Windows 10 (21H2): Windowsdefender meldet: Trojan:MSIL/Bladabindi.OE!MTB

legendevent · 08.10.2022, 16:19

Hallo zusammen,

seit heute Morgen zeigt mir der Windows Defender die o.g. Meldung an.
Ich habe schon mit Autoruns die Dateien, Registry, Services, Autostart und TaskScheduler Einträge gelöscht.

Leider zeigt mir aber der Defender auch noch nach einem Neustart die Meldung an, obwohl es diese Dateien/Pfade nicht mehr gibt.

Leider sind die Logdateien zu groß. Deswegen hier ein Teil des Addition Logs:
Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-10-2022 01
durchgeführt von lucap (08-10-2022 16:27:26)
Gestartet von C:\Users\lucap\OneDrive\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.2006 (X64) (2021-03-04 20:53:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-3740623257-3560467387-1776860099-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3740623257-3560467387-1776860099-503 - Limited - Disabled)
Gast (S-1-5-21-3740623257-3560467387-1776860099-501 - Limited - Disabled)
lucap (S-1-5-21-3740623257-3560467387-1776860099-1001 - Administrator - Enabled) => C:\Users\lucap
WDAGUtilityAccount (S-1-5-21-3740623257-3560467387-1776860099-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3DMark 11 (HKLM\...\{07B785F0-6B14-432A-AFC9-6CB6B964625F}) (Version: 1.0.179.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{62d249f0-7380-49a0-bca0-3a38aa527c42}) (Version: 1.0.179.0 - Futuremark)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Ableton Live 11 Lite (HKLM\...\{7C9CCB77-62D3-45E0-AA5B-3067E488657D}) (Version: 11.0.0.0 - Ableton) Hidden
Ableton Live 11 Lite (HKLM-x32\...\{052f0620-aee0-4494-a75e-fddf2a701d06}) (Version: 11.0.0.0 - Ableton)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AHK to Background (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\52f4ab0ef26fc704) (Version: 1.0.0.11 - AHK to Background)
Akai Professional MPX File Conversion Utility (HKLM-x32\...\MPXFileConversionUtility) (Version:  - )
Amazon Games (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.3.8336.1 - Amazon.com Services, Inc.)
Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
Autodesk Fusion 360 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.14337 - Autodesk, Inc.)
AutoHotkey 1.1.33.09 (HKLM\...\AutoHotkey) (Version: 1.1.33.09 - Lexikos)
AutoIt v3.3.14.5 (HKLM-x32\...\AutoItv3) (Version: 3.3.14.5 - AutoIt Team)
Badlion Client (HKLM\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 3.5.2 - Badlion)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blitz (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.16.2 - Blitz, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{5A260D5A-95D3-4956-8E0A-E182CC4144ED}) (Version: 4.8.04162 - Microsoft Corporation) Hidden
CPUID ASUS CPU-Z 2.01 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 2.01 - CPUID, Inc.)
Daedalus Mainnet (HKLM-x32\...\Daedalus Mainnet) (Version: 4.3.1 - IOHK)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DTS Audio (HKLM-x32\...\{D5137AAA-45D7-4136-9506-BD1A623688AD}) (Version: 1.00.7300 - DTS, Inc.)
DynZen NosTale version 1.0.1 (HKLM-x32\...\{AB0348A4-2411-4EA6-8DA5-D1995E1D68D3}_is1) (Version: 1.0.1 - DynZen)
Eastmile Client version 2.0 (HKLM-x32\...\{EE145DD9-4884-4531-8A3C-775A6FF005E7}_is1) (Version: 2.0 - Eastmile)
Entity Framework 6.2.0 Tools  for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2019 (HKLM-x32\...\{F878746A-C5F7-420A-A672-4DFEF74ADC3A}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2022 (HKLM-x32\...\{BA73F2EE-EEB4-4A9C-BAF4-AC3599983E8B}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{E0419FB0-0C46-4F07-9D5B-2FD78A8C45ED}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
FiveM (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\CitizenFX_FiveM) (Version:  - Cfx.re)
Focusrite Audio Drivers 4.102.4.735 (HKLM\...\Focusrite Audio Drivers_is1) (Version: 4.102.4.735 - Focusrite Audio Engineering, Ltd.)
