| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 10: Verdacht auf Crypto-MinerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.01.2024, 13:56
| #1 |
 |  Windows 10: Verdacht auf Crypto-Miner Hallo  Wie schon dem Titel zu entnehmen ist, habe ich den Verdacht, mir einen Crypto-Miner oder ähnliches eingefangen zu haben. Wenn mein PC für ca. 1,5h an ist und ich nicht aktiv bin, drehen plötzlich die Lüfter auf. Sobald die Maus bewegt wird oder eine beliebige Taste gedrückt wird fahren diese fast sofort wieder runter. Ich habe den Taskmanager geöffnet um zu schauen ob ich ein Programm identifizieren kann welches das verursacht. Der Taskmanager war nach CPU-usage geordnet. Nach ca. 1,5h drehten die Lüfter wieder auf. Die GPU-Auslastung war bei 100% sobald ich aber nach dieser ordnen wollte war es wieder zu spät... Auslastung war wieder bei normalen Betriebszahlen bevor es nach größe der Auslastung sortiert werden konnte. Der Windows-Defender konnte nach einem erweiterten Scan nichts erkennen. Malwarebytes hatte ich vor etwa 2 Wochen auch schon laufen lassen. Nach erstellen dieses Posts werde ich erneut abwarten und schauen ob ich selbst herausfinden kann was meine GPU so auslastet. Vielen Dank schonmal für die Hilfe! FRST: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2024
durchgeführt von nils (Administrator) auf NILS-PC (27-01-2024 13:39:18)
Gestartet von C:\Users\nils\Desktop\FRST\FRST64.exe
Geladene Profile: nils
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Sprache: Englisch (Vereinigtes Königreich) -> Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(8AB18DA5-65D5-493C-BD78-9F4467A7CDE8 -> Chris Andriessen) C:\Program Files\WindowsApps\40210ChrisAndriessen.FalconX_1.7.8.0_x64__y1dazs5f5wq00\Release\TaskbarX.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdLauncher.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdHelper.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdLauncher.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdHelper.x64.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdLauncher.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.241.0.10\OverwolfBrowser.exe <4>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\nils\AppData\Local\Overwolf\ProcessCache\0.241.0.10\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NvVirtualCamera\NVIDIA Broadcast.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Users\nils\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\nils\AppData\Local\Programs\Opera GX\106.0.4998.61\opera_crashreporter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(explorer.exe ->) (E3B4A0F6-E459-414C-8DFB-ABEAB07C9242 -> Microsoft Corporation) C:\Program Files\WindowsApps\32669SamG.ModernFlyouts_0.9.3.0_x64__pcy8vm99wrpcg\ModernFlyoutsHost.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (EPOS Group A/S -> ) C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuite.exe
(explorer.exe ->) (Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Skutta, Kristjan -> ) D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(G.SKILL International Enterprise Co., Ltd. -> G.SKILL Inc.) C:\Program Files (x86)\G.SKILL\Trident Z Lighting Control\hid.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(InnoVISION Multimedia Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\INNO3D TuneIT\Inno3D.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Norway AS -> Opera Software) C:\Users\nils\AppData\Local\Programs\Opera GX\opera.exe <29>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Reason Cybersecurity Inc. -> Reason Cybersecurity Ltd.) C:\Program Files\ReasonLabs\Common\Client\v1.2.0\rsAppUI.exe <9>
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.28\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (EPOS Group A/S -> ) C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuiteService
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3828c822366e497\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\DNS\rsDNSClientSvc.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\DNS\rsDNSResolver.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\DNS\rsDNSSvc.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\VPN\rsVPNClientSvc.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\VPN\rsVPNSvc.exe
(services.exe ->) (Scarlet.Crush Productions) [Datei ist nicht signiert] C:\Program Files\WiinUSoft\SCP_Driver\ScpService.exe
(services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\iked.exe
(services.exe ->) (Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.3.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2310.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071232 2022-08-03] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-12-24] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-12-24] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Spectrum] => C:\Program Files (x86)\G.SKILL\Trident Z Lighting Control\HID.exe [1753104 2020-05-25] (G.SKILL International Enterprise Co., Ltd. -> G.SKILL Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62636856 2020-11-13] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Inno3D] => C:\Program Files (x86)\INNO3D TuneIT\Inno3D.exe [24387584 2020-09-28] (InnoVISION Multimedia Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410728 2021-12-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3449150419-271838051-1508037707-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE [283232 2012-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37188048 2024-01-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [Chromium] => "c:\users\nils\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session (Keine Datei)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [DiscordPTB] => C:\Users\nils\AppData\Local\DiscordPTB\app-0.0.55\DiscordPTB.exe (Keine Datei)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2024-01-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [45968128 2023-12-11] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [WallpaperEngine] => D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3223136 2023-10-28] (Skutta, Kristjan -> )
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [Opera GX Browser Assistant] => C:\Users\nils\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70912472 2023-11-02] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [MicrosoftEdgeAutoLaunch_1850AB30EF24BC4C113B74D75C151A3B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {0f23f2bb-2cd9-11ec-bd9e-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {3459cdf0-13ae-11ec-bd9b-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {6f4676a2-b040-11ec-bdc3-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {812634e0-904f-11ee-be35-0492265d3edd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {8c5ee76f-9f6e-11eb-bd72-0492265d3edd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {91727cc2-da62-11ea-bcee-0492265d3edd} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {91776608-48b0-11ec-bdac-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {91776673-48b0-11ec-bdac-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {d80afba4-6f01-11eb-bd49-0492265d3edd} - "E:\OnePlus_setup.exe" /s
HKLM\...\Windows x64\Print Processors\OKX055PP: C:\Windows\System32\spool\prtprocs\x64\OKX055PP.DLL [52224 2015-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\EPSON WF-3540 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMJHE.DLL [120320 2011-04-19] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558080 2011-08-30] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Oki Language Monitor v2 x64: C:\WINDOWS\system32\OPPFLM64.DLL [24064 2011-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\121.0.6167.85\Installer\chrmstp.exe [2024-01-25] (Google LLC -> Google LLC)
Startup: C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2024-01-21]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2021-02-26]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EPOS Gaming Suite.lnk [2022-06-26]
ShortcutTarget: EPOS Gaming Suite.lnk -> C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuite.exe (EPOS Group A/S -> )
BootExecute: autocheck autochk /k:C *
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {D7486F2D-BB18-4E28-B718-83CF6A9FB91F} - System32\Tasks\{B557B444-21B0-41FD-B838-14D7E070A414} => c:\windows\system32\launchwinapp.exe [45056 2023-12-15] (Microsoft Windows -> Microsoft Corporation) -> hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.6.0.106&LastError=404
Task: {66CB8C64-C47E-4DE8-BC72-AE4F1B10190B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {5E1CF42E-038C-41ED-9D10-57ADDC87DFDA} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [274912 2022-11-17] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {1CFF092D-CB8C-4697-A22E-C65E98842FAC} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3449150419-271838051-1508037707-1002Core => C:\Users\nils\AppData\Local\BraveSoftware\Update\BraveUpdate.exe /c (Keine Datei)
Task: {AF840AC3-BAA2-43A2-9FF4-E39C018BA346} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3449150419-271838051-1508037707-1002UA => C:\Users\nils\AppData\Local\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler (Keine Datei)
Task: {708BEC20-0B26-4F36-9C8B-B3DDB92FF7D8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5550856 2023-12-15] (Microsoft Windows -> Microsoft Corporation)
Task: {BC9D7D8A-7218-4CE4-B16D-FC573B007C44} - System32\Tasks\G2MUpdateTask-S-1-5-21-3449150419-271838051-1508037707-1002 => C:\Users\nils\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-06-03] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3C1DF0BC-B120-4C7D-BFA4-9CBFFAD5E8C0} - System32\Tasks\G2MUploadTask-S-1-5-21-3449150419-271838051-1508037707-1002 => C:\Users\nils\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-06-03] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3F10FFE7-CD67-47C7-BEB9-39F2B2A7922A} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [374560 2024-01-21] (Google LLC -> Google LLC)
Task: {A448EED5-27DE-4BDF-837A-18BA2E930140} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-16] (Google Inc -> Google Inc.)
Task: {BDDB2636-5C15-45B7-A849-41EBC891643A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-16] (Google Inc -> Google Inc.)
Task: {7478992B-7BB6-4BF1-A873-5E111E4C328B} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
Task: {21AD196C-E033-4A17-8AB0-51729310AFC0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
Task: {49B6BC26-85D9-47CD-8037-109C0AE32EE9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {D839F23C-264C-4673-8665-4F23FC4CC946} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {96E7643A-2254-4E65-9A40-2B59FC121F71} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0CFFBD7-9683-4F02-BFA9-01A676277A0D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {B99D3737-ED33-4665-8831-79729A69FDDD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {93F0030F-A0C7-48BB-B3D1-0DE1004E37F8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B5D32EB-4067-4EA0-A15B-43DCB47E9F82} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4434864 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AFBADC6-5A92-4AD1-B4C6-825820AA6735} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [555616 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {456D73CF-2E82-4BAA-A299-5F55636C433C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {446B1B51-DBBF-4E6C-B75D-F99B4B01EE32} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9FAD07E-94BF-48A0-AB30-A07D6B8519AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7083C3CB-997A-4003-8627-EC98C79F90D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {16EB5C68-D80E-47A9-BCB6-A06F1C9834CC} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s (Keine Datei)
Task: {700349FD-F55C-49D0-8B21-D1D2965DC750} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [11015736 2023-01-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {150A990D-50BB-44FF-88C3-76D973F44C5A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E2F5A047-1CAB-4AB7-9378-E8E3ED8F75AB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {430BF654-38D8-45D2-A3F7-A0CD9F537971} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A40BAFBC-F37E-4EC1-BC46-5707592376F0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C7376426-7EE8-4506-A492-135F0DCBA934} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0553C191-C11D-449D-AB8E-C28E6F624F3E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A0BEE307-E357-4107-9BFA-82B875AEBBA7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B3E56FB4-A1A3-442D-BA01-2A831C6187A1} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2195C137-0EC2-4FCD-B281-8EA423B96759} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBFD160A-267A-4AC3-B7F9-BCE4026B204F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3449150419-271838051-1508037707-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Keine Datei)
Task: {CD2D41E1-ACCC-4E1B-8AEA-8A21AC5C3BA3} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1614869362 => C:\Users\nils\AppData\Local\Programs\Opera GX\launcher.exe [2294176 2024-01-24] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\nils\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {3A4136F1-CC37-445D-9CE3-43BC4BE89F22} - System32\Tasks\Opera GX scheduled Autoupdate 1593451427 => C:\Users\nils\AppData\Local\Programs\Opera GX\launcher.exe [2294176 2024-01-24] (Opera Norway AS -> Opera Software)
Task: {9755D7FA-2C11-4258-B363-6A045E7D0494} - System32\Tasks\Opera scheduled Autoupdate 1555368081 => C:\Users\nils\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei)
Task: {CC90B01F-54A3-4F48-9A32-4D63DFA4B7B8} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
Task: {46C4D8B0-EF42-4BC5-A2B4-528E8E091BBE} - System32\Tasks\TaskbarX NILS-PCnils => C:\WINDOWS\explorer.exe [5550856 2023-12-15] (Microsoft Windows -> Microsoft Corporation)
Task: {247335EE-A7B9-443A-B7C4-14AD5DACB27E} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [170496 2023-10-13] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3449150419-271838051-1508037707-1002.job => C:\Users\nils\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3449150419-271838051-1508037707-1002.job => C:\Users\nils\AppData\Local\GoToMeeting\19950\g2mupload.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.101
Tcpip\..\Interfaces\{49065b68-8f61-403d-b9dc-f5281de063c8}: [DhcpNameServer] 192.168.178.101
Tcpip\..\Interfaces\{49065b68-8f61-403d-b9dc-f5281de063c8}: [DhcpDomain] local.schu.xyz
Tcpip\..\Interfaces\{6101516c-66f7-4516-8d27-037ec68a3a21}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{6101516c-66f7-4516-8d27-037ec68a3a21}: [DhcpNameServer] 192.168.178.100
Tcpip\..\Interfaces\{d9113418-f92d-4645-ad90-4606c382b8c7}: [NameServer] 141.100.54.53
Edge:
=======
Edge Profile: C:\Users\nils\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-27]
Edge Notifications: Default -> hxxps://web.snapchat.com
Edge Extension: (Google Docs Offline) - C:\Users\nils\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-25]
Edge Extension: (Edge relevant text changes) - C:\Users\nils\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
FireFox:
========
FF DefaultProfile: ncucdlz8.default-1584820434065
FF ProfilePath: C:\Users\nils\AppData\Roaming\Mozilla\Firefox\Profiles\ncucdlz8.default-1584820434065 [2021-03-25]
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default [2024-01-21]
CHR Notifications: Default -> hxxps://www.netflix.com
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-21]
CHR Extension: (Metastream Remote) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakegmdomhmegokfomgmkbopjibonfcp [2023-12-19]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-01-21]
CHR Extension: (Bardeen - automatisiere manuelle Arbeit) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihhkmalpkhkoedlmcnilbbhhbhnicjga [2023-12-19]
CHR Extension: (Unpaywall) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplffkdpngmdjhlpjmppncnlhomiipha [2022-07-17]
CHR Extension: (Online Security) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2024-01-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-15]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2024-01-21]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKU\S-1-5-21-3449150419-271838051-1508037707-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKU\S-1-5-21-3449150419-271838051-1508037707-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
Opera:
=======
OPR Profile: C:\Users\nils\AppData\Roaming\Opera Software\Opera Stable [2021-02-18]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.de/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
StartMenuInternet: (HKU\S-1-5-21-3449150419-271838051-1508037707-1002) Opera GXStable - "C:\Users\nils\AppData\Local\Programs\Opera GX\Launcher.exe"
Brave:
=======
BRA Profile: C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-02-18]
BRA Extension: (Brave Tracking Protection Updater) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-01-19]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-01-19]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-01-19]
BRA Extension: (Brave Ad Block Updater (DEU: EasyList Germany)) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\jmomcjcilfpbaaklkifaijjcnancamde [2019-01-19]
BRA Extension: (PDF Viewer) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-01-19]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-01-19]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2688544 2022-07-06] (PUBG CORPORATION -> )
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe [419264 2019-01-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe [975832 2019-01-19] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2019-01-19] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.28\AsusFanControlService.exe [1919280 2019-01-19] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [Datei ist nicht signiert]
