SteamLibrary\steamapps\common\Vox Machinae\vm.exe () [Datei ist nicht signiert]
FirewallRules: [{6C66162E-DC31-4A14-96ED-01365D3D5B0D}] => (Allow) D:\Steam\SteamApps\common\Project CARS 2\pCARS2.exe (Slightly Mad Studios Ltd) [Datei ist nicht signiert]
FirewallRules: [{17A09B31-E8A1-4C68-A36B-B11680D218FA}] => (Allow) D:\Steam\SteamApps\common\Project CARS 2\pCARS2.exe (Slightly Mad Studios Ltd) [Datei ist nicht signiert]
FirewallRules: [{DAC6260E-4896-43E0-9C31-F4F9D20EC4AA}] => (Allow) E:\SteamLibrary\steamapps\common\Company of Heroes 3 - Pre-Alpha Preview\RelicAnvil.exe => Keine Datei
FirewallRules: [{402E6560-5373-4624-9023-4C629E7814ED}] => (Allow) E:\SteamLibrary\steamapps\common\Company of Heroes 3 - Pre-Alpha Preview\RelicAnvil.exe => Keine Datei
FirewallRules: [{A3BE5DE2-CD36-4AEF-9B88-65CDD58766AC}] => (Allow) E:\SteamLibrary\steamapps\common\New World Closed Beta\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)
FirewallRules: [{C8889C6B-92CD-40C3-9E26-CE696B7A3949}] => (Allow) E:\SteamLibrary\steamapps\common\New World Closed Beta\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{5479A169-FEAE-4500-838F-47814FDB31D9}E:\steamlibrary\steamapps\common\new world closed beta\bin64\newworld.exe] => (Allow) E:\steamlibrary\steamapps\common\new world closed beta\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [UDP Query User{FD9400AB-2A58-4C2D-93FE-B44DFC9CA95C}E:\steamlibrary\steamapps\common\new world closed beta\bin64\newworld.exe] => (Allow) E:\steamlibrary\steamapps\common\new world closed beta\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [{4F2B5090-A240-4668-83C4-C8D14CC65C25}] => (Allow) C:\Program Files (x86)\Tacview (beta)\Tacview64.exe (Raia Software Inc. -> )
FirewallRules: [{1F35A41E-A8FF-4697-ACA4-E7AB98F97242}] => (Allow) C:\Program Files (x86)\Tacview (beta)\Tacview64.exe (Raia Software Inc. -> )
FirewallRules: [{85516D45-F80D-42A9-BD79-7C95C8A710F3}] => (Allow) D:\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{280022B0-D087-4367-968E-6343DACC74C5}] => (Allow) D:\Steam\SteamApps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{671A0606-675E-4839-B86C-D9CB0B80D0C5}] => (Allow) D:\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{10F36E28-4537-4655-B4D1-EAE93F773B2F}] => (Allow) D:\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{74D0A1B9-31B5-400D-8391-4FA136A055CA}] => (Allow) D:\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{BB7EE3FE-8345-4762-B227-15932B41EA4C}] => (Allow) D:\Steam\SteamApps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve -> )
FirewallRules: [{EAF3B7F6-4209-444E-AD6F-E78A680CA62F}] => (Allow) E:\SteamLibrary\steamapps\common\Age of Empires IV Beta\RelicCardinal.exe => Keine Datei
FirewallRules: [{AA079DFD-49AF-4971-A06B-F0FEAA69252E}] => (Allow) E:\SteamLibrary\steamapps\common\Age of Empires IV Beta\RelicCardinal.exe => Keine Datei
FirewallRules: [TCP Query User{A46DC815-54C9-4C79-9F0E-D9DD01CF5B3B}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{07FF1E8D-4E5B-47C0-9CC7-B7138CE0C43C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{9DC69843-4D44-4BAA-A266-260707146669}F:\syncplay_1.6.8_portable\syncplayserver.exe] => (Allow) F:\syncplay_1.6.8_portable\syncplayserver.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{65083783-0E1F-4069-AF27-C5F483B8CB68}F:\syncplay_1.6.8_portable\syncplayserver.exe] => (Allow) F:\syncplay_1.6.8_portable\syncplayserver.exe () [Datei ist nicht signiert]
FirewallRules: [{EDCC378D-A74B-405B-86D2-04675B96F261}] => (Allow) D:\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe () [Datei ist nicht signiert]
FirewallRules: [{8356FA7C-D4A4-4792-A026-F9C02AACA8C9}] => (Allow) D:\Steam\SteamApps\common\The Lab\TheLab\win64\TheLab.exe () [Datei ist nicht signiert]
FirewallRules: [{2BDAED27-8810-4622-9CF2-E0FE502EFCB8}] => (Allow) E:\SteamLibrary\steamapps\common\MixedRealityVRDriver\bin\win64\Launch.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A1BA7ED-D9A4-4ACB-8492-D4835FFAD82D}] => (Allow) E:\SteamLibrary\steamapps\common\MixedRealityVRDriver\bin\win64\Launch.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C08C3027-67C7-4FE5-8CBB-013E9CB4C518}] => (Allow) E:\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)
FirewallRules: [{1B0DFF45-23D6-4E73-B12E-A49AE9A38405}] => (Allow) E:\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{EF86BE1F-2C15-4767-88CE-F2ABDB5432F8}E:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) E:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [UDP Query User{09961B4C-686E-4FC0-9C81-BBBB31386CBA}E:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) E:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [{15F2C6E5-D15C-4522-937E-FF759FB31486}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6DD6B6AC-3BFE-4874-89D1-196C776A1D98}] => (Allow) E:\SteamLibrary\steamapps\common\Kayak VR Playtest\WindowsNoEditor\Kayak_VR.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{DE527FAF-FE05-487E-8313-63316556762E}] => (Allow) E:\SteamLibrary\steamapps\common\Kayak VR Playtest\WindowsNoEditor\Kayak_VR.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{7C8407D6-4AA9-483E-868F-8E3680AB84D4}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{52C3A62A-BEC1-4B55-ACC7-8B495E104EE8}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{57ADAD09-AE43-4485-B726-681168EFF058}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4715E5A1-39C9-42C1-941A-BAC15FF28AF3}] => (Allow) E:\SteamLibrary\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{C15270E4-EB86-4765-974D-E66FD42596DB}] => (Allow) E:\SteamLibrary\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{4CBCFD7D-7F54-4A11-BB1D-4BE540E50008}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2ADA76B9-ACDB-4928-8270-B9D8AA67B065}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{03264EA4-8409-4782-A993-4451C907B0F9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5DDE7AF-0B9B-4B2C-A62F-7CCB69832183}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe\x86\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FE7E7AC-1B8D-4E2F-9C43-0D7C7B39711F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe\x86\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E02375E0-5DD5-4F45-B018-71BF55BDDD75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe\amd64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0BD2C14-5597-47BF-92F2-D54B878A0392}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe\amd64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1ED5FCBB-A343-4C90-8414-16B11581EF3A}] => (Allow) D:\Steam\SteamApps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{0F4C3F28-A535-40A4-BACF-565AE8C2408A}] => (Allow) D:\Steam\SteamApps\common\Half-Life Alyx\game\bin\win64\hlvr.exe (Valve -> )
