|
Log-Analyse und Auswertung: Battle.net und anderesWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
20.07.2022, 03:32 | #1 |
Gesperrt | Battle.net und anderes Moin, seit zwei Tagen funktioniert Battle.net (Launcher) bei mir nicht mehr richtig (Login, Laden der Daten). Auch andere Programme "zucken" immer mal". Blizzard hat gesagt, ich solle nach Schadsoftware scannen. Defender hat nichts gemeldet insgesamt zwischendurch. Könnt ihr bitte mal draufschauen? Danke! Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-07-2022 durchgeführt von timof (20-07-2022 04:29:40) Gestartet von C:\Users\timof\Downloads Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) (2021-09-21 09:57:34) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-1970424426-2687798153-538391229-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1970424426-2687798153-538391229-503 - Limited - Disabled) Gast (S-1-5-21-1970424426-2687798153-538391229-501 - Limited - Disabled) timof (S-1-5-21-1970424426-2687798153-538391229-1004 - Administrator - Enabled) => C:\Users\timof WDAGUtilityAccount (S-1-5-21-1970424426-2687798153-538391229-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) ActivePresenter (HKLM\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 8.5.2 - Atomi Systems, Inc.) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 22.001.20169 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.08.17.735 - Advanced Micro Devices, Inc.) AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 6.0.0.9 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1851 - Advanced Micro Devices, Inc.) AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden AMD_Chipset_Drivers (HKLM-x32\...\{491043b2-acc5-4890-a5f2-1f5e3cc4427a}) (Version: 3.08.17.735 - Advanced Micro Devices, Inc.) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version: - Blizzard Entertainment) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.) Canon MG5700 series Benutzerregistrierung (HKLM-x32\...\Canon MG5700 series Benutzerregistrierung) (Version: - *Canon Inc.) Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.01 - Canon Inc.) Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Citrix Authentication Manager (HKLM-x32\...\{29A5E354-8D70-43E7-B733-83580AC0637D}) (Version: 12.2.0.18007 - Citrix Systems, Inc.) Hidden Citrix Receiver (DV) (HKLM-x32\...\{947A69AD-49DE-498D-8B37-67EBC46FFAC2}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden Citrix Receiver (HDX Flash-Umleitung) (HKLM-x32\...\{C037407D-2676-4D4A-9956-23A923031D5F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden Citrix Receiver (USB) (HKLM-x32\...\{77E2AABB-1B59-4A83-9C18-11546C135105}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Citrix Receiver Inside (HKLM-x32\...\{30DF307D-A9BB-40CB-9AB5-A02E86BCC39B}) (Version: 4.12.0.65534 - Citrix Systems, Inc.) Hidden Citrix Receiver(Aero) (HKLM-x32\...\{D61D76C5-44A4-407A-A5B2-2F36FE5AC0CA}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden Citrix Web Helper (HKLM-x32\...\{0378AD83-048F-4C7F-AFD6-3CEDA4212ACD}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts) Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.) CORSAIR iCUE 4 Software (HKLM\...\{FBD8EF63-ECFB-497B-8563-DE4763221170}) (Version: 4.14.179 - Corsair) CurseForge (HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.187.3.1 - Overwolf app) Diablo II Resurrected (HKLM-x32\...\Diablo II Resurrected) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Discord) (Version: 1.0.9003 - Discord Inc.) Documentation Manager (HKLM\...\{61BA0F7D-9851-4948-8473-0236129D7A55}) (Version: 22.60.0.6 - Intel Corporation) Hidden ENE_DRAM_GSKILL_SE (HKLM\...\{5A6AC577-F8F8-4B6A-B684-13FD7E306CA2}) (Version: 1.0.1.0 - Ene Tech.) Hidden ENE_DRAM_GSKILL_SE (HKLM-x32\...\{bf49eb2f-f2fb-4631-a95a-1f0cadd21eac}) (Version: 1.0.1.0 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.19 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{948ed02d-9a82-4149-9dc2-722cf617dd1b}) (Version: 1.0.3.19 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.5 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{2ddd3bd2-7bad-4020-a8b8-9650a834bb99}) (Version: 1.0.9.5 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden Futuremark SystemInfo (HKLM-x32\...\{F45AC820-A67E-4A73-B571-7222BEDE55EB}) (Version: 5.48.1080.0 - Futuremark) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.114 - Google LLC) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00002070-0220-1031-84C8-B8D95FA3C8C3}) (Version: 22.70.2.1 - Intel Corporation) Intel® Software Installer (HKLM-x32\...\{7872a001-9832-48c7-8c6a-ed69ad93159a}) (Version: 22.60.0.6 - Intel Corporation) Hidden Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.6.271036 - Logitech) Logitech Kameraeinstellungen (HKLM-x32\...\LogiUCDPP) (Version: 2.5.17.0 - Logitech Europe S.A.) Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.15330.20264 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.62 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.62 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.131.0619.0001 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Teams) (Version: 1.5.00.14473 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 102.0.1 (x64 de)) (Version: 102.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 92.0 - Mozilla) MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2021.1126.01 - MSI) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA Grafiktreiber 472.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.12 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20230 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20230 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden Opera Stable 89.0.4447.48 (HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Opera 89.0.4447.48) (Version: 89.0.4447.48 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.113.50894 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Overwatch Beta (HKLM-x32\...\Overwatch Beta) (Version: - Blizzard Entertainment) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.201.0.23 - Overwolf Ltd.) PDF24 Creator 10.3.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.3.0 - PDF24.org) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.0630.062903 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek) Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2286 - Realtek Semiconductor Corp.) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) ROCCAT Swarm (HKLM-x32\...\{9D12397F-45AF-4517-B492-1D1E2FA475EE}) (Version: 1.93.980 - ROCCAT GmbH) Hidden ROCCAT Swarm (HKLM-x32\...\InstallShield_{9D12397F-45AF-4517-B492-1D1E2FA475EE}) (Version: 1.93.980 - ROCCAT GmbH) Self-Service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden STAR WARS Jedi - Fallen Order™ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.10.0 - Electronic Arts, Inc.) STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts) StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH) Thunder Master v4.10 (HKLM\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 4.10.0.0 - Palit Microsystems Ltd.) Twitch (HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) VALORANT (HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Riot Game valorant.live) (Version: - Riot Games, Inc) VSDC Free Video Editor Version 6.8.5.350 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.8.5.350 - Flash-Integro LLC) Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment) WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation) WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) World of Warcraft Classic Era (HKLM-x32\...\World of Warcraft Classic Era) (Version: - Blizzard Entertainment) Zoom (HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.) Packages: ========= BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.15.0_x86__ffd303wmbhcjt [2022-07-08] (BreeZip) FilmForth -> C:\Program Files\WindowsApps\IOForth.FilmForth_2.3.12.0_x64__pxs7cjhtcq1xt [2022-07-18] (IOForth) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-23] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-23] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-09] (Microsoft Studios) [MS Ad] MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_1.0.50.0_x64__kzh8wxbdkxb8p [2022-06-21] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-17] (NVIDIA Corp.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0 [2022-07-11] (Spotify AB) [Startup Task] XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2022-04-29] (New Work SE) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1970424426-2687798153-538391229-1004_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\timof\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22117.