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9880840 2022-12-08] (BattlEye Innovations e.K. -> )
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [422504 2021-12-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [81512 2021-12-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 Ds3Service; C:\Program Files\WiinUSoft\SCP_Driver\ScpService.exe [381952 2017-08-12] (Scarlet.Crush Productions) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2022-06-08] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-09-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2128360 2022-09-22] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-09-22] (GOG Sp. z o.o. -> GOG.com)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] (Shrew Soft Inc -> )
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] (Shrew Soft Inc -> )
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10759936 2023-12-11] (Logitech Inc -> Logitech, Inc.)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [30057640 2023-05-19] (My.Com B.V. -> My.com B.V.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2199024 2023-05-18] (Rockstar Games, Inc. -> Rockstar Games)
R2 rsDNSClientSvc; C:\Program Files\ReasonLabs\DNS\rsDNSClientSvc.exe [638832 2023-06-25] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsDNSResolver; C:\Program Files\ReasonLabs\DNS\rsDNSResolver.exe [11330416 2023-06-25] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsDNSSvc; C:\Program Files\ReasonLabs\DNS\rsDNSSvc.exe [214384 2023-06-25] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsVPNClientSvc; C:\Program Files\ReasonLabs\VPN\rsVPNClientSvc.exe [666624 2023-11-02] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsVPNSvc; C:\Program Files\ReasonLabs\VPN\rsVPNSvc.exe [226816 2023-11-02] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5084200 2024-01-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10476264 2022-08-03] () [Datei ist nicht signiert]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [12355424 2024-01-10] (KRAFTON, Inc. -> KRAFTON, Inc)
R2 EPOSGamingSuiteService; "C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuiteService" /start EPOSGamingSuiteService [X]
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3828c822366e497\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3828c822366e497\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [2178912 2022-09-06] (PUBG CORPORATION -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\WINDOWS\system32\drivers\ACE-GAME.sys [914760 2022-09-06] (PUBG CORPORATION -> ANTICHEATEXPERT.COM)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2019-01-19] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2019-01-19] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33504 2019-01-01] (ASUSTeK Computer Inc. -> )
R1 avm_nwim; C:\WINDOWS\system32\DRIVERS\avmnwim.sys [396088 2017-03-17] (WDKTestCert shuebner,130916460956458304 -> AVM)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-11-17] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-09-15] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R2 CmUpx; C:\WINDOWS\system32\drivers\CmUpx.sys [30184 2021-06-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2024-01-22] (CPUID S.A.R.L.U. -> CPUID) <==== ACHTUNG
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 EPOSAudio; C:\WINDOWS\System32\drivers\eposaudio.sys [95272 2022-05-20] (EPOS Group A/S -> EPOS Group A/S)
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
S1 googlehaxm; C:\WINDOWS\system32\drivers\GoogleHaxm.sys [200232 2023-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 logi_audio_surround; C:\WINDOWS\system32\drivers\logi_audio_surround.sys [43856 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-25] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-25] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-25] (Logitech Inc -> Logitech)
R3 MpKslfcd73432; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{66999F36-9524-4D49-AD59-D19E71B2D2B2}\MpKslDrv.sys [263560 2024-01-27] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [29287768 2023-05-19] (My.Com B.V. -> My.com B.V.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 rawaccel; C:\WINDOWS\system32\drivers\rawaccel.sys [50176 2021-09-24] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 rsDwf; C:\WINDOWS\system32\DRIVERS\rsDwf.sys [54144 2023-06-25] (Reason CyberSecurity Inc. -> Reason CyberSecurity Inc.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2017-08-12] (Bruce James -> Scarlet.Crush Productions)
S3 SennComUSB; C:\WINDOWS\System32\drivers\SennComUSB.sys [61928 2020-11-17] (Sennheiser Communications A/S -> Sennheiser Communications A/S)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2020-09-15] (Microsoft Corporation) [Datei ist nicht signiert]
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R1 vflt; C:\WINDOWS\system32\DRIVERS\vfilter.sys [24064 2013-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8752264 2022-08-03] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vnet; C:\WINDOWS\System32\drivers\virtualnet.sys [17408 2013-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [215864 2024-01-18] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 ALSysIO; \??\C:\Users\nils\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X] <==== ACHTUNG
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-27 13:39 - 2024-01-27 13:39 - 000000000 ____D C:\FRST
2024-01-27 13:38 - 2024-01-27 13:39 - 000000000 ___DC C:\Users\nils\Desktop\FRST
2024-01-22 21:30 - 2024-01-22 21:30 - 034463940 ____C C:\Users\nils\Desktop\0122.mp4
2024-01-22 21:17 - 2024-01-22 21:18 - 072533264 ____C C:\Users\nils\Desktop\HONDA.mp4
2024-01-22 20:14 - 2024-01-22 20:14 - 000000000 ____D C:\Users\nils\AppData\Local\VEDetector
2024-01-22 20:14 - 2024-01-22 20:14 - 000000000 ____D C:\Users\nils\AppData\Local\Bytedance
2024-01-22 20:07 - 2024-01-22 20:12 - 000000000 ____D C:\Users\nils\.openshot_qt
2024-01-22 20:03 - 2024-01-22 21:17 - 000000000 ____D C:\Users\nils\AppData\Local\CapCut
2024-01-22 20:03 - 2024-01-22 20:03 - 000001356 ____C C:\Users\nils\Desktop\CapCut.lnk
2024-01-22 20:03 - 2024-01-22 20:03 - 000000000 ___DC C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CapCut
2024-01-22 19:48 - 2024-01-22 19:48 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2024-01-22 00:02 - 2024-01-22 00:02 - 000000207 ____C C:\Users\nils\Desktop\Urlaubanfrage.txt
2024-01-21 18:16 - 2024-01-21 18:16 - 000002359 ____C C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2024-01-21 13:47 - 2024-01-21 13:47 - 000003868 _____ C:\WINDOWS\system32\Tasks\Google Play Games Notifier
2024-01-21 13:47 - 2024-01-21 13:47 - 000001091 _____ C:\Users\Public\Desktop\Google Play Games beta.lnk
2024-01-21 13:47 - 2024-01-21 13:47 - 000000000 ____D C:\Users\nils\AppData\Local\ToastNotificationManagerCompat
2024-01-21 13:47 - 2024-01-21 13:47 - 000000000 ____D C:\Users\nils\AppData\Local\HPE
2024-01-21 13:47 - 2024-01-21 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Play Games
2024-01-21 13:46 - 2024-01-21 13:46 - 000000000 ____D C:\ProgramData\Google
2024-01-21 13:46 - 2024-01-21 13:46 - 000000000 ____D C:\Program Files\Google
2024-01-21 13:44 - 2024-01-21 13:44 - 010908744 _____ (Google LLC) C:\Users\nils\Downloads\Install-Frost & Flame_ King of Avalon-GooglePlayGames-Beta.exe
2024-01-12 20:17 - 2024-01-12 20:17 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-11 20:47 - 2024-01-11 20:48 - 000000000 ___HD C:\$WinREAgent
2023-12-28 19:29 - 2023-12-28 19:29 - 000078806 _____ C:\Users\nils\Downloads\StressMyPC5.31.zip
2023-12-28 19:29 - 2023-12-28 19:29 - 000000000 ____D C:\Users\nils\AppData\Roaming\StressMyPC
2023-12-28 19:28 - 2023-12-28 19:28 - 005331520 _____ (CHIP Digital GmbH) C:\Users\nils\Downloads\StressMyPC - CHIP Installer _VNxop.exe
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-27 13:32 - 2021-12-18 01:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-27 13:32 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-27 13:32 - 2019-02-16 23:11 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-27 13:23 - 2020-09-15 07:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-27 12:25 - 2017-11-02 01:23 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-27 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-27 09:09 - 2021-02-18 21:01 - 000000000 ____D C:\Users\nils\AppData\Local\LGHUB
2024-01-27 09:09 - 2019-10-27 12:42 - 000000000 ____D C:\Users\nils\AppData\Local\Overwolf
2024-01-25 18:54 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-25 17:24 - 2019-02-16 23:11 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-25 17:23 - 2022-07-15 20:40 - 000001431 ____C C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2024-01-25 17:23 - 2020-09-15 07:58 - 000004184 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1593451427
2024-01-23 22:16 - 2023-09-01 16:52 - 000000000 ____D C:\Users\nils\AppData\Roaming\EasyAntiCheat
2024-01-22 22:55 - 2018-06-27 19:54 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-22 20:16 - 2018-06-28 22:51 - 000000000 ___DC C:\Users\nils\AppData\Local\D3DSCache
2024-01-22 20:13 - 2018-06-28 13:09 - 000000000 ___DC C:\Users\nils\AppData\Local\CrashDumps
2024-01-22 20:07 - 2020-09-15 00:33 - 000000000 ____D C:\Users\nils
2024-01-22 20:06 - 2018-06-29 12:14 - 000000000 ____D C:\ProgramData\Packages
2024-01-22 20:06 - 2018-06-27 19:45 - 000000000 ___DC C:\Users\nils\AppData\Local\Packages
2024-01-22 20:04 - 2023-09-15 18:31 - 000263672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll
2024-01-22 20:04 - 2022-10-22 10:51 - 000095736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-01-22 20:04 - 2022-10-22 10:51 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-01-22 20:04 - 2021-11-19 17:01 - 000194040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-01-22 20:04 - 2021-11-07 13:13 - 002754152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-01-22 20:04 - 2021-11-07 13:13 - 000644600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-01-22 20:04 - 2021-11-07 13:13 - 000214632 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-01-22 20:04 - 2021-11-07 13:13 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-01-22 20:04 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-01-22 19:52 - 2020-09-15 07:57 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-22 19:52 - 2020-09-15 00:13 - 000741554 _____ C:\WINDOWS\system32\perfh007.dat
2024-01-22 19:52 - 2020-09-15 00:13 - 000149804 _____ C:\WINDOWS\system32\perfc007.dat
2024-01-22 19:48 - 2020-09-15 07:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-22 19:48 - 2020-09-15 07:52 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-22 19:48 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-01-22 19:48 - 2019-01-22 14:43 - 000000000 ____D C:\Intel
2024-01-22 19:45 - 2018-06-29 15:41 - 000000000 ___DC C:\Users\nils\AppData\Local\PlaceholderTileLogoFolder
2024-01-22 17:56 - 2020-10-12 22:07 - 000000000 ____D C:\Users\nils\AppData\Roaming\discord
2024-01-22 17:39 - 2020-11-13 19:22 - 000000000 ____D C:\Users\nils\AppData\Local\Discord
2024-01-22 15:31 - 2022-11-28 18:37 - 000000000 ____D C:\Users\nils\AppData\Roaming\Microsoft\Teams
2024-01-21 13:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-21 13:44 - 2019-02-16 23:11 - 000000000 ____D C:\Users\nils\AppData\Local\Google
2024-01-21 11:20 - 2023-04-19 17:09 - 000000000 ___DC C:\Users\nils\Desktop\Berufsschule
2024-01-19 21:27 - 2020-09-15 07:58 - 000003926 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2024-01-19 21:27 - 2020-09-15 07:58 - 000003802 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2024-01-18 21:35 - 2020-12-03 16:58 - 000000000 ____D C:\Program Files\Common Files\PUBG
2024-01-18 21:27 - 2021-01-30 01:27 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-01-18 20:01 - 2019-03-20 22:38 - 000215864 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2024-01-16 21:51 - 2021-02-26 02:16 - 000000000 ___DC C:\Users\nils\Desktop\Nintendo
2024-01-14 21:10 - 2018-06-27 19:55 - 000000000 ___DC C:\Users\nils\AppData\Local\Steam
2024-01-13 13:26 - 2023-12-12 01:51 - 000000301 ____C C:\Users\nils\Desktop\Urlaubstage.txt
2024-01-12 21:05 - 2022-08-06 02:37 - 000000000 ____D C:\Users\nils\AppData\Roaming\Vampire_Survivors_377440891
2024-01-12 20:17 - 2019-06-21 23:19 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-12 15:20 - 2019-07-06 12:04 - 000000000 ____D C:\Users\nils\AppData\Roaming\Microsoft\Word
2024-01-12 15:13 - 2019-08-26 13:03 - 000000000 ____D C:\Users\nils\AppData\Roaming\Microsoft\Excel
2024-01-12 14:22 - 2018-06-27 19:45 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-11 20:55 - 2020-09-15 07:53 - 000647176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-11 20:46 - 2018-06-27 20:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-11 20:44 - 2018-06-27 20:26 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-08 19:17 - 2023-08-31 21:24 - 000000000 ____D C:\Users\nils\AppData\Roaming\G HUB
2024-01-08 19:16 - 2021-02-18 21:01 - 000000000 ____D C:\Users\nils\AppData\Roaming\LGHUB
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-11-12 10:58 - 2021-11-12 10:58 - 115176112 _____ (GitHub, Inc.) C:\Users\nils\GitHubDesktopSetup-x64.exe
2021-11-11 13:53 - 2021-11-11 13:53 - 032151603 _____ (gnuplot development team ) C:\Users\nils\gp542-win64-mingw.exe
2021-11-12 10:52 - 2021-11-12 10:52 - 025387808 _____ (Atlassian) C:\Users\nils\SourceTreeSetup-3.4.6.exe
2020-10-11 02:54 - 2020-10-11 03:01 - 003228672 _____ () C:\Users\nils\AppData\Roaming\ScriptHookV.dll
2021-02-16 12:59 - 2021-02-18 15:53 - 000000578 _____ () C:\Users\nils\AppData\Roaming\WiinUSoft_prefs.config
2021-02-01 18:39 - 2021-02-01 20:21 - 000000128 _____ () C:\Users\nils\AppData\Roaming\winscp.rnd
2022-05-06 17:54 - 2022-05-06 17:54 - 000002923 _____ () C:\Users\nils\AppData\Local\recently-used.xbel
2019-02-19 20:35 - 2023-10-12 23:53 - 000007607 _____ () C:\Users\nils\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Addition: Der Post wird zu lang, einfügen als .txt nicht möglich da zu groß .zip ist auch nicht möglich. Beim Hochladen wird folgende Fehlermeldung angezeigt: "PHP User Warning: is_dir(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (/var/www/vhosts/trojaner-board.de/:/tmp/) in ..../includes/functions_file.php on line 60" |
|
27.01.2024, 21:55
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 10: Verdacht auf Crypto-MinerZitat:
Grundsätzlich sollte alle Logs direkt in den Beitrag gepostet werden, in CODE-Tags. Das steht auch hier in den Hinweisen für Hilfesuchende. Reiche die Addition.txt also bitte entsprechend nach.
__________________ |
|
28.01.2024, 00:18
| #3 |
| | Windows 10: Verdacht auf Crypto-Miner Hi, der Post wäre zu lang geworden ich konnte das Thema nicht erstellen. Eine Fehlermeldung wurde immer angezeigt wenn ich das Thema erstellen wollte. Irgendwas in die Richtung von 178000 Zeichen sind zu viel.
__________________In "https://www.trojaner-board.de/69886-alle-hilfesuchenden-eroeffnung-themas-beachten.html" steht folgendes unter "3. Informationen vorbereiten": "Ausnahme: Logfile zu groß Dies kann und wird passieren. Dann und nur dann kannst du dein Logfile anhängen oder gezippt anhängen. Anleitung dazu weiter unten. Aber bedenke bitte: Anhänge erschweren deinem Helfer die Arbeit!" Und auf der selben Seite (5. Wartezeit) steht man soll nicht selbst auf seine Posts antworten da der Post ansonsten als schon "in Arbeit" angesehen werden könnte. Hier Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27.01.2024
durchgeführt von nils (27-01-2024 13:40:55)
Gestartet von C:\Users\nils\Desktop\FRST
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2020-09-15 06:58:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-3449150419-271838051-1508037707-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3449150419-271838051-1508037707-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3449150419-271838051-1508037707-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3449150419-271838051-1508037707-501 - Limited - Disabled)
js (S-1-5-21-3449150419-271838051-1508037707-1001 - Administrator - Enabled) => C:\Users\js
nils (S-1-5-21-3449150419-271838051-1508037707-1002 - Administrator - Enabled) => C:\Users\nils
WDAGUtilityAccount (S-1-5-21-3449150419-271838051-1508037707-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Ai2 Starter version 4.3 (HKLM-x32\...\{519B03FD-CB1D-40BB-81AD-B49E93312283}}_is1) (Version: 4.3 - Yutthana Meanphon)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{71667bbb-81ab-429c-aeb4-e43c31e8fe14}) (Version: 2.2.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{36aa03d4-9606-4f04-bf3e-a70ebe6650f3}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.9 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{2d85b111-aee4-468b-874b-a9272712f69b}) (Version: 1.0.9 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.1.16 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{ac3dc320-7e5e-4f22-9572-4c2119fcdf85}) (Version: 1.1.16 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.31 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{b31aaf98-0562-411d-a962-0c3d16a3527a}) (Version: 1.0.31 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{a29279dc-f417-4442-8225-4db77f7d35b5}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.1.7 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{4f18ae01-4390-4b41-be3a-54ef4eacdd91}) (Version: 0.0.1.7 - ASUSTek COMPUTER INC. ) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{2914BAB6-CA16-4B5A-BF41-2466656C7040}) (Version: 2.0.3.1 - ASUSTek COMPUTER INC.)
