Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Angst vor Trojaner nach Nutzung von OP Autoclicker (https://www.trojaner-board.de/220675-angst-trojaner-nutzung-op-autoclicker.html)

Shnoxxer 23.04.2026 00:51
Angst vor Trojaner nach Nutzung von OP Autoclicker
 
Hallo zusammen,

ich hatte den OP Autoclicker heruntergelagen und genutzt. Etwas später las ich dann im Netz, dass der wohl einen Trojaner beinhalten soll. Das Programm ist gelöscht, aber das ungute Gefühl bleibt.

Könnt ihr mir bitte helfen mein System wieder sauber zu kriegen?

LG Simon

FRST.txt:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-04-2026
durchgeführt von shnox (Administrator) auf PC-MON (Gigabyte Technology Co., Ltd. B560M DS3H V2) (23-04-2026 01:39:42)
Gestartet von C:\Users\shnox\Desktop\Trojaner Board\FRST64.exe
Geladene Profile: shnox
Plattform: Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSATray.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe <8>
(C:\Program Files\Google\Drive File Stream\123.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\123.0.1.0\crashpad_handler.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Black Tree Gaming Ltd -> Black Tree Gaming Ltd.) C:\Program Files\Black Tree Gaming Ltd\Vortex\Vortex.exe <6>
(explorer.exe ->) (Google LLC -> Google LLC.) C:\Program Files\Google\Drive File Stream\123.0.1.0\GoogleDriveFS.exe <2>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
(explorer.exe ->) (pCloud International AG -> ) C:\Program Files\pCloud Drive\pCloud.exe
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(services.exe ->) (Geek Software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> NordVPN) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e980fd2c7c4fce8e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe <2>
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files\Microvirt\MEmu\MemuService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2603.1001.18.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.248.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\shnox\AppData\Local\Microsoft\OneDrive\26.055.0323.0004_1\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe [1231864 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3255136 2025-11-02] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3138560 2023-01-11] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [678624 2026-01-22] (Geek Software GmbH -> geek software GmbH)
HKLM\...\Run: [PrnStatusMX] => C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe [1240064 2012-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
HKLM-x32\...\Run: [Avira Security startup helper] => "C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe" DelayedStartup (Keine Datei)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\123.0.1.0\GoogleDriveFS.exe [77137048 2026-04-01] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\123.0.1.0\GoogleDriveFS.exe [77137048 2026-04-01] (Google LLC -> Google LLC.)
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\123.0.1.0\GoogleDriveFS.exe [77137048 2026-04-01] (Google LLC -> Google LLC.)
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Run: [pCloud] => C:\Program Files\pCloud Drive\pCloud.exe [390264 2025-03-19] (pCloud International AG -> )
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Run: [RazerAxon] => C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe [452296 2025-11-28] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [42086872 2026-04-12] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Run: [electron.app.Vortex] => C:\Program Files\Black Tree Gaming Ltd\Vortex\Vortex.exe [205531976 2026-03-31] (Black Tree Gaming Ltd -> Black Tree Gaming Ltd.)
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\MountPoints2: {3a117fdf-fc1a-11ef-b024-d85ed3a000af} - "K:\pushinst.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\123.0.1.0\GoogleDriveFS.exe [77137048 2026-04-01] (Google LLC -> Google LLC.)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\HP1215PrintProc: C:\Windows\System32\spool\prtprocs\x64\PPcp1215.DLL [65024 2012-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
HKLM\...\Windows x64\Print Processors\ZIMFPRINT: C:\Windows\System32\spool\prtprocs\x64\ZIMFPRNT.DLL [55808 2007-08-29] (Zenographics, Inc.) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\CP1215LM: C:\Windows\system32\CP1215LM.DLL [175104 2012-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [3101848 2026-03-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\147.0.7727.102\Installer\chrmstp.exe [7429272 2026-04-20] (Google LLC -> Google LLC)
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {A31E6EBA-D4F7-443F-B452-BDAAD6F6E6F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1612800 2026-01-23] (Adobe Inc. -> Adobe Inc.)
Task: {A5EAD545-3A12-4B0B-9BB1-80ACF7EF4780} - System32\Tasks\ArcGIS Pro Indexing (MicrosoftAccount_shnoxxer42@gmail.com) => C:\Program Files\ArcGIS\Pro\bin\ArcGISIndexingServer.exe  (Keine Datei)
Task: {75E9E871-97E1-4127-AE04-E4DFC07C8CAD} - System32\Tasks\Avira\System Speedup\SecurityTestScheduler => "C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe"  SchedulerTest (Keine Datei)
Task: {DF92EFB2-8264-4DE1-B934-F68B54D9F618} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [17280 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {89461A16-CB93-4ACD-A198-4EC03ED59A49} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [20352 2021-10-11] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {2864734E-2845-4EFE-94B4-0DC1D73D9119} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem148.0.7730.0{98B3D352-33A7-472C-BE1A-9517FEBA1D74} => C:\Program Files (x86)\Google\GoogleUpdater\148.0.7730.0\updater.exe [8459416 2026-03-12] (Google LLC -> Google LLC)
Task: {B4BD1A5A-C442-434A-8799-3DDD23D0A732} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6064360 2024-11-18] (Intel Corporation -> Intel Corporation)
Task: {8C482388-C9F6-4866-8ADD-85E8CAC96744} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6064360 2024-11-18] (Intel Corporation -> Intel Corporation)
Task: {B7DD144F-9DEB-40D6-B586-83B1F4F4644C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe  --automatic (Keine Datei)
Task: {7627A3D3-1F5A-4CD2-A847-87A668EF8BFA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23572096 2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDC66EBF-BCFE-421B-AA52-4FFA94C000F1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23572096 2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {315AE0E9-86E9-47F3-8420-D08EEE3941F1} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe  /checkin (Keine Datei)
Task: {89DE5683-71DB-4F84-9FC3-E1D73677C03F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209896 2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {82FE3E2F-C489-4E67-BC02-2849DAD44D11} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209896 2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A59D8C4-F509-4FA0-916E-82401BD00052} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3514944 2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {164CD733-3BDA-4B1E-B17D-E2757090472E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3514944 2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (Keine Datei)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {4DD33230-715D-4690-924C-969CF56F4844} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92ABAF71-A100-4547-82B7-08C0C85F3EE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6B33363F-A81D-41AE-B12B-248710BA9669} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1FCE7AF0-6F29-45C4-82D2-57AC6A6A6C3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpCmdRun.exe [1790616 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8DE45CD9-7B38-416A-B561-A265B95AA48E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {D65E61E1-CDBB-4AAB-915E-95D193AF184F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {9ED2AA81-2A64-4196-8B41-B3F9AEF5FD94} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2335600 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {8BE4A898-E5C3-45E0-AF3A-2A3FFD02745E} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\CEIP.exe [32632 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {A9E046F1-A8E3-4F2B-B314-648A54F0ECB5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {68964BEC-4B8D-4C9F-89A2-B99DCB342F29} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C355A7A0-F128-4C64-B2CF-A3113CBBD5EB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [705664 2026-04-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {1270B7E0-38D8-41FB-B6A4-B161991BA07A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1032225255-1758578694-3390115000-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [705664 2026-04-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {50081D13-7274-4F03-B172-B481952FA449} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33920 2026-04-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {1BE14154-107F-4DB4-8C0E-0058B9373CAC} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3337328 2026-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {00AF5CBE-27CC-474C-A8AE-CE0722914AD9} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [582344 2026-01-23] (Razer USA Ltd. -> Razer Inc.)
Task: {01886521-643E-4A29-8DFE-2646E8D03BF7} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\Thermald.exe [389504 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {282BC789-1668-47BC-AB92-124FFA4C5207} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\Sensord.exe [257408 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {96F15D87-F50F-4558-817D-B29C98FA4962} - System32\Tasks\Ubisoft\Ubisoft Connect Background Update => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe [17255600 2026-03-19] (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
Task: {2E8BA462-CEE9-4006-9FDF-7849FE3AB5AC} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [454656 2025-09-12] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\-Command "Start-Process -WindowStyle Hidden task.bat"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1a3e3d0f-6d10-4a6c-bcc7-aa7a858b86ea}: [DhcpNameServer] 103.86.96.100 103.86.99.100
Tcpip\..\Interfaces\{35701326-d436-4b40-bfdb-bcc1b419b8ba}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{35701326-d436-4b40-bfdb-bcc1b419b8ba}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{9053f94d-e4fa-4307-95f7-92a7bceca16f}: [DhcpNameServer] 192.168.178.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG

FireFox:
========
FF TaskBarID: 308046B0AF4A39CB -> C:\Program Files\Mozilla Firefox
FF DefaultProfile: 1j64mo91.default-release -> 308046B0AF4A39CB
FF ProfilePath: C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\u8rj7hti.default [2022-03-20]
FF ProfilePath: C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\1j64mo91.default-release [2026-04-22]
FF DownloadDir: C:\Users\shnox\Desktop
FF Session Restore: Mozilla\Firefox\Profiles\1j64mo91.default-release -> ist aktiviert.
FF Notifications: Mozilla\Firefox\Profiles\1j64mo91.default-release -> hxxps://www.lieferando.de
FF Extension: (Avira Browserschutz) - C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\1j64mo91.default-release\Extensions\abs@avira.com.xpi [2022-05-01]
FF Extension: (Google Scholar-Schaltfläche) - C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\1j64mo91.default-release\Extensions\button@scholar.google.com.xpi [2022-08-29]
FF Extension: (Enhancer for YouTube™) - C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\1j64mo91.default-release\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2026-04-22]
FF Extension: (Ghostery Werbeblocker & Datenschutz) - C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\1j64mo91.default-release\Extensions\firefox@ghostery.com.xpi [2026-04-11]
FF Extension: (New Tab) - C:\Users\shnox\AppData\Roaming\Mozilla\Firefox\Profiles\1j64mo91.default-release\Extensions\newtab@mozilla.org.xpi [2026-04-06]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2025-04-12] [ist nicht signiert]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-04-12] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\shnox\AppData\Local\Microsoft\Edge\User Data\Default [2026-03-26]
Edge DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> duckduckgo.com
Edge DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
Edge DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
Edge Extension: (Avira Safe Shopping) - C:\Users\shnox\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2026-02-05]
Edge Extension: (Ghostery Werbeblocker & Datenschutz) - C:\Users\shnox\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2026-03-26]
Edge Extension: (Google Docs Offline) - C:\Users\shnox\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-23]
Edge Extension: (Edge relevant text changes) - C:\Users\shnox\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
Edge Extension: (CKP - KeePass integration for Chrome™) - C:\Users\shnox\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lnfepbjehgokldcaljagbmchhnaaogpc [2023-07-06]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]