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\nvshext.dll [2021-09-16] (Nvidia Corporation -> NVIDIA Corporation) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [msacm.voxacm160] => C:\windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.scg726] => C:\windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.alf2cd] => C:\windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.ac3acm] => C:\windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.lame] => C:\windows\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.dvsd] => C:\windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mpg4] => C:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mp42] => C:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mp43] => C:\windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.xvid] => C:\windows\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.DIVX] => C:\windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP60] => C:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP61] => C:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP62] => C:\windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.LAGS] => C:\windows\system32\lagarith.dll [216064 2011-12-07] () [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2022-06-08 18:50 - 2022-06-08 18:50 - 000151040 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node 2021-09-23 16:45 - 2020-03-04 16:08 - 000123904 _____ (CANON INC.) [Datei ist nicht signiert] C:\Program Files (x86)\Canon\IJPLM\CNMPU.DLL 2021-09-23 16:27 - 2018-11-15 15:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\MSI Center\Mystic Light\IcMSIDll.dll 2021-09-23 17:42 - 2021-09-23 17:42 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [Datei ist nicht signiert] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_1.0.50.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll 2021-09-23 16:27 - 2018-08-31 08:26 - 000053760 _____ (MS) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\MSI Center\Mystic Light\MsIo32_Galax.dll 2021-06-23 17:37 - 2021-06-23 17:37 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files\Corsair\CORSAIR iCUE 4 Software\SiUSBXp.dll 2021-09-25 08:22 - 2021-09-25 08:22 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll 2021-09-25 08:22 - 2021-09-25 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll 2021-09-25 08:22 - 2021-09-25 08:22 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2022-06-11 04:30 - 2021-09-25 08:22 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll 2022-06-11 04:30 - 2021-09-25 08:22 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll 2022-06-11 04:30 - 2021-09-25 08:22 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll 2022-06-11 04:30 - 2021-09-25 08:22 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2022-06-11 04:30 - 2021-09-25 08:22 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2022-06-11 04:30 - 2021-09-25 08:22 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll 2021-12-29 19:42 - 2016-10-04 05:43 - 000399872 _____ (TODO: <公司名稱>) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\SDKDLL.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk:B998754106 [10] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [10] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCUE.lnk:35C8A47BAF [10] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKU\S-1-5-21-1970424426-2687798153-538391229-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.mifcom.de BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-12-07 11:14 - 2022-04-12 14:29 - 000000027 _____ C:\windows\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1970424426-2687798153-538391229-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\timof\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\smite-kuku-wingsofchange-1920x1080.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\StartupFolder: => "ROCCAT Swarm Monitor.lnk" HKLM\...\StartupApproved\Run: => "PDF24" HKLM\...\StartupApproved\Run32: => "ConnectionCenter" HKLM\...\StartupApproved\Run32: => "Redirector" HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\StartupApproved\StartupFolder: => "Citrix Receiver.lnk" HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\StartupApproved\Run: => "Overwolf" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [TCP Query User{04FBAD9B-47A4-4CA4-B88D-703837D8ED78}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{8F792613-5B98-48E1-8105-80C39133D816}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{B4DA5EEB-46DE-46D5-A114-DADEBB96960B}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{0B2C8BD4-8E3F-44CF-B372-55ECABF9F5B7}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{A52D6DCF-968C-41C5-80F0-8E9DC9AD87DF}C:\users\timof\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\timof\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{942524D9-1CA6-44C8-B73C-BC3469F0322B}C:\users\timof\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\timof\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{9DA7034E-4660-45A5-B072-FA37B9709B6E}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{151B523C-9367-429C-B7B5-AEF02402A3E5}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{850E3CF5-37E5-46FD-BB40-FF3DFC76E06C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{51E2D79C-D032-4D30-800E-F036DA865DD0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{52E96498-3AEE-45B7-82CB-BCA0ED37A904}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{D81949D3-7AAF-4EF8-9875-67FCDA705151}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe (Hirez Studios, Inc.) [Datei ist nicht signiert] FirewallRules: [{0F0CFC07-DE84-434D-8998-5CFB377F67CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{F62E2149-2399-4094-9C42-01ED87C6A4EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{9D6EF953-BE6F-4EF0-B3F3-7B7A7725654C}] => (Allow) D:\SteamLibrary\steamapps\common\Anno 1800\Bin\Win64\Anno1800.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) [Datei ist nicht signiert] FirewallRules: [{19C0F831-BFC5-4AD1-983F-A68B6FB7C0F3}] => (Allow) D:\SteamLibrary\steamapps\common\Anno 1800\Bin\Win64\Anno1800.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) [Datei ist nicht signiert] FirewallRules: [{C70B65B4-18B9-464F-8EEA-ACF6E81B9E7C}] => (Allow) E:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{D36E4F51-CFA0-47F4-BA54-988193536350}] => (Allow) E:\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{E6A9CE42-7D71-4C9D-A5F9-671C2D39D187}] => (Allow) E:\SteamLibrary\steamapps\common\World of Tanks\wgcs_api.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{94CB59F5-8DC4-4186-9681-788453FB610C}] => (Allow) E:\SteamLibrary\steamapps\common\World of Tanks\wgcs_api.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{DC6872E9-3B44-4515-A480-76B878CE36B4}] => (Allow) E:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert] FirewallRules: [{F824092D-0B4C-4406-B2C8-47A738B3CB20}] => (Allow) E:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert] FirewallRules: [{EA3E3E6A-DA8D-495D-AC60-B9544CF90A49}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4C0F0753-88E1-4F2D-9E67-6F0D6E239DBC}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{F1767FC8-4D6B-4E33-808F-83D71C7C0663}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{55315BC0-BA96-4B50-8484-1DB4BE9306CF}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{B4DE2F13-4CD2-43BA-AE06-6C1AAF17924C}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{55270D89-B587-49DF-A7B8-F2A5B92EC817}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40,000 Inquisitor - Martyr\Warhammer.exe (NeoCore Games) [Datei ist nicht signiert] FirewallRules: [{45E737FE-5DEF-410A-892D-EBBA331EF1D1}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40,000 Inquisitor - Martyr\Warhammer.exe (NeoCore Games) [Datei ist nicht signiert] FirewallRules: [{7537E4E0-51B8-4438-B16A-6F8EA4706055}] => (Allow) E:\SteamLibrary\steamapps\common\World of Warships\WorldOfWarships.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{0FF6FECA-7823-4EC5-88EF-63EFC0AF3352}] => (Allow) E:\SteamLibrary\steamapps\common\World of Warships\WorldOfWarships.