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.27 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{210cdd08-c947-43a2-9378-bc288f651e41}) (Version: 1.0.27 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{3e9b91eb-5bb0-4272-8670-f88d353eb68b}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{add3bacc-578f-4bf9-97e3-a0f0c3ae3323}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.0.6 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{cc37f609-4db9-4ce3-9e37-9cb1b432452e}) (Version: 1.0.0.6 - ASUSTek COMPUTER INC.) Hidden
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.26 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{dded177f-c7b2-4212-9c64-74884f3fd53b}) (Version: 1.0.26 - ASUS) Hidden
AusweisApp2 (HKLM\...\{8DF88014-8948-483D-907C-84D3833E4A16}) (Version: 1.26.3 - Governikus GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.9.410.1001 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\BlueStacks X) (Version: 0.18.52.1 - BlueStack Systems, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CapCut (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\CapCut) (Version: 3.3.0.1161 - Bytedance Pte. Ltd.)
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.6 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{da7ebf10-b0be-494e-a79d-568546795a51}) (Version: 1.0.6 - CORSAIR COMPONENTS INC.) Hidden
CORSAIR iCUE Software (HKLM-x32\...\{5A44EF1D-12EE-43D7-9CAB-535F377C8D46}) (Version: 3.38.88 - Corsair)
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
CPUID HWMonitor 1.42 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.42 - CPUID, Inc.)
CrystalDiskInfo 8.17.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.4 - Crystal Dew World)
CrystalDiskMark 8.0.4b (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4b - Crystal Dew World)
CurseForge (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.244.1.1 - Overwolf app)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.6 - GOG.com)
Discord (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
ENE RGB HAL (HKLM\...\{8DA1B230-D82E-4A24-9237-363E2E1E2695}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{bb670f8d-3d66-4f36-8e60-02b71bb0a4e9}) (Version: 1.0.21.0 - Ene Tech.) Hidden
Epic Games Launcher (HKLM-x32\...\{42ECB1DB-6B44-4AEC-B112-98ECFF460EF6}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
EPOS Gaming Suite (HKLM\...\{0FDABEB9-30C5-42BA-8022-4470D3FD8EE3}) (Version: 1.10.0.926 - EPOS Group A/S)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.46.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
FileZilla Client 3.39.0 (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\FileZilla Client) (Version: 3.39.0 - Tim Kosse)
Fraps (HKLM-x32\...\Fraps) (Version: - )
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.4.1 - AVM Berlin)
Geeks3D FurMark 1.20.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.85 - Google LLC)
Google Play Games beta (HKLM\...\GooglePlayGames) (Version: 23.11.1397.6 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{7659273F-0EB6-4ECB-BC7D-5889F3FD3075}) (Version: 1.0.562 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2699.0 - Rockstar Games)
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.176 - Riot Games, Inc.)
INNO3D TuneIT version 3.02 (HKLM-x32\...\INNO3D TuneIT_is1) (Version: 3.02 - )
inst (HKLM-x32\...\{F818E3E8-4C16-4D3B-894B-D8805F56D7DB}) (Version: 1.0.0.0 - Creative Software Solutions GmbH)
Intel(R) Computing Improvement Program (HKLM\...\{44C40B2E-7285-4A9F-A9BC-DF433772AAEE}) (Version: 2.4.05929 - Intel Corporation)
Java 8 Update 301 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.9 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{d6cac989-7570-43fd-b147-e31d6280a3a6}) (Version: 1.0.9 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
LibreOffice 6.3.2.2 (HKLM\...\{6110D2CC-70B4-415E-AF5A-7BB496AB264B}) (Version: 6.3.2.2 - The Document Foundation)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.10.493254 - Logitech)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3449150419-271838051-1508037707-1001\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Teams) (Version: 1.6.00.29964 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.76.2 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 81.0.1 (x64 de) (HKLM\...\Mozilla Firefox 81.0.1 (x64 de)) (Version: 81.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.4 - Notepad++ Team)
NVIDIA Broadcast 1.4.0.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.4.0.28 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Grafiktreiber 537.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 537.13 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
Opera GX Stable 106.0.4998.61 (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Opera GX 106.0.4998.61) (Version: 106.0.4998.61 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.122.52971 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.241.0.10 - Overwolf Ltd.)
Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.05 - Patriot Memory) Hidden
PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc)
Qt (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\{c0f9f073-2e4f-4da6-b2a4-f2946ed58882}) (Version: %MAINTENANCE_TOOL_VERSION% - The Qt Company Ltd)
Qt (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\{cbacdf10-6dc8-4db1-8d98-0a42ef6fd54d}) (Version: %MAINTENANCE_TOOL_VERSION% - The Qt Company Ltd)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.4 beta r3433 - Rainmeter)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.72.1513 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.8.4 - Rockstar Games)
Safer Web (HKLM\...\ReasonLabs-DNS) (Version: 3.5.0 - Reason Cybersecurity Inc.)
Shotcut (HKLM\...\Shotcut) (Version: 21.06.29 - Meltytech, LLC)
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Snapchat (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\6bfb3a0f5367b360172921dcb033ecb8) (Version: 1.0 - Snapchat)
Sparialo (HKLM-x32\...\{3D581B7A-5251-4E7E-B381-ED890B068F04}) (Version: 1.0.0.0 - Sparialo)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SSDlife Free (HKLM-x32\...\{18302BF2-AA3C-46E3-B039-996FD0DB5639}) (Version: 2.5.82 - BinarySense Inc.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steam Customizer (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Steam Customizer) (Version: 1.0.1.0 - Blumont)
Streamlabs OBS 0.27.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.27.1 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TreeSize Free V4.4.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.1 - JAM Software)
Trident Z Lighting Control (HKLM-x32\...\{97CD7AFC-0ED3-41B8-9CCD-22717E8631D0}_is1) (Version: 1.00.18 - ENG)
Twitch (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{A7B60FC9-A750-43C7-B7EC-892CD09147C7}) (Version: 1.18.0.0 - Microsoft Corporation) Hidden
VALORANT (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
VPN by RAV (HKLM\...\ReasonLabs-VPN) (Version: 2.9.3 - Reason Cybersecurity Inc.)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.859 - McAfee, LLC)
WiinUSoft version 3.4 (HKLM\...\{1BFC4F9F-BB85-4CE3-AC22-0CBFF78D5EE4}_is1) (Version: 3.4 - Justin Keys)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows*11-Installationsassistent (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1610 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{4254C1AD-B9B0-4020-A4B1-D8B61D12142A}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{AD47C6B2-6C72-4F0E-B66F-7685C28ACDFD}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.)
WinRAR 5.91 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
WinSCP 5.17.10 (HKLM-x32\...\winscp3_is1) (Version: 5.17.10 - Martin Prikryl)
X64 Debuggers And Tools (HKLM\...\{66B288E6-3354-AB0F-920D-909DDAA653FF}) (Version: 10.1.17763.132 - Microsoft Corporation)
X86 Debuggers And Tools (HKLM-x32\...\{A80F4302-E354-EFCD-3802-3CB0572D4FD1}) (Version: 10.1.17763.132 - Microsoft Corporation)
Packages:
=========
Angry Birds 2 -> C:\Program Files\WindowsApps\1ED5AEA5.4160926B82DB_3.13.5.0_x64__p2gbknwb5d8r2 [2023-12-21] (Rovio Entertainment Oyj)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Epson Print and Scan -> C:\Program Files\WindowsApps\SEIKOEPSONCORPORATION.EpsonPrintandScan_1.1.0.0_x64__ezaqdwkaef94e [2019-07-23] (SEIKO EPSON CORPORATION)
Files -> C:\Program Files\WindowsApps\49306atecsolution.FilesUWP_3.1.1.0_x64__et10x9a9vyk8t [2024-01-12] (Yair A) [Startup Task]
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2023-12-16] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-18] (INTEL CORP)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21001.0_x64__8wekyb3d8bbwe [2024-01-08] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10829.535.0_x64__8wekyb3d8bbwe [2023-09-28] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.5101.0_x64__8wekyb3d8bbwe [2023-12-16] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2023-12-21] (Microsoft Studios)
ModernFlyouts (Preview) -> C:\Program Files\WindowsApps\32669SamG.ModernFlyouts_0.9.3.0_x64__pcy8vm99wrpcg [2023-06-27] (Sam G) [Startup Task]
Movie Maker - Video Editor -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.6.42.0_x64__bzg06mxvgh4fa [2024-01-22] (V3TApps)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-18] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-09-10] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-06] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0 [2024-01-25] (Spotify AB) [Startup Task]
TaskbarX -> C:\Program Files\WindowsApps\40210ChrisAndriessen.FalconX_1.7.8.0_x64__y1dazs5f5wq00 [2022-10-05] (Chris Andriessen)
Video Editor Max -> C:\Program Files\WindowsApps\36059XiaoyaStudio.54454B0A7F4E6_2.0.7.0_x64__ngh7ertwt50re [2024-01-22] (Xiaoya Lab)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2022-09-26] (VideoLAN)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.3.0_x64__cv1g1gvanyjgm [2024-01-12] (WhatsApp Inc.) [Startup Task]
Xbox Insider Hub -> C:\Program Files\WindowsApps\Microsoft.FlightDashboard_477.2102.26001.0_x64__8wekyb3d8bbwe [2021-04-10] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3449150419-271838051-1508037707-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\nils\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23270.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3449150419-271838051-1508037707-1002_Classes\CLSID\{6a27a1a9-7be8-1491-04ca-ee68a211c258}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3449150419-271838051-1508037707-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\nils\AppData\Local\GoToMeeting\18962\G2MOutlookAddin64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3449150419-271838051-1508037707-1002_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\nils\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\FileCoAuth.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-3449150419-271838051-1508037707-1002_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\nils\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-07-15] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3828c822366e497\nvshext.dll [2023-08-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\6.2.0\MinGW 8.1.0 (64-bit)\Qt 6.2.0 (MinGW 8.1.0 64-bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K D:\Qt\6.2.0\mingw81_64\bin\qtenv2.bat
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2019-01-19 00:31 - 2019-01-19 00:30 - 006065152 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.28\libprotobufd.dll
2021-12-23 18:30 - 2021-12-23 18:30 - 000209408 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2021-12-23 18:29 - 2021-12-23 18:29 - 000101376 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 001845760 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\AgentUtil.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 000428544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\blhost.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 003586560 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\ConfigManager.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 000812544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\cpprest_2_10.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 001692672 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\CxAudioHidDll32.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 004457472 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\Restclient.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 001601024 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\RestExecutor.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 000077312 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\zlib1.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000017920 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 000022016 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000628224 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000116736 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 000018432 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000013312 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000029184 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000035840 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000039936 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2019-01-19 00:31 - 2019-01-19 00:30 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.31\ASACPI.DLL
2019-01-11 16:49 - 2024-01-22 19:48 - 000035120 _____ (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\4.00.28\PEbiosinterface32.dll
2020-06-16 16:28 - 2020-06-16 16:28 - 000016896 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\esrv_lib_security.dll
2020-04-19 17:37 - 2020-04-19 17:37 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-19 17:37 - 2020-04-19 17:37 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 000164864 _____ (QTIL) [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\EngineFrameworkCpp.dll
2020-06-16 16:28 - 2020-06-16 16:28 - 001688576 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000095744 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\EbpD4Fax.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000212992 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUADRFIL.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000278528 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCFG.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000438272 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCSR.DLL
2017-11-02 00:46 - 2013-12-24 01:00 - 000385024 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXLDB.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000536576 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXTIF.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000421888 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUIMGCDC.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000274432 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FULEPP.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSTMMSG.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000327680 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSVCCLT.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000065536 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUUSBHLP.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000253952 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUVERDLG.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000069632 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDEVCOM.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000135168 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDRVUTL.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000339968 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUPRBDEV.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUSNMPUT.dll
2017-11-02 00:46 - 2013-12-23 17:00 - 000081920 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUCMNMSG.dll
2017-11-02 00:46 - 2013-12-23 17:00 - 000090112 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXCFGRes.dll
2017-11-02 00:46 - 2013-12-23 17:00 - 000241664 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXRCV.dll
2017-11-02 00:46 - 2013-12-23 17:00 - 000110592 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXSTM.dll
2017-11-02 00:46 - 2013-12-23 17:00 - 000022016 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FULEPPRes.dll
2017-11-02 00:46 - 2013-12-23 17:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUPRBDEVRes.dll
2017-11-02 00:46 - 2011-08-30 13:38 - 000558080 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\enppmon.dll
2017-11-02 00:46 - 2011-08-01 18:24 - 000250880 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\enpres.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000786432 _____ (SEIKO EPSON) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENCM.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000278528 _____ (SEIKO EPSON) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENNW.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000299008 _____ (SEIKO EPSON) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENUTIL.dll
2020-12-16 08:26 - 2020-12-16 08:26 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2020-06-16 16:28 - 2020-06-16 16:28 - 001918464 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2020-11-19 01:51 - 2020-11-19 01:50 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-11-19 01:51 - 2020-11-19 01:50 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2021-12-23 18:29 - 2021-12-23 18:29 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2021-12-23 18:29 - 2021-12-23 18:29 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 002584064 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\libcrypto-1_1.dll
2020-11-19 01:51 - 2020-11-19 01:50 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2023-03-15 14:35 - 2020-11-19 01:50 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2023-03-15 14:35 - 2020-11-19 01:50 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2023-03-15 14:35 - 2020-11-19 01:50 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2023-03-15 14:35 - 2020-11-19 01:50 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2023-03-15 14:35 - 2020-11-19 01:50 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2023-03-15 14:35 - 2020-11-19 01:50 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\tracing:? [34]
AlternateDataStreams: C:\Users\nils:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [2498]
AlternateDataStreams: C:\ProgramData\goyslgxe.nnn:7297ACA992 [2498]
AlternateDataStreams: C:\ProgramData\juutbubq.wrj:C3E58011A3 [2498]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [2498]
AlternateDataStreams: C:\Users\nils\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\nils\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_301\bin\ssv.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-07-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\sharepoint.com -> hxxps://flsmannheim-files.sharepoint.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 12:47 - 2021-02-20 11:10 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Android;C:\Windows\System32;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3449150419-271838051-1508037707-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3449150419-271838051-1508037707-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\Control Panel\Desktop\\Wallpaper -> c:\users\nils\pictures\hintergründe\feuerzeug.jpg
DNS Servers: 192.168.178.101
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
ist aktiviert.