Chrome:
=======
CHR Profile: C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default [2026-04-13]
CHR DefaultSearchURL: Default -> hxxps://search.brave.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.brave.com
CHR DefaultSuggestURL: Default -> hxxps://search.brave.com/api/suggest?q={searchTerms}
CHR Extension: (Avira Password Manager) - C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2026-04-13]
CHR Extension: (Avira Safe Shopping) - C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2026-04-13]
CHR Extension: (Avira Browserschutz) - C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2026-04-13]
CHR Extension: (Google Docs Offline) - C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-04-13]
CHR Extension: (Anwendungs-Launcher für Drive (von Google)) - C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2026-04-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\shnox\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2026-04-13]
CHR HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [180216 2026-01-23] (Adobe Inc. -> Adobe Inc.)
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3386064 2026-03-26] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8930120 2022-03-29] (BattlEye Innovations e.K. -> )
R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2023-12-02] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9499224 2026-01-25] (Microsoft Corporation -> Microsoft Corporation)
R2 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [784584 2026-01-23] (Razer USA Ltd. -> Razer Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe [133736 2026-03-24] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe [133224 2026-03-24] (Intel Corporation -> Intel)
S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3407800 2026-04-22] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [2604472 2026-04-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443288 2026-03-26] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7656984 2026-03-26] (GOG  sp. z o.o -> GOG.com)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MpDefenderCoreService.exe [2088128 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MEmuSVC; C:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [Datei ist nicht signiert]
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2023-05-24] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [2542112 2025-04-02] (nordvpn s.a. -> NordVPN)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e980fd2c7c4fce8e\Display.NvContainer\NVDisplay.Container.exe [1702632 2026-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [83432 2026-03-26] (Microsoft Windows -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [678624 2026-01-22] (Geek Software GmbH -> geek software GmbH)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75064 2024-12-07] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189104 2024-12-07] (Even Balance, Inc. -> )
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256256 2024-10-15] (Razer USA Ltd. -> Razer Inc)
R2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [394376 2025-05-28] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300232 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1565304 2026-01-26] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [513736 2025-12-15] (Razer USA Ltd. -> Razer Inc.)
S3 UpcElevationService; C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher Core\UpcElevationService.exe [351928 2026-03-19] (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\NisSrv.exe [4480592 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26030.3011-0\MsMpEng.exe [290744 2026-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2025-04-15] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-04-15] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-04-15] (Microsoft Corporation) [Datei ist nicht signiert]
R1 cbfs20; C:\WINDOWS\System32\drivers\cbfs20.sys [457768 2022-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
S3 cpuz160; C:\ProgramData\CPUID Software\sdk\ksgTy2eohRg5OQ [44696 2026-03-30] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [30728 2022-03-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [226688 2025-12-02] (Microsoft Windows -> Microsoft Corporation)
R3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [41480 2022-03-20] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 googledrivefs31931; C:\Program Files\Google\Drive File Stream\Drivers\31931\googledrivefs31931.sys [386256 2025-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-07-19] (Intel Corporation -> Intel Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-03-27] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [144872 2026-03-26] (Microsoft Windows -> Microsoft Corporation)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2022-03-20] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NDivert; C:\Program Files\NordVPN\7.56.2.0\Drivers\NDivert.sys [197592 2025-08-13] (nordvpn s.a. -> NordVPN S.A.)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [98464 2025-08-04] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_007c; C:\WINDOWS\System32\drivers\RzDev_007c.sys [55376 2021-01-21] (Razer USA Ltd. -> Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [41120 2024-08-29] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-23] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21888 2026-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [647560 2026-04-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2026-04-13] (Microsoft Windows -> Microsoft Corporation)
R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-11-05] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys (Keine Datei) <==== ACHTUNG
S3 cpuz159; \??\C:\WINDOWS\temp\cpuz159\cpuz159_x64.sys (Keine Datei) <==== ACHTUNG

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2026-04-22 18:35 - 2026-04-22 19:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2026-04-22 15:51 - 2026-04-22 15:51 - 000745650 _____ C:\WINDOWS\system32\perfh007.dat
2026-04-22 15:51 - 2026-04-22 15:51 - 000158752 _____ C:\WINDOWS\system32\perfc007.dat
2026-04-20 19:00 - 2026-04-22 17:47 - 000000000 ____D C:\WINDOWS\CbsTemp
2026-04-13 12:42 - 2026-04-15 19:51 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2026-04-13 12:39 - 2026-04-13 12:39 - 000002274 _____ C:\Users\shnox\Desktop\Google Chrome.lnk
2026-04-11 22:17 - 2026-04-11 22:17 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2026-04-11 22:17 - 2026-04-11 22:17 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2026-04-01 20:14 - 2026-04-01 20:14 - 006418300 _____ C:\Users\shnox\Desktop\savegames.zip
2026-04-01 16:32 - 2026-04-01 16:32 - 000001596 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2026-04-01 16:11 - 2026-04-01 16:11 - 000000000 ____D C:\Users\shnox\AppData\LocalLow\YYZProductions
2026-04-01 16:06 - 2026-04-01 16:06 - 000000000 ____D C:\Users\shnox\AppData\LocalLow\GangoGames LLC
2026-04-01 16:06 - 2026-04-01 16:06 - 000000000 ____D C:\Users\shnox\AppData\Local\EpicOnlineServicesUIHelper
2026-04-01 16:05 - 2026-04-01 16:05 - 000000000 ____D C:\Users\shnox\AppData\Local\EOSUserHelper
2026-03-27 17:26 - 2026-03-27 17:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\SoftLanding
2026-03-27 00:52 - 2026-03-18 01:37 - 000127208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2026-03-27 00:51 - 2026-03-27 00:51 - 000001434 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2026-03-27 00:51 - 2026-01-16 17:37 - 000161912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap32v.dll
2026-03-27 00:51 - 2026-01-16 17:37 - 000060568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2026-03-26 23:34 - 2026-03-26 23:34 - 000036843 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2026-03-26 23:34 - 2026-03-26 23:34 - 000036843 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2026-03-26 23:34 - 2026-03-26 23:34 - 000004575 _____ C:\WINDOWS\system32\ResPriUHMImageList
2026-03-26 23:34 - 2026-03-26 23:34 - 000004575 _____ C:\WINDOWS\system32\ResPriLMImageList
2026-03-26 23:34 - 2026-03-26 23:34 - 000004575 _____ C:\WINDOWS\system32\ResPriImageList
2026-03-26 23:34 - 2026-03-26 23:34 - 000004575 _____ C:\WINDOWS\system32\ResPriHMImageList
2026-03-26 16:20 - 2026-03-26 16:20 - 000000000 ____D C:\Users\shnox\AppData\LocalLow\MCC
2026-03-26 15:56 - 2026-03-26 15:56 - 000000222 _____ C:\Users\shnox\Desktop\Fallout 4.url
2026-03-25 17:18 - 2026-03-18 08:48 - 002421296 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2026-03-25 17:18 - 2026-03-18 08:48 - 002421296 _____ C:\WINDOWS\system32\vulkaninfo.exe
2026-03-25 17:18 - 2026-03-18 08:48 - 001923120 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-03-25 17:18 - 2026-03-18 08:48 - 001923120 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2026-03-25 17:18 - 2026-03-18 08:48 - 001625648 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2026-03-25 17:18 - 2026-03-18 08:48 - 001625648 _____ C:\WINDOWS\system32\vulkan-1.dll
2026-03-25 17:18 - 2026-03-18 08:48 - 001434672 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2026-03-25 17:18 - 2026-03-18 08:48 - 001434672 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2026-03-25 17:18 - 2026-03-18 08:48 - 000478952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2026-03-25 17:18 - 2026-03-18 08:48 - 000375016 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2026-03-25 17:18 - 2026-03-18 08:45 - 001385704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2026-03-25 17:18 - 2026-03-18 08:45 - 000675048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2026-03-25 17:18 - 2026-03-18 08:45 - 000509160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2026-03-25 17:18 - 2026-03-18 08:44 - 028057832 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2026-03-25 17:18 - 2026-03-18 08:44 - 002328296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2026-03-25 17:18 - 2026-03-18 08:44 - 001724136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2026-03-25 17:18 - 2026-03-18 08:44 - 001621224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2026-03-25 17:18 - 2026-03-18 08:44 - 001583336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2026-03-25 17:18 - 2026-03-18 08:44 - 001231592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2026-03-25 17:18 - 2026-03-18 08:44 - 001064680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2026-03-25 17:18 - 2026-03-18 08:44 - 000820456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2026-03-25 17:18 - 2026-03-18 08:43 - 029136616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2026-03-25 17:18 - 2026-03-18 08:43 - 021713128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2026-03-25 17:18 - 2026-03-18 08:43 - 000469736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2026-03-25 17:18 - 2026-03-18 08:42 - 008441064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2026-03-25 17:18 - 2026-03-18 08:42 - 005925096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2026-03-25 17:18 - 2026-03-18 08:42 - 005674216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2026-03-25 17:18 - 2026-03-18 08:42 - 005516480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2026-03-25 17:18 - 2026-03-18 08:42 - 005011440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2026-03-25 17:18 - 2026-03-18 08:42 - 004466920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2026-03-25 17:18 - 2026-03-18 08:42 - 000853736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2026-03-25 17:18 - 2026-03-18 01:37 - 000162186 _____ C:\WINDOWS\system32\nvinfo.pb