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{CD4ED7A3-46E4-4782-89ED-51FF321A826B}] => (Allow) E:\SteamLibrary\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{BCB39E72-435D-484C-ADDC-94BD1B0AAEC2}] => (Allow) E:\SteamLibrary\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{35B74AB2-BDF3-4B79-9D3C-1A8D6E9D2C10}] => (Allow) E:\SteamLibrary\steamapps\common\Warzone 2100\bin\warzone2100.exe (Warzone 2100 Project) [Datei ist nicht signiert] FirewallRules: [{624CBE12-0813-41A2-A88C-FA8DE3E4F181}] => (Allow) E:\SteamLibrary\steamapps\common\Warzone 2100\bin\warzone2100.exe (Warzone 2100 Project) [Datei ist nicht signiert] FirewallRules: [{CC00A49B-4075-45FB-BAA3-D450F385CE69}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{AA993832-4686-4277-A5C0-20FBB611E658}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{D18CCE29-34D1-452E-A1CF-1F443A319849}] => (Allow) D:\SteamLibrary\steamapps\common\AoE3DE\AoE3DE_s.exe (Tantalus Media Pty Ltd -> Microsoft Corporation) FirewallRules: [{F58E940E-B127-4315-96E7-F86D90E6EA3C}] => (Allow) D:\SteamLibrary\steamapps\common\AoE3DE\AoE3DE_s.exe (Tantalus Media Pty Ltd -> Microsoft Corporation) FirewallRules: [TCP Query User{0428279C-C461-4397-B7FD-14E5ADEDD02B}C:\users\timof\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\timof\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{BCCA008F-F309-4F6B-B644-D6D2A0705B58}C:\users\timof\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\timof\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B2EB0BEF-1BC0-447F-A50B-E41ABB50A405}] => (Allow) E:\SteamLibrary\steamapps\common\StreetFighterV\StreetFighterV.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{33A418AB-DC13-48CE-B4CE-144E4E3C48C2}] => (Allow) E:\SteamLibrary\steamapps\common\StreetFighterV\StreetFighterV.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{24429C8A-B3BE-4129-B0D4-9635D15A9DDC}] => (Allow) E:\SteamLibrary\steamapps\common\World of Tanks Blitz\wotblitz.exe (Wargaming.net) [Datei ist nicht signiert] FirewallRules: [{9091ADCD-F30D-47A3-99BC-0707D7696745}] => (Allow) E:\SteamLibrary\steamapps\common\World of Tanks Blitz\wotblitz.exe (Wargaming.net) [Datei ist nicht signiert] FirewallRules: [{B72DAD83-6EED-476B-9FB9-F3E7CA24CC05}] => (Allow) E:\SteamLibrary\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation) FirewallRules: [{38940280-FDD3-416A-9C7D-22EB69CC5EAE}] => (Allow) E:\SteamLibrary\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation) FirewallRules: [{CEFF1D25-5388-4D4C-8352-0BB638644581}] => (Allow) E:\SteamLibrary\steamapps\common\Uno\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> ) FirewallRules: [{091CA8B5-18AB-497B-BB2C-99168E03623C}] => (Allow) E:\SteamLibrary\steamapps\common\Uno\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> ) FirewallRules: [{07796785-7084-438A-AB07-3150A8BDC429}] => (Allow) C:\Users\timof\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{4DA2126E-960C-4722-A652-06F97FEE72D4}] => (Allow) C:\Users\timof\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{60920AED-4527-42B1-8510-32331EE6B0A2}] => (Allow) C:\Users\timof\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [TCP Query User{8B76264A-83DC-4944-800B-42D3DAE2867D}C:\users\timof\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\timof\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{237D81F7-5A91-4866-A03F-F9E3A0B77AD3}C:\users\timof\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\timof\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{85B15964-3830-4B70-806D-589633A8A0A2}D:\blizzard\overwatch\_retail_\overwatch.exe] => (Allow) D:\blizzard\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{2E015BA7-3B8A-4883-A1BF-8C944EB52E14}D:\blizzard\overwatch\_retail_\overwatch.exe] => (Allow) D:\blizzard\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{41340C2C-39A1-4957-99F8-41DD0323106B}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [{C8D80B12-4C36-4C16-99ED-DDD12ECC9C92}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [{40CF52B9-2AC0-4295-8CCB-F170D16A8B50}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{A8D4E830-AF8F-4908-8612-4B92FF75F2C5}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{C652979B-AF0F-4A9F-87C1-1A02234CD794}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\mcc\binaries\win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation) FirewallRules: [{E3A5E87E-FAA4-4F47-B35B-C22E0047F792}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\mcc\binaries\win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation) FirewallRules: [{F1A0C82F-E2DD-4598-9F2C-1755DEC9FF54}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark) FirewallRules: [{C0D9437E-AF9F-4147-AA9D-6A46E1533EBA}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark) FirewallRules: [TCP Query User{FFC6F5C4-1E1A-4C9A-9E1C-1212CBAC67E1}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{A3DC01B5-B2D5-42D3-BEF4-7A35CE516166}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{7848316D-3C54-4793-9F28-10B5C21FFCA6}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> ) FirewallRules: [{A730FB57-EBF1-4C0D-8F4C-CE6E080ACD43}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> ) FirewallRules: [{EDE69F47-FA5E-470C-A74A-928AA41FEF91}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> ) FirewallRules: [{8CCCEBC3-4180-420B-9E5D-C4429A183DD5}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> ) FirewallRules: [{3E722874-D37F-4DCF-99E1-66192B0EF2FA}] => (Allow) D:\SteamLibrary\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{34D53370-B637-4002-A1D1-AF50F82DC90B}] => (Allow) D:\SteamLibrary\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{90AEA30E-5F1D-4273-8C73-31B1CE8D6D5E}] => (Allow) E:\SteamLibrary\steamapps\common\Hell Let Loose (Public Testing)\Launch_HLL.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{FA51F30B-0759-492F-96C5-CBACF9EE993C}] => (Allow) E:\SteamLibrary\steamapps\common\Hell Let Loose (Public Testing)\Launch_HLL.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{227D2B2C-454B-480D-80A3-E5557EECF434}] => (Allow) E:\SteamLibrary\steamapps\common\Lost Ark\Binaries\Win64\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{A2224AD0-DCC7-4D1E-8E35-B21C05C19381}] => (Allow) E:\SteamLibrary\steamapps\common\Lost Ark\Binaries\Win64\Launch_Game.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{D8F40791-5B25-44F7-BA1B-D6E2D5274355}] => (Allow) E:\SteamLibrary\steamapps\common\Jedi Academy\GameData\jasp.exe (Activision Inc) [Datei ist nicht signiert] FirewallRules: [{2DBE9526-EA36-4183-9561-36CE2AC87851}] => (Allow) E:\SteamLibrary\steamapps\common\Jedi Academy\GameData\jasp.exe (Activision Inc) [Datei ist nicht signiert] FirewallRules: [{ED83D6F5-36C2-489C-AC31-EB02D32528BC}] => (Allow) E:\SteamLibrary\steamapps\common\Jedi Academy\GameData\jamp.exe (Activision Inc) [Datei ist nicht signiert] FirewallRules: [{5A78C744-9F5D-408D-93B5-5BEFB78F4F47}] => (Allow) E:\SteamLibrary\steamapps\common\Jedi Academy\GameData\jamp.exe (Activision Inc) [Datei ist nicht signiert] FirewallRules: [{D1DDF6D9-E9AA-4AF6-88E5-4D1E4D5D3293}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd) FirewallRules: [{F3E244BC-CA38-47CE-BF04-0EF1DDDF1504}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd) FirewallRules: [TCP Query User{8F8B90D0-B689-40E8-9136-B2FFEE885811}D:\blizzard\overwatch\_beta_\overwatch.exe] => (Allow) D:\blizzard\overwatch\_beta_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{07ED453D-A6AF-43AA-A27B-81D93215562E}D:\blizzard\overwatch\_beta_\overwatch.exe] => (Allow) D:\blizzard\overwatch\_beta_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{237351A4-B80E-4109-B28D-C4B0E8F37936}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B9C78485-D6F4-4D3D-B5E7-CDEFCF2C5330}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4B957FBD-5FD5-4EA1-9890-7EBB34E4C5C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6B8FD6A7-7D33-411B-BB9E-5A61A829DC9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{95BFAAA5-2061-40BD-A038-B3AB32705F94}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{3E7A8885-F176-4D87-920C-11482E6F28A0}] => (Allow) E:\SteamLibrary\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe (id Software) [Datei ist nicht signiert] FirewallRules: [{939A3D7E-2156-4B72-AB2E-CC75FB24D0D3}] => (Allow) E:\SteamLibrary\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe (id Software) [Datei ist nicht signiert] FirewallRules: [{DCEB11EB-3794-4D64-A596-DDA004B33258}] => (Allow) E:\SteamLibrary\steamapps\common\Warhammer Underworlds Online\wuo.exe () [Datei ist nicht signiert] FirewallRules: [{DC8EB483-6934-4348-9108-2B28CCAA1743}] => (Allow) E:\SteamLibrary\steamapps\common\Warhammer Underworlds Online\wuo.exe () [Datei ist nicht signiert] FirewallRules: [{64CBB5C4-F5C5-45FA-A0DC-6F308D4E68A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3615C565-E8F8-4636-BA8D-2D5002F088EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E17EDFC4-2109-4CEE-B1E1-EE641EC18BE3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{86B152D8-004A-49D8-A7BE-28A62E635B5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{982F21EA-B52D-47E0-B72B-F2E29ADB543C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D4CA4C7C-D470-479A-96D9-E604CAB0CA98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F27E08D4-F5E3-4BDB-9029-F3E2567D8D6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7B818C50-4EA9-40F6-86D8-1B2EBD87A1A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{617C0C99-7477-40DC-AD98-DBAB7F8AB4C8}] => (Allow) E:\SteamLibrary\steamapps\common\STAR WARS Squadrons\starwarssquadrons_launcher.exe (Electronic Arts, Inc. -> Epic Games, Inc) FirewallRules: [{98BB9EC5-5EDC-40E6-8575-25D2F9F4D491}] => (Allow) E:\SteamLibrary\steamapps\common\STAR WARS Squadrons\starwarssquadrons_launcher.exe (Electronic Arts, Inc. -> Epic Games, Inc) FirewallRules: [{0F3AA418-59F0-4BD6-B439-E21F0F8B92F6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{413553BB-C9AF-4A6B-8B44-CF276E13A3C3}] => (Allow) E:\SteamLibrary\steamapps\common\Cossacks 3\cossacks.exe (GSC Game World) [Datei ist nicht signiert] FirewallRules: [{81159F88-E503-4B3D-AF4F-5C3D3B78FF8B}] => (Allow) E:\SteamLibrary\steamapps\common\Cossacks 3\cossacks.exe (GSC Game World) [Datei ist nicht signiert] FirewallRules: [{E0AA546F-B08C-487B-AD4E-B1ADC1CB2F63}] => (Allow) E:\SteamLibrary\steamapps\common\Cossacks 3\config.exe (GSC Game World) [Datei ist nicht signiert] FirewallRules: [{32943080-B70C-422C-9D73-5DEA315A93D6}] => (Allow) E:\SteamLibrary\steamapps\common\Cossacks 3\config.exe (GSC Game World) [Datei ist nicht signiert] FirewallRules: [{18E66D42-93F6-4C0B-B24E-4C449829ABFC}] => (Allow) E:\SteamLibrary\steamapps\common\Cossacks 3\editor.exe (GSC Game World) [Datei ist nicht signiert] FirewallRules: [{EE06B584-7995-45A9-BFCC-D01351A3C7D7}] => (Allow) E:\SteamLibrary\steamapps\common\Cossacks 3\editor.exe (GSC Game World) [Datei ist nicht signiert] FirewallRules: [{C3925134-A205-491A-A599-93F804B9E9AA}] => (Allow) E:\SteamLibrary\steamapps\common\Cossacks 3\modman.exe (GSC Game World) [Datei ist nicht signiert] FirewallRules: [{EAFB2AB8-77BA-465F-9B33-57F38B8629F4}] => (Allow) E:\SteamLibrary\steamapps\common\Cossacks 3\modman.exe (GSC Game World) [Datei ist nicht signiert] FirewallRules: [{A2BC1C56-123D-46F3-A2AF-93A43C6F304E}] => (Allow) C:\Program Files (x86)\Overwolf\0.199.0.15\OverwolfBrowser.exe => Keine Datei FirewallRules: [{7FCABD45-6C78-4ED8-820E-7D9328762E42}] => (Allow) C:\Program Files (x86)\Overwolf\0.199.0.15\OverwolfBrowser.exe => Keine Datei FirewallRules: [{39919BAA-07FD-41AE-A9A1-7A7818EA348C}] => (Block) C:\Program Files (x86)\Overwolf\0.199.0.15\OverwolfBrowser.exe => Keine Datei FirewallRules: [{755422B9-B54D-4666-AC82-EB1B2631A6F8}] => (Block) C:\Program Files (x86)\Overwolf\0.199.0.15\OverwolfBrowser.exe => Keine Datei FirewallRules: [{5E8B5D47-8B63-48D3-9850-524608A60FC4}] => (Allow) C:\Program Files (x86)\Overwolf\0.201.0.23\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{55BC92C4-1C83-4195-B5AC-23C73C04D4F0}] => (Allow) C:\Program Files (x86)\Overwolf\0.201.0.23\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{0D6F2BBD-B2B2-4CD1-ABB5-074C0E60DDEE}] => (Allow) LPort=32682 FirewallRules: [{4AC3D283-DE0D-421A-AC7B-E0C08E34748E}] => (Allow) LPort=26822 ==================== Wiederherstellungspunkte ========================= 25-06-2022 16:06:13 Geplanter Prüfpunkt 03-07-2022 14:48:47 Geplanter Prüfpunkt 11-07-2022 18:50:01 Windows Update 14-07-2022 14:05:59 Windows Modules Installer 14-07-2022 14:07:15 Windows Modules Installer ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (07/20/2022 04:19:39 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: MININT-SSPMQ0A) Description: Die Anwendung oder der Dienst "Microsoft Windows Search Protocol Host" konnte nicht heruntergefahren werden. Error: (07/19/2022 05:59:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 10.0.19041.1503, Zeitstempel: 0xc40fe88f Name des fehlerhaften Moduls: THXSYSVAD2APO.dll, Version: 1.2.6.0, Zeitstempel: 0x5ed576b1 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000002d7b ID des fehlerhaften Prozesses: 0x3cfc Startzeit der fehlerhaften Anwendung: 0x01d89b870ae2a1a2 Pfad der fehlerhaften Anwendung: C:\windows\system32\AUDIODG.EXE Pfad des fehlerhaften Moduls: C:\windows\System32\THXSYSVAD2APO.dll Berichtskennung: 057510ab-df86-472a-92dd-43b8a944b550 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (07/19/2022 04:37:12 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 10.0.19041.1503, Zeitstempel: 0xc40fe88f Name des fehlerhaften Moduls: THXSYSVAD2APO.dll, Version: 1.2.6.0, Zeitstempel: 0x5ed576b1 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000002d7b ID des fehlerhaften Prozesses: 0xa00 Startzeit der fehlerhaften Anwendung: 0x01d89b17aeb3f5e8 Pfad der fehlerhaften Anwendung: C:\windows\system32\AUDIODG.EXE Pfad des fehlerhaften Moduls: C:\windows\System32\THXSYSVAD2APO.dll Berichtskennung: 073e42bf-a360-480f-bd25-e4c68d803921 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (07/19/2022 04:23:38 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 10.0.19041.1503, Zeitstempel: 0xc40fe88f Name des fehlerhaften Moduls: THXSYSVAD2APO.dll, Version: 1.2.6.0, Zeitstempel: 0x5ed576b1 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000002d7b ID des fehlerhaften Prozesses: 0x3dbc Startzeit der fehlerhaften Anwendung: 0x01d89b14fd3b0d25 Pfad der fehlerhaften Anwendung: C:\windows\system32\AUDIODG.EXE Pfad des fehlerhaften Moduls: C:\windows\System32\THXSYSVAD2APO.dll Berichtskennung: b28d9d08-ee10-434a-b14e-46e0ea83ff3d Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (07/19/2022 04:12:11 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\timof\AppData\Roaming\Zoom\bin\Zoom.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest. Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest. Error: (07/18/2022 06:05:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 10.0.19041.1503, Zeitstempel: 0xc40fe88f Name des fehlerhaften Moduls: THXSYSVAD2APO.dll, Version: 1.2.6.0, Zeitstempel: 0x5ed576b1 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000002d7b ID des fehlerhaften Prozesses: 0x3ca8 Startzeit der fehlerhaften Anwendung: 0x01d89abef473c647 Pfad der fehlerhaften Anwendung: C:\windows\system32\AUDIODG.EXE Pfad des fehlerhaften Moduls: C:\windows\System32\THXSYSVAD2APO.dll Berichtskennung: 41404a1e-829e-4a11-9a87-3558e2a37c52 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (07/18/2022 04:17:24 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 10.0.19041.1503, Zeitstempel: 0xc40fe88f Name des fehlerhaften Moduls: THXSYSVAD2APO.dll, Version: 1.2.6.0, Zeitstempel: 0x5ed576b1 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000002d7b ID des fehlerhaften Prozesses: 0x4160 Startzeit der fehlerhaften Anwendung: 0x01d89a4aa1ae6516 Pfad der fehlerhaften Anwendung: C:\windows\system32\AUDIODG.EXE Pfad des fehlerhaften Moduls: C:\windows\System32\THXSYSVAD2APO.dll Berichtskennung: 34aebdb4-dd3c-4091-8983-cbd7896c4744 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (07/17/2022 05:58:02 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf Volume (E:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A) Systemfehler: ============= Error: (07/20/2022 04:16:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Automatische Zeitzonenaktualisierung" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/20/2022 04:16:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Automatische Zeitzonenaktualisierung" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/20/2022 04:15:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "tzautoupdate" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/19/2022 05:49:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Automatische Zeitzonenaktualisierung" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/19/2022 05:48:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Automatische Zeitzonenaktualisierung" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/19/2022 05:48:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "tzautoupdate" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/19/2022 04:12:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Automatische Zeitzonenaktualisierung" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Error: (07/19/2022 04:12:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Automatische Zeitzonenaktualisierung" wurde aufgrund folgenden Fehlers nicht gestartet: Das System kann die angegebene Datei nicht finden. Windows Defender: ================ Date: 2022-07-19 19:00:00 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {5848CEE7-B6B4-4AE8-802D-4A3BFB5C68D5} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2022-07-05 18:40:47 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {16809036-B4DF-447F-A398-3CC5B50281C4} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM CodeIntegrity: =============== Date: 2022-07-19 18:07:41 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends International, LLC. 1.81 08/05/2021 Hauptplatine: Micro-Star International Co., Ltd. MPG B550 GAMING PLUS (MS-7C56) Prozessor: AMD Ryzen 9 5900X 12-Core Processor Prozentuale Nutzung des RAM: 19% Installierter physikalischer RAM: 32693.39 MB Verfügbarer physikalischer RAM: 26345.9 MB Summe virtueller Speicher: 37557.39 MB Verfügbarer virtueller Speicher: 28587.89 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:929.92 GB) (Free:567.33 GB) (Model: Samsung SSD 860 EVO M.2 1TB) NTFS Drive d: (Volume) (Fixed) (Total:1863.02 GB) (Free:1057.37 GB) (Model: Samsung SSD 870 QVO 2TB) NTFS Drive e: (Volume) (Fixed) (Total:3726.02 GB) (Free:2518.37 GB) (Model: ST4000VN008-2DR166) NTFS \\?