FirewallRules: [{553D0CED-A2E3-489E-982C-D74A922EA88E}] => (Allow) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{36925F74-AFFB-4015-8429-EBCFA0FC0E2E}] => (Allow) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{85E5D838-9FBC-4241-B76D-6D66931EB0A9}] => (Block) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DC4E667A-74DD-4592-ABD8-B79828A0A92F}] => (Block) C:\Program Files (x86)\Overwolf\0.184.0.35\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe] => Designer.exe
==================== Wiederherstellungspunkte =========================
12-11-2021 08:11:04 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (11/13/2021 07:52:46 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DURANIUM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (11/13/2021 07:51:27 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DURANIUM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (11/13/2021 12:18:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RocketLeague.exe, Version: 1.0.10897.0, Zeitstempel: 0x616f76e8
Name des fehlerhaften Moduls: EOSSDK-Win64-Shipping.dll, Version: 1.13.0.0, Zeitstempel: 0x614289bc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000406ccf
ID des fehlerhaften Prozesses: 0x67c0
Startzeit der fehlerhaften Anwendung: 0x01d7d80fe53c002f
Pfad der fehlerhaften Anwendung: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Pfad des fehlerhaften Moduls: E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\EOSSDK-Win64-Shipping.dll
Berichtskennung: e497f48c-e045-4fb5-b790-38a6f7bfcc7f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/12/2021 09:42:52 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DURANIUM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (11/12/2021 03:13:23 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DURANIUM)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Error: (11/12/2021 09:27:14 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (11/12/2021 09:27:14 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (11/12/2021 09:27:14 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Systemfehler:
=============
Error: (11/13/2021 10:41:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SRanipalService" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/13/2021 10:40:51 AM) (Source: DCOM) (EventID: 10010) (User: DURANIUM)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
================
Date: 2021-11-14 03:01:05
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/OpenCandy&threatid=223695&enterprise=0
Name: PUA:Win32/OpenCandy
Schweregrad: Noch nicht klassifiziert
Kategorie: Unbekannt
Pfad: file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$R7AEKJK.exe; file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$RAPT9JD.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer:
Prozessname: C:\Users\Rufuz\Downloads\RogueKiller_portable64.exe
Sicherheitsversion: AV: 1.353.929.0, AS: 1.353.929.0, NIS: 1.353.929.0
Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-06 11:44:59
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {1F5F0A47-1A9C-439C-A086-2F6F5BA5061F}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2021-10-31 14:35:29
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/DownloadSponsor&threatid=311978&enterprise=0
Name: PUADlManager:Win32/DownloadSponsor
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$RGHDD34.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DURANIUM\Rufuz
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.353.137.0, AS: 1.353.137.0, NIS: 1.353.137.0
Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-10-31 14:35:24
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/OpenCandy&threatid=223695&enterprise=0
Name: PUA:Win32/OpenCandy
Schweregrad: Noch nicht klassifiziert
Kategorie: Unbekannt
Pfad: file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$R7AEKJK.exe; file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$RAPT9JD.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: DURANIUM\Rufuz
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.353.137.0, AS: 1.353.137.0, NIS: 1.353.137.0
Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-10-31 14:34:54
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/OpenCandy&threatid=223695&enterprise=0
Name: PUA:Win32/OpenCandy
Schweregrad: Noch nicht klassifiziert
Kategorie: Unbekannt
Pfad: file:_C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$R7AEKJK.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: DURANIUM\Rufuz
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.353.137.0, AS: 1.353.137.0, NIS: 1.353.137.0
Modulversion: AM: 1.1.18700.4, NIS: 1.1.18700.4
CodeIntegrity:
===============
Date: 2021-10-17 11:43:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume5\Program Files\Google\Drive File Stream\51.0.16.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. P4.00 04/15/2021
Hauptplatine: ASRock X570 Pro4
Prozessor: AMD Ryzen 5 5600X 6-Core Processor
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 32686.45 MB
Verfügbarer physikalischer RAM: 23634.18 MB
Summe virtueller Speicher: 37550.45 MB
Verfügbarer virtueller Speicher: 24484.82 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:464.19 GB) (Free:126.01 GB) NTFS
Drive d: (Games) (Fixed) (Total:931.51 GB) (Free:168.2 GB) NTFS
Drive e: (Games) (Fixed) (Total:931.51 GB) (Free:212.12 GB) NTFS
Drive f: (Daten) (Fixed) (Total:1863.01 GB) (Free:79.59 GB) NTFS
Drive g: (rufuz64@gmail.com - Google Drive) (Fixed) (Total:100 GB) (Free:36.28 GB) FAT32
Drive h: (casual.racing.league@gmail.co...) (Fixed) (Total:100 GB) (Free:45.34 GB) FAT32
\\?\Volume{00092176-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{538a6a1f-4dc8-6248-5b5f-13c49b28a56a}\ () (Fixed) (Total:101.08 GB) (Free:0 GB) NTFS
\\?\Volume{2c8d4a56-5754-8dc0-bdb2-51d4222273ae}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{5a1847b4-f61e-e681-1673-885e9dc9b270}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{00092176-0000-0000-0000-702b74000000}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{00092176-0000-0000-0000-474e74000000}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 68CA5102)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: C99D012A)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 000896DA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 00092176)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=556 MB) - (Type=27)
Partition 4: (Not Active) - (Size=550 MB) - (Type=27)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 5.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 6.