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2026-04-23 01:40 - 2026-03-19 22:42 - 000000000 ____D C:\FRST
2026-04-23 01:39 - 2026-03-19 22:43 - 000000000 ____D C:\Users\shnox\Desktop\Trojaner Board
2026-04-23 01:32 - 2022-06-23 20:13 - 000000000 ____D C:\ProgramData\NordVPN
2026-04-23 01:26 - 2022-03-20 13:04 - 000000000 ____D C:\Program Files (x86)\Steam
2026-04-23 01:25 - 2022-03-20 11:35 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2026-04-23 01:24 - 2022-03-20 13:39 - 000000000 ____D C:\Users\shnox\AppData\Local\UnrealEngine
2026-04-23 00:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2026-04-23 00:47 - 2022-03-20 10:18 - 000000000 ___SD C:\Users\shnox\AppData\Roaming\Microsoft\Credentials
2026-04-23 00:27 - 2022-03-30 11:34 - 000000000 ____D C:\Users\shnox\AppData\Local\Ubisoft Game Launcher
2026-04-22 22:49 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-04-22 19:08 - 2022-03-20 11:29 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2026-04-22 19:07 - 2022-03-20 11:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2026-04-22 19:07 - 2022-03-20 11:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2026-04-22 16:03 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2026-04-22 16:03 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2026-04-22 15:51 - 2025-04-16 00:26 - 001729568 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2026-04-22 15:51 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2026-04-22 15:48 - 2024-01-31 15:27 - 000000000 ____D C:\Users\shnox\AppData\Roaming\Vortex
2026-04-22 15:48 - 2022-03-20 10:34 - 000000000 ____D C:\ProgramData\Razer
2026-04-22 15:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Registration
2026-04-22 15:47 - 2022-03-20 10:23 - 000000000 ___RD C:\Users\shnox\OneDrive
2026-04-22 15:46 - 2025-04-16 00:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2026-04-22 15:46 - 2025-04-16 00:24 - 000020002 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2026-04-22 15:46 - 2022-03-20 11:35 - 000000000 ____D C:\ProgramData\NVIDIA
2026-04-22 15:46 - 2022-03-20 09:59 - 000012288 ___SH C:\DumpStack.log.tmp
2026-04-21 18:04 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2026-04-21 15:00 - 2022-03-20 10:21 - 000000000 ____D C:\Users\shnox\AppData\Local\D3DSCache
2026-04-20 21:43 - 2022-04-19 09:46 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-04-20 16:38 - 2025-04-16 00:27 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1032225255-1758578694-3390115000-1001
2026-04-20 16:38 - 2025-04-16 00:27 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1032225255-1758578694-3390115000-1001
2026-04-20 16:38 - 2025-04-16 00:27 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1032225255-1758578694-3390115000-1001
2026-04-20 16:38 - 2022-03-20 10:23 - 000002435 _____ C:\Users\shnox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-04-20 14:44 - 2025-04-16 00:27 - 000003960 _____ C:\WINDOWS\system32\Tasks\RazerCortexScheduleClean
2026-04-17 09:36 - 2022-10-24 10:43 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2026-04-17 00:01 - 2025-04-16 00:21 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2026-04-17 00:00 - 2025-04-16 00:21 - 000627344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2026-04-16 03:29 - 2024-04-01 18:35 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2026-04-16 03:29 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2026-04-16 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2026-04-16 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2026-04-16 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2026-04-16 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2026-04-16 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2026-04-15 20:19 - 2022-03-20 11:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2026-04-15 20:18 - 2022-03-20 11:27 - 218249592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2026-04-15 20:06 - 2025-04-08 20:00 - 000000000 ____D C:\Program Files (x86)\dotnet
2026-04-15 20:06 - 2023-05-22 15:17 - 000000000 ____D C:\Program Files\dotnet
2026-04-15 20:06 - 2022-03-20 10:37 - 000000000 ____D C:\ProgramData\Package Cache
2026-04-15 19:51 - 2024-09-22 08:29 - 000000000 ____D C:\Users\shnox\AppData\Local\NotificationTemp
2026-04-15 00:35 - 2025-04-16 00:24 - 003268096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2026-04-14 22:12 - 2022-03-20 13:44 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2026-04-13 22:49 - 2022-03-20 09:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2026-04-13 12:39 - 2022-03-20 14:49 - 000000000 ____D C:\Users\shnox\AppData\Local\Google
2026-04-11 22:26 - 2025-04-16 00:27 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-04-11 22:26 - 2025-04-16 00:27 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2026-04-11 22:17 - 2022-03-20 14:48 - 000000000 ____D C:\Program Files\Google
2026-04-09 19:40 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2026-04-06 14:24 - 2022-03-20 13:04 - 000000000 ____D C:\Users\shnox\AppData\Local\Steam
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\te-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\or-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\is-IS
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\id-ID
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\et-EE
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\be-BY
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\as-IN
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\am-ET
2026-04-02 14:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2026-04-01 20:53 - 2022-03-20 14:49 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2026-04-01 20:53 - 2022-03-20 14:49 - 000002048 _____ C:\Users\shnox\Desktop\Google Drive.lnk
2026-04-01 16:32 - 2022-03-20 12:04 - 000000000 ____D C:\Program Files (x86)\Intel
2026-04-01 16:06 - 2022-03-20 13:39 - 000000000 ____D C:\ProgramData\Epic
2026-03-30 11:33 - 2022-03-20 11:43 - 000000000 ____D C:\Users\shnox\AppData\Local\CrashDumps
2026-03-27 17:32 - 2022-03-29 20:15 - 000000000 ____D C:\Users\shnox\Documents\My Games
2026-03-27 17:26 - 2022-03-21 23:12 - 000000000 ____D C:\Program Files (x86)\Avira
2026-03-27 17:23 - 2025-09-12 18:41 - 000000000 ____D C:\WINDOWS\system32\ruxim
2026-03-27 17:23 - 2024-04-01 18:33 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2026-03-27 17:23 - 2024-04-01 18:33 - 000000000 ____D C:\WINDOWS\system32\de
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2026-03-27 17:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2026-03-27 17:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2026-03-27 17:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2026-03-27 17:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2026-03-27 17:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2026-03-27 17:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2026-03-27 17:22 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2026-03-27 17:22 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2026-03-27 16:59 - 2024-04-01 09:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2026-03-27 16:58 - 2022-03-20 11:27 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2026-03-27 16:57 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2026-03-27 16:12 - 2022-03-20 10:21 - 000000000 ____D C:\Users\shnox\AppData\Local\Packages
2026-03-27 15:03 - 2022-03-20 10:21 - 000000000 ____D C:\ProgramData\Packages
2026-03-27 13:14 - 2024-02-01 22:16 - 000000000 ____D C:\Users\shnox\AppData\Local\Fallout4
2026-03-27 12:04 - 2022-06-13 14:44 - 000000000 ___RD C:\Users\shnox\Dropbox
2026-03-27 05:04 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2026-03-27 05:04 - 2024-04-01 09:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2026-03-27 02:07 - 2022-03-20 11:35 - 000000000 ____D C:\Users\shnox\AppData\Local\NVIDIA Corporation
2026-03-27 01:50 - 2022-03-20 21:20 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2026-03-27 01:43 - 2022-03-30 11:34 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2026-03-27 01:42 - 2022-12-10 19:05 - 000000000 ____D C:\ProgramData\Battle.net
2026-03-27 01:42 - 2022-03-30 11:34 - 000000000 ____D C:\Users\shnox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2026-03-27 01:41 - 2022-03-20 12:02 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2026-03-27 01:36 - 2026-01-31 00:37 - 000000000 ____D C:\Users\shnox\Desktop\xenia_canary_windows
2026-03-27 01:35 - 2022-03-29 13:29 - 000000000 ____D C:\Program Files\Epic Games
2026-03-27 01:34 - 2022-03-20 11:35 - 000000000 ____D C:\Users\shnox\AppData\Local\NVIDIA
2026-03-27 01:33 - 2023-06-01 20:03 - 000000000 ____D C:\Users\shnox\Documents\Anno 2205
2026-03-27 01:33 - 2023-05-29 15:44 - 000000000 ____D C:\Users\shnox\Documents\Anno 1800
2026-03-27 01:32 - 2024-12-01 16:28 - 000000000 ____D C:\Users\shnox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2026-03-27 00:54 - 2022-03-20 11:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2026-03-27 00:51 - 2025-04-16 00:27 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2026-03-27 00:51 - 2022-03-20 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2026-03-27 00:51 - 2022-03-20 11:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2026-03-26 23:16 - 2022-03-21 23:13 - 000000000 ____D C:\Users\Public\Security Sessions
2026-03-26 15:58 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2026-03-26 15:51 - 2022-03-20 11:42 - 000000000 ____D C:\Users\shnox\AppData\Roaming\KeePass

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2023-12-20 17:59 - 2023-12-20 17:59 - 000002295 _____ () C:\Users\shnox\AppData\Local\recently-used.xbel
2022-08-12 21:07 - 2022-08-12 21:07 - 000007642 _____ () C:\Users\shnox\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