Network Binding:
=============
Ethernet 2: AVM VPN NDIS 6 Driver -> avm_nwim (enabled)
Ethernet 2: Shrew Soft Lightweight Filter -> vflt (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
MSCONFIG\Services: OverwolfUpdater => 3
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\StartupApproved\Run: => "RiotClient"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{EC468066-6BDB-4FCF-AF52-EA95A7571FD5}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{0B3E8262-EE89-49CB-8A64-25FCBBE49790}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{82BB0DDE-66E1-4A65-91D4-2177D6945DDC}C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei
FirewallRules: [UDP Query User{FAFD95A1-BC3E-4A8E-82F6-22D1B0D7A038}C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei
FirewallRules: [TCP Query User{F4BE1069-2099-42A4-A1C8-CD1FC7DB6ECA}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{B139368A-7ACF-44B8-A69E-4F30854AE5D6}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{51DE2A25-91EC-48E2-8874-49C5B87574D5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3B040D6D-68A1-4645-8C4D-50C775FAA8F4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{1825D03A-C8E4-412B-9ED5-0E9B79756079}C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei
FirewallRules: [UDP Query User{EF78B3B7-A78F-4413-B25B-DB8E6613AA9D}C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei
FirewallRules: [TCP Query User{D9732541-C39F-4EC0-B53B-250F2B3E7B62}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{21190C22-B01E-462C-AD8B-56E87C2516FB}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{40F82BBD-4E71-4573-A3F3-366BF6C53A81}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => Keine Datei
FirewallRules: [UDP Query User{E53FAE61-7C28-4B54-A8F1-7BBF8CF27326}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => Keine Datei
FirewallRules: [TCP Query User{4319FA76-820C-42D1-8741-BE520B55D865}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{8ACA883E-404C-4DF0-A09B-1D367C2736DB}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{9CD98EDD-B3CB-4994-94FF-D83EED85EB34}] => (Allow) D:\Steam\steamapps\common\Destiny 2\destiny2.exe => Keine Datei
FirewallRules: [{D3216BB0-D77A-4585-A7F8-4943A29235D7}] => (Allow) D:\Steam\steamapps\common\Destiny 2\destiny2.exe => Keine Datei
FirewallRules: [{098B6464-5E72-47EC-85CE-178CD5FEA518}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{236F0730-8110-47B1-BB07-AE2D19FC0EB5}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{C24BB531-5B2D-4686-B19B-DF898A6108B4}C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{420E2E8E-3779-4CB4-95EB-FBEDB2109E11}C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{EEBCF92F-9FEB-45C2-8C16-555C88FD7F13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BC04C5E6-7E8E-4E0D-AED6-31D038E0EBDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{14AD2BCE-9D64-4AB1-8BD5-29651370F510}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [{D8590094-7B2F-431C-8B06-3785E76EA794}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{301DD506-A44F-4856-BDE4-9E7E894E15CA}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.408\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.408\opera.exe => Keine Datei
FirewallRules: [UDP Query User{E6E258F7-F6F3-418B-89A6-601F80D06F06}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.408\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.408\opera.exe => Keine Datei
FirewallRules: [{80FE9FE3-06A5-4969-9FFD-BEC5E0181953}] => (Allow) D:\Steam\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert]
FirewallRules: [{56360E82-051B-4707-8075-6734490224A0}] => (Allow) D:\Steam\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{57E6B2A4-BFBD-4605-B94B-8F157868C911}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.415\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.415\opera.exe => Keine Datei
FirewallRules: [UDP Query User{C16F0282-C3CE-4FA7-AD5A-DC4FEBFC2974}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.415\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.415\opera.exe => Keine Datei
FirewallRules: [TCP Query User{8FF7CCE5-45D9-4BE2-9BF4-0B9C9F429751}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{55FDECEE-77A6-4BD2-A704-3825508C57F6}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{2243F366-3CC8-4443-9B53-04888E094ADF}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{74D4C5D0-A97B-45D4-8B88-752627AEDE1C}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{78070716-58D2-4CEF-BD41-79D273AED995}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{4406735B-95BE-4B5C-B8AA-55D26494AE33}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{3A837DFE-C395-447F-A77F-C3E0ADABF2A1}C:\program files (x86)\common files\oracle\java\javapath_target_631877109\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_631877109\java.exe => Keine Datei
FirewallRules: [UDP Query User{D524889C-A454-4CE3-B2B9-7ACD534FD876}C:\program files (x86)\common files\oracle\java\javapath_target_631877109\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_631877109\java.exe => Keine Datei
FirewallRules: [TCP Query User{E016464E-AC9C-4335-A4EA-66315636FD83}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{41D58B2B-4A63-40F7-BEFC-60B77EEE3541}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{47BA71EC-5859-409C-8B09-76776416A862}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.421\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.421\opera.exe => Keine Datei
FirewallRules: [UDP Query User{72DE7540-6421-48D5-8444-A80A68D4DCD3}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.421\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.421\opera.exe => Keine Datei
FirewallRules: [TCP Query User{6F8B1AE4-A9B2-4809-B574-A402D4807CE2}D:\ubisoft\forhonor\forhonor.exe] => (Allow) D:\ubisoft\forhonor\forhonor.exe => Keine Datei
FirewallRules: [UDP Query User{558DAB6A-C0FE-4EBD-9390-541F39B146BC}D:\ubisoft\forhonor\forhonor.exe] => (Allow) D:\ubisoft\forhonor\forhonor.exe => Keine Datei
FirewallRules: [{939955E8-A45B-4474-AEE3-1325039BD4F5}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [Datei ist nicht signiert]
FirewallRules: [{71EAA418-EB90-4D45-A95B-FF39995B5DCE}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{AF21DFA5-04C9-4E5D-A674-EBBAB2818244}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.424\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.424\opera.exe => Keine Datei
FirewallRules: [UDP Query User{671BAFAA-BE34-49E6-A7F5-BEE526DA31FC}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.424\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.424\opera.exe => Keine Datei
FirewallRules: [TCP Query User{E389631B-BCC4-4163-A177-5CFFDC56FA4A}D:\uplay\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) D:\uplay\tom clancy's rainbow six siege\rainbowsix_vulkan.exe => Keine Datei
FirewallRules: [UDP Query User{4C99750C-9C11-4A67-AE43-04AF9DE4ACBD}D:\uplay\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) D:\uplay\tom clancy's rainbow six siege\rainbowsix_vulkan.exe => Keine Datei
FirewallRules: [TCP Query User{575AD171-A61D-4451-B807-D8636D88E735}D:\uplay\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) D:\uplay\tom clancy's rainbow six siege\rainbowsix.exe => Keine Datei
FirewallRules: [UDP Query User{365DD66C-95D5-4330-9C6B-082A0011CA53}D:\uplay\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) D:\uplay\tom clancy's rainbow six siege\rainbowsix.exe => Keine Datei
FirewallRules: [TCP Query User{8D6FF879-AB1A-4B0E-9B05-E892CCB1B4B0}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.427\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.427\opera.exe => Keine Datei
FirewallRules: [UDP Query User{F58D078B-99DC-4F77-ADA6-F1E33B830CF9}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.427\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.427\opera.exe => Keine Datei
FirewallRules: [{E1F9D83E-7C4F-4401-BDAA-ECBD3973965C}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{293EA6CC-142B-4D36-9D60-A517A9A4DBBA}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{13E981F9-6BA5-4438-9B0F-4ED74A7DF4BB}D:\steam\steamapps\common\ittakestwo\nuts\binaries\win64\ittakestwo.exe] => (Allow) D:\steam\steamapps\common\ittakestwo\nuts\binaries\win64\ittakestwo.exe (Hazelight Studios AB -> Hazelight Studios)
FirewallRules: [UDP Query User{E5C17ACB-37CE-46B0-850D-2655A4CEE2B9}D:\steam\steamapps\common\ittakestwo\nuts\binaries\win64\ittakestwo.exe] => (Allow) D:\steam\steamapps\common\ittakestwo\nuts\binaries\win64\ittakestwo.exe (Hazelight Studios AB -> Hazelight Studios)
FirewallRules: [TCP Query User{57144AFE-F44F-4EE7-9A46-ABDA9F7C3A19}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.438\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.438\opera.exe => Keine Datei
FirewallRules: [UDP Query User{1D6FD0A1-5105-4208-ADDC-A7F0999AA57A}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.438\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.438\opera.exe => Keine Datei
FirewallRules: [TCP Query User{C6FF115F-29BD-40B7-8A42-3BE9F3EA10DC}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.259\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.259\opera.exe => Keine Datei
FirewallRules: [UDP Query User{9E8EF3F3-DD9D-432E-A956-A5687BA9D1EB}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.259\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.259\opera.exe => Keine Datei
FirewallRules: [TCP Query User{BBC874C6-36B4-4B5A-BCE7-7EDC7D32AB36}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.267\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.267\opera.exe => Keine Datei
FirewallRules: [UDP Query User{89213033-21D6-4246-ACE1-350F0FA196FE}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.267\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.267\opera.exe => Keine Datei
FirewallRules: [{BBCD0ABB-B7F3-44A1-9721-506BF55FCE8E}] => (Allow) D:\Steam\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{183E20F2-DA31-46F0-AE63-52D4223C86D5}] => (Allow) D:\Steam\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [TCP Query User{D67AD3A8-1B2A-44A7-B184-6F4B0FC37B45}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.279\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.279\opera.exe => Keine Datei
FirewallRules: [UDP Query User{E07D6BE8-6C27-4E4E-89F8-7C51AF2B97A7}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.279\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.279\opera.exe => Keine Datei
FirewallRules: [TCP Query User{2412D2E3-FD17-42DF-B9CC-073AA54C09FA}D:\steam\steamapps\common\biomutant\biomutant\binaries\win64\biomutant-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\biomutant\biomutant\binaries\win64\biomutant-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{5726C949-869F-4A81-814B-B24DBF3C1F11}D:\steam\steamapps\common\biomutant\biomutant\binaries\win64\biomutant-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\biomutant\biomutant\binaries\win64\biomutant-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{C21D225F-0257-46B5-AF68-CEA46E38CC9F}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.282\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.282\opera.exe => Keine Datei
FirewallRules: [UDP Query User{97D2906F-50AE-49E8-827A-FA4513D0D2C8}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.282\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.282\opera.exe => Keine Datei
FirewallRules: [{189477CF-9AB1-4FEC-895F-6FF6402F5360}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{8D9C7A6F-445A-43BA-A9F9-83F9089216D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{A93283BD-750C-41DF-ACAC-E7B456A4705E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{D6B04A3C-E4FA-4389-8679-DA44502CB1C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{C5C12C99-CD76-47BE-B978-B4F5C93D488D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{21B30609-3B1F-4190-AD47-C49483519E29}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{81280270-2742-4CD2-B3DB-A460ED8D3BD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{F4BAE828-86F3-4009-BF96-F6ED04EA926E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [TCP Query User{476815B6-28DF-4E10-9913-DFF5FE8D14C8}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.285\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.285\opera.exe => Keine Datei
FirewallRules: [UDP Query User{A9524BF0-DAB3-4C03-9024-2861014D0C3E}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.285\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.285\opera.exe => Keine Datei
FirewallRules: [TCP Query User{E05266DB-971F-4BBD-8BCC-26D8A6C43ACD}C:\users\nils\appdata\local\programs\opera gx\76.0.4017.205\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\76.0.4017.205\opera.exe => Keine Datei
FirewallRules: [UDP Query User{90F8AE23-81EF-4A79-91A9-4774838688DE}C:\users\nils\appdata\local\programs\opera gx\76.0.4017.205\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\76.0.4017.205\opera.exe => Keine Datei
FirewallRules: [TCP Query User{FB6CCBF3-2720-4498-A024-E3B4EDA5386D}C:\users\nils\appdata\local\programs\opera gx\76.0.4017.208\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\76.0.4017.208\opera.exe => Keine Datei
FirewallRules: [UDP Query User{79719A19-8115-4C63-97A2-A1D8ABFBEAF4}C:\users\nils\appdata\local\programs\opera gx\76.0.4017.208\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\76.0.4017.208\opera.exe => Keine Datei
FirewallRules: [TCP Query User{CEC10170-D440-4F10-9498-8A056F2C7F4A}C:\users\nils\appdata\local\programs\opera gx\76.0.4017.227\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\76.0.4017.227\opera.exe => Keine Datei
FirewallRules: [UDP Query User{D0434488-D480-4B97-B6D1-A5C10BF3B9F5}C:\users\nils\appdata\local\programs\opera gx\76.0.4017.227\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\76.0.4017.227\opera.exe => Keine Datei
FirewallRules: [TCP Query User{86F6C23C-E734-4024-BA76-DBB6927A28B4}C:\users\nils\appdata\local\programs\opera gx\77.0.4054.257\opera.exe] => (Block) C:\users\nils\appdata\local\programs\opera gx\77.0.4054.257\opera.exe => Keine Datei
FirewallRules: [UDP Query User{BA8AC1B5-E120-494F-B570-D06B2DAE55CD}C:\users\nils\appdata\local\programs\opera gx\77.0.4054.257\opera.exe] => (Block) C:\users\nils\appdata\local\programs\opera gx\77.0.4054.257\opera.exe => Keine Datei
FirewallRules: [TCP Query User{2ABAB9C0-2759-4A56-991B-A37F0F2E1BDC}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{018831AE-EF1F-4D73-B854-C05CB934D817}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{923136CD-F1CB-4363-9BCA-F50B51521B19}C:\users\nils\appdata\local\programs\opera gx\77.0.4054.275\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\77.0.4054.275\opera.exe => Keine Datei
FirewallRules: [UDP Query User{A519566A-52FD-48FF-BF88-A59D517579FC}C:\users\nils\appdata\local\programs\opera gx\77.0.4054.275\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\77.0.4054.275\opera.exe => Keine Datei
FirewallRules: [TCP Query User{BE738B96-6006-4E9A-AE32-F910B924FFE1}C:\program files (x86)\epic games\defensegrid\defensegrid.exe] => (Allow) C:\program files (x86)\epic games\defensegrid\defensegrid.exe => Keine Datei
FirewallRules: [UDP Query User{0BDAC37C-CC13-4AE0-833F-FCD6403AF74B}C:\program files (x86)\epic games\defensegrid\defensegrid.exe] => (Allow) C:\program files (x86)\epic games\defensegrid\defensegrid.exe => Keine Datei
FirewallRules: [TCP Query User{CFE8461D-803D-4E2D-A703-1E5628C26134}C:\users\nils\appdata\local\programs\opera gx\77.0.4054.298\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\77.0.4054.298\opera.exe => Keine Datei
FirewallRules: [UDP Query User{16D35CB2-D72A-46D4-89D6-7B25D3C77746}C:\users\nils\appdata\local\programs\opera gx\77.0.4054.298\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\77.0.4054.298\opera.exe => Keine Datei
FirewallRules: [TCP Query User{832B201B-244A-4083-80AE-D4C12EE2D02A}C:\users\nils\appdata\local\programs\opera gx\78.0.4093.153\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\78.0.4093.153\opera.exe => Keine Datei
FirewallRules: [UDP Query User{8739D01C-122D-4CDC-8EFF-58F343035D9B}C:\users\nils\appdata\local\programs\opera gx\78.0.4093.153\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\78.0.4093.153\opera.exe => Keine Datei
FirewallRules: [TCP Query User{C681058B-13AD-4642-B316-8CCAEE8A0874}C:\users\nils\appdata\local\programs\opera gx\78.0.4093.186\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\78.0.4093.186\opera.exe => Keine Datei
FirewallRules: [UDP Query User{1BEDFD7C-69B8-4DA1-9BCA-FB34B3A014D4}C:\users\nils\appdata\local\programs\opera gx\78.0.4093.186\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\78.0.4093.186\opera.exe => Keine Datei
FirewallRules: [TCP Query User{A3AA8614-9765-4FE9-8C8D-73D3100E0B4E}D:\epicgames\satisfactoryearlyaccess\engine\binaries\win64\factorygame-win64-shipping.exe] => (Allow) D:\epicgames\satisfactoryearlyaccess\engine\binaries\win64\factorygame-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{3BEB6284-E845-4AF2-B5C5-3F7F5C91CD75}D:\epicgames\satisfactoryearlyaccess\engine\binaries\win64\factorygame-win64-shipping.exe] => (Allow) D:\epicgames\satisfactoryearlyaccess\engine\binaries\win64\factorygame-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{A389F974-C5DF-499D-A79D-422D23092C38}C:\users\nils\appdata\local\programs\opera gx\78.0.4093.214\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\78.0.4093.214\opera.exe => Keine Datei
FirewallRules: [UDP Query User{0A147AD2-B88D-44AE-9291-D2E9B79CA0B9}C:\users\nils\appdata\local\programs\opera gx\78.0.4093.214\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\78.0.4093.214\opera.exe => Keine Datei