\Volume{6169946c-c0eb-46a4-8b02-9f07868e7288}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS \\?\Volume{77b40c68-821c-43e5-8c06-4cc02e91b91b}\ (EFI) (Fixed) (Total:0.97 GB) (Free:0.95 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 1863 GB) (Disk ID: 64E0324B) Partition: GPT. ========================================================== Disk: 1 (Size: 3726 GB) (Disk ID: 64E0328D) Partition: GPT. ========================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: 64E030AE) Partition: GPT. ==================== Ende von Addition.txt ======================= |
20.07.2022, 03:33 | #2 |
Gesperrt | Battle.net und anderesCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2022 durchgeführt von timof (Administrator) auf MININT-SSPMQ0A (Micro-Star International Co., Ltd. MS-7C56) (20-07-2022 04:28:41) Gestartet von C:\Users\timof\Downloads Geladene Profile: timof Plattform: Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7893\Agent.exe (C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe (C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe (C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2> (C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe (C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe (C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2> (C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe ->) (Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe <7> (C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe ->) (Logitech Inc -> Logitech Europe S.A.) C:\Program Files\Logitech\Collaboration\Services\Video\cropAssistAPI\CropAssistService.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_1.0.50.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe (services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe (services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (services.exe ->) (Razer USA Ltd. -> THX) C:\Windows\System32\THXV2HSAService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2> (svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe (svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe (svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControlEngine.exe (svchost.exe ->) (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) C:\Program Files\Thunder Master\ThPanel.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [321240 2021-07-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3183328 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.) HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [585464 2021-09-27] (geek software GmbH -> geek software GmbH) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632088 2022-07-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [146943096 2022-06-08] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Run: [com.squirrel.Teams.Teams] => C:\Users\timof\AppData\Local\Microsoft\Teams\Update.exe [2508536 2022-06-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3535416 2022-06-28] (Razer USA Ltd. -> Razer Inc.) HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Run: [Discord] => C:\Users\timof\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1801048 2022-07-05] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Run: [MicrosoftEdgeAutoLaunch_CAB73CC8F7913F5E45BE26E54AD4E106] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-07-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1970424426-2687798153-538391229-1004\...\Run: [Opera Browser Assistant] => C:\Users\timof\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4110832 2022-07-06] (Opera Norway AS -> Opera Software) HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3535416 2022-06-28] (Razer USA Ltd. -> Razer Inc.) HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-07] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm Monitor.lnk [2021-09-24] ShortcutTarget: ROCCAT Swarm Monitor.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT) Startup: C:\Users\timof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2021-11-24] ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0696E450-ECA1-406E-A4D7-2668E7682A22} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0BD04F1F-1C35-4184-AC10-0FEE15A6C319} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [1951568 2021-11-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) Task: {1704F3D8-22EF-4710-ACD9-DE2C7A16B774} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145312 2022-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {23C8E499-EF49-4881-AE56-0D260EF1128C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2487A2EE-4A11-4B31-A620-B2EE24BFEA77} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145312 2022-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {253BD31B-77D8-49FA-AAC5-8125108AA643} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {31328377-7CD1-4A91-9434-8D22EE4B946E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {33D563C7-5CFD-43B6-932C-BC1F465A29AE} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3A836902-F11E-4E9D-B6AB-666BD8CE20B0} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3AC9E849-E047-41CA-86F9-9187735E8010} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-07-14] (Microsoft Corporation -> Microsoft Corporation) Task: {3FCDACD7-B4C7-42C3-9D7D-7F42C3DF375D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {463D1D8C-050F-4EB5-8F65-CFEFB55BC17D} - System32\Tasks\ROCCAT DEVICE SERVICE => C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_dev_service.exe [442888 2021-04-19] (Voyetra Turtle Beach, Inc. -> ROCCAT) Task: {466F60C6-DB67-45E9-9D58-235C533DDF76} - System32\Tasks\Opera scheduled Autoupdate 1633682300 => C:\Users\timof\AppData\Local\Programs\Opera\launcher.exe [2527224 2022-07-14] (Opera Norway AS -> Opera Software) Task: {4A632DE1-BD7E-40A6-9F6D-9ABBF11D3EF5} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64416 2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Task: {4ECF916F-D25D-45AB-9EAA-EF2B1D8065D4} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {4F938A04-B699-4F2F-8812-7FA66D1ED752} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {50EB0521-B3EB-4FB0-A9A1-FB4D8A50FAB9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {50F6CFCC-E658-43A4-9A42-D63328B3D7FC} - System32\Tasks\Opera scheduled assistant Autoupdate 1633682302 => C:\Users\timof\AppData\Local\Programs\Opera\launcher.exe [2527224 2022-07-14] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\timof\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {5848C1B3-CAD2-4A5B-A987-C146E3D16FAE} - System32\Tasks\ThunderMaster => C:\Program Files\Thunder Master\ThPanel.exe [4477240 2021-09-10] (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) Task: {5B9C309E-BB65-4A38-8A26-F0D831B2692F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378864 2022-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {5CC754CE-B40B-4266-8323-AE4FB2E1049B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-23] (Google LLC -> Google LLC) Task: {6B08C7AF-31AA-46D1-8ACB-1F3CFC779E93} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6C226125-8065-4431-8322-FA3606D5A1A6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7643223A-1086-472B-AA47-F0C9893368FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {996B9398-F2CB-4B05-B7F7-05D06960854F} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\103.0.1264.62\Installer\setup.exe [3274144 2022-07-16] (Microsoft Corporation -> Microsoft Corporation) Task: {A432BCE4-3533-4318-8D89-6B8FCA6BB535} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378864 2022-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {B9B21EC8-E096-4C56-9D17-9D6F4F0A7302} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1970424426-2687798153-538391229-1004 