Shnoxxer 23.04.2026 01:04
ADDITION.txt:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-04-2026
durchgeführt von shnox (23-04-2026 01:41:17)
Gestartet von C:\Users\shnox\Desktop\Trojaner Board
Microsoft Windows 11 Home Version 25H2 26200.8246 (X64) (2025-04-16 09:45:40)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-1032225255-1758578694-3390115000-500 - Administrators - Disabled)
DefaultAccount (S-1-5-21-1032225255-1758578694-3390115000-503 - Limited - Disabled)
Gast (S-1-5-21-1032225255-1758578694-3390115000-501 - Limited - Disabled)
shnox (S-1-5-21-1032225255-1758578694-3390115000-1001 - Administrators - Enabled) => C:\Users\shnox
WDAGUtilityAccount (S-1-5-21-1032225255-1758578694-3390115000-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avira Security (Enabled) {BE55A40C-05CA-1096-36EB-CCA92DEAF539}
FW: Avira Security (Enabled) {877B141C-E73B-9A54-223E-108CC963426A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.21.1203.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.21.1203.1 - GIGABYTE)
7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 26.001.21431 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601149}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.0120.1 - Gigabyte) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.0120.1 - Gigabyte)
Asian Language And Spelling Dictionaries Support For Adobe Acrobat Reader (HKLM\...\{AC76BA86-7AD7-0000-0000-BC16014E7500}) (Version: 22.001.20085 - Adobe Systems Incorporated)
CrystalDiskInfo 8.17.13 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.13 - Crystal Dew World)
Discord (HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{8785F8D1-9388-4051-A199-A80840A00990}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.21.1223 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.21.1223 - GIGABYTE)
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.32 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{acfd3daa-8cad-4514-bc73-64a154033052}) (Version: 1.0.3.32 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.5 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{2ddd3bd2-7bad-4020-a8b8-9650a834bb99}) (Version: 1.0.9.5 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{ec10ac91-2e61-460a-b493-33f794a07682}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.8.0 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{7eeee667-b295-4acd-9a4e-1160421db765}) (Version: 1.0.8.0 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{5F15891E-8342-47CD-AFFF-89211CFC04D0}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
FastBoot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.21.1214 - GIGABYTE) Hidden
FastBoot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.21.1214 - GIGABYTE)
GenTool (HKLM-x32\...\GenTool) (Version: 8.9 - GenTool)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.96.26 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 147.0.7727.102 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 123.0.1.0 - Google LLC)
Google Earth Pro (HKLM\...\{E3B69BB6-FFD8-441C-933E-BB8A3136ED8F}) (Version: 7.3.7.1155 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Hex Workshop v6.8 (HKLM\...\{A36AC685-4435-4C16-861F-221231DE165D}) (Version: 6.8.0.5419 - BreakPoint Software)
HP Color LaserJet CP1210 Series (HKLM\...\{54360A73-B080-4A69-BFD4-53C190DD3AB0}) (Version: 1.0.0 - Hewlett-Packard) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{D2AEE0A6-F202-4C62-BE2B-AC0C9E00A941}) (Version: 26.1.0.2 - Intel) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{022AEC23-4961-48F9-ABFC-85EB91BF88AB}) (Version: 4.1.7 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{C6A1126A-6ED6-4231-BA48-4DA77986FA1C}) (Version: 10.1.18950.8298 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{db747e10-c752-4e5a-b099-922800123b36}) (Version: 10.1.18950.8298 - Intel(R) Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{3346E783-37FA-4DD6-BDE1-1F428CF7CDBD}) (Version: 2.4.10965 - Intel Corporation)
Intel(R) LMS (HKLM\...\{714993DF-4A21-400D-AF68-AF573B25B9D1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{F6F40E7F-F11B-459A-949C-8365763D5A1F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1BAD3B0B-2034-41BB-9B60-0C2476B44218}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2134.15.0.2422 - Intel Corporation)
Intel(R) Management Engine Driver (HKLM\...\{7B5CB856-87C1-4F86-A2B4-C21C3BC9714A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2129.8 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{A5530342-3F3E-4C02-9ECA-20DC35944BFD}) (Version: 30.100.2129.8 - Intel Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{C8093AA3-B113-4F81-9A87-B1C41929B346}) (Version: 26.1.0.2 - Intel)
JoyToKey version 6.9.3 (HKLM-x32\...\{EBF21C82-423E-49FD-BCBD-88C08397CB44}_is1) (Version: 6.9.3 - JTK software)
KeePass Password Safe 2.60 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.60 - Dominik Reichl)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech SetPoint 6.90 (HKLM\...\sp6) (Version: 6.90.66 - Logitech)
MEmu (HKLM-x32\...\MEmu) (Version: 9.0.3.0 - Microvirt Software Technology Co. Ltd.)
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.26 (x64) (HKLM\...\{2D690786-1257-44F3-AB75-7F55B62B42E9}) (Version: 64.104.50421 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.26 (x86) (HKLM-x32\...\{1405974B-528B-4C50-B559-E27E50CE2614}) (Version: 64.104.50421 - Microsoft Corporation) Hidden
Microsoft .NET Host - 9.0.15 (x64) (HKLM\...\{FCBBC2DC-2AD7-4F1F-A444-87A9FA94C6BA}) (Version: 72.60.50518 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.26 (x64) (HKLM\...\{C971FC9E-5291-4C07-8E2F-96BDCBF217E2}) (Version: 64.104.50421 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.26 (x86) (HKLM-x32\...\{60DA7E22-AB03-450B-AEB7-EFA0C446B9D9}) (Version: 64.104.50421 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 9.0.15 (x64) (HKLM\...\{04C98367-FC14-4376-8866-17AD112FB6B9}) (Version: 72.60.50518 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.26 (x64) (HKLM\...\{D303EB7E-BAFD-4A65-A520-AA388FA0BF9A}) (Version: 64.104.50421 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.26 (x86) (HKLM-x32\...\{3E7B0486-172E-422B-A81B-70932E734E25}) (Version: 64.104.50421 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 9.0.15 (x64) (HKLM\...\{97184660-56D3-4CCB-8919-34067AB40CD6}) (Version: 72.60.50518 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.26 - Shared Framework (x86) (HKLM-x32\...\{ced166e7-8d63-48a5-9be8-0c8df25206cc}) (Version: 8.0.26.26169 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.26 Shared Framework (x86) (HKLM-x32\...\{A79BCCFA-8DF2-3692-8EAE-D43D03703882}) (Version: 8.0.26.26169 - Microsoft Corporation) Hidden
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 147.0.3912.72 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Volume - de-de) (Version: 16.0.10417.20095 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\OneDriveSetup.exe) (Version: 26.055.0323.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.50.35719 (HKLM\...\{AECD4ED0-8A3B-41E9-92D1-6BEE0374CCAF}) (Version: 14.50.35719 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.50.35719 (HKLM\...\{61B44572-8722-4DAF-8ACF-8E742D30BCC5}) (Version: 14.50.35719 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ v14 Redistributable (x64) - 14.50.35719 (HKLM-x32\...\{91ee571b-0e8a-4c65-9eaf-2e2f5fc60c00}) (Version: 14.50.35719.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.26 (x64) (HKLM\...\{BC979F77-77D3-4599-ADFF-12D432BFF8C5}) (Version: 64.104.50433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.26 (x64) (HKLM-x32\...\{ccb8cf0e-e9c7-4fea-add7-d5cdde656e5b}) (Version: 8.0.26.35920 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.26 (x86) (HKLM-x32\...\{3E5234CF-16E0-4004-98EF-B4FAB5C4C46B}) (Version: 64.104.50433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.26 (x86) (HKLM-x32\...\{f4ea8248-dafa-4e5c-a872-affef0969a1e}) (Version: 8.0.26.35920 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 9.0.15 (x64) (HKLM\...\{49C0C973-52B5-4F6D-AD4F-9B9DF928BAC6}) (Version: 72.60.50530 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 9.0.15 (x64) (HKLM-x32\...\{e29f6a15-9665-4b06-8024-06f270a032b8}) (Version: 9.0.15.35926 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 14.41.137.0 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox) (Version: 150.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.7.0 - Mozilla)
Mozilla Thunderbird ESR (x64 de) (HKLM\...\Mozilla Thunderbird 140.9.1 ESR (x64 de)) (Version: 140.9.1 - Mozilla)
My Game Long Name (HKLM\...\UDK-4e07682a-d5e0-49c0-abd8-8036dffdace3) (Version:  - Epic Games, Inc.)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.5.0.997 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.56.2.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.6.2 - Notepad++ Team)
NVIDIA App 11.0.6.383 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.6.383 - NVIDIA Corporation)
NVIDIA Canvas 1.4.311 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Canvas) (Version: 1.4.311 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.11821.36727370 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11821.36727370 - NVIDIA Corporation)
NVIDIA Grafiktreiber 595.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 595.97 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.4.5.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.5.7 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10417.20095 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10417.20095 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.10417.20095 - Microsoft Corporation) Hidden
ON_OFF Charge 2 B19.1119.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.19.1119.1 - GIGABYTE) Hidden
ON_OFF Charge 2 B19.1119.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.19.1119.1 - GIGABYTE)
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
pCloud Drive (HKLM\...\{76F062AD-B854-4DC2-8A2E-C7EBAA3AE5D8}) (Version: 4.1.12.0 - pCloud AG) Hidden
pCloud Drive (HKLM-x32\...\{12cc0cad-20be-4a8c-b4c8-7c8687395687}) (Version: 4.1.12.0 - pCloud International AG)
PDF24 Creator 11.29.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.29.1 - Geek Software GmbH)
Razer Axon (HKLM\...\Razer Axon_is1) (Version: 2.5.3.0 - Razer Inc.)
Razer Cortex (HKLM\...\Razer Cortex_is1) (Version: 11.6.2.2 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.10.0730.071519 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.56.119.2022 - Realtek)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.22.0211.1 - Gigabyte)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.105.2733 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.146 - Rockstar Games)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Signal 7.77.1 (HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 7.77.1 - Signal Messenger, LLC)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.21.1124 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.21.1124 - GIGABYTE)
Smart Backup (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.21.0326.1 - GIGABYTE)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop (HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 6.3.6 - Telegram FZ-LLC)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 158.0.11194 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.16.8 - Black Tree Gaming Ltd.)
WhatsApp (Outdated) (HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\WhatsApp) (Version: 2.2319.9 - WhatsApp)
Windows Subsystem for Linux Update (HKLM\...\{F8474A47-8B5D-4466-ACE3-78EAB3BF21A8}) (Version: 5.10.102.1 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\ZoomUMX) (Version: 5.14.8 (16213) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2026-04-17] ()
Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.1082.2350.0_x64__8wekyb3d8bbwe [2025-12-21] (Microsoft Corporation)
Ink.Handwriting.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.de-DE.1.0_0.1082.2350.0_x86__8wekyb3d8bbwe [2025-12-21] (Microsoft Corporation)
Ink.Handwriting.Main.de-DE.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.de-DE.1.0_0.1082.2350.0_x64__8wekyb3d8bbwe [2026-01-26] (Microsoft Corporation)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1042.0_x64__8j3eq9eme6ctt [2025-06-23] (INTEL CORP)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-07-11] (Microsoft Corporation)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-22] (Microsoft Corp.)
Notepad++ -> C:\Program Files\Notepad++\contextMenu [2024-02-05] (Notepad++)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-11] (NVIDIA Corp.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-02-07] (Adobe Systems Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.28.255.0_x64__dt26b99r8h8gj [2022-03-20] (Realtek Semiconductor Corp)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0 [2026-01-30] (Spotify AB) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-03-08] (Microsoft Corp.)
WinAppRuntime.Main.1.8 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.8_8000.806.2252.0_x64__8wekyb3d8bbwe [2026-03-23] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_8000.806.2252.0_x64__8wekyb3d8bbwe [2026-04-15] (Microsoft Corp.)
WSATools -> C:\Program Files\WindowsApps\54406Simizfo.WSATools_1.0.3.0_x64__f0x555vvp18ze [2023-07-06] (Simone Franco)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\-{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 ->  => Keine Datei
CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\{04271989-C4D2-B940-2575-E73462709201} -> [OneDrive - stud.tu-darmstadt.de] => C:\Users\shnox\OneDrive - stud.tu-darmstadt.de [2022-12-09 15:18]
CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\{21e5e993-2836-c1a8-d5f0-473d156b50b0}\localserver32 -> C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe (Razer USA Ltd. -> Razer Inc.)
CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\{2db59e37-0d0f-9458-c133-85e699bb3bdd}\localserver32 -> C:\Program Files (x86)\Razer\Razer Axon\RazerAxon.exe (Razer USA Ltd. -> Razer Inc.)
CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> NordVPN)
CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 ->  => Keine Datei
CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\{a1a98500-60a2-49e3-8316-dd03a91bce31}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\{bd9cb816-30ca-41fe-9072-e9d37b6215b2}\localserver32 -> "C:\Users\shnox\AppData\Local\FLIR Systems\FLIR Ignite Sync\FLIR.Ignite.Sync.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\{CA7BA7AE-5701-43FD-B3A4-E6D6FF7DE5A0}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\shnox\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Keine Datei
CustomCLSID: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\123.0.1.0\drivefsext.dll [2026-04-01] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\123.0.1.0\drivefsext.dll [2026-04-01] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\123.0.1.0\drivefsext.dll [2026-04-01] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\123.0.1.0\drivefsext.dll [2026-04-01] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [    pCloudINPROGRESS] -> {D8BFAFBD-B670-4252-9C17-9CF1C64C2BAF} => C:\Program Files\pCloud Drive\OverlayIcon64.dll [2017-10-23] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [    pCloudINSYNC] -> {8D0C0582-552A-4A6B-9455-DA63E1F329C0} => C:\Program Files\pCloud Drive\OverlayIcon64.dll [2017-10-23] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [    pCloudNOSYNC] -> {3858ED1B-8F1C-42ED-A8A9-FDBF591E3C6B} => C:\Program Files\pCloud Drive\OverlayIcon64.dll [2017-10-23] (TODO: <Company name>) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_651bb78e61d538aa\OptaneShellExt.dll [2021-08-02] (Intel Corporation -> )
ShellIconOverlayIdentifiers-x32: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\123.0.1.0\drivefsext.dll [2026-04-01] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\123.0.1.0\drivefsext.dll [2026-04-01] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\123.0.1.0\drivefsext.dll [2026-04-01] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\123.0.1.0\drivefsext.dll [2026-04-01] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-02-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ContextMenuExtension] -> {3103a792-c2d9-3c57-98dd-30071b26c05f} => C:\Program Files\pCloud Drive\ContextMenuHandler64.dll [2024-10-22] (pCloud AG) [Datei ist nicht signiert]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\123.0.1.0\drivefsext.dll [2026-04-01] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [HexWorkshopContextMenu] -> {DB34D5DC-D41A-482E-A5EF-8FA0F88761DA} => C:\Program Files\BreakPoint Software\Hex Workshop v6.8\HWExt64.dll [2014-09-01] (BreakPoint Software, Inc. -> BreakPoint Software, Inc.)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers2: [HexWorkshopContextMenu] -> {DB34D5DC-D41A-482E-A5EF-8FA0F88761DA} => C:\Program Files\BreakPoint Software\Hex Workshop v6.8\HWExt64.dll [2014-09-01] (BreakPoint Software, Inc. -> BreakPoint Software, Inc.)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_651bb78e61d538aa\OptaneShellExt.dll [2021-08-02] (Intel Corporation -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [ContextMenuExtension] -> {3103a792-c2d9-3c57-98dd-30071b26c05f} => C:\Program Files\pCloud Drive\ContextMenuHandler64.dll [2024-10-22] (pCloud AG) [Datei ist nicht signiert]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\123.0.1.0\drivefsext.dll [2026-04-01] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\123.0.1.0\drivefsext.dll [2026-04-01] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [NvAppDesktopContext] -> {F2E8B4A1-9C7D-4F6E-B3A5-8D2C1F4E9B7A} => C:\Program Files\NVIDIA Corporation\NVIDIA App\NvCpl\nvui.dll [2026-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e980fd2c7c4fce8e\nvshext.dll [2026-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Datei ist nicht signiert]