FirewallRules: [TCP Query User{1949779F-85F6-4C09-A5F0-8B6DC8E1A67B}C:\users\nils\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{65AB902A-71F2-4D34-B4B9-C560850CDB8A}C:\users\nils\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{DA8977AB-A18F-42B7-9C67-CBE8E38759DE}] => (Allow) C:\Users\nils\AppData\Roaming\Zoom\bin\Zoom.exe => Keine Datei
FirewallRules: [{94CD7528-E02F-49C7-865F-6C5CFFC30378}] => (Allow) C:\Users\nils\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{7997A2D0-5904-44C5-AFE0-138136172888}] => (Allow) C:\Users\nils\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [TCP Query User{020EA194-6077-420A-95A7-5B83B22F4346}C:\users\nils\appdata\local\temp\scoped_dir13200_195269716\kodularstarter_windows.exe] => (Allow) C:\users\nils\appdata\local\temp\scoped_dir13200_195269716\kodularstarter_windows.exe => Keine Datei
FirewallRules: [UDP Query User{376E8E66-826D-4D26-BE55-3293BC28B953}C:\users\nils\appdata\local\temp\scoped_dir13200_195269716\kodularstarter_windows.exe] => (Allow) C:\users\nils\appdata\local\temp\scoped_dir13200_195269716\kodularstarter_windows.exe => Keine Datei
FirewallRules: [TCP Query User{29854527-5178-4B96-97C2-1D5BDD2ACAF5}C:\users\nils\desktop\kodularstarter_windows.exe] => (Allow) C:\users\nils\desktop\kodularstarter_windows.exe => Keine Datei
FirewallRules: [UDP Query User{D75A483C-0F2D-47FB-B298-B90D7155E451}C:\users\nils\desktop\kodularstarter_windows.exe] => (Allow) C:\users\nils\desktop\kodularstarter_windows.exe => Keine Datei
FirewallRules: [TCP Query User{E08B60BF-AEE0-4CA2-9C6E-FB85BF38D945}C:\users\nils\desktop\kodular\kodularstarter_windows.exe] => (Allow) C:\users\nils\desktop\kodular\kodularstarter_windows.exe => Keine Datei
FirewallRules: [UDP Query User{5C982ED6-8A73-44A4-81AA-CB66258682E8}C:\users\nils\desktop\kodular\kodularstarter_windows.exe] => (Allow) C:\users\nils\desktop\kodular\kodularstarter_windows.exe => Keine Datei
FirewallRules: [TCP Query User{8BAEBB13-BA63-43A3-81D0-6AFF40802F07}C:\users\nils\desktop\pummel party\pummelparty.exe] => (Allow) C:\users\nils\desktop\pummel party\pummelparty.exe => Keine Datei
FirewallRules: [UDP Query User{34E36611-47B7-42A7-A582-86B9E3E17A2F}C:\users\nils\desktop\pummel party\pummelparty.exe] => (Allow) C:\users\nils\desktop\pummel party\pummelparty.exe => Keine Datei
FirewallRules: [TCP Query User{E3A8CDB1-EF8A-4EB5-8B73-B1C9825EC42A}C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{7DF6FEF8-412C-408B-9A25-886E57791964}C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{31550B3F-326A-41E5-840E-98AA972C50DA}] => (Allow) D:\Steam\steamapps\common\Noita\noita.exe () [Datei ist nicht signiert]
FirewallRules: [{8F1A86EA-160C-48A3-A10F-D20D5B2AB944}] => (Allow) D:\Steam\steamapps\common\Noita\noita.exe () [Datei ist nicht signiert]
FirewallRules: [{1C6832EE-9B06-4E05-B41A-4C95335F6D52}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{9DBD0A44-4D01-4B44-AA5B-A6D0AC19A5CF}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{3FBF7EF3-98CC-44AB-A37E-25245FBBC527}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [UDP Query User{30B9ADE7-1EAB-4F65-9089-CC2B34D11B8C}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{610CBE92-D3AF-4652-8F3F-2B909D4A7489}C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{52E61968-1552-4CA8-969B-A56085339510}C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{CADDFB49-90C0-4A8E-A744-0F42063192C5}C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{19A4C695-B0EF-411C-946C-79DD8CAF4273}C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{18776FA0-C4AA-4590-9083-D9CA7F0FEA39}] => (Allow) D:\Steam\steamapps\common\Crab Game\Crab Game.exe () [Datei ist nicht signiert]
FirewallRules: [{DB8CE3C8-681B-42C1-B140-4C484F233E54}] => (Allow) D:\Steam\steamapps\common\Crab Game\Crab Game.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{387073A1-17D8-4AAB-9CDB-4AE26D355AA8}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3E0ED02B-3286-4AD3-92C1-1FC16E0691C5}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{3156134D-0073-4F12-9A67-72E21C09A850}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{DF871CAD-79C9-4670-A635-978ACA2DFDC3}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{F2620380-C1DC-4D53-898E-4B9C9F1F9701}] => (Allow) D:\Steam\steamapps\common\Foundation\foundation.exe (Polymorph Games) [Datei ist nicht signiert]
FirewallRules: [{F63F71FE-B9D0-43BE-8112-91086E25DBC1}] => (Allow) D:\Steam\steamapps\common\Foundation\foundation.exe (Polymorph Games) [Datei ist nicht signiert]
FirewallRules: [{62B80037-13D7-444F-B135-4EB3B6C9ED3E}] => (Allow) D:\Steam\steamapps\common\Vampire Survivors\VampireSurvivors.exe () [Datei ist nicht signiert]
FirewallRules: [{4CF67B4D-182B-42DF-8479-AE458F59AD5B}] => (Allow) D:\Steam\steamapps\common\Vampire Survivors\VampireSurvivors.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C49CCA75-2D5D-4490-A6E2-9307E594D692}C:\users\nils\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{B421E713-4139-41D0-B957-1286FD298811}C:\users\nils\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{E94EDFDA-5C3D-4F02-AFC4-239C4AF44A8A}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E84D073F-4795-4655-BB1A-EC35F60605DC}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{737EBC00-D539-464F-8C90-8BF4646C6920}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{BD99D834-533B-4FBC-9290-3E6F4A07FB40}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{FFE40C35-BA5A-4D69-B932-A63D50A9BF70}] => (Allow) D:\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{FA7749D2-F744-47EA-98FA-75DB4AE9C8E5}] => (Allow) D:\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{120F6350-5349-4350-B509-B7FF8EC5A36B}] => (Allow) D:\Steam\steamapps\common\Taur\Taur.exe () [Datei ist nicht signiert]
FirewallRules: [{C7D6FE1C-DD5E-44B7-9A95-1B2AA2373567}] => (Allow) D:\Steam\steamapps\common\Taur\Taur.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{35D4B01A-AEAC-44C8-8032-EE36918977EE}D:\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe => Keine Datei
FirewallRules: [UDP Query User{BEA49126-B4EF-45DD-9450-C6BCB9F47DFF}D:\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe => Keine Datei
FirewallRules: [{9439775A-A347-4BCE-A7B8-33DF87ADFF2C}] => (Allow) D:\Steam\steamapps\common\Project Lazarus\Project Lazarus.exe () [Datei ist nicht signiert]
FirewallRules: [{E93F9A9D-E49A-4455-8376-0A399908A874}] => (Allow) D:\Steam\steamapps\common\Project Lazarus\Project Lazarus.exe () [Datei ist nicht signiert]
FirewallRules: [{EDA00A6B-8E39-4218-9B05-5FA7E8370D1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D9A92D05-4A96-4E88-9D94-63629EF829C0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5E3F4625-862C-47B4-8085-C15A86DEE536}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D7A1D399-C477-4BD5-A682-8E335DB85CCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F3A9CBC5-96A7-4DEA-98E6-5282AFBFA2FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{57D6F14F-5229-48E6-9E90-CEECB844102A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{23758528-2E42-4688-877E-F59A622A9D3D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{68BE591E-6A3D-4419-9F4B-60AF75E63541}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C52660B2-B862-46D6-9583-014DEEB7749A}] => (Allow) D:\Steam\steamapps\common\Hunter Survivors\HunterSurvivors.exe () [Datei ist nicht signiert]
FirewallRules: [{EAA4BAD1-EC99-4429-95B6-2268D78D7CC3}] => (Allow) D:\Steam\steamapps\common\Hunter Survivors\HunterSurvivors.exe () [Datei ist nicht signiert]
FirewallRules: [{5143556D-E429-44D3-9CDF-E41F4D4FB5F5}] => (Allow) D:\Steam\steamapps\common\RISK Global Domination\RISK.exe () [Datei ist nicht signiert]
FirewallRules: [{BBF6403E-7F9E-428A-ADA2-1C33698E38CB}] => (Allow) D:\Steam\steamapps\common\RISK Global Domination\RISK.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{420BA7F6-5463-43B1-9330-C3D0F40F0615}D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [UDP Query User{8496D73E-3969-45A8-9678-EC1ACA89FC3D}D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [TCP Query User{C14342A2-692B-4E89-A3E1-4AACAB1400AD}D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [UDP Query User{F4DF355A-04DD-425B-B82F-357D77C495EE}D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [TCP Query User{B3816CDE-97E3-4463-996E-4ACF6C923275}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{0A39DE3A-1D70-45D2-B4C5-370F8690950B}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{081FBD28-5B75-4F18-BC76-4532635C45EE}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{325F68D1-4B8C-4FBE-BC2C-41328D76A971}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{4982B4AC-6C98-4B13-8016-F0606F97CA3A}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{FB48B2F6-0C37-4C3F-AC30-332A343ED370}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{5709C70D-1614-490A-B713-71E8DCBE9AB6}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [TCP Query User{410E3EE7-2E5F-4ECB-8979-91F06FC7009D}C:\users\nils\appdata\local\discord\app-1.0.9007\discord.exe] => (Allow) C:\users\nils\appdata\local\discord\app-1.0.9007\discord.exe => Keine Datei
FirewallRules: [UDP Query User{6E3170FC-77FC-4953-8419-DB6D0EDC5329}C:\users\nils\appdata\local\discord\app-1.0.9007\discord.exe] => (Allow) C:\users\nils\appdata\local\discord\app-1.0.9007\discord.exe => Keine Datei
FirewallRules: [TCP Query User{D7B76614-3630-4ED2-B3BF-F3E1C588D072}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{B9F377A5-A6E9-4EAA-9F59-FDE573698604}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [{FFB2FDE4-018C-45D2-8192-76263A410243}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => Keine Datei
FirewallRules: [{CAB098C8-D3D6-4A70-8681-CE6B3A9711F3}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => Keine Datei
FirewallRules: [TCP Query User{10CFC94F-E5F4-44F6-A091-9D7487C2207A}C:\users\nils\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\nils\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{F7BBBD02-5D35-4BCC-ADA3-6B88EE2F7C64}C:\users\nils\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\nils\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{333F6A54-B0AC-481B-828B-0EC3F43DD442}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{0E96152F-9308-4274-9B98-0DCB6110E61E}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{535B9A2A-15BC-4211-9494-E10234074A81}] => (Allow) D:\Steam\steamapps\common\FLERP\FLERP.exe () [Datei ist nicht signiert]
FirewallRules: [{E99E7E51-7D55-42FC-8279-44F75F948CA2}] => (Allow) D:\Steam\steamapps\common\FLERP\FLERP.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{507C0146-836A-4E8B-8271-33F5BBA0DEFD}C:\users\nils\twitch\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\nils\twitch\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{51CA4EB0-D9B9-4B80-B40D-342CE2BE932B}C:\users\nils\twitch\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\nils\twitch\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{C1ED4499-7333-4690-B8CB-CBEACCB88157}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{FE4C3FDF-8212-4176-86ED-4C8BEF3E9C13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{32F3A288-A683-442F-AB15-C8287703D95F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{116DA4BA-DA7E-4D78-8B46-557350B046CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{9CB11874-972E-4FF9-8B22-021F857815C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{8DD042AC-6209-4F53-A15E-42233AD46350}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{91517E0E-F6A5-4BD9-ABBE-26C29FE5768D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{45975058-02A2-4D24-A01F-E17757FBFA2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [TCP Query User{E0C91D6B-57DA-4888-88F9-3152FC52583E}D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe] => (Allow) D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe (MY.GAMES B.V. -> MY.GAMES B.V.)
FirewallRules: [UDP Query User{EF5ED747-F426-4ABF-ABD0-B63C654B6A63}D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe] => (Allow) D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe (MY.GAMES B.V. -> MY.GAMES B.V.)
FirewallRules: [TCP Query User{C68D37DE-A70C-46A1-AF0A-C766244F1186}D:\steam\steamapps\common\world war 3\13_2002999\ww3\binaries\win64\ww3-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\world war 3\13_2002999\ww3\binaries\win64\ww3-win64-shipping.exe (AC World War 3 -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E461A6D6-8308-4600-872D-C2E6A6919FBE}D:\steam\steamapps\common\world war 3\13_2002999\ww3\binaries\win64\ww3-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\world war 3\13_2002999\ww3\binaries\win64\ww3-win64-shipping.exe (AC World War 3 -> Epic Games, Inc.)
FirewallRules: [{CAB85C53-EA48-4999-846A-4CB609F4B403}] => (Allow) D:\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe (G=Barrel Roll Games) [Datei ist nicht signiert]
FirewallRules: [{E6A34E56-D7B3-4B26-B0E0-AB4659D9AA4B}] => (Allow) D:\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe (G=Barrel Roll Games) [Datei ist nicht signiert]
FirewallRules: [{9CC089AB-6F25-453C-96B4-E41EE80AE685}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{03974C1D-D900-46B3-82E5-B544E67B68A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{6AB005F8-F330-48C6-A4F0-93B046C8BE84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{DABA6719-746A-4337-B630-9C825BB3FD10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{A8147ABB-907E-491C-861E-5839C732069F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{F8904BE1-B78F-40C6-BE1A-7187DBAC4BCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{4B039DFC-D9F4-4CFE-87F6-3EE007032005}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{228C7D5E-9DAF-4B77-A7D6-390F9F5EFF71}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{E0358883-0369-46C3-9D62-88A929539857}] => (Allow) D:\Steam\steamapps\common\Project Lazarus\Experimental\Project Lazarus.exe => Keine Datei
FirewallRules: [{80783167-8618-4A45-9801-29CCB698F2CC}] => (Allow) D:\Steam\steamapps\common\Project Lazarus\Experimental\Project Lazarus.exe => Keine Datei
FirewallRules: [{FA9ED5C3-5D66-4633-8800-FDEBBA317660}] => (Allow) C:\Program Files\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [TCP Query User{38B4E4AC-9D3E-490A-AD4D-96CCFBD52213}C:\users\nils\desktop\tachy\tachyons a0835\jre\bin\javaw.exe] => (Allow) C:\users\nils\desktop\tachy\tachyons a0835\jre\bin\javaw.exe
FirewallRules: [UDP Query User{CAE28733-27C9-4FD9-8CEB-218F6DDF43C9}C:\users\nils\desktop\tachy\tachyons a0835\jre\bin\javaw.exe] => (Allow) C:\users\nils\desktop\tachy\tachyons a0835\jre\bin\javaw.exe
FirewallRules: [{40689A9A-A6D7-40A7-96FB-B1CAEF125DCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{626300EB-4750-4E3C-9053-82C5BB4F38AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{15D2EB13-1997-42D5-B977-A833845AC457}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{94927363-9476-4CD9-8909-EBC13B8B4886}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{A9423EB7-94E3-46BE-9201-37DF5039B6A7}C:\users\nils\desktop\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\nils\desktop\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{4F686205-EB7F-4EBF-AB8B-0E757FFCD5AB}C:\users\nils\desktop\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\nils\desktop\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => Keine Datei
FirewallRules: [{9D299F5C-5F0F-4E00-A89C-27C07833B184}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{609D181B-3547-47FC-9097-E8218C7FE6B6}C:\users\nils\desktop\tachy backup\tachyons a0835\jre\bin\javaw.exe] => (Allow) C:\users\nils\desktop\tachy backup\tachyons a0835\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9AE20C0C-918D-4457-926A-9477AFBB2CD5}C:\users\nils\desktop\tachy backup\tachyons a0835\jre\bin\javaw.exe] => (Allow) C:\users\nils\desktop\tachy backup\tachyons a0835\jre\bin\javaw.exe
FirewallRules: [{7757091D-C43B-4AD6-A270-667177F5FB87}] => (Allow) D:\Steam\steamapps\common\War Robots\WarRobots.exe () [Datei ist nicht signiert]
FirewallRules: [{93D5E406-D737-43E7-B196-50F33ED92540}] => (Allow) D:\Steam\steamapps\common\War Robots\WarRobots.exe () [Datei ist nicht signiert]
FirewallRules: [{09AC865D-8F36-4C13-A72B-32E50BEE9F10}] => (Allow) D:\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert]
FirewallRules: [{9933D73A-2BBD-4C6F-9E3D-01AE2EC31CC4}] => (Allow) D:\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{6B7166FB-036B-40FA-AC64-52092970EF52}D:\epicgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epicgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{258FCF7F-046F-4285-B469-3D2012C95DC1}D:\epicgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epicgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{6629D939-8D47-4B68-88CA-BBC8D4376824}] => (Allow) D:\Steam\steamapps\common\To The Core\ToTheCore\ToTheCore.exe => Keine Datei
FirewallRules: [{8B65BFBB-95F9-47AE-A549-2CE064363A40}] => (Allow) D:\Steam\steamapps\common\To The Core\ToTheCore\ToTheCore.exe => Keine Datei
FirewallRules: [{B1A89D08-CB25-422C-916B-B783943A6865}] => (Allow) D:\Steam\steamapps\common\MagicraftDemo\Magicraft.exe () [Datei ist nicht signiert]
FirewallRules: [{22901151-5DCA-44D6-9D56-AAB16951313B}] => (Allow) D:\Steam\steamapps\common\MagicraftDemo\Magicraft.exe () [Datei ist nicht signiert]
FirewallRules: [{B90E0F5B-D07B-478C-A56D-A31453FE79CA}] => (Allow) D:\Steam\steamapps\common\Magicraft\Magicraft.exe () [Datei ist nicht signiert]
FirewallRules: [{34310CD0-2CF3-49CD-8EBD-05B8E31FFF7F}] => (Allow) D:\Steam\steamapps\common\Magicraft\Magicraft.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C445F3BA-0110-4768-8519-5EC9DFBA1DFF}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [UDP Query User{D5E0402D-40DC-4CCE-A0AD-E49E5C9C55F6}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{AE16D52F-7C06-41B9-9643-5ABE1D9691BC}D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe] => (Allow) D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe (MY.GAMES B.V. -> MY.GAMES B.V.)