Focusrite Control 3.11.0.1983 (HKLM\...\Focusrite Control_is1) (Version: 3.11.0.1983 - Focusrite Audio Engineering Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{63C33A87-484C-4D23-BAA4-5658DD908D8E}) (Version: 5.45.1044.0 - Futuremark)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.11.2.0 - miHoYo Co.,Ltd)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Git (HKLM\...\Git_is1) (Version: 2.35.1.2 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\GitHubDesktop) (Version: 2.9.6 - GitHub, Inc.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 105.0.5195.127 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2699.0 - Rockstar Games)
GrandRP Launcher 1.0 version 1.0 (HKLM-x32\...\{D0A3CE4B-226D-159F-2A2C-D4BE0BA4228D}_is1) (Version: 1.0 - Grand RolePlay)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.550 - Huawei Technologies Co., Ltd.)
icecap_collection_neutral (HKLM-x32\...\{04C533D3-8445-4E47-A351-A66B1DA1B631}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collection_neutral (HKLM-x32\...\{1036893D-9917-4E70-B96C-8D72A2B224BC}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{289873DF-80D0-4D7D-8068-D25D342A26FA}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{4CDCF412-13D2-48AD-B98C-3AB4A771A127}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{13AC1F0D-2185-48E9-8274-884BD9E53C7F}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{4B691388-E031-4268-A096-95173D1E6E0F}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{87A0DCD8-E774-4484-8676-B5214CCB8B5A}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{5A86972C-9DB5-40AA-B4EB-0ACE96AFDF88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{D072CF88-3B90-4367-85BC-A8516986690F}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{F9CE4297-DD31-437B-91AC-DC90574288A2}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{028D4B22-B70B-447E-9B80-8E3E98CB2667}) (Version: 10.0.06027 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - ) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{9B7D5CA0-5521-458D-88D9-AF7D9A06E753}) (Version: 11.1.072 - Intel Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{D17293BC-1678-4281-B94E-DBCF66AE7611}) (Version: 2.4.08919 - Intel Corporation)
Intel(R) Memory and Storage Tool (HKLM\...\{D9F2D22C-A2FB-45D1-B84D-FFBE8950459D}) (Version: 1.11.165 - Intel)
Intel(R) NVME Miniport and Filter Device Management (HKLM\...\{D44F19E2-5189-4415-AEF8-BF6D258B474A}) (Version: 5.3.0.1005 - Intel Corporation) Hidden
Intel(R) NVME Miniport and Filter Device Management (HKLM-x32\...\{12d24f04-f633-49f9-9006-53fa577aa7e7}) (Version: 5.3.0.1005 - )
Intel® Driver & Support Assistant (HKLM-x32\...\{8e97d87d-065f-48c1-bd2b-f7bff04dcfc1}) (Version: 21.6.39.7 - Intel)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IP Camera Adapter (HKLM-x32\...\{02C8886B-FB8F-4666-960B-36DFB37786B1}) (Version: 4.0.0.0 - Pavel Khlebovich) Hidden
Java 8 Update 341 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Java(TM) SE Development Kit 17.0.1 (64-bit) (HKLM\...\{7ECAAC8F-FBBE-5265-BBF4-0AC48139FB26}) (Version: 17.0.1.0 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 2.49 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.49 - Dominik Reichl)
Kits Configuration Installer (HKLM-x32\...\{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 - Microsoft) Hidden
Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{E1F68FC9-F23C-4F44-8092-CAC55E43A80B}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legacy Games Launcher 1.4.3 (HKLM\...\da414c81-a9fd-5732-bd5e-8acced116298) (Version: 1.4.3 - Legacy Games)
Logi Firmware Update Tool for Tap (HKLM-x32\...\FWUpdateTap) (Version: 1.6.23.0 - Logitech Europe S.A.)