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [MidisrvTransferComplete] => 1
HKLM\...\Drivers32: [midi1] => C:\Windows\system32\wdmaud2.drv [143360 2026-03-26] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\wdmaud2.drv [94720 2026-03-26] (Microsoft Windows -> Microsoft Corporation)

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\shnox\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2025-03-19 16:27 - 2025-03-19 16:27 - 004902912 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\pCloud.dll
2026-04-13 12:38 - 2026-03-31 10:41 - 001637376 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\bundledPlugins\gamebryo-bsa-support\bsatk.node
2026-04-13 12:38 - 2026-03-31 10:41 - 001458176 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\bundledPlugins\gamebryo-plugin-management\esptk.node
2026-04-13 12:38 - 2026-03-31 10:41 - 000385024 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\bundledPlugins\gamebryo-plugin-management\node-loot.node
2026-04-13 12:38 - 2026-03-31 10:41 - 000463872 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\bundledPlugins\gamebryo-savegame-management\GamebryoSave.node
2026-04-13 12:38 - 2026-03-31 10:41 - 000845952 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\bundledPlugins\gamebryo-savegame-management\liblz4.dll
2026-04-13 12:38 - 2026-03-31 10:41 - 000084480 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\bundledPlugins\gamebryo-savegame-management\zlib.dll
2026-04-13 12:38 - 2026-03-31 10:41 - 000590848 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\node_modules\diskusage\build\Release\diskusage.node
2026-04-13 12:38 - 2026-03-31 10:41 - 000488448 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\node_modules\drivelist\build\Release\drivelist.node
2026-04-13 12:38 - 2026-03-31 10:41 - 000498176 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\node_modules\leveldown\prebuilds\win32-x64\node.napi.node
2026-04-13 12:38 - 2026-03-31 10:41 - 000258560 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\node_modules\vortexmt\build\Release\vortexmt.node
2026-04-13 12:38 - 2026-03-31 10:41 - 001335808 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\node_modules\winapi-bindings\build\Release\winapi.node
2026-04-13 12:38 - 2026-03-31 10:41 - 000140288 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\node_modules\xxhash-addon\build\Release\addon.node
2026-04-13 12:37 - 2026-03-31 10:41 - 003035648 _____ () [Datei ist nicht signiert] C:\Program Files\Black Tree Gaming Ltd\Vortex\ffmpeg.dll
2026-04-13 12:37 - 2026-03-31 10:41 - 000502784 _____ () [Datei ist nicht signiert] C:\Program Files\Black Tree Gaming Ltd\Vortex\libegl.dll
2026-04-13 12:37 - 2026-03-31 10:41 - 008048128 _____ () [Datei ist nicht signiert] C:\Program Files\Black Tree Gaming Ltd\Vortex\libglesv2.dll
2024-01-31 15:27 - 2026-03-31 10:41 - 005529088 _____ () [Datei ist nicht signiert] C:\Program Files\Black Tree Gaming Ltd\Vortex\vk_swiftshader.dll
2023-11-22 17:35 - 2023-11-22 17:35 - 001719808 _____ () [Datei ist nicht signiert] C:\Program Files\pCloud Drive\e_sqlite3.DLL
2025-03-19 16:24 - 2025-03-19 16:24 - 000827392 _____ () [Datei ist nicht signiert] C:\PROGRAM FILES\PCLOUD DRIVE\PCLOUD.RESOURCES.DLL
2025-03-19 16:27 - 2025-03-19 16:27 - 000081920 _____ (GalaSoft Laurent Bugnion @ hxxp://www.galasoft.ch) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\GalaSoft.MvvmLight.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 000118784 _____ (George Mamaladze) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\Gma.System.MouseKeyHook.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 000163840 _____ (hardcodet.net) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\Hardcodet.NotifyIcon.Wpf.dll
2026-04-13 12:38 - 2026-03-31 10:41 - 006398976 _____ (LOOT) [Datei ist nicht signiert] \\?\C:\Program Files\Black Tree Gaming Ltd\Vortex\resources\app.asar.unpacked\bundledPlugins\gamebryo-plugin-management\libloot.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 001175552 _____ (Microsoft Corp.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\WPFToolkit.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 000724992 _____ (Microsoft Corporation) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\System.ComponentModel.Composition.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 000839680 _____ (Microsoft Corporation) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\System.Management.dll
2024-05-19 22:35 - 2024-05-19 22:35 - 000126976 ____N (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\SYSTEM32\UpdatePolicyScenarioReliabilityAggregator.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 000356352 _____ (Microsoft.AppCenter) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\Microsoft.AppCenter.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 000040960 _____ (Microsoft.AppCenter.Analytics) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\Microsoft.AppCenter.Analytics.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 000102400 _____ (Microsoft.AppCenter.Crashes) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\Microsoft.AppCenter.Crashes.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 007651328 _____ (Mulholland Software/James Willock) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\MaterialDesignThemes.Wpf.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 001802240 _____ (Newtonsoft) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\Newtonsoft.Json.dll
2024-12-01 16:35 - 2026-03-27 00:51 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2019-04-08 14:31 - 2019-04-08 14:31 - 000082944 _____ (Open Source Software community LGPL) [Datei ist nicht signiert] C:\Program Files\pCloud Drive\pthreadVC2.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 000020480 _____ (SourceGear) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\SQLitePCLRaw.batteries_v2.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 000102400 _____ (SourceGear) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\SQLitePCLRaw.core.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 000020480 _____ (SourceGear) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\SQLitePCLRaw.nativelibrary.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 000106496 _____ (SourceGear) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\SQLitePCLRaw.provider.dynamic_cdecl.dll
2024-12-12 10:56 - 2024-12-12 10:56 - 003182080 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2025-03-19 16:27 - 2025-03-19 16:27 - 000667648 _____ (The Apache Software Foundation) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\pCloud Drive\log4net.dll
2023-08-13 20:00 - 2023-05-10 11:25 - 000418304 _____ (The curl library, hxxps://curl.se/) [Datei ist nicht signiert] C:\Program Files\Microvirt\MEmu\libcurl.dll
2023-08-13 20:00 - 2023-05-10 11:25 - 002159104 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Microvirt\MEmu\libcrypto-1_1.dll
2023-08-13 20:00 - 2023-05-10 11:25 - 000499712 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Microvirt\MEmu\libssl-1_1.dll
2017-10-23 17:28 - 2017-10-23 17:28 - 000342016 ____N (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files\pCloud Drive\OverlayIcon64.dll
2022-03-21 19:47 - 2007-08-29 17:06 - 000055808 _____ (Zenographics, Inc.) [Datei ist nicht signiert] C:\WINDOWS\system32\spool\PRTPROCS\x64\ZIMFPRNT.DLL
2022-03-21 19:47 - 2007-08-29 17:06 - 000061952 _____ (Zenographics, Inc.) [Datei ist nicht signiert] C:\WINDOWS\System32\ZIMF.dll
2022-03-21 19:47 - 2007-08-29 17:06 - 000127488 _____ (Zenographics, Inc.) [Datei ist nicht signiert] C:\WINDOWS\System32\ZSPOOL.dll
2022-03-21 19:47 - 2007-08-29 17:06 - 000052224 _____ (Zenographics, Inc.) [Datei ist nicht signiert] C:\WINDOWS\System32\ZTAG.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{75416E63-5912-4DFA-AE8F-3EFACCAFFB14} => ""="NvmeDisk"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{75416E63-5912-4DFA-AE8F-3EFACCAFFB14} => ""="NvmeDisk"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2025-04-15] (Microsoft Windows -> Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2023-01-11] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2023-01-11] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Smart Backup - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2025-04-15] (Microsoft Windows -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-01-28] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\sharepoint.com -> hxxps://studtudarmstadtde-files.sharepoint.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2022-12-16 14:00 - 2022-12-16 14:00 - 000000002 _____ C:\WINDOWS\system32\drivers\etc\hosts

2023-07-06 18:29 - 2025-12-08 12:39 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.29.240.1 PC-MON.mshome.net # 2030 12 6 7 10 39 14 876

==================== Network ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

DNS Servers: 192.168.178.1
 ist aktiviert.

Network Binding:
=============
NordLynx: NordLynx Tunnel -> wireguard.sys
Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys
OpenVPN Data Channel Offload for NordVPN: OpenVPN Data Channel Offload -> ovpn-dco.sys
LAN-Verbindung: TAP-NordVPN Windows Adapter V9 -> tapnordvpn.sys

vms_vsf: Erweiterungsfilter für virtuellen Hyper-V-Switch
NordLwf: NordVPN LightWeight Firewall
ms_l1vhlwf: Geschachtelte Netzwerkvirtualisierung
vms_vsp: Extension-Protokoll für virtuellen Hyper-V-Switch

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\Control Panel\Desktop\\Wallpaper -> I:\Bilder\Hintergrund doppelt.png
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Program Files (x86)\Steam\steamapps\common\Fallout 4
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Program Files\Black Tree Gaming Ltd\Vortex