FirewallRules: [UDP Query User{7383812F-5A79-4D1E-8092-999215326603}D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe] => (Allow) D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe (MY.GAMES B.V. -> MY.GAMES B.V.)
FirewallRules: [{2979D2D5-73A0-447C-90BF-9F8A3BFF5CC6}] => (Allow) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{8D84A8F9-330D-41BF-919F-4D4CE541EE00}] => (Allow) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{D6CD7AF1-5328-43D5-80FD-C50B67D645CB}] => (Block) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{28F38B0F-7917-4A6F-95E4-21F4128219C5}] => (Block) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{1E8C5D0E-B4E7-4E89-9D2D-94621ACA0F44}] => (Allow) C:\Program Files (x86)\Overwolf\0.241.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2043F6FA-21B7-467B-ABC6-25C47BD17A2C}] => (Allow) C:\Program Files (x86)\Overwolf\0.241.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{52BDDF06-ACE7-4E12-AC75-DBCB6FEA32A1}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7651BD89-2F99-44E2-A7C6-D438E70F5CE0}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{8605A762-92F2-4637-9D0C-6030691365D1}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [TCP Query User{9083E793-263B-46DE-AE8B-2DA3D60566C5}C:\program files\windowsapps\36059xiaoyastudio.54454b0a7f4e6_2.0.7.0_x64__ngh7ertwt50re\vfs\programfilesx86\xiaoya\video editor max\openshot-qt.exe] => (Allow) C:\program files\windowsapps\36059xiaoyastudio.54454b0a7f4e6_2.0.7.0_x64__ngh7ertwt50re\vfs\programfilesx86\xiaoya\video editor max\openshot-qt.exe (FB8EA4B3-3627-4C79-8231-7558717B7C95 -> Xiaoya Lab)
FirewallRules: [UDP Query User{A6102B8E-675E-4A19-A86A-FA34D2F1B982}C:\program files\windowsapps\36059xiaoyastudio.54454b0a7f4e6_2.0.7.0_x64__ngh7ertwt50re\vfs\programfilesx86\xiaoya\video editor max\openshot-qt.exe] => (Allow) C:\program files\windowsapps\36059xiaoyastudio.54454b0a7f4e6_2.0.7.0_x64__ngh7ertwt50re\vfs\programfilesx86\xiaoya\video editor max\openshot-qt.exe (FB8EA4B3-3627-4C79-8231-7558717B7C95 -> Xiaoya Lab)
FirewallRules: [{CFAA04B9-89DF-454D-8B5E-39E10DCE28E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2B875B1D-AEA4-4AB9-BDEA-5804A8EE4429}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C9981E92-F74F-4C3E-AFA8-67ABAF7A5882}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6BF7146E-950B-4C5F-B824-1F4543464478}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4F6D600F-FFFE-4D9C-A54C-BE51616FA910}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C766BDBD-1799-48FA-8116-D985C8AD8E77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{99FAFAA0-2285-40D5-B22E-DDD81C9D3DC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6C53A464-4CE0-463E-968D-16C247907854}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A1B7F14D-18FC-4B37-A3E7-4879501A7922}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{376FD162-DFA6-4926-9A3A-9957FC21DA06}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{91C61478-A9C3-4468-BA46-D8A8E5805592}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Wiederherstellungspunkte =========================
20-01-2024 14:57:13 Scheduled Checkpoint
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (01/27/2024 09:12:42 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\nils\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_a863d714867441db.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_60b6a03d71f818d5.manifest.
Error: (01/27/2024 09:12:42 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\nils\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_a863d714867441db.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_60b6a03d71f818d5.manifest.
Error: (01/27/2024 09:10:21 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NILS-PC)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (01/26/2024 03:01:01 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NILS-PC)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (01/26/2024 01:17:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Corsair.Service.exe, Version: 3.38.0.4, Zeitstempel: 0x6022c976
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x07078cb4
ID des fehlerhaften Prozesses: 0xac4
Startzeit der fehlerhaften Anwendung: 0x01da4fcc17f0d4f4
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 1ec79ab8-224e-4696-bd67-ece22ca681e4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/26/2024 01:17:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Corsair.Service.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
at CorsairLink4.Module.PlatinumDevices.Common.Utils.PrecisionDelay.MultimediaTimerCallback(UInt32, UInt32, UInt32 ByRef, UInt32, UInt32)
Error: (01/26/2024 12:37:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\nils\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_a863d714867441db.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_60b6a03d71f818d5.manifest.
Error: (01/25/2024 10:22:49 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NILS-PC)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Systemfehler:
=============
Error: (01/27/2024 09:09:33 AM) (Source: TPM) (EventID: 15) (User: )
Description: Beim Gerätetreiber für das Trusted Platform Module (TPM) ist ein nicht behebbarer Fehler in der TPM-Hardware aufgetreten, der die Verwendung der TPM-Dienste (z. B. Datenverschlüsselung) verhindert. Wenden Sie sich an den Computerhersteller, um weitere Hilfe zu erhalten.
Error: (01/26/2024 08:04:04 PM) (Source: DCOM) (EventID: 10010) (User: NILS-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/26/2024 08:04:04 PM) (Source: DCOM) (EventID: 10010) (User: NILS-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/26/2024 08:04:04 PM) (Source: DCOM) (EventID: 10010) (User: NILS-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/26/2024 08:04:04 PM) (Source: DCOM) (EventID: 10010) (User: NILS-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/26/2024 08:04:04 PM) (Source: DCOM) (EventID: 10010) (User: NILS-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/26/2024 08:04:04 PM) (Source: DCOM) (EventID: 10010) (User: NILS-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/26/2024 08:04:04 PM) (Source: DCOM) (EventID: 10010) (User: NILS-PC)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
================
Date: 2024-01-26 12:49:03
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {EDA0F66A-7EC0-4447-8913-3FE9EE80010D}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
Date: 2024-01-25 18:55:01
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {4971DEF9-06EE-4687-B4C3-19B2358F6567}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
Date: 2024-01-22 18:03:58
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {E4BF3ACA-0DD3-4D22-97E7-FD43495CD95A}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
Date: 2024-01-21 12:24:12
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {8683E8D7-7971-4D88-BE47-C053BC9A6878}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
Date: 2024-01-20 14:40:12
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {B28D5B2F-2F26-49EC-ACCA-C0553008ECD4}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2023-11-24 20:58:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-10-14 22:17:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-17 10:36:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-28 21:10:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 0411 09/21/2018
Hauptplatine: ASUSTeK COMPUTER INC. PRIME Z370-P II
Prozessor: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 16313.16 MB
Verfügbarer physikalischer RAM: 8142.48 MB
Summe virtueller Speicher: 23225.16 MB
Verfügbarer virtueller Speicher: 7896.87 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:464.44 GB) (Free:40.18 GB) (Model: Samsung SSD 860 EVO 500GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:221.54 GB) (Model: CT1000P1SSD8) NTFS
\\?\Volume{52079eb2-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.47 GB) (Free:0.43 GB) NTFS
\\?\Volume{ef4dd45f-2481-7b8a-dd00-1f0b10522788}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{52079eb2-0000-0000-0000-101e00000000}\ (Volume) (Fixed) (Total:0.02 GB) (Free:0.01 GB) NTFS
\\?\Volume{52079eb2-0000-0000-0060-603b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.23 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 52079EB2)
Partition 1: (Active) - (Size=479 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=21 MB) - (Type=05)
Partition 3: (Not Active) - (Size=464.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=852 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 2FE87EA9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== Ende von Addition.txt =======================
Geändert von NTorak (28.01.2024 um 00:24 Uhr) Grund: Tippfehler. Statt "2. Informationen zusammenstellen" "3. Informationen vorbereiten" |
|
28.01.2024, 00:54
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Verdacht auf Crypto-Miner Danke. Ich hab schon fast befürchtet, dass genau dieser Hinweis so verstanden wird. Ich kläre das mal mit M-K-D-B. Danke für deinen Input  System aufräumen: unnötige und veraltete Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.01.2024, 01:02
| #5 |
| | Windows 10: Verdacht auf Crypto-Miner Programme sind deinstalliert. Wie sind denn beim erstellen eines Themas Logfiles zu posten wenn diese zu groß sind? |
|
28.01.2024, 01:31
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Verdacht auf Crypto-Miner Dann aufteilen. Nur bei extrem großen Logs macht zippen einen Sinn. Weiter gehts: adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ --> Windows 10: Verdacht auf Crypto-Miner |
|
28.01.2024, 01:41
| #7 |
| | Windows 10: Verdacht auf Crypto-Miner Ist erledigt hier der Log: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 28.01.24
Scan-Zeit: 01:35
Protokolldatei: 12fb1d52-bd75-11ee-bdf0-0492265d3edd.json
-Softwaredaten-
Version: 4.6.8.311
Komponentenversion: 1.0.2249
Version des Aktualisierungspakets: 1.0.80174
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.3930)
CPU: x64
Dateisystem: NTFS
Benutzer: nils-pc\nils
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 371630
Erkannte Bedrohungen: 4
In die Quarantäne verschobene Bedrohungen: 4
Abgelaufene Zeit: 2 Min., 50 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 4
PUP.Optional.ChipDe, C:\USERS\NILS\DOWNLOADS\STRESSMYPC - CHIP INSTALLER _VNXOP.EXE, In Quarantäne, 6551, 562568, 1.0.80174, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B
MachineLearning/Anomalous.96%, C:\$RECYCLE.BIN\S-1-5-21-3449150419-271838051-1508037707-1002\$RCQDA1A.lnk, In Quarantäne, 0, 392687, , , , , AE5DC5E021BDC75DB39D0793F6B39BB2, DA45BCE0AAB453A263757F5B61817620ADA69633B508D8660E8874A3DD23D51C
MachineLearning/Anomalous.96%, C:\$RECYCLE.BIN\S-1-5-21-3449150419-271838051-1508037707-1002\$RIVHXD6.lnk, In Quarantäne, 0, 392687, , , , , 56BA3466AB7F72A4E07007BA073299CA, BC2750319BFAA76921903CEBA6EC2072BECD5BC3070AF915F0E1A168ABFD100F
MachineLearning/Anomalous.96%, C:\PROGRAM FILES (X86)\STEAM CUSTOMIZER\SKININSTALLER.EXE, In Quarantäne, 0, 392687, 1.0.80174, , shuriken, , C29437F672097B046A8F5EDFC37BDD46, A37303CE5E48398F9F59BC0C0B77A5CCD8EEA1438ACC7CEEF9460FF871EC1E78
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
28.01.2024, 13:12
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Verdacht auf Crypto-Miner Bitte meine Anleitung richtig lesen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.01.2024, 13:29
| #9 |
| | Windows 10: Verdacht auf Crypto-Miner Sorry da war ich wohl unaufmerksam zu der späten Stunde... Es wurde ein Ordner erkannt welcher schonmal fälschlicherweise als Bedrohung erkannt wurde. Das in Quarantäne ziehen hat mir sämtliche Bilddateien unützlich gemacht. Ich nutze diesen aktuell nicht habe ihn also auf eine SD Karte gezogen und den Scan erneut durchgeführt. Hier der erneute Scan: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-28-2024
# Duration: 00:00:05
# OS: Windows 10 (Build 19045.3930)
# Scanned: 32095
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1534 octets] - [26/06/2023 23:45:51]
AdwCleaner[C00].txt - [1715 octets] - [26/06/2023 23:47:33]
AdwCleaner[S01].txt - [1542 octets] - [26/06/2023 23:47:54]
AdwCleaner[S02].txt - [1633 octets] - [28/01/2024 13:16:28]
AdwCleaner[S03].txt - [1414 octets] - [28/01/2024 13:17:21]
AdwCleaner[S04].txt - [1755 octets] - [28/01/2024 13:22:23]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########
|
|
28.01.2024, 13:38
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Verdacht auf Crypto-MinerZitat:
Wenn irgendeine Programmdatei erkannt und gelöscht wird, hat das keine Auswirkungen auf andere Dateien. Oder soll sich deren Inhalt dann auch plötzlich/schlagartig ändern 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.01.2024, 13:45
| #11 |
| | Windows 10: Verdacht auf Crypto-Miner Ein Ordner mit manuell angelegten Save files in Form von .txt und sehr vielen PNGs. Dieser wurde als PUP erkannt. Das in Quarantäne verschieben hat die Dateiendungen verschlüsselt. Ich wusste bis gerade eben nicht dass man diese Dateien einfach wiederherstellen kann. Der Ordner ist jetzt gerade nicht mehr auf dem System. Soll ich diesen wieder ins System nehmen und einen erneuten Scan durchführen und diesen in Quarantäne verschieben? |
|
28.01.2024, 14:06
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Verdacht auf Crypto-Miner Ich weiß immer noch nicht won welchem Ordner du sprichst. Kannst du die Stelle im Log nicht einfach mal zitieren?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.01.2024, 14:11
| #13 |
| | Windows 10: Verdacht auf Crypto-Miner Ich hatte den Ordner vom System genommen und konnte dann erst den Scan abschließen da ich diesen nicht in Quarantäne nehmen wollte. Wenn man den Haken rausnimmt bei den Dateien die erkannt wurden kann man den Scan nicht vollständig abschließen sondern nur abbrechen. Es wird wie ich gerade gesehen habe trotzdem ein Log erstellt. Das ist der Log in dem der Ordner noch drauf war: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-28-2024
# Duration: 00:00:08
# OS: Windows 10 (Build 19045.3930)
# Scanned: 32082
# Detected: 1
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Legacy C:\Users\nils\Desktop\SFK
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1534 octets] - [26/06/2023 23:45:51]
AdwCleaner[C00].txt - [1715 octets] - [26/06/2023 23:47:33]
AdwCleaner[S01].txt - [1542 octets] - [26/06/2023 23:47:54]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
|
|
28.01.2024, 14:57
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Verdacht auf Crypto-Miner Dann bitte jetzt neue FRS-Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.01.2024, 15:03
| #15 |
| | Windows 10: Verdacht auf Crypto-Miner FRST: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2024 01
durchgeführt von nils (Administrator) auf NILS-PC (28-01-2024 14:58:08)
Gestartet von C:\Users\nils\Desktop\FRST\FRST64.exe
Geladene Profile: nils
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Sprache: Englisch (Vereinigtes Königreich) -> Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(8AB18DA5-65D5-493C-BD78-9F4467A7CDE8 -> Chris Andriessen) C:\Program Files\WindowsApps\40210ChrisAndriessen.FalconX_1.7.8.0_x64__y1dazs5f5wq00\Release\TaskbarX.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdLauncher.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdHelper.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdLauncher.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdHelper.x64.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdLauncher.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.241.0.10\OverwolfBrowser.exe <4>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\nils\AppData\Local\Overwolf\ProcessCache\0.241.0.10\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NvVirtualCamera\NVIDIA Broadcast.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(explorer.exe ->) (E3B4A0F6-E459-414C-8DFB-ABEAB07C9242 -> Microsoft Corporation) C:\Program Files\WindowsApps\32669SamG.ModernFlyouts_0.9.3.0_x64__pcy8vm99wrpcg\ModernFlyoutsHost.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (EPOS Group A/S -> ) C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuite.exe
(explorer.exe ->) (Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Skutta, Kristjan -> ) D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(G.SKILL International Enterprise Co., Ltd. -> G.SKILL Inc.) C:\Program Files (x86)\G.SKILL\Trident Z Lighting Control\hid.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(InnoVISION Multimedia Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\INNO3D TuneIT\Inno3D.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Reason Cybersecurity Inc. -> Reason Cybersecurity Ltd.) C:\Program Files\ReasonLabs\Common\Client\v1.2.0\rsAppUI.exe <9>