loopMIDI (HKLM-x32\...\{6b220f45-42ca-435c-95fd-1764cb849122}) (Version: 1.0.16.27 - Tobias Erichsen)
loopMIDI (HKLM-x32\...\{DF96DB4C-DB0F-4CCF-9769-464BC9EA859F}) (Version: 1.0.16.27 - Tobias Erichsen) Hidden
loopMIDIBlockLegacy (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
LOSTARK (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\LOSTARK) (Version: 1.104 - MY.GAMES)
Microsoft .NET 6.0 Templates 6.0.200 (x64) (HKLM\...\{55A933C9-61E4-4958-A086-83CE936D88B2}) (Version: 24.4.48461 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 5.0.14 (x64) (HKLM\...\{B6D217CB-F393-40DD-AC17-9989D8E8A714}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 5.0.14 (x64_arm) (HKLM\...\{400881A4-1434-42D1-BB9F-9F3B996E64F4}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 5.0.14 (x64_arm64) (HKLM\...\{4B983237-0EE4-48AF-BB67-0607E8DEE562}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 5.0.14 (x64_x86) (HKLM\...\{1D25A8A0-2D84-41B4-B0F0-32EF1151F625}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.2 (x64) (HKLM\...\{E880145C-89F2-44EE-973D-03DF3026FF75}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.2 (x64_arm) (HKLM\...\{DCAE22BC-0045-4E1D-8E55-45CD6A0B9DA7}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.2 (x64_arm64) (HKLM\...\{BC04A133-2C27-4C19-A1D8-48FCC9C7D94F}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.2 (x64_x86) (HKLM\...\{94079648-6999-4938-B069-6C59E43A3BB0}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Core 3.1 Templates 5.0.405 (x64) (HKLM\...\{D20D560E-2176-4ECF-A344-7B43EB17377F}) (Version: 12.21.61060 - Microsoft Corporation) Hidden
Microsoft .NET Core 5.0 Templates 5.0.405 (x64) (HKLM\...\{9372651C-BB0D-4D01-AFAC-1D91929393EC}) (Version: 20.7.44676 - Microsoft Corporation) Hidden
Microsoft .NET Core AppHost Pack - 3.1.22 (x64) (HKLM\...\{23B200E6-5E51-403D-A3F5-62CD42B23D7D}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core AppHost Pack - 3.1.22 (x64_arm) (HKLM\...\{A8D05936-3B6A-4F1A-8B31-C47A1CF55DF7}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core AppHost Pack - 3.1.22 (x64_arm64) (HKLM\...\{C883FEA0-0193-4C6B-BAF3-DA9FA7B6510E}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core AppHost Pack - 3.1.22 (x64_x86) (HKLM\...\{3AB1D96B-C73E-4C77-BED9-85591FC3BF14}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core Host - 2.1.30 (x64) (HKLM\...\{8FD66631-B964-4E12-92E1-A8A4CAD5D14C}) (Version: 16.120.30411 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 2.1.30 (x64) (HKLM\...\{EB291DFA-DEDE-4355-98D9-17F95E91C437}) (Version: 16.120.30411 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 2.1.30 (x64) (HKLM\...\{92A0517D-D5F9-4D8F-87F9-83ABC04240C2}) (Version: 16.120.30411 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.22 (x64) (HKLM\...\{44D628C6-14F5-48F2-89F9-6C0A5FF2B9F0}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.22 (x86) (HKLM-x32\...\{54C416DE-9495-4FFC-B2A7-E7AF82DEA8A4}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core SDK 2.1.526 (x64) (HKLM\...\{77DCC379-7B83-4D9A-8D77-1FB5A5175135}) (Version: 8.147.42380 - Microsoft Corporation) Hidden
Microsoft .NET Core SDK 2.1.526 (x64) (HKLM-x32\...\{a61ab325-4d4c-416b-a9c0-bfd07d8890ae}) (Version: 2.1.526 - Microsoft Corporation)
Microsoft .NET Core Targeting Pack - 3.1.0 (x64) (HKLM\...\{31EDE1E7-C855-4633-9D73-56F566136567}) (Version: 24.64.28315 - Microsoft Corporation) Hidden
Microsoft .NET CoreRuntime For CoreCon (HKLM-x32\...\{48A8F171-52F2-372B-8414-EA50617708BE}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft .NET CoreRuntime SDK (HKLM-x32\...\{12702494-9E6A-3F5E-9441-2B7D258A639B}) (Version: 1.1.27004.0 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 Targeting Pack (deu) (HKLM-x32\...\{96E8FAD6-EC2D-40F2-A230-7F81CD52FB43}) (Version: 3.5.27729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.1 Targeting Pack (HKLM-x32\...\{5686C5E9-A3B3-451E-A2EA-4C246CDE5CC9}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (Deutsch) (HKLM-x32\...\{5F62E29E-C154-44CB-81D6-696FB3474844}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.16 (x64) (HKLM\...\{DAA471F4-54A9-4820-A1C5-266B5153C144}) (Version: 40.64.31117 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.2 (x64) (HKLM\...\{FCA58978-1518-4AA5-9B43-D9D3CDE9C314}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.14 (x64) (HKLM\...