==================== Ende von Addition.txt =======================
Geändert von cosinus (14.11.2021 um 12:40 Uhr) Grund: code tags |
|
14.11.2021, 09:16
| #9 |
| /// TB-Ausbilder | Win 10 Start dauert sehr lange Gut gemacht. Wir entfernen letzte Reste und kontrollieren nochmal alles. Schritt 1 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
Schritt 2
Bitte poste mit deiner nächsten Antwort:
|
|
14.11.2021, 19:01
| #10 |
| | Win 10 Start dauert sehr lange Hallo, leider hat der Durchlauf etwas... länger gedauert. Nachdem in 5h von 60 GB ca. 50 GB in AppData/Local/Temp gelöscht waren brauchte ich dringend den Rechner. Da sich der Vorgang nicht unterbrechen ließ, musste ich booten und habe keine log Datei. Leider meckert defender immer noch wegen OpenCandy und DownloadSponsor. Kann aber auch sein dass es sich dabei unm eine alte Meldung handelt, man kann den Status da nicht so recht herauslesen. Macht es Sinn, den Code einfach noch einmal auszuführen? Würde ich diesmal die Nacht über laufen lassen. |
|
14.11.2021, 20:39
| #11 | ||
| /// TB-Ausbilder | Win 10 Start dauert sehr langeZitat:
 Wieso hast du auch 60 GB als temporäre Dateien unter %temp%? Da stimmt auf deinem System aber etwas nicht. So etwas hatte ich echt noch nie. Zitat:
|
|
15.11.2021, 10:01
| #12 | |
| | Win 10 Start dauert sehr lange Guten Morgen, FRST hat seine Arbeit beendet, hier die Logdatei. Der Ordner AppData/Local/Temp beinhaltet jetzt 14,8 GB. Zitat:
Die Windows Sicherheit zeigt mir immer noch ein gelbes Ausrufezeichen: "App- & Browsersteuerung: Es wurde eine potentiell unerwünschte App gefunden. Möglicherweise reagiert ihr Gerät langsam." DownloadSponsor wurde blockiert, aber bei OpenCandy zeigt der Schutzverlauf immer noch "Bedrohung gefunden - Aktion erforderlich" Erkannt: PUA:Win32/OpenCandy Status: Aktiv Betroffene Elemente: file: C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$R7AEKJK.exe file: C:\$Recycle.Bin\S-1-5-21-1354302738-180291989-3184307785-1001\$RAPT9JD.exe Als Aktion steht "Entfernen" zur Auswahl. Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-11-2021
durchgeführt von Rufuz (15-11-2021 02:23:17) Run:2
Gestartet von C:\Users\Rufuz\Desktop
Geladene Profile: Rufuz
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
DeleteKey: HKCU\Software\Lavasoft
DeleteKey: HKLM\Software\Wow6432Node\Lavasoft
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
BootExecute: autocheck autochk * bddel.exe
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
Task: {260F3033-CD8A-42E1-A91A-A45373D426C0} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {7E0254FE-CE84-4F15-B74B-FFA47916E868} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => nicht gefunden
S2 SRanipalService; "C:\Program Files (x86)\VIVE\SRanipal\SRanipalService.exe" [X]
S1 UimBus; \SystemRoot\System32\drivers\uimbus.sys [X]
S1 Uim_DEVIM; \SystemRoot\System32\drivers\uimdevim.sys [X]
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
AlternateDataStreams: C:\Users\Public\AppData:CSM [464]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
BHO: Kein Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> Keine Datei
IE trusted site: HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\webcompanion.com -> hxxp://webcompanion.com
Unlock: C:\WINDOWS\system32\drivers\etc\hosts
C:\WINDOWS\system32\drivers\etc\hosts
HKLM\...\StartupApproved\Run32: => "Redirector"
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: Bitsadmin /Reset /Allusers
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
powershell: Set-MpPreference -PUAProtection Enabled
powershell: Set-MpPreference -DisableScanningNetworkFiles 0
StartRegedit:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl]
"AutoReboot"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoUpdate"=-
[SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection]
"DisableBehaviorMonitoring"=-
"DisableOnAccessProtection"=-
"DisableScanOnRealtimeEnable"=-
EndRegedit:
Hosts:
RemoveProxy:
EmptyTemp:
*****************
SystemRestore: On => abgeschlossen
Wiederherstellungspunkt wurde erfolgreich erstellt.
Prozesse erfolgreich geschlossen.
HKCU\Software\Lavasoft => nicht gefunden
HKLM\Software\Wow6432Node\Lavasoft => nicht gefunden
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG => erfolgreich wiederhergestellt
HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => Wert erfolgreich wiederhergestellt
"C:\WINDOWS\system32\GroupPolicy\Machine" => nicht gefunden
C:\ProgramData\NTUSER.pol => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{260F3033-CD8A-42E1-A91A-A45373D426C0}" => nicht gefunden
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => nicht gefunden
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E0254FE-CE84-4F15-B74B-FFA47916E868}" => nicht gefunden
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => nicht gefunden
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => nicht gefunden
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => nicht gefunden
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => nicht gefunden
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => nicht gefunden
"HKLM\Software\Mozilla\Firefox\Extensions\\bdwtwe@bitdefender.com" => nicht gefunden
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\bdwtwe@bitdefender.com" => nicht gefunden
SRanipalService => Dienst nicht gefunden.
UimBus => Dienst nicht gefunden.
Uim_DEVIM => Dienst nicht gefunden.
VBAudioVMVAIOMME => Dienst nicht gefunden.
"AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}" => nicht gefunden
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => nicht gefunden
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => nicht gefunden
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => nicht gefunden
"C:\Users\Public\AppData" => ":CSM" ADS nicht gefunden.
"C:\Users\Public\Shared Files" => ":VersionCache" ADS nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => nicht gefunden
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => nicht gefunden
"C:\WINDOWS\system32\drivers\etc\hosts" => wurde entsperrt
C:\WINDOWS\system32\drivers\etc\hosts => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Redirector" => nicht gefunden
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Redirector" => nicht gefunden
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset catalog =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
========= netsh advfirewall reset =========
OK.
========= Ende von CMD: =========
========= netsh advfirewall set allprofiles state ON =========
OK.
========= Ende von CMD: =========
========= Bitsadmin /Reset /Allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
0 out of 0 jobs canceled.
========= Ende von CMD: =========
========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========
Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========
========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========
Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========
========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========
Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========
========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========
Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========
========= Set-MpPreference -PUAProtection Enabled =========
========= Ende von Powershell: =========
========= Set-MpPreference -DisableScanningNetworkFiles 0 =========
========= Ende von Powershell: =========
Registry ====> Der Vorgang wurde erfolgreich beendet.