==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1032225255-1758578694-3390115000-1001\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{64CED5BE-7633-41AC-B9FB-CF8B4C53DE1B}] => (Allow) F:\SteamLibrary\steamapps\common\The Wandering Village\Windows64\WanderingVillage.exe => Keine Datei
FirewallRules: [{2CF4978E-8AE3-4788-B794-59253C7AE0A6}] => (Allow) F:\SteamLibrary\steamapps\common\The Wandering Village\Windows64\WanderingVillage.exe => Keine Datei
FirewallRules: [{35C8019E-FCE0-460B-BD32-8E88F13C40E8}] => (Allow) C:\Program Files\pCloud Drive\pCloud.exe (pCloud International AG -> )
FirewallRules: [UDP Query User{CFC1C127-E9DC-4E95-A125-D115688B3AA7}C:\program files\windowsapps\microsoftcorporationii.windowssubsystemforandroid_2407.40000.4.0_x64__8wekyb3d8bbwe\wsaclient\wsaclient.exe] => (Block) C:\program files\windowsapps\microsoftcorporationii.windowssubsystemforandroid_2407.40000.4.0_x64__8wekyb3d8bbwe\wsaclient\wsaclient.exe => Keine Datei
FirewallRules: [TCP Query User{F723B9E0-621D-4CE7-95C6-620A41C0A889}C:\program files\windowsapps\microsoftcorporationii.windowssubsystemforandroid_2407.40000.4.0_x64__8wekyb3d8bbwe\wsaclient\wsaclient.exe] => (Block) C:\program files\windowsapps\microsoftcorporationii.windowssubsystemforandroid_2407.40000.4.0_x64__8wekyb3d8bbwe\wsaclient\wsaclient.exe => Keine Datei
FirewallRules: [UDP Query User{A517747A-3A96-4F8A-A804-87CD22BE4E46}C:\program files (x86)\trackmania nations eswc\tmnationseswc.exe] => (Allow) C:\program files (x86)\trackmania nations eswc\tmnationseswc.exe => Keine Datei
FirewallRules: [TCP Query User{5FE02DFE-56CD-4163-AFA3-95FF4D28FD24}C:\program files (x86)\trackmania nations eswc\tmnationseswc.exe] => (Allow) C:\program files (x86)\trackmania nations eswc\tmnationseswc.exe => Keine Datei
FirewallRules: [UDP Query User{3E6EFF27-DA40-4C91-93AA-02546FD03769}F:\warcraft iii 1.29.2\warcraft iii.exe] => (Allow) F:\warcraft iii 1.29.2\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{696D2A5B-C9C7-47F2-956C-28EA13EB4610}F:\warcraft iii 1.29.2\warcraft iii.exe] => (Allow) F:\warcraft iii 1.29.2\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{CF872AA3-C5A2-4AE9-8E3E-48532313C234}F:\cod 4\iw3mp.exe] => (Allow) F:\cod 4\iw3mp.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{39554AE5-7FF8-43FC-A94B-69B9ACD33EF0}F:\cod 4\iw3mp.exe] => (Allow) F:\cod 4\iw3mp.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{520B9A68-7D08-4D79-BE0D-037AA582D56E}G:\lan\cod 4\iw3mp.exe] => (Allow) G:\lan\cod 4\iw3mp.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{71CF43B5-8274-4C3F-A93D-0438AE91CBED}G:\lan\cod 4\iw3mp.exe] => (Allow) G:\lan\cod 4\iw3mp.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{C86170A5-3DF4-4500-8F7B-093B055D2E0A}F:\wreckfest-20180821_1_233553\wreckfest_x64.exe] => (Allow) F:\wreckfest-20180821_1_233553\wreckfest_x64.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{8EAF4F32-6DD7-40B9-BFBA-0B60844512EA}F:\wreckfest-20180821_1_233553\wreckfest_x64.exe] => (Allow) F:\wreckfest-20180821_1_233553\wreckfest_x64.exe () [Datei ist nicht signiert]
FirewallRules: [{A23DE170-E729-4442-A166-C00E89AE0775}] => (Allow) F:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe => Keine Datei
FirewallRules: [{DA5223C5-C56D-41FC-835B-FFC2D7A0E2C6}] => (Allow) F:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe => Keine Datei
FirewallRules: [{961A9B78-9989-4AF1-9710-D05919CC6D1E}] => (Allow) F:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei
FirewallRules: [{E10D9D83-32FE-4291-9F7E-04E50EFAB85D}] => (Allow) F:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei
FirewallRules: [{08F5C6F9-5978-4B9D-ADC0-58D012CE4923}] => (Allow) F:\SteamLibrary\steamapps\common\FlatOut 2\mods\FlatOut 2 Mod Manager.exe => Keine Datei
FirewallRules: [{12CF9662-656C-4FF0-A81B-C2815F88483F}] => (Allow) F:\SteamLibrary\steamapps\common\FlatOut 2\mods\FlatOut 2 Mod Manager.exe => Keine Datei
FirewallRules: [UDP Query User{168FBDE6-710E-4858-88AE-400A49670830}C:\program files\windowsapps\microsoftcorporationii.windowssubsystemforandroid_2407.40000.0.0_x64__8wekyb3d8bbwe\wsaclient\wsaclient.exe] => (Block) C:\program files\windowsapps\microsoftcorporationii.windowssubsystemforandroid_2407.40000.0.0_x64__8wekyb3d8bbwe\wsaclient\wsaclient.exe => Keine Datei
FirewallRules: [TCP Query User{0EEE46C6-F9ED-458F-88B3-8FE09CE9D91F}C:\program files\windowsapps\microsoftcorporationii.windowssubsystemforandroid_2407.40000.0.0_x64__8wekyb3d8bbwe\wsaclient\wsaclient.exe] => (Block) C:\program files\windowsapps\microsoftcorporationii.windowssubsystemforandroid_2407.40000.0.0_x64__8wekyb3d8bbwe\wsaclient\wsaclient.exe => Keine Datei
FirewallRules: [UDP Query User{51598CA0-8E33-487E-908F-2F7CC98761E9}C:\program files\windowsapps\microsoftcorporationii.windowssubsystemforandroid_2311.40000.5.0_x64__8wekyb3d8bbwe\wsaclient\wsaclient.exe] => (Block) C:\program files\windowsapps\microsoftcorporationii.windowssubsystemforandroid_2311.40000.5.0_x64__8wekyb3d8bbwe\wsaclient\wsaclient.exe => Keine Datei
FirewallRules: [TCP Query User{4C512ECB-8511-4315-A843-69D7CA5905A9}C:\program files\windowsapps\microsoftcorporationii.windowssubsystemforandroid_2311.40000.5.0_x64__8wekyb3d8bbwe\wsaclient\wsaclient.exe] => (Block) C:\program files\windowsapps\microsoftcorporationii.windowssubsystemforandroid_2311.40000.5.0_x64__8wekyb3d8bbwe\wsaclient\wsaclient.exe => Keine Datei
FirewallRules: [UDP Query User{83ADA9A5-C62C-4E83-9471-8D90B3C47829}F:\ubisoft\ubisoft game launcher\games\anno 1602 - history edition\anno1602.exe] => (Allow) F:\ubisoft\ubisoft game launcher\games\anno 1602 - history edition\anno1602.exe => Keine Datei
FirewallRules: [TCP Query User{102C86A4-2EC3-49E2-BB9D-5D0170CDC270}F:\ubisoft\ubisoft game launcher\games\anno 1602 - history edition\anno1602.exe] => (Allow) F:\ubisoft\ubisoft game launcher\games\anno 1602 - history edition\anno1602.exe => Keine Datei
FirewallRules: [UDP Query User{64A6933B-B467-4BEE-995B-A4F093306ECE}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{FE91A83B-B02C-4DE8-B5FE-F195FA879416}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{2877A164-B614-4D89-BFE1-8FA9FC2AE7EE}F:\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe] => (Allow) F:\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe => Keine Datei
FirewallRules: [TCP Query User{B53ABD89-FADF-4D86-A667-B057E6ED7178}F:\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe] => (Allow) F:\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe => Keine Datei
FirewallRules: [UDP Query User{01E9AACD-02B1-42FB-911A-5A7CF51DFED4}F:\ubisoft\ubisoft game launcher\games\thesettlers7\base\bin\settlers7r.exe] => (Allow) F:\ubisoft\ubisoft game launcher\games\thesettlers7\base\bin\settlers7r.exe => Keine Datei
FirewallRules: [TCP Query User{C68834F5-349D-4DD0-A475-4BB61D83754B}F:\ubisoft\ubisoft game launcher\games\thesettlers7\base\bin\settlers7r.exe] => (Allow) F:\ubisoft\ubisoft game launcher\games\thesettlers7\base\bin\settlers7r.exe => Keine Datei
FirewallRules: [UDP Query User{E121CE40-C71F-4067-ADA1-4FBF82FA6CAD}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{BC63F75E-B7A1-4E31-A133-E0334AA1A43F}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{0246E469-139A-4147-B091-59CD989728F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe => Keine Datei
FirewallRules: [{80929BB0-658B-4205-B979-21A1C5D93618}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe => Keine Datei
FirewallRules: [UDP Query User{7F629631-272A-43E6-84A5-9859F411F320}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe => Keine Datei
FirewallRules: [TCP Query User{CE0AF845-7A49-4564-955E-A21B99CBBF49}C:\program files\epic games\thealtocollection\the alto collection.exe] => (Allow) C:\program files\epic games\thealtocollection\the alto collection.exe => Keine Datei
FirewallRules: [UDP Query User{26E8A19E-0956-40C9-93B8-3B2154B325AD}F:\steamlibrary\steamapps\common\need for speed hot pursuit remastered\nfs11remastered.exe] => (Allow) F:\steamlibrary\steamapps\common\need for speed hot pursuit remastered\nfs11remastered.exe => Keine Datei
FirewallRules: [TCP Query User{0349D3CD-F549-420E-BFBC-D996717F6D08}F:\steamlibrary\steamapps\common\need for speed hot pursuit remastered\nfs11remastered.exe] => (Allow) F:\steamlibrary\steamapps\common\need for speed hot pursuit remastered\nfs11remastered.exe => Keine Datei
FirewallRules: [{8E65DD99-1568-484C-A20E-44B9BB596C10}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{134DB72B-8FD7-4681-8FB6-D95DCED37BF4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{41ADDAE6-9A02-4735-8F01-5C3410A595A2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{2B1243EA-73C6-4217-A6AA-8DE73AB5884D}F:\warcraft 3\warcraft iii.exe] => (Allow) F:\warcraft 3\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{53E209D7-EC32-414F-8871-B92DE2C28261}F:\warcraft 3\warcraft iii.exe] => (Allow) F:\warcraft 3\warcraft iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{BF030C66-F6F9-4BF4-B7C5-1C766B861BC8}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1D9F3B94-ABD6-44FD-85CF-458E6E6BA12B}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{3EBD042D-7D69-454D-BFA9-07A085A87C79}C:\soldat\soldat.exe] => (Allow) C:\soldat\soldat.exe => Keine Datei
FirewallRules: [TCP Query User{524A64CF-E4D4-4C13-8288-8673ACF92308}C:\soldat\soldat.exe] => (Allow) C:\soldat\soldat.exe => Keine Datei
FirewallRules: [{BB6FB675-F7F2-4A1D-BCCD-AE11DC6E15EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe => Keine Datei
FirewallRules: [{50E20048-829D-4F0E-BB8C-55E286797FC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe => Keine Datei
FirewallRules: [UDP Query User{BE18D7D4-CFAF-4991-941E-0D24BC74FD8C}C:\program files\microvirt\memuhyperv\memuhyper.exe] => (Allow) C:\program files\microvirt\memuhyperv\memuhyper.exe (Shanghai Microvirt Software Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{EF56A123-9BFA-46FF-BA8C-ADCFB24B9C98}C:\program files\microvirt\memuhyperv\memuhyper.exe] => (Allow) C:\program files\microvirt\memuhyperv\memuhyper.exe (Shanghai Microvirt Software Technology Co., Ltd. -> )
FirewallRules: [{78E5547D-55AB-47C1-9B6A-A2BC6A3B9921}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => Keine Datei
FirewallRules: [{8E976F71-8771-43AB-A303-14EA1FD00ADE}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Keine Datei
FirewallRules: [{FA32A068-94BD-4A45-9754-05229639E9CE}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Keine Datei
FirewallRules: [{468B5AD9-F0B4-4E0D-82D2-70FCEE1C8F67}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Keine Datei
FirewallRules: [UDP Query User{787F40A4-DB42-4DCD-B708-F18D860F84B7}F:\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe] => (Allow) F:\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe => Keine Datei
FirewallRules: [TCP Query User{DB715128-7DE7-41C7-9ADF-192DBF5BAA30}F:\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe] => (Allow) F:\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe => Keine Datei
FirewallRules: [UDP Query User{8474D763-D886-46CB-A9A4-4077E325C851}F:\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404.exe] => (Allow) F:\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404.exe => Keine Datei
FirewallRules: [TCP Query User{1A3E1571-054A-4FD2-AB85-15CA77C14F84}F:\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404.exe] => (Allow) F:\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404.exe => Keine Datei