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-07-14] (Microsoft Corporation -> Microsoft Corporation) Task: {C20034D9-30EA-4A59-9E28-485399C1B5D3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-08-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {E116482F-C64A-430A-8BB6-CFEC21C983A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-23] (Google LLC -> Google LLC) Task: {EC175138-D8E8-464A-9209-EBC270189F1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {ECBFCB57-0089-4D1F-98F0-CFC59C95DA90} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {EF40E7F3-C015-4669-BC99-F4E113E28C03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F3D87061-A615-4218-9C94-776D9C179473} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-07-05] (Overwolf Ltd -> Overwolf LTD) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{68f7bd26-f5c6-4084-8fb4-4bd0c8e007e3}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{dea4a345-dab1-41b4-a409-e24d2745e69b}: [DhcpNameServer] 162.252.172.57 149.154.159.92 Edge: ======= Edge Profile: C:\Users\timof\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-20] FireFox: ======== FF DefaultProfile: iq519ho1.default FF ProfilePath: C:\Users\timof\AppData\Roaming\Mozilla\Firefox\Profiles\iq519ho1.default [2022-04-12] FF ProfilePath: C:\Users\timof\AppData\Roaming\Mozilla\Firefox\Profiles\033goob2.default-release-1649744482991 [2022-07-18] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [Datei ist nicht signiert] FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\timof\AppData\Local\Google\Chrome\User Data\Default [2022-07-20] CHR Notifications: Default -> hxxps://meet.google.com CHR StartupUrls: Default -> "hxxp://www.spiegel.de/" CHR Extension: (Google Docs Offline) - C:\Users\timof\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-14] CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\timof\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-07-02] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\timof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-23] Opera: ======= OPR Profile: C:\Users\timof\AppData\Roaming\Opera Software\Opera Stable [2022-07-20] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\timof\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-07-07] OPR Extension: (Opera Crypto Wallet) - C:\Users\timof\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-07-07] OPR Extension: (Amazon Assistant Promotion) - C:\Users\timof\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-08] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144464 2015-02-19] (Canon Inc. -> CANON INC.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12111288 2022-07-20] (Microsoft Corporation -> Microsoft Corporation) R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616360 2021-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [456416 2021-07-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairMsiPluginService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe [451800 2021-07-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [80608 2021-07-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-01-31] (EasyAntiCheat Oy -> Epic Games, Inc) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncHelper.exe [3381632 2022-07-14] (Microsoft Corporation -> Microsoft Corporation) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2022-03-28] (FUTUREMARK INC -> Futuremark) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> ) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11523704 2022-06-08] (Logitech Inc -> Logitech, Inc.) R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 MSI_Central_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150840 2021-06-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4477576 2018-06-19] (Logitech Inc -> Logitech) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.131.0619.0001\OneDriveUpdaterService.exe [3822496 2022-07-14] (Microsoft Corporation -> Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2575624 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3494672 2022-05-27] (Electronic Arts, Inc. -> Electronic Arts) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-07-05] (Overwolf Ltd -> Overwolf LTD) R2 PDF24; C:\Program Files\PDF24\pdf24.exe [585464 2021-09-27] (geek software GmbH -> geek software GmbH) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc) R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300600 2022-06-28] (Razer USA Ltd. -> Razer Inc.) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [534440 2022-04-28] (Razer USA Ltd. -> Razer Inc.) R2 THXV2HSAService; C:\windows\System32\THXV2HSAService.exe [264664 2020-11-19] (Razer USA Ltd. -> THX) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10429808 2021-11-30] (Riot Games, Inc. -> Riot Games, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-21] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 BthA2dp; C:\windows\System32\drivers\BthA2dp.sys [287744 2022-02-11] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\windows\System32\drivers\bthhfenum.sys [154112 2021-12-22] (Microsoft Corporation) [Datei ist nicht signiert] S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60328 2021-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2021-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\windows\System32\drivers\CorsairVBusDriver.sys [45984 2021-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\windows\System32\drivers\CorsairVHidDriver.sys [21920 2021-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R1 CTIIO; C:\windows\system32\drivers\CtiIo64.sys [29192 2021-12-29] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.) R1 EneTechIo; C:\windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 logi_audio_surround; C:\windows\system32\drivers\logi_audio_surround.sys [44496 2021-09-23] (Logitech Inc -> Logitech) R3 logi_joy_bus_enum; C:\windows\system32\drivers\logi_joy_bus_enum.sys [33528 2022-03-22] (WDKTestCert builder,132743893872553407 -> Logitech) R3 logi_joy_vir_hid; C:\windows\system32\drivers\logi_joy_vir_hid.sys [21704 2022-03-22] (WDKTestCert builder,132743893872553407 -> Logitech) R3 logi_joy_xlcore; C:\windows\system32\drivers\logi_joy_xlcore.sys [62904 2022-03-22] (WDKTestCert builder,132743893872553407 -> Logitech) R1 MSIO; C:\windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [29576 2021-11-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) R3 RzCommon; C:\windows\System32\drivers\RzCommon.sys [55128 2021-06-10] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0084; C:\windows\System32\drivers\RzDev_0084.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0528; C:\windows\System32\drivers\RzDev_0528.sys [54112 2021-03-22] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0c02; C:\windows\System32\drivers\RzDev_0c02.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) R3 sTHXV2VAD; C:\windows\System32\drivers\THXVAD2.sys [166048 2022-01-20] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider) R3 tap0901; C:\windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8480608 2021-11-29] (Riot Games, Inc. -> Riot Games, Inc.) S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [49576 2022-06-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [452856 2022-06-21] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-21] (Microsoft Windows -> Microsoft Corporation) S3 cpuz150; \??\C:\windows\temp\cpuz150\cpuz150_x64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) Fehler beim Lesen der Datei: "C:\Users\timof\Downloads\𝗪𝗘𝗥𝗗𝗘𝗥 𝗲𝗦𝗣𝗢𝗥𝗧𝗦 auf Twitter_ _Der @kicker_esport Talk zum Thema Jugendschutz im eSport läuft, @Kupi10 ist für @WerdereSPORTS dabei und diskutiert live auf #Twitch mit ⤵ ⚠ Wichtiges Thema, hört mal rein! https___t.co_SkzPVjmUaA https___t.co.pdf" Fehler beim Lesen der Datei: "C:\Users\timof\Downloads\kicker ⬢ eSport auf Twitter_ _Wie werden junge eSport-Talente am besten geschützt und gefördert_ Darüber diskutiert @GamingAlm1 im kicker eSport Talk mit Pablo Thiam (@HerthaBubis), Timo Schöber, Fabian Voß (@Direct2Media), @verdipwnz und @Kupi10. htt.pdf" 2022-07-20 04:28 - 2022-07-20 04:28 - 002369536 _____ (Farbar) C:\Users\timof\Downloads\FRST64.exe 2022-07-17 16:37 - 2022-07-17 16:37 - 001718060 _____ C:\windows\Minidump\071722-7515-01.dmp 2022-07-17 07:48 - 2022-07-17 07:48 - 000065610 _____ C:\Users\timof\Downloads\Letzter Drive Upload einer Referenz - HdM Forschung.pdf 2022-07-16 12:57 - 2022-07-16 12:57 - 000167510 _____ C:\Users\timof\Downloads\DNB.pdf 2022-07-16 08:42 - 2022-07-16 08:42 - 001035051 _____ C:\Users\timof\Downloads\LOGO ANIMATION.mp4 2022-07-14 15:18 - 2022-07-14 15:18 - 001483191 _____ C:\Users\timof\Downloads\Müller_400207761 (1).pdf 2022-07-14 14:11 - 2022-07-14 14:11 - 002260480 _____ C:\windows\system32\TextInputMethodFormatter.dll 2022-07-14 14:11 - 2022-07-14 14:11 - 000693248 _____ C:\windows\system32\FsNVSDeviceSource.dll 2022-07-14 14:11 - 2022-07-14 14:11 - 000640512 _____ C:\windows\system32\SettingSyncDownloadHelper.dll 2022-07-14 14:11 - 2022-07-14 14:11 - 000530944 _____ (curl, hxxps://curl.se/) C:\windows\system32\curl.exe 2022-07-14 14:11 - 2022-07-14 14:11 - 000470528 _____ (curl, hxxps://curl.se/) C:\windows\SysWOW64\curl.exe 2022-07-14 14:11 - 2022-07-14 14:11 - 000288768 _____ C:\windows\system32\Windows.Management.InprocObjects.dll 2022-07-14 14:11 - 2022-07-14 14:11 - 000270848 _____ C:\windows\system32\EsclScan.dll 2022-07-14 14:11 - 2022-07-14 14:11 - 000152064 _____ C:\windows\system32\EsclProtocol.dll 2022-07-14 14:11 - 2022-07-14 14:11 - 000061952 _____ C:\windows\system32\printticketvalidation.dll 2022-07-14 14:11 - 2022-07-14 14:11 - 000057344 _____ C:\windows\system32\APMonUI.dll 2022-07-14 14:11 - 2022-07-14 14:11 - 000033280 _____ (Microsoft Corporation) C:\windows\system32\mode.com 2022-07-14 14:11 - 2022-07-14 14:11 - 000026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\mode.com 2022-07-14 14:11 - 2022-07-14 14:11 - 000024576 _____ C:\windows\system32\WsdProviderUtil.dll 2022-07-14 14:11 - 2022-07-14 14:11 - 000020992 _____ (Microsoft Corporation) C:\windows\system32\tree.com 2022-07-14 14:11 - 2022-07-14 14:11 - 000018944 _____ C:\windows\SysWOW64\WsdProviderUtil.dll 2022-07-14 14:11 - 2022-07-14 14:11 - 000017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\tree.com 2022-07-14 14:11 - 2022-07-14 14:11 - 000014848 _____ (Microsoft Corporation) C:\windows\system32\chcp.com 2022-07-14 14:11 - 2022-07-14 14:11 - 000012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\chcp.com 2022-07-14 14:11 - 2022-07-14 14:11 - 000011811 _____ C:\windows\system32\DrtmAuthTxt.wim 2022-07-14 14:06 - 2022-07-14 14:06 - 000000000 ___HD C:\$WinREAgent 2022-07-13 14:06 - 2022-07-13 15:54 - 002748297 _____ C:\Users\timof\Downloads\Proofs_CP_TS.pdf 2022-07-13 14:05 - 2022-07-13 14:05 - 000259387 _____ C:\Users\timof\Downloads\Lazear_Rosen_paper_CP.pdf 2022-07-13 14:04 - 2022-07-13 14:04 - 001483191 _____ C:\Users\timof\Downloads\Müller_400207761.pdf 2022-07-13 05:00 - 2022-07-13 05:00 - 000018804 _____ C:\Users\timof\Documents\Wiki4.txt 2022-07-13 04:44 - 2022-07-13 04:44 - 000004067 _____ C:\Users\timof\Documents\Löschdiskussion.txt 2022-07-12 19:45 - 2022-07-12 19:45 - 000828607 _____ C:\Users\timof\Downloads\Mail.pdf 2022-07-10 07:19 - 2022-07-10 07:19 - 014818839 _____ C:\Users\timof\Downloads\Job%20Sessions2 (3).pptx 2022-07-07 20:01 - 2022-07-07 20:02 - 115468711 _____ C:\Users\timof\Downloads\IMG_9796 (1).MOV 2022-07-07 19:59 - 2022-07-07 19:59 - 115468711 _____ C:\Users\timof\Downloads\IMG_9796.MOV 2022-07-06 19:48 - 2022-07-07 17:42 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-07-06 18:32 - 2022-07-06 18:32 - 001033640 _____ C:\Users\timof\Downloads\Empfehlung_Fabi (1).pdf 2022-07-05 19:03 - 2022-07-05 19:03 - 000473338 _____ C:\Users\timof\Downloads\WhatsApp Image 2022-07-05 at 17.01.43.jpeg 2022-07-05 18:24 - 2022-07-05 18:28 - 001033640 _____ C:\Users\timof\Downloads\Empfehlung_Fabi.pdf 2022-07-05 17:56 - 2022-07-05 17:56 - 395309499 _____ C:\Users\timof\Downloads\ebf_recruting_1 (1080p).mp4 2022-07-04 18:45 - 2022-07-04 18:46 - 000346656 _____ C:\Users\timof\Downloads\Einverständniserklärung - Timo Schöber - Euro-FH.pdf 2022-07-04 14:19 - 2022-07-04 14:20 - 629174656 _____ C:\Users\timof\Downloads\ebf_recruting_2 (1080p).mp4 2022-07-04 06:37 - 2022-07-04 06:37 - 000613867 _____ C:\Users\timof\Downloads\Bergmann.pdf 2022-07-04 06:34 - 2022-07-04 06:34 - 000417483 _____ C:\Users\timof\Downloads\GIZ.pdf 2022-07-04 06:32 - 2022-07-04 06:32 - 000614354 _____ C:\Users\timof\Downloads\Prandini2.pdf 2022-07-04 06:30 - 2022-07-04 06:30 - 000908657 _____ C:\Users\timof\Downloads\Prandini.pdf 2022-07-04 06:28 - 2022-07-04 06:28 - 000622259 _____ C:\Users\timof\Downloads\Heft 2 macht dann Skillshot, aber sie haben meine Inhalte erhalten, also habe ich indirekt mitgeholfen.pdf 2022-07-03 18:46 - 2022-07-03 18:46 - 000069308 _____ C:\Users\timof\Downloads\confirmation.pdf 2022-07-03 13:21 - 2022-07-03 13:21 - 000004075 _____ C:\Users\timof\Downloads\Avery-Etikett-6123 (1).avery 2022-07-02 20:42 - 2022-07-02 20:42 - 109608284 _____ C:\Users\timof\Downloads\Gamevention_eSN (1).mp4 2022-07-02 20:39 - 2022-07-02 20:33 - 109608284 _____ C:\Users\timof\Downloads\Gamevention_eSN.mp4 2022-06-30 19:55 - 2022-06-30 19:55 - 004284636 _____ C:\Users\timof\Downloads\lvlupHR_gamevention_businessday_final.pdf 2022-06-30 19:08 - 2022-06-30 19:08 - 000000000 ____D C:\Users\timof\.ms-ad 2022-06-29 20:47 - 2022-06-29 20:47 - 046867013 _____ C:\Users\timof\Downloads\Gamevention_job (1).mp4 2022-06-29 20:46 - 2022-06-29 20:45 - 046867013 _____ C:\Users\timof\Downloads\Gamevention_job.mp4 2022-06-29 19:54 - 2022-06-29 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch Beta 2022-06-28 09:15 - 2022-06-28 09:15 - 000177726 _____ C:\Users\timof\Downloads\WhatsApp Image 2022-06-28 at 09.04.35.jpeg 2022-06-28 06:18 - 2022-07-19 04:37 - 000000000 ____D C:\Users\timof\Documents\Arbeit 2022-06-26 08:48 - 2022-06-30 05:02 - 000655225 _____ C:\Users\timof\Downloads\05,06--2022 Verzeichnis der Publikationen und Vorträge, sowie weiterer Aktivitäten.pdf 2022-06-26 08:46 - 2022-06-26 08:46 - 000648982 _____ C:\Users\timof\Downloads\-202205_Verzeichnis_Publikationen_Schöber-.pdf 2022-06-26 08:33 - 2022-06-26 08:46 - 000648982 _____ C:\Users\timof\Downloads\202205_Verzeichnis_Publikationen_Schöber.pdf 2022-06-26 07:06 - 2022-06-26 07:40 - 000525222 _____ C:\Users\timof\Downloads\2022_Verzeichnis_Publikationen_Schöber.pdf 2022-06-25 18:07 - 2022-06-25 18:07 - 006231221 _____ C:\Users\timof\Downloads\!!!Letzter_Nachweis.pdf 2022-06-25 18:06 - 2022-06-25 18:06 - 001939433 _____ C:\Users\timof\Downloads\Gamevention_Business.pdf 2022-06-25 08:05 - 2022-06-25 08:05 - 000651492 _____ C:\Users\timof\Downloads\Mazda Car Configurator2.pdf 2022-06-25 08:03 - 2022-06-25 08:03 - 000651492 _____ C:\Users\timof\Downloads\Mazda Car Configurator.pdf 2022-06-25 07:15 - 2022-06-25 07:15 - 001888201 _____ C:\Users\timof\Downloads\The Business Model of Fortnite with Timo Schöber ERQ11 - YouTube2.pdf 2022-06-25 07:14 - 2022-06-25 07:14 - 000825295 _____ C:\Users\timof\Downloads\E-SPORTS und Employer Branding_ Talk mit TIMO SCHÖBER - SAATKORN2.pdf 2022-06-25 07:13 - 2022-06-25 07:13 - 000917300 _____ C:\Users\timof\Downloads\Beirat Gamevention.pdf 2022-06-25 07:11 - 2022-06-25 07:11 - 000358278 _____ C:\Users\timof\Downloads\PAIDIA.pdf 2022-06-25 07:10 - 2022-06-25 07:10 - 000462105 _____ C:\Users\timof\Downloads\Buchrezension_ Bildschirm-Athleten, das Phänomen e-Sports _ gaming-grounds.de.pdf 2022-06-25 07:08 - 2022-06-25 07:08 - 003162910 _____ C:\Users\timof\Downloads\Amazon.pdf 2022-06-25 07:06 - 2022-06-25 07:06 - 000151233 _____ C:\Users\timof\Downloads\Esportpedia.pdf 2022-06-25 07:05 - 2022-06-25 07:05 - 000378079 _____ C:\Users\timof\Downloads\KIT-Bibliothek, Karlsruher Virtueller Katalog.pdf 2022-06-25 07:03 - 2022-06-25 07:03 - 000230746 _____ C:\Users\timof\Downloads\Bundesinstitut für Sportwissenschaft.pdf 2022-06-25 06:59 - 2022-06-25 06:59 - 000099602 _____ C:\Users\timof\Downloads\1655522887439.jfif 2022-06-24 11:16 - 2022-06-24 11:16 - 000447328 _____ (Cisco Webex LLC) C:\Users\timof\Downloads\webex.exe 2022-06-24 10:18 - 2022-06-24 10:18 - 000225478 _____ C:\Users\timof\Downloads\Businesstag _Level Up Your Business_ auf der Gamevention 2022.pdf 2022-06-24 09:50 - 2022-06-24 09:50 - 000842781 _____ C:\Users\timof\Downloads\Gaming und Recruiting - WTSH.pdf 2022-06-23 17:30 - 2022-06-23 17:31 - 001721332 _____ C:\windows\Minidump\062322-7187-01.dmp 2022-06-22 06:06 - 2022-06-22 06:06 - 000734538 _____ C:\Users\timof\Downloads\RechnungIJESPORTS.pdf 2022-06-22 05:03 - 2022-06-22 05:03 - 000129767 _____ C:\Users\timof\Downloads\1655522598866.jfif 2022-06-22 04:51 - 2022-06-22 04:51 - 002497940 _____ C:\Users\timof\Downloads\PM Esportionary (1).pdf 2022-06-21 04:25 - 2022-06-21 04:25 - 000216955 _____ C:\Users\timof\Downloads\CV_Feddersen, Hauke.pdf 2022-06-20 19:56 - 2022-06-20 19:56 - 000452584 _____ C:\Users\timof\Downloads\2021-10-26_Auswertung_Stadtwerke2-neu.pdf 2022-06-20 19:55 - 2022-06-20 19:55 - 000452584 _____ C:\Users\timof\Downloads\2021-10-26_Auswertung_Stadtwerke2.pdf 2022-06-20 18:32 - 2022-06-20 18:32 - 293748277 _____ C:\Users\timof\Downloads\wetransfer_masterthesis_seilner_40891_2022-06-20_0818.zip 2022-06-20 18:29 - 2022-06-20 