Hosts erfolgreich wiederhergestellt.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-1354302738-180291989-3184307785-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-1354302738-180291989-3184307785-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
========= Ende von RemoveProxy: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 54114862 B
Java, Flash, Steam htmlcache => 80022861 B
Windows/system/drivers => 896391 B
Edge => 0 B
Chrome => 0 B
Firefox => 3649543665 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 2000 B
Rufuz => 6419898903 B
OVRLibraryService => 6419898903 B
RecycleBin => 80259260664 B
EmptyTemp: => 90.2 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 05:45:11 ====
Geändert von Rufuz (15.11.2021 um 10:16 Uhr) |
|
15.11.2021, 10:19
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 10 Start dauert sehr lange Mach mal wenn ihr hier fertig seid, eine Datenträgerbereinigung (cleanmgr.exe), das sollte eigentlich alles in deinem tmp löschen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.11.2021, 13:48
| #14 |
| /// TB-Ausbilder | Win 10 Start dauert sehr lange Du kannst auf "Entfernen" drücken beim Windows Defender für diesen Fund. Bitte dann zuerst (wie von cosinus erwähnt) in die Suchleiste "cleanmgr.exe" eingeben und damit die Datenträgerbereinigung starten. Laufwerk C: auswählen. Überall ein Häkchen setzen und mit "Ok" bestätigen. Die Sicherheitsabfrage mit "Dateien löschen" bestätigen. Bitte abschließend noch die neuen Logdateien von FRST (Schritt 2) posten. |
|
16.11.2021, 18:58
| #15 |
| | Win 10 Start dauert sehr lange Der Hinweis vom Defender bleibt, der streikt anscheinend. Oder ich mache etwas falsch: https://youtu.be/KwSKf2ujapg Die Datenträgerbereinigung ist durch. Hier noch die beiden Dateien FRST.txt und Addition.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2021
durchgeführt von Rufuz (Administrator) auf DURANIUM (14-11-2021 03:17:28)
Gestartet von C:\Users\Rufuz\Desktop
Geladene Profile: Rufuz
Plattform: Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(3 Play Networks, Inc. -> Sphinx Software) C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe
(3 Play Networks, Inc. -> Sphinx Software) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
(Electronic Arts, Inc. -> Electronic Arts) E:\Origin\OriginWebHelperService.exe
(Endor AG -> ) C:\Program Files\Fanatec\Fanatec Wheel\FWPnpService.exe
(geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\52.0.6.0\crashpad_handler.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe <7>
(Greenshot) [Datei ist nicht signiert] C:\Program Files\Greenshot\Greenshot.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.1001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.10202.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.10202.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Spectrum.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6>
(Nextcloud GmbH -> Nextcloud GmbH) C:\Program Files\Nextcloud\nextcloud.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NvVirtualCamera\NVIDIA Broadcast.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe <2>
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Scarlet.Crush Productions) [Datei ist nicht signiert] F:\_Portable\PS3 Controller\bin\ScpService.exe
(Shenzhen Huion Animation Technology Co.,LTD -> ) C:\Huion Tablet\x64\TabletDriverCore.exe
(Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tobii AB -> ) C:\Program Files (x86)\Tobii\Tobii VRU02 Runtime\platform_runtime_VR4U2P2_service.exe
(Virtual Desktop, Inc. -> Virtual Desktop, Inc.) C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot) [Datei ist nicht signiert]
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [878584 2019-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Windows10FirewallControl] => C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe [1803824 2019-07-28] (3 Play Networks, Inc. -> Sphinx Software)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [TabletDriver] => C:\Huion Tablet\x64\TabletDriverCore.exe [333544 2020-10-24] (Shenzhen Huion Animation Technology Co.,LTD -> )
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443968 2021-11-03] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [2739008 2021-10-28] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [HueSync] => C:\Program Files\Hue Sync\HueSync.exe [20154280 2021-08-23] (Signify Netherlands B.V. -> Signify Netherlands B.V.)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [Magnet.bootstrap_Vive] => "C:\Program Files (x86)\VIVE\PCClient\Vive.exe" --silent (Keine Datei)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [BakkesMod] => C:\Program Files\BakkesMod\BakkesMod.exe [16066560 2021-05-04] () [Datei ist nicht signiert]
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\Rufuz\AppData\Local\Programs\signal-desktop\Signal.exe [136232376 2021-11-10] (Signal Messenger, LLC -> Open Whisper Systems)
HKU\S-1-5-21-1354302738-180291989-3184307785-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1806680 2021-10-31] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2020-12-06] (pdfforge GmbH) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-10-28] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HideVolumeOSD.lnk [2017-07-22]
ShortcutTarget: HideVolumeOSD.lnk -> C:\Program Files (x86)\HideVolumeOSD\HideVolumeOSD.exe (Venturi) [Datei ist nicht signiert]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Huion Tablet.lnk [2020-12-30]
ShortcutTarget: Huion Tablet.lnk -> C:\Huion Tablet\Huion Tablet.exe (Shenzhen Huion Animation Technology Co.,LTD -> )
BootExecute: autocheck autochk * bddel.exe
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05D71B87-D9D0-465B-B501-D7DC12519DDF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22655904 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {1BDF682C-9847-40A3-9074-4A3C6C96EBB7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314256 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {1CDC08B6-AA17-46BE-8F00-F6F58DCCB450} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {216D93D7-6AE1-4652-AE4A-102910A452DA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {21E14460-042B-456E-B711-E90D1491C7E1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {242507AC-76A8-4967-90A9-26D4D667D381} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {260F3033-CD8A-42E1-A91A-A45373D426C0} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {287FA373-DDD1-4C4C-8439-FDBA944ADFEC} - System32\Tasks\Core Temp Autostart Rufuz => C:\Program Files\Core Temp\Core Temp.exe [1031512 2021-04-01] (ALCPU -> ALCPU)
Task: {2AC8F50D-84ED-4BFE-91F1-C4452F045471} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [22267088 2021-09-01] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2E41A145-077C-4011-BE9C-E3A5810B215E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {318676CD-3B2A-4E70-BF19-D5855AA58963} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-31] (Overwolf Ltd -> Overwolf LTD)
Task: {31E71847-2604-464D-B777-A6BDEACB8861} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {586A2693-EE96-49A1-8E3C-584C153B4C85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5DC7B3AA-5941-476D-9E5F-5A5DB045DE75} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22655904 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {644EC301-90E6-4333-B017-ED24CC34D3B2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D3A225A-5A2C-458B-96CF-1E634104DD52} - System32\Tasks\{D97764FA-C04F-472B-9BF2-3B712677EF82} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {6DFEC72F-9CA7-475D-B2B1-E927541AAD2A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E0254FE-CE84-4F15-B74B-FFA47916E868} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {842D6D20-4D20-4E1A-B7BD-B6281AD84463} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9084BCE0-F4F5-46B2-A729-2C8659420242} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-25] (Google Inc -> Google Inc.)
Task: {909EA4A5-1859-485C-9E7B-9ADBF44589D3} - System32\Tasks\SafeZone scheduled Autoupdate 1464429621 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei)
Task: {A1C66833-1B7A-4F99-B8D5-DD71489D693A} - System32\Tasks\GPU Temp\Startup => C:\Program Files (x86)\GPU Temp\GPUTemp.exe [1032192 2011-10-01] (gputemp.com) [Datei ist nicht signiert]
Task: {A9465F63-FD74-4A24-813A-A2A950BCC071} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AAF982D1-4C4C-402E-A5BE-B5C396CB3B4B} - System32\Tasks\elevator_b58b0b144169daf1a5b3ae13ea6f5142 => C:\Program Files (x86)\SimHub\SimHubWPF.exe [2995200 2020-10-11] () [Datei ist nicht signiert]
Task: {ACD24385-C79A-4362-99DB-B447FD921C20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-25] (Google Inc -> Google Inc.)