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.28\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (EPOS Group A/S -> ) C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuiteService
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\DNS\rsDNSClientSvc.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\DNS\rsDNSResolver.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\DNS\rsDNSSvc.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\VPN\rsVPNClientSvc.exe
(services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\VPN\rsVPNSvc.exe
(services.exe ->) (Scarlet.Crush Productions) [Datei ist nicht signiert] C:\Program Files\WiinUSoft\SCP_Driver\ScpService.exe
(services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\iked.exe
(services.exe ->) (Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2311.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2312.7.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071232 2022-08-03] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-12-24] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-12-24] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Spectrum] => C:\Program Files (x86)\G.SKILL\Trident Z Lighting Control\HID.exe [1753104 2020-05-25] (G.SKILL International Enterprise Co., Ltd. -> G.SKILL Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62636856 2020-11-13] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [Inno3D] => C:\Program Files (x86)\INNO3D TuneIT\Inno3D.exe [24387584 2020-09-28] (InnoVISION Multimedia Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410728 2021-12-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3449150419-271838051-1508037707-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE [283232 2012-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37188048 2024-01-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [Chromium] => "c:\users\nils\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session (Keine Datei)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [DiscordPTB] => C:\Users\nils\AppData\Local\DiscordPTB\app-0.0.55\DiscordPTB.exe (Keine Datei)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2024-01-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [45968128 2023-12-11] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [WallpaperEngine] => D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3223136 2023-10-28] (Skutta, Kristjan -> )
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [Opera GX Browser Assistant] => C:\Users\nils\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70912472 2023-11-02] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [MicrosoftEdgeAutoLaunch_1850AB30EF24BC4C113B74D75C151A3B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {0f23f2bb-2cd9-11ec-bd9e-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {3459cdf0-13ae-11ec-bd9b-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {6f4676a2-b040-11ec-bdc3-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {812634e0-904f-11ee-be35-0492265d3edd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {8c5ee76f-9f6e-11eb-bd72-0492265d3edd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {91727cc2-da62-11ea-bcee-0492265d3edd} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {91776608-48b0-11ec-bdac-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {91776673-48b0-11ec-bdac-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {d80afba4-6f01-11eb-bd49-0492265d3edd} - "E:\OnePlus_setup.exe" /s
HKLM\...\Windows x64\Print Processors\OKX055PP: C:\Windows\System32\spool\prtprocs\x64\OKX055PP.DLL [52224 2015-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\EPSON WF-3540 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMJHE.DLL [120320 2011-04-19] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558080 2011-08-30] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Oki Language Monitor v2 x64: C:\WINDOWS\system32\OPPFLM64.DLL [24064 2011-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
Startup: C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2024-01-21]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2021-02-26]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EPOS Gaming Suite.lnk [2022-06-26]
ShortcutTarget: EPOS Gaming Suite.lnk -> C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuite.exe (EPOS Group A/S -> )
BootExecute: autocheck autochk /k:C *
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {D7486F2D-BB18-4E28-B718-83CF6A9FB91F} - System32\Tasks\{B557B444-21B0-41FD-B838-14D7E070A414} => c:\windows\system32\launchwinapp.exe [45056 2023-12-15] (Microsoft Windows -> Microsoft Corporation) -> hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.6.0.106&LastError=404
Task: {66CB8C64-C47E-4DE8-BC72-AE4F1B10190B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {5E1CF42E-038C-41ED-9D10-57ADDC87DFDA} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [274912 2022-11-17] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {1CFF092D-CB8C-4697-A22E-C65E98842FAC} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3449150419-271838051-1508037707-1002Core => C:\Users\nils\AppData\Local\BraveSoftware\Update\BraveUpdate.exe /c (Keine Datei)
Task: {AF840AC3-BAA2-43A2-9FF4-E39C018BA346} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3449150419-271838051-1508037707-1002UA => C:\Users\nils\AppData\Local\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler (Keine Datei)
Task: {708BEC20-0B26-4F36-9C8B-B3DDB92FF7D8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5550856 2023-12-15] (Microsoft Windows -> Microsoft Corporation)
Task: {BC9D7D8A-7218-4CE4-B16D-FC573B007C44} - System32\Tasks\G2MUpdateTask-S-1-5-21-3449150419-271838051-1508037707-1002 => C:\Users\nils\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-06-03] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3C1DF0BC-B120-4C7D-BFA4-9CBFFAD5E8C0} - System32\Tasks\G2MUploadTask-S-1-5-21-3449150419-271838051-1508037707-1002 => C:\Users\nils\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-06-03] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3F10FFE7-CD67-47C7-BEB9-39F2B2A7922A} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [374560 2024-01-21] (Google LLC -> Google LLC)
Task: {A448EED5-27DE-4BDF-837A-18BA2E930140} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-16] (Google Inc -> Google Inc.)
Task: {BDDB2636-5C15-45B7-A849-41EBC891643A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-16] (Google Inc -> Google Inc.)
Task: {7478992B-7BB6-4BF1-A873-5E111E4C328B} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
Task: {21AD196C-E033-4A17-8AB0-51729310AFC0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
Task: {49B6BC26-85D9-47CD-8037-109C0AE32EE9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {D839F23C-264C-4673-8665-4F23FC4CC946} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {96E7643A-2254-4E65-9A40-2B59FC121F71} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0CFFBD7-9683-4F02-BFA9-01A676277A0D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {B99D3737-ED33-4665-8831-79729A69FDDD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {93F0030F-A0C7-48BB-B3D1-0DE1004E37F8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6DF74F4-D54E-4883-A347-2F418CC5BAD0} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4434864 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AFBADC6-5A92-4AD1-B4C6-825820AA6735} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [555616 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {456D73CF-2E82-4BAA-A299-5F55636C433C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {446B1B51-DBBF-4E6C-B75D-F99B4B01EE32} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9FAD07E-94BF-48A0-AB30-A07D6B8519AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7083C3CB-997A-4003-8627-EC98C79F90D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {16EB5C68-D80E-47A9-BCB6-A06F1C9834CC} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s (Keine Datei)
Task: {700349FD-F55C-49D0-8B21-D1D2965DC750} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [11015736 2023-01-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A684AB9-58B5-481B-A436-DCF2799002A6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {562E738A-A66D-4DC9-8D30-F06EC41365B6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87F4B5C8-F4FE-414B-8C94-0A7EDFEE4C3B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC0B4066-A6CA-47F9-B151-B1A25FD39424} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {960BA1CB-F1AC-4355-B521-4B640B482382} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF4BCE4B-6250-4574-A021-BCECB687CC23} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F651FF1F-17B8-4D55-8BE0-F55CF23F0E36} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A0CD196A-45F3-462C-BCC1-62C4B5885FBD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F599F333-9F30-4F81-9316-26E5FB894AEB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBFD160A-267A-4AC3-B7F9-BCE4026B204F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3449150419-271838051-1508037707-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Keine Datei)
Task: {CD2D41E1-ACCC-4E1B-8AEA-8A21AC5C3BA3} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1614869362 => C:\Users\nils\AppData\Local\Programs\Opera GX\launcher.exe [2294176 2024-01-24] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\nils\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {3A4136F1-CC37-445D-9CE3-43BC4BE89F22} - System32\Tasks\Opera GX scheduled Autoupdate 1593451427 => C:\Users\nils\AppData\Local\Programs\Opera GX\launcher.exe [2294176 2024-01-24] (Opera Norway AS -> Opera Software)
Task: {9755D7FA-2C11-4258-B363-6A045E7D0494} - System32\Tasks\Opera scheduled Autoupdate 1555368081 => C:\Users\nils\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei)
Task: {CC90B01F-54A3-4F48-9A32-4D63DFA4B7B8} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
Task: {46C4D8B0-EF42-4BC5-A2B4-528E8E091BBE} - System32\Tasks\TaskbarX NILS-PCnils => C:\WINDOWS\explorer.exe [5550856 2023-12-15] (Microsoft Windows -> Microsoft Corporation)
Task: {247335EE-A7B9-443A-B7C4-14AD5DACB27E} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [170496 2023-10-13] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3449150419-271838051-1508037707-1002.job => C:\Users\nils\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3449150419-271838051-1508037707-1002.job => C:\Users\nils\AppData\Local\GoToMeeting\19950\g2mupload.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.101
Tcpip\..\Interfaces\{49065b68-8f61-403d-b9dc-f5281de063c8}: [DhcpNameServer] 192.168.178.101
Tcpip\..\Interfaces\{49065b68-8f61-403d-b9dc-f5281de063c8}: [DhcpDomain] local.schu.xyz
Tcpip\..\Interfaces\{6101516c-66f7-4516-8d27-037ec68a3a21}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{6101516c-66f7-4516-8d27-037ec68a3a21}: [DhcpNameServer] 192.168.178.100
Tcpip\..\Interfaces\{d9113418-f92d-4645-ad90-4606c382b8c7}: [NameServer] 141.100.54.53
Edge:
=======
Edge Profile: C:\Users\nils\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-28]
Edge Notifications: Default -> hxxps://web.snapchat.com
Edge Extension: (Google Docs Offline) - C:\Users\nils\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-25]
Edge Extension: (Edge relevant text changes) - C:\Users\nils\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
FireFox:
========
FF DefaultProfile: ncucdlz8.default-1584820434065
FF ProfilePath: C:\Users\nils\AppData\Roaming\Mozilla\Firefox\Profiles\ncucdlz8.default-1584820434065 [2021-03-25]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default [2024-01-21]
CHR Notifications: Default -> hxxps://www.netflix.com
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-21]
CHR Extension: (Metastream Remote) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakegmdomhmegokfomgmkbopjibonfcp [2023-12-19]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-01-21]
CHR Extension: (Bardeen - automatisiere manuelle Arbeit) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihhkmalpkhkoedlmcnilbbhhbhnicjga [2023-12-19]
CHR Extension: (Unpaywall) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplffkdpngmdjhlpjmppncnlhomiipha [2022-07-17]
CHR Extension: (Online Security) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2024-01-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-15]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2024-01-21]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKU\S-1-5-21-3449150419-271838051-1508037707-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKU\S-1-5-21-3449150419-271838051-1508037707-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
Opera:
=======
OPR Profile: C:\Users\nils\AppData\Roaming\Opera Software\Opera Stable [2021-02-18]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.de/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
StartMenuInternet: (HKU\S-1-5-21-3449150419-271838051-1508037707-1002) Opera GXStable - "C:\Users\nils\AppData\Local\Programs\Opera GX\Launcher.exe"
Brave:
=======
BRA Profile: C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-02-18]
BRA Extension: (Brave Tracking Protection Updater) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-01-19]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-01-19]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-01-19]
BRA Extension: (Brave Ad Block Updater (DEU: EasyList Germany)) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\jmomcjcilfpbaaklkifaijjcnancamde [2019-01-19]
BRA Extension: (PDF Viewer) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-01-19]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-01-19]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2688544 2022-07-06] (PUBG CORPORATION -> )
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe [419264 2019-01-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe [975832 2019-01-19] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2019-01-19] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.28\AsusFanControlService.exe [1919280 2019-01-19] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [Datei ist nicht signiert]
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9880840 2022-12-08] (BattlEye Innovations e.K. -> )
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [422504 2021-12-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [81512 2021-12-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 Ds3Service; C:\Program Files\WiinUSoft\SCP_Driver\ScpService.exe [381952 2017-08-12] (Scarlet.Crush Productions) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2022-06-08] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-09-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2128360 2022-09-22] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-09-22] (GOG Sp. z o.o. -> GOG.com)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] (Shrew Soft Inc -> )
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] (Shrew Soft Inc -> )
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10759936 2023-12-11] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-28] (Malwarebytes Inc. -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [30057640 2023-05-19] (My.Com B.V. -> My.com B.V.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-01-19] (NVIDIA Corporation -> NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2199024 2023-05-18] (Rockstar Games, Inc. -> Rockstar Games)
R2 rsDNSClientSvc; C:\Program Files\ReasonLabs\DNS\rsDNSClientSvc.exe [638832 2023-06-25] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsDNSResolver; C:\Program Files\ReasonLabs\DNS\rsDNSResolver.exe [11330416 2023-06-25] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsDNSSvc; C:\Program Files\ReasonLabs\DNS\rsDNSSvc.exe [214384 2023-06-25] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsVPNClientSvc; C:\Program Files\ReasonLabs\VPN\rsVPNClientSvc.exe [666624 2023-11-02] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
R2 rsVPNSvc; C:\Program Files\ReasonLabs\VPN\rsVPNSvc.exe [226816 2023-11-02] (Reason Cybersecurity Inc. -> Reason Software Company Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5084200 2024-01-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10476264 2022-08-03] () [Datei ist nicht signiert]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [12355424 2024-01-10] (KRAFTON, Inc. -> KRAFTON, Inc)
R2 EPOSGamingSuiteService; "C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuiteService" /start EPOSGamingSuiteService [X]