FirewallRules: [UDP Query User{BBB8F6B7-38D6-403F-8735-330919BEBDD8}F:\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe] => (Allow) F:\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe => Keine Datei
FirewallRules: [TCP Query User{37FCB15A-E796-4C47-8F62-DB5F16EB922C}F:\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe] => (Allow) F:\ubisoft\ubisoft game launcher\games\thesettlers3\siedler3r.exe => Keine Datei
FirewallRules: [{6FD1AACE-4BE5-4839-87CF-38A0B1A888F7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B44F79D-882B-4C58-8E64-63E4421E8E6B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B58C4B57-512F-4191-ACEE-E3465E98888F}F:\w3 2.6\war3.exe] => (Allow) F:\w3 2.6\war3.exe => Keine Datei
FirewallRules: [TCP Query User{2697265C-D114-49AB-AF11-098E6FD0537A}F:\w3 2.6\war3.exe] => (Allow) F:\w3 2.6\war3.exe => Keine Datei
FirewallRules: [UDP Query User{3800A971-322D-4A79-BC79-2542FDE646C5}F:\ut 2004\system\ut2004.exe] => (Allow) F:\ut 2004\system\ut2004.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{2BC36255-32D2-46E9-9417-3666E9883469}F:\ut 2004\system\ut2004.exe] => (Allow) F:\ut 2004\system\ut2004.exe () [Datei ist nicht signiert]
FirewallRules: [{D1EF87C6-D839-4A07-8296-37D47EFADD12}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9F866E7A-F7C2-44B9-90A8-CF20D9BB5236}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AD07563B-4E3D-4C83-B9A7-F4DD8449425C}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{C5308DAC-DFA9-4F21-910E-7CE0E8120BDC}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [TCP Query User{349AB554-4EAA-4520-8DC9-CFB6E92DD930}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [UDP Query User{9B8870E8-083B-41CF-8A7A-1CC3751A21B2}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [{625C90E6-592F-4A9D-B35A-DFC0DB3FCEF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5AA2F5E6-B9CB-447F-913C-AA5C0E0ED2A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{24C8888E-9EC3-4B56-B938-B1776757A2E4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei
FirewallRules: [{A9E62928-B929-4337-880A-CA3C8A5FDB58}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei
FirewallRules: [TCP Query User{5231843E-2C88-48DF-9BD2-B63BF4C4E97B}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2DBE5826-94E0-4960-8E97-2DFA7A4A4B30}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E889AC90-80E1-4F78-B9D9-FC9A07571EEF}] => (Allow) C:\Users\shnox\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{F54EE40D-67F2-418C-9F9E-F35DF73CDD24}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{2399A8DE-AFB9-44C9-B2DA-81DD0605A04E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{20BC7402-D09F-4054-97EF-7192CDCDD305}] => (Allow) C:\Users\shnox\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A437A72D-0C33-448A-A623-3F76049F7F64}] => (Allow) C:\Users\shnox\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CD0A3633-DBB1-42D0-943E-E9272857FE0F}] => (Allow) C:\Users\shnox\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{C30F7F0E-2F64-49C8-84AA-A301F6526D91}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6B02ACA9-E1E6-4464-9CD0-691CAF088BD3}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6A78BB13-7EDF-43CD-BB8A-550DB662DCB4}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe => Keine Datei
FirewallRules: [UDP Query User{CDED4AF0-7DAE-408E-9442-B975D926B9FD}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe => Keine Datei
FirewallRules: [{7400FA9B-D099-4DC0-9650-CF9F3D97470F}] => (Block) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe => Keine Datei
FirewallRules: [{ABE6DE3E-9835-4AB8-8219-7300BEF310FA}] => (Block) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe => Keine Datei
FirewallRules: [TCP Query User{54AD3324-3846-4A6C-8B3C-BA0602845792}C:\program files (x86)\aspyr\guitar hero world tour\ghwt_definitive.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero world tour\ghwt_definitive.exe => Keine Datei
FirewallRules: [UDP Query User{A0BF16B5-FAC9-410A-8230-C71F25E4BEF9}C:\program files (x86)\aspyr\guitar hero world tour\ghwt_definitive.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero world tour\ghwt_definitive.exe => Keine Datei
FirewallRules: [{C5F90E6B-8319-42AB-BBB0-52A53B19E640}] => (Block) C:\program files (x86)\aspyr\guitar hero world tour\ghwt_definitive.exe => Keine Datei
FirewallRules: [{313181D1-AEF6-4D23-8FD7-E022032F0CBD}] => (Block) C:\program files (x86)\aspyr\guitar hero world tour\ghwt_definitive.exe => Keine Datei
FirewallRules: [{DB17256E-5726-4EC8-9753-25701262A94B}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25093.1903.3570.2537_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2909ABD7-0377-4F28-8E4A-B7B7FF2AB177}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25093.1903.3570.2537_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{66666FE6-8904-4B7E-BAE0-ED3007844D0B}] => (Allow) F:\UT 2004\System\UT2004.exe () [Datei ist nicht signiert]
FirewallRules: [{6BD3AA53-968E-4E82-8B21-66C43E04C132}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GTA III - The Definitive Edition\PlayGTA3.exe => Keine Datei
FirewallRules: [{D4B61880-2C74-44D7-9C85-BBB08F533E26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GTA III - The Definitive Edition\PlayGTA3.exe => Keine Datei
FirewallRules: [TCP Query User{71CD5460-D59D-4859-90A1-2A360911F16A}C:\program files (x86)\steam\steamapps\common\gta iii - the definitive edition\gameface\binaries\win64\libertycity.exe] => (Block) C:\program files (x86)\steam\steamapps\common\gta iii - the definitive edition\gameface\binaries\win64\libertycity.exe => Keine Datei
FirewallRules: [UDP Query User{CE60A76B-9D13-4555-8E0C-369FBF48DF19}C:\program files (x86)\steam\steamapps\common\gta iii - the definitive edition\gameface\binaries\win64\libertycity.exe] => (Block) C:\program files (x86)\steam\steamapps\common\gta iii - the definitive edition\gameface\binaries\win64\libertycity.exe => Keine Datei
FirewallRules: [{0DBBE525-C0B9-40A1-B686-23D770D5C862}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1D755AA0-6664-4A87-B04B-02D1B920CE7B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FE53A13F-1C81-4846-9CF3-6167051AC93F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D1BDE0C3-6630-411D-9AB3-F81C50EB4D0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{28CEF942-66E5-40FD-8856-5BA7569654D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{75ECE352-D58A-42CC-A5A9-56952E78A58F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7B8F8356-8FBD-4DAD-B3F5-ADE381B640A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0AAF5857-6392-42B8-AB83-59776B0EFC1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B0174659-20ED-4948-979F-389F8962EF08}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A31A69B9-64B0-45E7-B855-90B60B3FAD1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D91E6A39-5580-4032-8C06-90598B8DD750}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D8DBD3CA-C32C-4863-9649-B2C52EE105E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D2B106E7-6038-45A5-9EA6-1ADAEFD5067B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EE2756C0-90F2-4492-87CA-C027E6F3F0E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0FBF239E-8238-47D3-B5FB-AD25114B82D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.282.428.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{1ADB6BDF-84C1-461A-9731-927130138931}C:\users\shnox\desktop\xenia_canary_windows\xenia_canary.exe] => (Block) C:\users\shnox\desktop\xenia_canary_windows\xenia_canary.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{204C3463-6AE4-452B-B668-384DA50E8DA9}C:\users\shnox\desktop\xenia_canary_windows\xenia_canary.exe] => (Block) C:\users\shnox\desktop\xenia_canary_windows\xenia_canary.exe () [Datei ist nicht signiert]
FirewallRules: [{EC776778-DDB1-41E6-BAFC-28920C01B08D}] => (Allow) F:\SteamLibrary\steamapps\common\CnCRemastered\ClientLauncherG.exe (Petroglyph Games, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{5BFB3A69-8C96-45BB-AA83-6A20A7EFF193}] => (Allow) F:\SteamLibrary\steamapps\common\CnCRemastered\ClientLauncherG.exe (Petroglyph Games, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{C3FCCCF1-E515-46C8-8FD5-F7B7B4189418}] => (Allow) F:\SteamLibrary\steamapps\common\CnCRemastered\ClientG.exe (Petroglyph Games, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{C95BAB68-CEBA-4991-ADC1-AB538CEF57D5}] => (Allow) F:\SteamLibrary\steamapps\common\CnCRemastered\ClientG.exe (Petroglyph Games, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{F2834410-AE74-4694-84A3-498EC0A18ADD}] => (Allow) F:\SteamLibrary\steamapps\common\CnCRemastered\InstanceServerG.exe (Petroglyph Games, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{BDB3344B-EAF8-42E9-9F20-BD8E29ABA750}] => (Allow) F:\SteamLibrary\steamapps\common\CnCRemastered\InstanceServerG.exe (Petroglyph Games, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{B31E62C4-E63B-4409-B7F1-E83CFC28D22B}] => (Allow) F:\SteamLibrary\steamapps\common\Forest Hustle\Forest Hustle.exe () [Datei ist nicht signiert]
FirewallRules: [{0D15C712-C917-47EB-9812-ECE2DA8E99C1}] => (Allow) F:\SteamLibrary\steamapps\common\Forest Hustle\Forest Hustle.exe () [Datei ist nicht signiert]
FirewallRules: [{F5C062F4-7570-4294-82D5-E0705269985F}] => (Allow) F:\SteamLibrary\steamapps\common\Command & Conquer Red Alert II\Ra2.exe (Electronic Arts, Inc. -> )
FirewallRules: [{54789529-1181-4200-8B8B-4425203B12C5}] => (Allow) F:\SteamLibrary\steamapps\common\Command & Conquer Red Alert II\Ra2.exe (Electronic Arts, Inc. -> )
FirewallRules: [{D1F4F552-AB51-424A-AAD8-A88B1E2A55DE}] => (Allow) F:\SteamLibrary\steamapps\common\Command & Conquer Red Alert II\RA2MD.exe (Electronic Arts, Inc. -> )
FirewallRules: [{301C9A19-9E09-409D-B1E7-BE9F74BFD306}] => (Allow) F:\SteamLibrary\steamapps\common\Command & Conquer Red Alert II\RA2MD.exe (Electronic Arts, Inc. -> )
FirewallRules: [{3F33A693-36A2-4D16-87D8-25EEB4F45430}] => (Allow) F:\SteamLibrary\steamapps\common\Command & Conquer Red Alert II\FinalAlert2\FinalAlert2YR.exe (Electronic Arts, Inc. -> Electronic Arts, Inc.)
FirewallRules: [{5164B752-D210-4D95-A491-E525F9701B1B}] => (Allow) F:\SteamLibrary\steamapps\common\Command & Conquer Red Alert II\FinalAlert2\FinalAlert2YR.exe (Electronic Arts, Inc. -> Electronic Arts, Inc.)
FirewallRules: [{34D50131-A329-4BB6-B57E-AA5E40518928}] => (Allow) F:\SteamLibrary\steamapps\common\Command & Conquer Red Alert II\game.exe (Electronic Arts, Inc. -> Westwood Studios)
FirewallRules: [{EA976A6C-8148-4CB1-8E96-3AAB924D04C4}] => (Allow) F:\SteamLibrary\steamapps\common\Command & Conquer Red Alert II\game.exe (Electronic Arts, Inc. -> Westwood Studios)
FirewallRules: [{4A4CB4DD-D6F5-446F-B7AA-095751432C00}] => (Allow) F:\SteamLibrary\steamapps\common\Command & Conquer Red Alert II\gamemd.exe (Electronic Arts, Inc. -> Westwood Studios)
FirewallRules: [{8D366EAF-634B-4FBA-A41B-8E57E21806A7}] => (Allow) F:\SteamLibrary\steamapps\common\Command & Conquer Red Alert II\gamemd.exe (Electronic Arts, Inc. -> Westwood Studios)
FirewallRules: [{2C62A70E-EE7D-4BF0-99CB-7DA5E8C8DDEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [{0B0D4E22-2C9C-4B43-B1F4-17041200FE30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{9F642455-A570-4BB5-BDA7-A0ECB7CEDE23}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{749EAF1A-D295-444F-A1C2-6B954407474E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{AFA1EB51-5C88-4BE8-8346-78912D5D99CF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Wiederherstellungspunkte =========================