Task: {AD5AA462-DE7B-4664-90A2-5BF1646BFD0F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8314256 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0B57FA7-3524-4AB8-8060-0EE5FED22BDE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {C999D290-0D1E-4CF6-BC43-B2C5642E4FD7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CA7380EC-BBC6-48A6-BBE6-018A3553F891} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {CD9F3423-1FEC-4711-8D81-D326CE095E06} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {D418ACA5-9373-4766-9E06-9376C0157677} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E1E50819-412A-42CE-A697-2A627195A00F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4487904 2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
Task: {F1387320-E286-44DD-93A5-8AC5F76EDE71} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F4142315-99D1-4D76-BFCF-66965117A6D2} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {FA00E159-5FB4-4572-A406-90D11DFDE23D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{430afc92-c19b-4475-b66c-ee649c05e911}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6a9f485a-f821-43c2-a828-e1e22575ec8c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9aef3068-3555-4aab-9389-f3da809d5d4a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{bb73d5f1-614a-49e7-aa81-a6c312f842fb}: [DhcpNameServer] 192.168.178.1
Edge:
=======
DownloadDir: C:\Users\Rufuz\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Rufuz\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-05]
Edge DownloadDir: Default -> C:\Users\Rufuz\Downloads
Edge StartupUrls: Default -> "hxxps://google.de/"
Edge Profile: C:\Users\Rufuz\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2020-12-17]
FireFox:
========
FF DefaultProfile: b3mulky7.default
FF ProfilePath: C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\ou1uqo97.Anonym [2021-11-07]
FF ProfilePath: C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\paukqpxj.CRL [2021-11-08]
FF Homepage: Mozilla\Firefox\Profiles\paukqpxj.CRL -> www.google.de
FF ProfilePath: C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default [2021-11-14]
FF Homepage: Mozilla\Firefox\Profiles\b3mulky7.default -> www.google.de
FF Notifications: Mozilla\Firefox\Profiles\b3mulky7.default -> hxxps://rltracker.pro; hxxps://www.hardwareluxx.de; hxxps://forums.newworld.com
FF Extension: (Netflix Super Browse) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\@cyris.xpi [2017-10-21] []
FF Extension: (AdBlocker Ultimate) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\adblockultimate@adblockultimate.net.xpi [2021-10-08]
FF Extension: (Tampermonkey) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\firefox@tampermonkey.net.xpi [2021-07-08]
FF Extension: (Netflix Plus) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\jid0-thbzZj1IIKe4A7ggnuyqMnmaa5U@jetpack.xpi [2017-10-21]
FF Extension: (Decentraleyes) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2021-09-03]
FF Extension: (I don't care about cookies) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-10-28]
FF Extension: (Dark Background and Light Text) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\jid1-QoFqdK4qzUfGWQ@jetpack.xpi [2021-02-09]
FF Extension: (FindFlix: Netflix Secret Category Finder) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\njgopmododdceghkcgbmgfffamnjbjno@chrome-store-foxified-unsigned.xpi [2017-10-21]
FF Extension: (uMatrix) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\uMatrix@raymondhill.net.xpi [2021-07-20]
FF Extension: (Dark Theme for Google™) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{026cca71-a2e2-4020-840d-f2759849d62e}.xpi [2021-09-12]
FF Extension: (All-in-One Sidebar) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2017-08-18] []
FF Extension: (Stylus Blue) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{11a41736-a1d5-4b1d-9cc3-983ed6a3ad30}.xpi [2019-06-30]
FF Extension: (Firefox Carbon) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{155bf27e-5389-49ee-bda7-b7a91631b899}.xpi [2019-06-30]
FF Extension: (NoScript) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-08-31]
FF Extension: (Tab Auto Refresh) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{7fee47a1-8299-4576-90bf-5fd88d756926}.xpi [2021-07-21]
FF Extension: (ReloadEvery) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2017-03-12] []
FF Extension: (Password Exporter) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-07-04] []
FF Extension: (Video DownloadHelper) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-03]
FF Extension: (Greasemonkey) - C:\Users\Rufuz\AppData\Roaming\Mozilla\Firefox\Profiles\b3mulky7.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-07-08]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => nicht gefunden
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=5.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2016-03-16] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1354302738-180291989-3184307785-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1354302738-180291989-3184307785-1001: jpl.nasa.gov/NASAEyes -> C:\Users\Rufuz\AppData\Roaming\JPL-NASA-Caltech\NASA's Eyes\npNASAEyes.dll [2018-12-05] (NASA Jet Propulsion Laboratory -> Jet Propulsion Laboratory)
FF Plugin HKU\S-1-5-21-1354302738-180291989-3184307785-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Rufuz\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1354302738-180291989-3184307785-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Rufuz\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default [2021-11-01]
CHR HomePage: Default -> hxxp://www.google.de/
CHR Extension: (Präsentationen) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-09]
CHR Extension: (Docs) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-09]
CHR Extension: (Google Drive) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-09]
CHR Extension: (YouTube) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-09]
CHR Extension: (Tabellen) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-09]
CHR Extension: (Google Docs Offline) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-01]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-11-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-09]
CHR Extension: (Benutzerdefiniertes Profilbild für Netflix™) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\olimcenppncifgiahopimblidefpdffi [2021-11-01]
CHR Extension: (Google Mail) - C:\Users\Rufuz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-09]
CHR HKU\S-1-5-21-1354302738-180291989-3184307785-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-11-21] (BattlEye Innovations e.K. -> )
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144784 2018-04-18] (Canon Inc. -> CANON INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2017-04-23] (Creative Labs) [Datei ist nicht signiert]
R2 Ds3Service; F:\_Portable\PS3 Controller\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1113864 2020-09-20] (Bayerisches Landesamt fuer Steuern -> )
S3 fpsVR Service - CPU Temperature Counter; C:\Program Files\fpsVR\fpsvrCPUTempCounterService.exe [10752 2021-05-13] () [Datei ist nicht signiert]
R2 FWPnpService; C:\Program Files\Fanatec\Fanatec Wheel\FWPnpService.exe [423288 2021-01-06] (Endor AG -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11148864 2021-11-03] (Logitech Inc -> Logitech, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-13] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2523448 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3478336 2020-12-02] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-31] (Overwolf Ltd -> Overwolf LTD)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1897456 2016-11-08] (Plex, Inc -> Plex, Inc.)