\{8D88F0E2-CE9B-4A6D-8309-FDC562195F5B}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.14 (x86) (HKLM-x32\...\{64E80A14-A4CE-4209-9E96-E3B33957FE7C}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.16 (x64) (HKLM\...\{29CBA832-8D09-42D0-82F4-3583EE247A5E}) (Version: 40.64.31117 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.0 (x64) (HKLM\...\{740DEBEB-4049-4179-AF82-673DE9E7F52E}) (Version: 48.3.31210 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.2 (x64) (HKLM\...\{400912BD-8880-45D6-B657-CC52E9297295}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.2 (x86) (HKLM-x32\...\{D2704ECD-6F5F-4B2E-B895-848B1403ACE7}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Native SDK (HKLM-x32\...\{A527D13C-CB86-3604-BFDC-68F585895663}) (Version: 15.0.24211.06 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.14 (x64) (HKLM\...\{B810ACDF-1C0C-4108-9B92-12F1674FA444}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.14 (x86) (HKLM-x32\...\{B53264E4-665F-4F04-BF0C-7F9C9B7A5640}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.16 (x64) (HKLM\...\{16E242C4-24A9-4381-8023-0F246750CA47}) (Version: 40.64.31117 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.16 (x64) (HKLM-x32\...\{68696b91-f423-4e8e-a58f-631366d0f77a}) (Version: 5.0.16.31117 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.0 (x64) (HKLM\...\{0875A1B4-8C93-48C7-BEC9-4E549B550B1B}) (Version: 48.3.31210 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.2 (x64) (HKLM\...\{09BE57EC-66FA-4C4D-ABED-EBCB6A6BF6EA}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.2 (x86) (HKLM-x32\...\{A54C9C13-9F3E-4E95-8BE0-7A36A1F80245}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET SDK 5.0.405 (x64) from Visual Studio (HKLM\...\{316B05A5-52B6-436C-9C79-2049DD149D96}) (Version: 5.4.522.6820 - Microsoft Corporation)
Microsoft .NET SDK 6.0.200 (x64) from Visual Studio (HKLM\...\{00D9D07C-9962-4CBB-9AA2-9EF1383B5B2D}) (Version: 6.2.22.10605 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 5.0.0 (x64) (HKLM\...\{34761DB2-89B9-4981-8122-5B1FAE3B7069}) (Version: 40.0.29419 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.2 (x64) (HKLM\...\{27C5AAF6-5B72-44B0-924C-4BB0C170216C}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 5.0.405 (x64) (HKLM\...\{BEA7472D-97F2-464B-814D-CC0F473FC337}) (Version: 20.5.61060 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 6.0.200 (x64) (HKLM\...\{D66C8045-2D1E-4346-AAFA-76A34758E10C}) (Version: 24.4.48461 - Microsoft Corporation) Hidden
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.15629.20156 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM\...\{90140000-00D1-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Access database engine 2016 (English) (HKLM-x32\...\{90160000-00D1-0409-0000-0000000FF1CE}) (Version: 16.0.5044.1000 - Microsoft Corporation)
Microsoft ASP.NET Core 2.1.30 Shared Framework (x64) (HKLM\...\{3F0FA3FE-95FA-3B48-ABD1-46FB4DA4021E}) (Version: 2.1.30.60071 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 3.1.10 Targeting Pack (x64) (HKLM\...\{FEA48357-CE2F-3ED0-B2A0-8548BEC6F111}) (Version: 3.1.10.20520 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 3.1.22 Shared Framework (x64) (HKLM\...\{6AFBB1FC-92B4-38D1-8125-A5F297FDA27D}) (Version: 3.1.22.21579 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 3.1.22 Shared Framework (x86) (HKLM-x32\...\{7BD85F66-ABB6-3590-B637-22311F25619B}) (Version: 3.1.22.21579 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 5.0.0 Targeting Pack (x64) (HKLM\...\{7E0C04EC-9D6F-36CD-A821-DC8493EE407F}) (Version: 5.0.0.20526 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 5.0.14 Shared Framework (x64) (HKLM\...\{1DDE3A7E-9E64-38C4-A76B-EEC6CE0EC9C6}) (Version: 5.0.14.22063 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 5.0.14 Shared Framework (x86) (HKLM-x32\...\{E2E8FB3E-9513-31E4-9C66-B2DC0B9FC02C}) (Version: 5.0.14.22063 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.2 Shared Framework (x64) (HKLM\...\{941F2C43-D8FE-3DD0-8D2C-FE8169AD45A0}) (Version: 6.0.2.22064 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.2 Shared Framework (x86) (HKLM-x32\...\{E3B72D89-87A4-3961-B980-9DCC0487D6B2}) (Version: 6.0.2.22064 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.2 Targeting Pack (x64) (HKLM\...