15-04-2026 00:30:13 Windows Modules Installer
20-04-2026 18:49:41 Windows Update
20-04-2026 18:49:46 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager ============
Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Razer Inc
Service: mouhid
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (04/22/2026 07:07:03 PM) (Source: Firefox Default Browser Agent) (EventID: 1140) (User: )
Description: Event-ID 1140

Error: (04/22/2026 07:07:03 PM) (Source: Firefox Default Browser Agent) (EventID: 1140) (User: )
Description: Event-ID 1140

Error: (04/21/2026 04:07:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15500

Error: (04/21/2026 04:07:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15500

Error: (04/21/2026 04:07:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/20/2026 11:40:09 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: PC-MON)
Description: Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy-2147023878

Error: (04/20/2026 11:40:04 AM) (Source: Application Error) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehlerhafter Anwendungsname: GameManagerService3.exe, Version: 3.10.0.917, Zeitstempel: 0x67890000
Fehlerhafter Modulname: KERNELBASE.dll, Version: 10.0.26100.8246, Zeitstempel: 0x208e0cb7
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00000000000c79da
Fehlerhafte Prozess-ID: 0x12e0
Fehlerhafte Anwendungsstartzeit: 0x1dcd0a9a64c6d4b
Fehlerhafter Anwendungspfad: C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe
Fehlerhafter Modulpfad: C:\WINDOWS\System32\KERNELBASE.dll
Berichts-ID: 46d55952-5cf0-4aba-b621-fa3ad7d40536
Vollständiger Name des fehlerhaften Pakets:
Fehlerhafte paketbezogene Anwendungs-ID:

Error: (04/20/2026 11:40:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: GameManagerService3.exe
CoreCLR Version: 9.0.225.6610
.NET Version: 9.0.2
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException: Operations that change non-concurrent collections must have exclusive access. A concurrent update was performed on this collection and corrupted its state. The collection's state is no longer correct.
  at System.Collections.Generic.Dictionary`2.FindValue(TKey key)
  at System.Collections.Generic.Dictionary`2.TryGetValue(TKey key, TValue& value)
  at Razer.GameManagerServiceLib.GameProcessManager.ProcessLeagueOfLegendsLauncherStarted(ProcessInfo processInfo)
  at Razer.GameManagerServiceLib.GameProcessManager.ProcessNullSignature(GameSignature gameSignature, ProcessInfo processInfo, String filePath, List`1 possibleInListMatches)
  at System.Threading.Tasks.Task.<>c.<ThrowAsync>b__128_1(Object state)
  at System.Threading.ThreadPoolWorkQueue.Dispatch()
  at System.Threading.PortableThreadPool.WorkerThread.WorkerThreadStart()


Systemfehler:
=============
Error: (04/22/2026 03:58:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) SUR QC Software Asset Manager erreicht.

Error: (04/22/2026 03:51:59 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT-AUTORITÄT)
Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:Gigabyte Technology Co., Ltd.;FirmwareManufacturer:American Megatrends International, LLC.;FirmwareVersion:F4;OEMModelNumber:B560M DS3H V2;OEMModelBaseBoard:B560M DS3H V2;OEMModelSystemFamily:B560 MB;OEMManufacturerName:Gigabyte Technology Co., Ltd.;OEMModelSKU:Default string;OSArchitecture:amd64;
BucketId: fc2461393406146b4265e910ec3fb9503e80b9d4ecff18dda5516f40e27c90db
BucketConfidenceLevel: Under Observation - More Data Needed
UpdateType:
For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018.

Error: (04/22/2026 03:49:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (04/22/2026 03:49:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

Error: (04/22/2026 03:48:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) SUR QC Software Asset Manager erreicht.

Error: (04/22/2026 03:46:39 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI2

Error: (04/21/2026 06:04:25 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Energy Server Service queencreek konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (04/21/2026 06:04:03 PM) (Source: DCOM) (EventID: 10010) (User: PC-MON)
Description: Der Server "{FD06603A-2BDF-4BB1-B7DF-5DC68F353601}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


Windows Defender:
================
Date: 2026-04-17 09:33:29
Description:
Microsoft Defender Antivirus šĉαⁿ ħãŝ вèėň ѕŧθφρεđ ъёƒόřĕ ĉǿмρłęťíοй.%ή %тŜçдⁿ ЇĐ:%ъ{E85D6BE2-B24D-4E94-AEBC-4B4CA33007F2}%ⁿ %ţЅćαη Τурē:%вAntimalware%η %ťŞċαή Рǻřămεţęяś:%вSchnellüberprüfung%π  %τŮѕéř:%ъNT-AUTORITÄT\SYSTEM%ⁿ %τŞтòφ Яęάşőⁿ:%ьГРČ ċǿñпэćтĭǿπ ґџńðõŵй

Date: 2026-04-14 22:18:44
Description:
Microsoft Defender Antivirus šĉαⁿ ħãŝ вèėň ѕŧθφρεđ ъёƒόřĕ ĉǿмρłęťíοй.%ή %тŜçдⁿ ЇĐ:%ъ{1C896DE4-2485-4ABE-8418-304B52410A7A}%ⁿ %ţЅćαη Τурē:%вAntimalware%η %ťŞċαή Рǻřămεţęяś:%вSchnellüberprüfung%π  %τŮѕéř:%ъNT-AUTORITÄT\SYSTEM%ⁿ %τŞтòφ Яęάşőⁿ:%ьГРČ ċǿñпэćтĭǿπ ґџńðõŵй

Date: 2026-04-14 18:52:41
Description:
Microsoft Defender Antivirus šĉαⁿ ħãŝ вèėň ѕŧθφρεđ ъёƒόřĕ ĉǿмρłęťíοй.%ή %тŜçдⁿ ЇĐ:%ъ{4108EEB1-DC37-4B23-A772-47C993C90274}%ⁿ %ţЅćαη Τурē:%вAntimalware%η %ťŞċαή Рǻřămεţęяś:%вSchnellüberprüfung%π  %τŮѕéř:%ъNT-AUTORITÄT\SYSTEM%ⁿ %τŞтòφ Яęάşőⁿ:%ьГРČ ċǿñпэćтĭǿπ ґџńðõŵй

Date: 2026-04-14 18:01:41
Description:
Microsoft Defender Antivirus šĉαⁿ ħãŝ вèėň ѕŧθφρεđ ъёƒόřĕ ĉǿмρłęťíοй.%ή %тŜçдⁿ ЇĐ:%ъ{E7E1F319-4795-4B57-BD4C-E213C901BCD6}%ⁿ %ţЅćαη Τурē:%вAntimalware%η %ťŞċαή Рǻřămεţęяś:%вSchnellüberprüfung%π  %τŮѕéř:%ъNT-AUTORITÄT\SYSTEM%ⁿ %τŞтòφ Яęάşőⁿ:%ьГРČ ċǿñпэćтĭǿπ ґџńðõŵй

Date: 2026-04-14 16:38:54
Description:
Microsoft Defender Antivirus šĉαⁿ ħãŝ вèėň ѕŧθφρεđ ъёƒόřĕ ĉǿмρłęťíοй.%ή %тŜçдⁿ ЇĐ:%ъ{2261E599-A6E8-4D11-BF38-4C0A433D807B}%ⁿ %ţЅćαη Τурē:%вAntimalware%η %ťŞċαή Рǻřămεţęяś:%вSchnellüberprüfung%π  %τŮѕéř:%ъNT-AUTORITÄT\SYSTEM%ⁿ %τŞтòφ Яęάşőⁿ:%ьГРČ ċǿñпэćтĭǿπ ґџńðõŵй
Event[0]

Date: 2026-03-27 15:57:44
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Sicherung
Fehlercode: 0x80073aba
Fehlerbeschreibung: Die Ressource ist zu alt und wird nicht unterstützt.
Security Intelligence-Version: 1.361.386.0;1.361.386.0
Modulversion: 1.1.19000.8

Date: 2026-03-27 15:57:43
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Aktuell
Fehlercode: 0x80073aba
Fehlerbeschreibung: Die Ressource ist zu alt und wird nicht unterstützt.
Security Intelligence-Version: 1.361.423.0;1.361.423.0
Modulversion: 1.1.19000.8

CodeIntegrity:
===============
Date: 2026-03-27 15:56:13
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume9\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen ===========================

BIOS: American Megatrends International, LLC. F4 11/03/2021
Hauptplatine: Gigabyte Technology Co., Ltd. B560M DS3H V2
Prozessor: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 32633.57 MB
Verfügbarer physikalischer RAM: 23210.72 MB
Summe virtueller Speicher: 53113.57 MB
Verfügbarer virtueller Speicher: 39851.87 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:476.02 GB) (Free:103.52 GB) (Model: Patriot M.2 P300 512GB) NTFS
Drive d: (SII_10TH_A) (CDROM) (Total:0.6 GB) (Free:0 GB) CDFS
Drive e: (System-reserviert) (Fixed) (Total:0.49 GB) (Free:0.45 GB) (Model: Crucial_CT250MX200SSD1) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: () (Fixed) (Total:231.86 GB) (Free:41.06 GB) (Model: Crucial_CT250MX200SSD1) NTFS
Drive g: () (Fixed) (Total:498.63 GB) (Free:126.94 GB) (Model: WDC WD7500AACS-00D6B1) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: (Backup) (Fixed) (Total:465.75 GB) (Free:342.51 GB) (Model: WDC WD10EACS-00ZJB0) NTFS
Drive i: (Daten) (Fixed) (Total:465.75 GB) (Free:97.46 GB) (Model: WDC WD10EACS-00ZJB0) NTFS
Drive j: (Google Drive) (Fixed) (Total:15 GB) (Free:4.1 GB) (Model: Crucial_CT250MX200SSD1) FAT32

\\?\Volume{0eca439c-9209-4cc9-b2f0-f65abba73a49}\ () (Fixed) (Total:0.81 GB) (Free:0.1 GB) NTFS
\\?\Volume{d9db45c2-0000-0000-0000-90163a000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{ca3beb40-1990-4089-b5ba-e90355a1cb09}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: D9DB45C2)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=544 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: E3B7363E)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=06)

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 02340234)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.8 GB) - (Type=0F Extended)

==========================================================
Disk: 3 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:06 Uhr.

Copyright ©2000-2026, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132