S3 Rockstar Service; E:\Rockstar Games\Launcher\RockstarService.exe [1676696 2021-03-15] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 Tobii VRU02 Runtime; C:\Program Files (x86)\Tobii\Tobii VRU02 Runtime\platform_runtime_VR4U2P2_service.exe [4010344 2020-01-29] (Tobii AB -> )
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [253912 2019-10-30] (Synology Inc. -> )
R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [1964824 2021-05-26] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Windows10FirewallService; C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe [4170264 2019-07-28] (3 Play Networks, Inc. -> Sphinx Software)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 SRanipalService; "C:\Program Files (x86)\VIVE\SRanipal\SRanipalService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AsrDrv101; C:\WINDOWS\SysWOW64\Drivers\AsrDrv101.sys [22280 2017-02-05] (ASROCK Incorporation -> ASRock Incorporation)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-05-27] (Bitdefender SRL -> BitDefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [75560 2021-06-17] (Broadcom Corporation -> Broadcom Corporation.)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 FanatecWheelFilterUsb; C:\WINDOWS\System32\drivers\FWFilterUsb.sys [91152 2020-08-11] (Endor AG -> Endor AG)
R3 FWVirtualInputDevice; C:\WINDOWS\System32\drivers\FWVirtualInputDevice.sys [35344 2020-08-11] (Endor AG -> Endor AG)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-05-16] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-05-16] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-05-16] (Logitech Inc -> Logitech)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-13] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-13] (Malwarebytes Inc -> Malwarebytes)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
S3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [74248 2019-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 vdvad_WaveExtensible; C:\WINDOWS\System32\drivers\vdvad.sys [41072 2019-12-21] (Virtual Desktop, Inc. -> Virtual Desktop)
R3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [67448 2019-07-14] (On-site Dental Systems (Justin Shafer) -> Shaul Eizikovich)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S1 UimBus; \SystemRoot\System32\drivers\uimbus.sys [X]
S1 Uim_DEVIM; \SystemRoot\System32\drivers\uimdevim.sys [X]
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-11-14 02:36 - 2021-11-14 03:02 - 000000000 ____D C:\ProgramData\RogueKiller
2021-11-14 02:36 - 2021-11-14 02:36 - 032596312 _____ C:\Users\Rufuz\Downloads\RogueKiller_portable64.exe
2021-11-14 02:30 - 2021-11-14 02:30 - 008553680 _____ (Malwarebytes) C:\Users\Rufuz\Desktop\adwcleaner_8.3.0(1).exe
2021-11-13 12:12 - 2021-11-13 12:15 - 000072899 _____ C:\Users\Rufuz\Desktop\Shortcut.txt
2021-11-13 12:11 - 2021-11-14 03:17 - 000042119 _____ C:\Users\Rufuz\Desktop\FRST.txt
2021-11-13 12:11 - 2021-11-13 12:15 - 000099473 _____ C:\Users\Rufuz\Desktop\Addition.txt
2021-11-13 12:10 - 2021-11-14 03:17 - 000000000 ____D C:\FRST
2021-11-13 12:09 - 2021-11-13 12:09 - 002312192 _____ (Farbar) C:\Users\Rufuz\Desktop\FRST64.exe
2021-11-13 10:49 - 2021-11-13 10:54 - 000002137 _____ C:\Users\Rufuz\Desktop\mbam.txt
2021-11-13 10:16 - 2021-11-13 10:38 - 000000000 ____D C:\Users\Rufuz\AppData\LocalLow\IGDump
2021-11-13 10:14 - 2021-11-13 10:14 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-13 10:14 - 2021-11-13 10:14 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-13 10:14 - 2021-11-13 10:14 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-11-13 10:14 - 2021-11-13 10:14 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-13 10:14 - 2021-11-13 10:14 - 000002027 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-13 10:13 - 2021-11-13 10:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-13 10:13 - 2021-11-13 10:13 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-13 10:05 - 2021-11-13 10:05 - 002101944 _____ (Malwarebytes) C:\Users\Rufuz\Desktop\MBSetup.exe
2021-11-12 15:14 - 2021-11-13 10:43 - 000002323 _____ C:\Users\Rufuz\Desktop\NWMM - New World MiniMap.lnk
2021-11-12 15:14 - 2021-11-12 15:14 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2021-11-12 15:13 - 2021-11-13 10:43 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Overwolf
2021-11-12 15:13 - 2021-11-12 15:13 - 000004382 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2021-11-12 15:13 - 2021-11-12 15:13 - 000000000 ____D C:\ProgramData\Overwolf
2021-11-12 15:13 - 2021-11-12 15:13 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-11-12 08:13 - 2021-11-12 08:13 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-12 08:13 - 2021-11-12 08:13 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-12 08:13 - 2021-11-12 08:13 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-12 08:13 - 2021-11-12 08:13 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-12 08:11 - 2021-11-12 08:11 - 000000000 ___HD C:\$WinREAgent
2021-11-09 11:31 - 2021-11-09 11:31 - 000020518 _____ C:\Users\Rufuz\AppData\Local\recently-used.xbel
2021-11-05 01:11 - 2021-11-05 01:11 - 000005446 _____ C:\Users\Rufuz\Desktop\New-World-Server.xlsx - Verknüpfung.lnk
2021-11-04 19:29 - 2021-11-05 08:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-11-03 08:03 - 2021-11-03 08:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-11-03 08:03 - 2021-11-03 08:03 - 000000000 ____D C:\Program Files\LGHUB
2021-11-01 20:21 - 2021-11-01 20:21 - 011792608 _____ (Tim Kosse) C:\Users\Rufuz\Downloads\FileZilla_3.56.2_win64-setup.exe
2021-11-01 01:16 - 2021-11-01 01:16 - 000000952 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.28.lnk
2021-11-01 01:14 - 2021-11-01 01:14 - 043472272 _____ ( ) C:\Users\Rufuz\Downloads\gimp-help-2.10.0-de-setup.exe
2021-11-01 01:13 - 2021-11-01 01:13 - 249654104 _____ (The GIMP Team ) C:\Users\Rufuz\Downloads\gimp-2.10.28-setup.exe
2021-10-31 13:07 - 2021-10-31 13:07 - 000062159 _____ C:\Users\Rufuz\Downloads\CRL -
2021-10-30 07:50 - 2021-10-30 07:50 - 000001930 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2021-10-30 07:50 - 2021-10-30 07:50 - 000000000 ____D C:\Program Files\Nextcloud
2021-10-26 19:25 - 2021-10-26 19:25 - 000000931 _____ C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UCR.lnk