18:29 - 000066419 _____ C:\Users\timof\Downloads\Invoice - 0028.pdf 2022-06-20 08:18 - 2022-06-20 20:03 - 001465986 _____ C:\Users\timof\Downloads\Masterthesis_Florian_Seilner_40891.pdf ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2022-07-20 04:28 - 2021-09-24 16:31 - 000033907 _____ C:\Users\timof\Downloads\FRST.txt 2022-07-20 04:28 - 2021-09-24 16:31 - 000000000 ____D C:\FRST 2022-07-20 04:27 - 2021-09-23 18:15 - 000000000 ____D C:\Users\timof\AppData\Local\Battle.net 2022-07-20 04:23 - 2021-09-21 11:28 - 000000000 ____D C:\ProgramData\NVIDIA 2022-07-20 04:22 - 2021-06-10 09:23 - 003292080 _____ C:\windows\system32\PerfStringBackup.INI 2022-07-20 04:22 - 2021-06-07 14:16 - 000705202 _____ C:\windows\system32\perfh010.dat 2022-07-20 04:22 - 2021-06-07 14:16 - 000137304 _____ C:\windows\system32\perfc010.dat 2022-07-20 04:22 - 2021-06-07 14:14 - 000718510 _____ C:\windows\system32\perfh00C.dat 2022-07-20 04:22 - 2021-06-07 14:14 - 000140712 _____ C:\windows\system32\perfc00C.dat 2022-07-20 04:22 - 2019-12-07 16:50 - 000684798 _____ C:\windows\system32\perfh007.dat 2022-07-20 04:22 - 2019-12-07 16:50 - 000141256 _____ C:\windows\system32\perfc007.dat 2022-07-20 04:22 - 2019-12-07 11:13 - 000000000 ____D C:\windows\INF 2022-07-20 04:19 - 2021-09-23 15:50 - 000000000 ____D C:\Program Files\Microsoft Office 2022-07-20 04:18 - 2021-09-23 18:45 - 000000000 ____D C:\Users\timof\AppData\LocalLow\Mozilla 2022-07-20 04:18 - 2019-12-07 11:14 - 000000000 ____D C:\windows\AppReadiness 2022-07-20 04:17 - 2021-09-23 15:33 - 000000000 ____D C:\Program Files (x86)\Google 2022-07-20 04:17 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-07-20 04:16 - 2021-09-23 20:33 - 000000000 ____D C:\Users\timof\AppData\Roaming\LGHUB 2022-07-20 04:16 - 2021-09-23 20:33 - 000000000 ____D C:\Users\timof\AppData\Local\LGHUB 2022-07-20 04:15 - 2021-06-10 09:15 - 000008192 ___SH C:\DumpStack.log.tmp 2022-07-20 04:15 - 2021-06-10 09:15 - 000000006 ____H C:\windows\Tasks\SA.DAT 2022-07-19 20:35 - 2021-09-23 16:37 - 000000000 ____D C:\Users\timof\AppData\Roaming\discord 2022-07-19 20:35 - 2019-12-07 11:03 - 001310720 _____ C:\windows\system32\config\BBI 2022-07-19 20:13 - 2021-09-23 16:59 - 000000000 ____D C:\Program Files (x86)\Steam 2022-07-19 19:43 - 2021-10-17 20:07 - 000000000 ____D C:\Users\timof\AppData\Local\Discord 2022-07-19 17:57 - 2021-09-23 16:45 - 000000000 ____D C:\ProgramData\CanonIJPLM 2022-07-18 19:57 - 2021-09-23 18:02 - 000000000 ____D C:\Users\timof\Documents\Büro 2022-07-18 18:56 - 2021-09-23 18:14 - 000000000 ____D C:\Program Files (x86)\Battle.net 2022-07-18 18:31 - 2021-09-23 15:26 - 000000000 ____D C:\Users\timof\AppData\Local\D3DSCache 2022-07-18 18:09 - 2022-02-09 05:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-07-18 18:05 - 2021-10-08 10:38 - 000004222 _____ C:\windows\system32\Tasks\Opera scheduled Autoupdate 1633682300 2022-07-18 18:05 - 2021-10-08 10:38 - 000001412 _____ C:\Users\timof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk 2022-07-18 17:58 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-07-18 04:08 - 2021-12-03 20:08 - 000000000 ____D C:\Program Files (x86)\Overwolf 2022-07-17 20:17 - 2021-09-23 15:23 - 000000000 ____D C:\Users\timof 2022-07-17 19:02 - 2021-06-10 09:15 - 000000000 ____D C:\windows\system32\SleepStudy 2022-07-17 16:37 - 2021-10-26 16:13 - 000000000 ____D C:\windows\Minidump 2022-07-17 16:36 - 2021-10-26 16:13 - 1240390739 _____ C:\windows\MEMORY.DMP 2022-07-17 08:47 - 2021-09-23 15:59 - 000000000 ____D C:\Users\timof\Documents\ActivePresenter Templates 2022-07-17 08:47 - 2021-09-23 15:59 - 000000000 ____D C:\Users\timof\Documents\ActivePresenter 2022-07-17 08:45 - 2021-09-23 15:59 - 000000000 ____D C:\Users\timof\AppData\Roaming\ActivePresenter 2022-07-17 06:23 - 2021-09-23 18:02 - 000000000 ____D C:\Users\timof\Documents\eSports 2022-07-16 05:49 - 2021-11-21 07:27 - 000004784 _____ C:\windows\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask 2022-07-16 05:49 - 2021-06-10 09:16 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-07-15 06:18 - 2021-09-23 18:02 - 000000000 ____D C:\Users\timof\Documents\Sonstiges 2022-07-15 05:05 - 2021-09-23 15:26 - 000000000 ____D C:\Users\timof\AppData\Local\Packages 2022-07-14 16:54 - 2021-06-10 09:15 - 000439216 _____ C:\windows\system32\FNTCACHE.DAT 2022-07-14 16:53 - 2019-12-07 11:14 - 000000000 ___RD C:\windows\PrintDialog 2022-07-14 16:53 - 2019-12-07 11:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel 2022-07-14 16:53 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SysWOW64\WinMetadata 2022-07-14 16:53 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SystemResources 2022-07-14 16:53 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\WinMetadata 2022-07-14 16:53 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\setup 2022-07-14 16:53 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\oobe 2022-07-14 16:53 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\es-MX 2022-07-14 16:53 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\DDFs 2022-07-14 16:53 - 2019-12-07 11:14 - 000000000 ____D C:\windows\ShellExperiences 2022-07-14 16:53 - 2019-12-07 11:14 - 000000000 ____D C:\windows\ShellComponents 2022-07-14 16:53 - 2019-12-07 11:14 - 000000000 ____D C:\windows\bcastdvr 2022-07-14 16:45 - 2021-09-23 18:02 - 000000000 ____D C:\Users\timof\Documents\Schreiben 2022-07-14 14:13 - 2019-12-07 11:03 - 000000000 ____D C:\windows\CbsTemp 2022-07-14 14:11 - 2021-06-10 09:17 - 003010560 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll 2022-07-14 14:04 - 2021-12-22 08:06 - 000000000 ____D C:\windows\system32\MRT 2022-07-14 14:03 - 2021-12-22 08:06 - 146546848 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2022-07-14 04:27 - 2021-12-13 18:22 - 000003592 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1970424426-2687798153-538391229-1004 2022-07-14 04:27 - 2021-09-30 17:49 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2022-07-14 04:27 - 2021-09-23 15:51 - 000003194 _____ C:\windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2022-07-14 04:27 - 2021-09-23 15:51 - 000002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-07-13 19:11 - 2021-09-29 18:04 - 000000000 ____D C:\Users\timof\AppData\Local\CrashDumps 2022-07-13 13:32 - 2021-09-30 16:20 - 000004562 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task 2022-07-13 13:32 - 2021-09-30 16:20 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-07-12 17:28 - 2021-09-23 18:02 - 000000000 ____D C:\Users\timof\Documents\Selbstständigkeit 2022-07-11 18:50 - 2021-09-29 18:04 - 000000000 ____D C:\Program Files (x86)\Razer 2022-07-07 17:47 - 2021-10-08 10:38 - 000004454 _____ C:\windows\system32\Tasks\Opera scheduled assistant Autoupdate 1633682302 2022-07-07 17:47 - 2021-09-23 15:33 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-07-07 17:42 - 2021-09-23 18:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-07-07 04:21 - 2021-10-10 09:22 - 000000000 ____D C:\windows\system32\Tasks\Mozilla 2022-07-07 04:20 - 2021-09-23 18:45 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-07-04 08:09 - 2021-09-29 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2022-07-04 08:08 - 2021-09-29 18:06 - 000000000 ____D C:\Program Files\THX 2022-07-02 19:46 - 2021-10-29 12:59 - 000000000 ____D C:\Users\timof\Documents\Zoom 2022-06-24 06:49 - 2021-09-25 17:10 - 000002371 _____ C:\Users\timof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2022-06-24 06:38 - 2021-09-23 18:02 - 000000000 ____D C:\Users\timof\Documents\Skillshot 2022-06-24 06:38 - 2021-09-23 18:02 - 000000000 ____D C:\Users\timof\Documents\Forschung 2022-06-23 17:27 - 2021-10-03 18:30 - 000000001 _____ C:\windows\vgkbootstatus.dat 2022-06-21 18:36 - 2021-06-10 09:15 - 000000000 ____D C:\windows\system32\Drivers\wd ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
21.07.2022, 20:20 | #3 |
/// TB-Ausbilder | Battle.net und anderesMein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen. Bitte beachte unsere Regeln während der Bereinigung! Schritt 1 Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 2 Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei. Schritt 3
Bitte poste mit deiner nächsten Antwort:
|
26.07.2022, 09:16 | #4 |
/// TB-Ausbilder | Battle.net und anderes Fehlende Rückmeldung Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und ein eigenes Thema erstellen! |
Themen zu Battle.net und anderes |
.com, browser, defender, explorer, firefox, firewall, free, geforce, helper, home, internet, internet explorer, microsoft defender, programme, registry, scan, system32, tcp, udp, update, usb, wallpaper, win32, windows, wireless, wmi |