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [2178912 2022-09-06] (PUBG CORPORATION -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\WINDOWS\system32\drivers\ACE-GAME.sys [914760 2022-09-06] (PUBG CORPORATION -> ANTICHEATEXPERT.COM)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2019-01-19] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2019-01-19] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33504 2019-01-01] (ASUSTeK Computer Inc. -> )
R1 avm_nwim; C:\WINDOWS\system32\DRIVERS\avmnwim.sys [396088 2017-03-17] (WDKTestCert shuebner,130916460956458304 -> AVM)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-11-17] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-09-15] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R2 CmUpx; C:\WINDOWS\system32\drivers\CmUpx.sys [30184 2021-06-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2024-01-27] (CPUID S.A.R.L.U. -> CPUID) <==== ACHTUNG
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 EPOSAudio; C:\WINDOWS\System32\drivers\eposaudio.sys [95272 2022-05-20] (EPOS Group A/S -> EPOS Group A/S)
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
S1 googlehaxm; C:\WINDOWS\system32\drivers\GoogleHaxm.sys [200232 2023-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 logi_audio_surround; C:\WINDOWS\system32\drivers\logi_audio_surround.sys [43856 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-25] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-25] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-25] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-01-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-28] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKslf8a9b46c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E996DC4D-6BAD-4C86-93CF-F47005946634}\MpKslDrv.sys [263560 2024-01-28] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [29287768 2023-05-19] (My.Com B.V. -> My.com B.V.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 rawaccel; C:\WINDOWS\system32\drivers\rawaccel.sys [50176 2021-09-24] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 rsDwf; C:\WINDOWS\system32\DRIVERS\rsDwf.sys [54144 2023-06-25] (Reason CyberSecurity Inc. -> Reason CyberSecurity Inc.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2017-08-12] (Bruce James -> Scarlet.Crush Productions)
S3 SennComUSB; C:\WINDOWS\System32\drivers\SennComUSB.sys [61928 2020-11-17] (Sennheiser Communications A/S -> Sennheiser Communications A/S)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2020-09-15] (Microsoft Corporation) [Datei ist nicht signiert]
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R1 vflt; C:\WINDOWS\system32\DRIVERS\vfilter.sys [24064 2013-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8752264 2022-08-03] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vnet; C:\WINDOWS\System32\drivers\virtualnet.sys [17408 2013-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [215864 2024-01-18] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 ALSysIO; \??\C:\Users\nils\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X] <==== ACHTUNG
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-28 13:21 - 2024-01-28 13:21 - 008791352 _____ (Malwarebytes) C:\Users\nils\Downloads\adwcleaner(1).exe
2024-01-28 13:15 - 2024-01-28 13:15 - 008791352 _____ (Malwarebytes) C:\Users\nils\Downloads\adwcleaner.exe
2024-01-28 01:34 - 2024-01-28 13:18 - 000000000 ____D C:\Users\nils\AppData\Local\Malwarebytes
2024-01-28 01:34 - 2024-01-28 01:34 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-28 01:34 - 2024-01-28 01:34 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-01-28 01:33 - 2024-01-28 01:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-28 01:33 - 2024-01-28 01:33 - 000000000 ____D C:\Program Files\Malwarebytes
2024-01-28 01:32 - 2024-01-28 01:32 - 002582384 _____ (Malwarebytes) C:\Users\nils\Desktop\MBSetup.exe
2024-01-27 15:42 - 2024-01-27 15:42 - 000000000 ___DC C:\Users\nils\AppData\LocalLow\NVIDIA
2024-01-27 15:42 - 2024-01-27 15:42 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-01-27 15:39 - 2024-01-19 00:25 - 002095360 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-01-27 15:39 - 2024-01-19 00:25 - 002095360 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-01-27 15:39 - 2024-01-19 00:25 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-01-27 15:39 - 2024-01-19 00:25 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-01-27 15:39 - 2024-01-19 00:25 - 001487376 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-01-27 15:39 - 2024-01-19 00:25 - 001434480 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-01-27 15:39 - 2024-01-19 00:25 - 001434480 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-01-27 15:39 - 2024-01-19 00:25 - 001278720 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-01-27 15:39 - 2024-01-19 00:25 - 001278720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-01-27 15:39 - 2024-01-19 00:25 - 001226872 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-01-27 15:39 - 2024-01-19 00:22 - 001040400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-01-27 15:39 - 2024-01-19 00:22 - 000670240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-01-27 15:39 - 2024-01-19 00:22 - 000505992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-01-27 15:39 - 2024-01-19 00:21 - 002173984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-01-27 15:39 - 2024-01-19 00:21 - 001625632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-01-27 15:39 - 2024-01-19 00:21 - 001542280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-01-27 15:39 - 2024-01-19 00:21 - 001199112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-01-27 15:39 - 2024-01-19 00:21 - 000841848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-01-27 15:39 - 2024-01-19 00:20 - 016032888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-01-27 15:39 - 2024-01-19 00:20 - 012928120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-01-27 15:39 - 2024-01-19 00:20 - 006780960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-01-27 15:39 - 2024-01-19 00:20 - 001023608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-01-27 15:39 - 2024-01-19 00:20 - 000787064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-01-27 15:39 - 2024-01-19 00:20 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-01-27 15:39 - 2024-01-19 00:19 - 005907464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-01-27 15:39 - 2024-01-19 00:19 - 005772816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-01-27 15:39 - 2024-01-19 00:18 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-01-27 15:39 - 2024-01-18 12:32 - 000120271 _____ C:\WINDOWS\system32\nvinfo.pb
2024-01-27 13:39 - 2024-01-28 14:58 - 000000000 ____D C:\FRST
2024-01-27 13:38 - 2024-01-28 14:57 - 000000000 ___DC C:\Users\nils\Desktop\FRST
2024-01-22 21:30 - 2024-01-22 21:30 - 034463940 ____C C:\Users\nils\Desktop\0122.mp4
2024-01-22 21:17 - 2024-01-22 21:18 - 072533264 ____C C:\Users\nils\Desktop\HONDA.mp4
2024-01-22 20:14 - 2024-01-22 20:14 - 000000000 ____D C:\Users\nils\AppData\Local\VEDetector
2024-01-22 20:14 - 2024-01-22 20:14 - 000000000 ____D C:\Users\nils\AppData\Local\Bytedance
2024-01-22 20:07 - 2024-01-22 20:12 - 000000000 ____D C:\Users\nils\.openshot_qt
2024-01-22 20:03 - 2024-01-22 21:17 - 000000000 ____D C:\Users\nils\AppData\Local\CapCut
2024-01-22 20:03 - 2024-01-22 20:03 - 000001356 ____C C:\Users\nils\Desktop\CapCut.lnk
2024-01-22 20:03 - 2024-01-22 20:03 - 000000000 ___DC C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CapCut
2024-01-22 19:48 - 2024-01-27 15:58 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2024-01-22 00:02 - 2024-01-22 00:02 - 000000207 ____C C:\Users\nils\Desktop\Urlaubanfrage.txt
2024-01-21 18:16 - 2024-01-21 18:16 - 000002359 ____C C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2024-01-21 13:47 - 2024-01-21 13:47 - 000003868 _____ C:\WINDOWS\system32\Tasks\Google Play Games Notifier
2024-01-21 13:47 - 2024-01-21 13:47 - 000001091 _____ C:\Users\Public\Desktop\Google Play Games beta.lnk
2024-01-21 13:47 - 2024-01-21 13:47 - 000000000 ____D C:\Users\nils\AppData\Local\ToastNotificationManagerCompat
2024-01-21 13:47 - 2024-01-21 13:47 - 000000000 ____D C:\Users\nils\AppData\Local\HPE
2024-01-21 13:47 - 2024-01-21 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Play Games
2024-01-21 13:46 - 2024-01-21 13:46 - 000000000 ____D C:\ProgramData\Google
2024-01-21 13:46 - 2024-01-21 13:46 - 000000000 ____D C:\Program Files\Google
2024-01-21 13:44 - 2024-01-21 13:44 - 010908744 _____ (Google LLC) C:\Users\nils\Downloads\Install-Frost & Flame_ King of Avalon-GooglePlayGames-Beta.exe
2024-01-12 20:17 - 2024-01-12 20:17 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-11 20:47 - 2024-01-11 20:48 - 000000000 ___HD C:\$WinREAgent
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-28 14:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-28 14:32 - 2021-12-18 01:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-28 14:32 - 2019-02-16 23:11 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-28 13:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-28 12:42 - 2020-09-15 07:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-28 12:41 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-01-28 12:40 - 2018-06-28 22:51 - 000000000 ___DC C:\Users\nils\AppData\Local\D3DSCache
2024-01-28 12:25 - 2017-11-02 01:23 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-28 10:11 - 2021-02-18 21:01 - 000000000 ____D C:\Users\nils\AppData\Local\LGHUB
2024-01-28 10:11 - 2019-10-27 12:42 - 000000000 ____D C:\Users\nils\AppData\Local\Overwolf
2024-01-28 01:38 - 2021-02-26 02:32 - 000000000 ____D C:\Program Files (x86)\Steam Customizer
2024-01-28 01:34 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-28 01:01 - 2021-02-01 18:39 - 000000128 _____ C:\Users\nils\AppData\Roaming\winscp.rnd
2024-01-27 20:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-27 16:02 - 2020-09-15 07:57 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-27 16:02 - 2020-09-15 00:13 - 000741554 _____ C:\WINDOWS\system32\perfh007.dat
2024-01-27 16:02 - 2020-09-15 00:13 - 000149804 _____ C:\WINDOWS\system32\perfc007.dat
2024-01-27 15:58 - 2020-09-15 07:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-27 15:58 - 2020-09-15 07:52 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-27 15:58 - 2019-01-22 14:43 - 000000000 ____D C:\Intel
2024-01-27 15:57 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-01-27 15:42 - 2018-07-29 11:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-01-27 15:42 - 2018-06-28 13:09 - 000000000 ___DC C:\Users\nils\AppData\Local\CrashDumps
2024-01-27 15:42 - 2018-06-27 20:26 - 000000000 ___DC C:\Users\nils\AppData\Local\NVIDIA
2024-01-27 15:37 - 2020-12-02 22:11 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2020-12-02 22:11 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2020-12-02 22:11 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2020-12-02 22:11 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2020-12-02 22:11 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2020-12-02 22:11 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2020-12-02 22:11 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2017-11-02 01:23 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-01-27 15:37 - 2017-11-02 01:23 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-01-27 15:37 - 2017-11-02 01:23 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-01-27 15:36 - 2020-12-02 22:11 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:36 - 2020-12-02 22:11 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-25 17:23 - 2022-07-15 20:40 - 000001431 ____C C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2024-01-25 17:23 - 2020-09-15 07:58 - 000004184 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1593451427
2024-01-23 22:16 - 2023-09-01 16:52 - 000000000 ____D C:\Users\nils\AppData\Roaming\EasyAntiCheat
2024-01-22 22:55 - 2018-06-27 19:54 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-22 20:07 - 2020-09-15 00:33 - 000000000 ____D C:\Users\nils
2024-01-22 20:06 - 2018-06-29 12:14 - 000000000 ____D C:\ProgramData\Packages
2024-01-22 20:06 - 2018-06-27 19:45 - 000000000 ___DC C:\Users\nils\AppData\Local\Packages
2024-01-22 20:04 - 2023-09-15 18:31 - 000263672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll
2024-01-22 20:04 - 2022-10-22 10:51 - 000095736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-01-22 20:04 - 2022-10-22 10:51 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-01-22 20:04 - 2021-11-19 17:01 - 000194040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-01-22 20:04 - 2021-11-07 13:13 - 002754152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-01-22 20:04 - 2021-11-07 13:13 - 000644600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-01-22 20:04 - 2021-11-07 13:13 - 000214632 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-01-22 20:04 - 2021-11-07 13:13 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-01-22 19:45 - 2018-06-29 15:41 - 000000000 ___DC C:\Users\nils\AppData\Local\PlaceholderTileLogoFolder
2024-01-22 17:56 - 2020-10-12 22:07 - 000000000 ____D C:\Users\nils\AppData\Roaming\discord
2024-01-22 17:39 - 2020-11-13 19:22 - 000000000 ____D C:\Users\nils\AppData\Local\Discord
2024-01-22 15:31 - 2022-11-28 18:37 - 000000000 ____D C:\Users\nils\AppData\Roaming\Microsoft\Teams
2024-01-21 13:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-21 13:44 - 2019-02-16 23:11 - 000000000 ____D C:\Users\nils\AppData\Local\Google
2024-01-21 11:20 - 2023-04-19 17:09 - 000000000 ___DC C:\Users\nils\Desktop\Berufsschule
2024-01-19 21:27 - 2020-09-15 07:58 - 000003926 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2024-01-19 21:27 - 2020-09-15 07:58 - 000003802 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2024-01-19 00:20 - 2020-11-10 13:58 - 003721224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-01-19 00:18 - 2021-04-24 20:29 - 006030584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-01-19 00:18 - 2020-11-10 13:58 - 006942920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-01-18 21:35 - 2020-12-03 16:58 - 000000000 ____D C:\Program Files\Common Files\PUBG
2024-01-18 21:27 - 2021-01-30 01:27 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-01-18 20:01 - 2019-03-20 22:38 - 000215864 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2024-01-16 21:51 - 2021-02-26 02:16 - 000000000 ___DC C:\Users\nils\Desktop\Nintendo
2024-01-14 21:10 - 2018-06-27 19:55 - 000000000 ___DC C:\Users\nils\AppData\Local\Steam
2024-01-13 13:26 - 2023-12-12 01:51 - 000000301 ____C C:\Users\nils\Desktop\Urlaubstage.txt
2024-01-12 21:05 - 2022-08-06 02:37 - 000000000 ____D C:\Users\nils\AppData\Roaming\Vampire_Survivors_377440891
2024-01-12 20:17 - 2019-06-21 23:19 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-12 15:20 - 2019-07-06 12:04 - 000000000 ____D C:\Users\nils\AppData\Roaming\Microsoft\Word
2024-01-12 15:13 - 2019-08-26 13:03 - 000000000 ____D C:\Users\nils\AppData\Roaming\Microsoft\Excel
2024-01-12 14:22 - 2018-06-27 19:45 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-11 20:55 - 2020-09-15 07:53 - 000647176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-11 20:46 - 2018-06-27 20:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-11 20:44 - 2018-06-27 20:26 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-08 19:17 - 2023-08-31 21:24 - 000000000 ____D C:\Users\nils\AppData\Roaming\G HUB
2024-01-08 19:16 - 2021-02-18 21:01 - 000000000 ____D C:\Users\nils\AppData\Roaming\LGHUB
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-11-12 10:58 - 2021-11-12 10:58 - 115176112 _____ (GitHub, Inc.) C:\Users\nils\GitHubDesktopSetup-x64.exe
2021-11-11 13:53 - 2021-11-11 13:53 - 032151603 _____ (gnuplot development team ) C:\Users\nils\gp542-win64-mingw.exe
2021-11-12 10:52 - 2021-11-12 10:52 - 025387808 _____ (Atlassian) C:\Users\nils\SourceTreeSetup-3.4.6.exe
2020-10-11 02:54 - 2020-10-11 03:01 - 003228672 _____ () C:\Users\nils\AppData\Roaming\ScriptHookV.dll
2021-02-16 12:59 - 2021-02-18 15:53 - 000000578 _____ () C:\Users\nils\AppData\Roaming\WiinUSoft_prefs.config
2021-02-01 18:39 - 2024-01-28 01:01 - 000000128 _____ () C:\Users\nils\AppData\Roaming\winscp.rnd
2022-05-06 17:54 - 2022-05-06 17:54 - 000002923 _____ () C:\Users\nils\AppData\Local\recently-used.xbel
2019-02-19 20:35 - 2023-10-12 23:53 - 000007607 _____ () C:\Users\nils\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
| Themen zu Windows 10: Verdacht auf Crypto-Miner |
| 100%, administrator, avast, computer, crypto-miner, desktop, error, fehlermeldung, google, internet, maus, mozilla, nvidia, performance, programm, prozesse, realtek, registry, scan, services.exe, software, svchost.exe, system, taskmanager, temp, windows |
Linear-Darstellung