2021-10-26 19:00 - 2021-10-21 18:49 - 001874648 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-10-26 19:00 - 2021-10-21 18:49 - 001874648 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-10-26 19:00 - 2021-10-21 18:49 - 001464952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-10-26 19:00 - 2021-10-21 18:49 - 001450232 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-10-26 19:00 - 2021-10-21 18:49 - 001450232 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-10-26 19:00 - 2021-10-21 18:49 - 001206384 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-10-26 19:00 - 2021-10-21 18:49 - 001111256 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-10-26 19:00 - 2021-10-21 18:49 - 001111256 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-10-26 19:00 - 2021-10-21 18:49 - 000965336 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-10-26 19:00 - 2021-10-21 18:49 - 000965336 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 001523336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 001172608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 000800368 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 000707728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-10-26 19:00 - 2021-10-21 18:45 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 000656512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 000635000 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-10-26 19:00 - 2021-10-21 18:45 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 008724080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 007843984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 004938896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 002114688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 001597584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 000981112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-10-26 19:00 - 2021-10-21 18:44 - 000452216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-10-26 19:00 - 2021-10-21 18:43 - 005727376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-10-26 19:00 - 2021-10-21 18:43 - 000849016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-10-26 19:00 - 2021-10-21 18:39 - 006430824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-10-26 19:00 - 2021-10-21 01:48 - 000085748 _____ C:\WINDOWS\system32\nvinfo.pb
2021-10-25 12:10 - 2021-10-25 12:10 - 000008858 _____ C:\Users\Rufuz\Downloads\CCIP_Abstande.xlsx
2021-10-21 17:58 - 2021-10-07 01:58 - 000038016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-10-17 09:41 - 2021-10-17 19:19 - 000017949 _____ C:\Users\Rufuz\Desktop\Crafting Ränge.xlsx
2021-10-16 15:11 - 2021-10-16 15:11 - 001372912 _____ (Overwolf Ltd.) C:\Users\Rufuz\Downloads\NWMM - New World MiniMap - Installer.exe
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-11-14 03:17 - 2020-11-17 12:22 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\vlc
2021-11-14 03:14 - 2016-11-19 09:35 - 000000000 ____D C:\Users\Rufuz\AppData\LocalLow\Mozilla
2021-11-14 03:11 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-14 02:38 - 2021-06-28 14:39 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\HueSync
2021-11-14 02:38 - 2021-05-16 09:14 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\LGHUB
2021-11-14 02:38 - 2021-05-16 09:14 - 000000000 ____D C:\Users\Rufuz\AppData\Local\LGHUB
2021-11-14 02:38 - 2021-01-11 13:36 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Signal
2021-11-14 02:38 - 2017-11-20 22:13 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\discord
2021-11-14 02:37 - 2021-09-24 11:22 - 000000000 ____D C:\Users\Rufuz\Desktop\New World
2021-11-14 02:22 - 2018-10-25 16:03 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-14 02:09 - 2019-01-09 20:57 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Discord
2021-11-13 21:54 - 2017-04-23 09:23 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-13 21:33 - 2021-06-28 21:06 - 000000000 ____D C:\Users\Rufuz\Documents\Tacview
2021-11-13 21:33 - 2020-05-23 10:05 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\AdvancedSettings-Team
2021-11-13 19:52 - 2021-09-01 19:04 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR
2021-11-13 18:59 - 2021-01-20 09:41 - 000000000 ___RD C:\Users\Rufuz\Google Drive
2021-11-13 10:48 - 2021-03-13 18:37 - 001722788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-13 10:48 - 2019-12-07 15:51 - 000743670 _____ C:\WINDOWS\system32\perfh007.dat
2021-11-13 10:48 - 2019-12-07 15:51 - 000150092 _____ C:\WINDOWS\system32\perfc007.dat
2021-11-13 10:48 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-13 10:43 - 2021-06-24 09:32 - 000000000 ___SD C:\Users\Rufuz\HAVERdrive
2021-11-13 10:43 - 2021-02-14 09:31 - 000000000 ___RD C:\Users\Rufuz\Google Drive (casual.racing.league@gmail.com)
2021-11-13 10:41 - 2021-03-13 18:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-13 10:41 - 2021-03-13 18:27 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-13 10:41 - 2021-03-13 18:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-13 10:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-13 10:41 - 2016-08-20 09:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-11-13 10:14 - 2021-06-24 08:50 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Nextcloud
2021-11-13 10:14 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-13 09:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-13 02:25 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-13 00:18 - 2016-05-29 11:05 - 000000000 ____D C:\Users\Rufuz\AppData\Local\CrashDumps
2021-11-12 18:38 - 2021-03-03 18:38 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\obs-studio
2021-11-12 09:27 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-12 09:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-12 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-12 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-12 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-12 08:13 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-12 08:10 - 2016-05-29 11:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-12 08:09 - 2016-05-29 11:44 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-11 01:28 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-10 17:26 - 2017-11-19 12:13 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Packages
2021-11-09 16:55 - 2020-11-26 19:09 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\FileZilla
2021-11-09 11:31 - 2020-04-24 09:23 - 000000000 ____D C:\Users\Rufuz\AppData\Local\gtk-2.0
2021-11-09 11:31 - 2020-04-24 09:02 - 000000000 ____D C:\Users\Rufuz\AppData\Local\babl-0.1
2021-11-08 20:31 - 2021-10-09 23:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-08 20:31 - 2019-02-02 01:09 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-08 18:27 - 2021-05-23 22:10 - 000002278 _____ C:\Users\Rufuz\Desktop\Teglami.rdp
2021-11-07 19:36 - 2020-06-18 05:47 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-07 15:45 - 2021-09-12 10:18 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Deployment
2021-11-07 15:42 - 2021-09-12 10:20 - 000000000 ____D C:\Users\Rufuz\AppData\Local\ACC_TV
2021-11-07 15:18 - 2021-03-13 18:40 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1354302738-180291989-3184307785-1001
2021-11-07 15:18 - 2021-03-13 18:29 - 000002441 _____ C:\Users\Rufuz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-06 01:11 - 2017-04-29 23:04 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Spotify
2021-11-06 01:11 - 2017-04-29 23:03 - 000000000 ____D C:\Users\Rufuz\AppData\Roaming\Spotify
2021-11-05 16:31 - 2021-03-13 18:27 - 005149232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-05 16:30 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-05 16:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-05 16:30 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-05 15:53 - 2018-05-31 03:56 - 000000000 ____D C:\Users\Rufuz\AppData\Local\PlaceholderTileLogoFolder
2021-11-05 15:47 - 2018-07-14 18:55 - 000000000 ____D C:\Users\Rufuz\AppData\Local\D3DSCache
2021-11-05 08:11 - 2016-05-28 11:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-04 21:30 - 2021-06-25 21:32 - 002220464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-11-04 21:30 - 2021-06-25 21:32 - 000324016 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-11-04 21:30 - 2021-06-25 21:32 - 000217520 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-11-04 21:30 - 2021-06-25 21:32 - 000197048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-11-04 21:30 - 2021-06-25 21:32 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-11-04 21:30 - 2021-06-25 21:32 - 000061872 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-11-04 20:40 - 2016-05-28 11:05 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-03 08:04 - 2018-05-24 16:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-02 07:40 - 2016-10-25 18:38 - 000000000 ____D C:\Program Files\Microsoft Office
2021-11-01 20:21 - 2020-11-26 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2021-11-01 20:21 - 2020-11-26 19:09 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2021-11-01 01:27 - 2018-10-25 16:03 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Google
2021-10-31 10:04 - 2016-06-03 21:57 - 000000000 ____D C:\Users\Rufuz\AppData\Local\Greenshot
2021-10-28 23:23 - 2021-10-09 23:51 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-28 23:23 - 2021-10-09 23:51 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-26 19:25 - 2021-09-16 18:17 - 000000837 _____ C:\Users\Rufuz\Desktop\UCR.lnk
2021-10-25 17:23 - 2021-09-13 07:18 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-10-25 17:23 - 2021-09-13 07:18 - 000001905 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-10-25 17:23 - 2021-09-13 07:18 - 000001905 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-10-25 17:23 - 2021-09-13 07:18 - 000001893 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-10-22 00:44 - 2018-07-11 16:52 - 000000000 ____D C:\ProgramData\Packages
2021-10-21 18:44 - 2021-09-29 00:21 - 000792208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-10-21 18:44 - 2021-01-20 19:57 - 002850416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-10-21 18:39 - 2021-01-20 19:57 - 007578560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-10-21 18:00 - 2021-06-28 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hue Sync
2021-10-21 18:00 - 2021-06-28 14:39 - 000000000 ____D C:\Program Files\Hue Sync
2021-10-19 11:51 - 2020-11-06 09:14 - 000000000 ____D C:\Users\Rufuz\Scan
2021-10-15 01:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-15 01:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-15 01:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-15 01:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2016-05-29 01:25 - 2020-03-19 13:38 - 000107161 _____ () C:\Users\Rufuz\IP_Log_Data.js
2016-05-29 02:00 - 2020-03-19 13:05 - 000240855 _____ () C:\Users\Rufuz\Network_Meter_Data.js
2019-12-26 14:16 - 2019-12-26 23:21 - 000000000 _____ () C:\Users\Rufuz\AppData\Roaming\.OculusDebugToolGUI
2021-06-12 15:52 - 2021-06-12 15:52 - 000000764 _____ () C:\Users\Rufuz\AppData\Roaming\.syncplay.log
2016-05-28 22:43 - 2019-12-30 13:04 - 000000626 _____ () C:\Users\Rufuz\AppData\Roaming\All CPU MeterV3_Settings.ini
2016-06-01 19:32 - 2016-10-17 10:23 - 000000841 _____ () C:\Users\Rufuz\AppData\Roaming\Drives Meter_Settings.ini
2016-05-28 22:44 - 2016-05-28 22:44 - 000000541 _____ () C:\Users\Rufuz\AppData\Roaming\Drives Monitor_Settings.ini
2016-05-29 01:26 - 2020-03-08 19:52 - 000000283 _____ () C:\Users\Rufuz\AppData\Roaming\GPU MeterV2_Settings.ini
2016-05-29 01:26 - 2019-12-26 12:04 - 000001178 _____ () C:\Users\Rufuz\AppData\Roaming\Network Meter_Settings.ini
2016-05-29 03:18 - 2020-03-19 12:38 - 000000030 _____ () C:\Users\Rufuz\AppData\Roaming\Network Meter_Usage.ini
2016-09-20 16:48 - 2017-02-04 19:27 - 000000897 _____ () C:\Users\Rufuz\AppData\Roaming\Network Monitor II_#0_Settings.ini
2016-09-21 01:43 - 2017-11-19 10:27 - 000000143 _____ () C:\Users\Rufuz\AppData\Roaming\Network Monitor II_#0_Traffic.ini
2021-05-25 18:32 - 2021-05-25 18:32 - 000000016 _____ () C:\Users\Rufuz\AppData\Roaming\obs-virtualcam.txt
2019-11-24 19:58 - 2019-12-26 12:02 - 000001760 _____ () C:\Users\Rufuz\AppData\Roaming\Ping Monitor_Settings.ini
2019-12-31 09:31 - 2019-12-31 09:31 - 000003984 _____ () C:\Users\Rufuz\AppData\Roaming\System Monitor II_CPU0_Settings.ini
2019-12-31 09:31 - 2019-12-31 15:59 - 000000116 _____ () C:\Users\Rufuz\AppData\Roaming\System Monitor II_UptimeRecord.ini
2021-05-04 20:09 - 2021-05-04 20:25 - 000006135 _____ () C:\Users\Rufuz\AppData\Roaming\VoiceMeeterDefault.xml
2016-09-20 16:51 - 2016-09-20 16:54 - 000000367 _____ () C:\Users\Rufuz\AppData\Roaming\Weather Meter_Settings.ini
2020-03-15 01:02 - 2020-03-15 01:38 - 000021547 _____ () C:\Users\Rufuz\AppData\Local\.starboard.aHR0cHM6Ly93d3cueW91dHViZS5jb20vdHY=.storage
2020-03-15 01:02 - 2020-03-15 01:02 - 000000000 _____ () C:\Users\Rufuz\AppData\Local\.starboard.storage
2016-07-03 21:06 - 2020-04-17 09:51 - 000001456 _____ () C:\Users\Rufuz\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2021-06-12 08:21 - 2021-06-12 08:21 - 000000128 _____ () C:\Users\Rufuz\AppData\Local\PUTTY.RND
2021-11-09 11:31 - 2021-11-09 11:31 - 000020518 _____ () C:\Users\Rufuz\AppData\Local\recently-used.xbel
2016-06-03 21:02 - 2019-07-23 23:32 - 000007629 _____ () C:\Users\Rufuz\AppData\Local\Resmon.ResmonCfg
2021-06-17 12:41 - 2021-06-17 12:41 - 000012288 _____ () C:\Users\Rufuz\AppData\Local\vita_uranus.data
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
| Themen zu Win 10 Start dauert sehr lange |
| anleitung, aufsetzen, bedrohungen, build, bösartige, dauert, einiger, fertig, funde, gen, gestartet, kurze, lange, leitung, lösung, malwarebytes, neu, quarantäne, rechners, runde, start, suche, win, windows, woanders |