\{3220319F-4406-39D1-982A-3A678EA8D24A}) (Version: 6.0.2.22064 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core Module for IIS Express (HKLM\...\{FAFEE5E3-E00A-4CE8-B495-8F66A5FAB236}) (Version: 12.2.18292.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core Module V2 for IIS Express (HKLM\...\{F6EADEFA-482E-483C-B3D6-8B3567EE8FDB}) (Version: 16.0.21269.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Diagnostic Pack for Visual Studio (HKLM-x32\...\{CC2EFF16-2D75-3AFA-801F-90E59F7D7331}) (Version: 17.1.358.51495 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Tools Packages 15.0 - DEU (HKLM-x32\...\{FDB3AB25-DEE7-3438-9E2A-571F9F23F26E}) (Version: 1.0.30615.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Tools Packages 15.0 - ENU (HKLM-x32\...\{B3CA5EDB-F084-325C-AA50-247A3A476496}) (Version: 1.0.30615.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Tools Packages 17.0 - DEU (HKLM-x32\...\{313B1F5D-40A5-3190-9474-AD4CEDE068C2}) (Version: 17.0.10526.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Tools Packages 17.0 - ENU (HKLM-x32\...\{6332F84D-AEE5-3162-BCF4-329EE17B9662}) (Version: 17.0.10526.0 - Microsoft Corporation) Hidden
Microsoft Azure Authoring Tools - v2.9.7 (HKLM\...\{90462BD2-DF5B-449C-A401-FCC1DC264E4E}) (Version: 2.9.8999.45 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.9.7 (HKLM\...\{04CA054C-2F40-44B0-8610-8D51EC9444FE}) (Version: 2.9.8999.43 - Microsoft Corporation) Hidden
Microsoft Azure Compute Emulator - v2.9.7 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.7) (Version: 2.9.8999.43 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Azure Storage Emulator - v5.10 (HKLM-x32\...\{41AC2282-F083-4495-8306-2D6ABC7D5CA2}) (Version: 5.10.19227.2113 - Microsoft Corporation) Hidden
Microsoft Azure Storage Emulator - v5.10 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.10) (Version: 5.10.19227.2113 - Microsoft Corporation)
Microsoft Command Line Utilities 15 for SQL Server (HKLM\...\{41C0DB18-1790-465E-B0DD-D9CAA35CACBE}) (Version: 15.0.1300.359 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.37 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.34 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft NetStandard SDK (HKLM-x32\...\{737FDDA7-B944-4CB5-92D9-3D56373BD301}) (Version: 15.0.51105 - Microsoft Corporation) Hidden
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{97FA5676-7F15-4C39-BFA1-CE67BA1833C2}) (Version: 17.7.2.1 - Microsoft Corporation)
Microsoft Office Professional 2016 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 16.0.15629.20156 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Portable Library Multi-Targeting Pack (HKLM-x32\...\{812F31DC-FAA6-3979-B3D6-5D6BAAF2945D}) (Version: 15.0.26621.02 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (HKLM-x32\...\{D3A63893-9B6A-3DC2-BD7B-31BD85665988}) (Version: 15.0.26621.02 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9198AD57-6396-4DF8-8D0C-20EA764F7986}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Native Client  (HKLM\...\{E9AD0F97-5DF2-4F5B-BC5B-F524D21BF165}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{33B8D051-4DF5-4103-8FDB-8663E468A204}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server 2019 LocalDB  (HKLM\...\{36E492B8-CB83-4DA5-A5D2-D99A8E8228A1}) (Version: 15.0.4153.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Teams) (Version: 1.5.00.9163 - Microsoft Corporation)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}) (Version: 17.0.0.5175695 - Microsoft) Hidden
Microsoft UniversalWindowsPlatform SDK (HKLM-x32\...\{1DFB90F4-6C58-4AE6-BA4E-E0AE3C9062C7}) (Version: 15.9.10 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30708 (HKLM-x32\...\{ee198d9f-cfe1-4f8a-bf5f-7b1be355b63d}) (Version: 14.30.30708.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 X64 Debug Runtime - 14.16.27033 (HKLM\...\{FBB6370A-2B31-4E7F-9046-FEC401A98F12}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X86 Debug Runtime - 14.16.27033 (HKLM-x32\...\{54E71599-88E8-4A50-8435-BE40755DB005}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30708 (HKLM\...\{12A2980B-E47B-491B-92F5-0BC703841ED4}) (Version: 14.30.30708 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30708 (HKLM\...\{AE043016-3897-41D4-870B-1DAEE62CF152}) (Version: 14.30.30708 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2017 Tools for Unity (HKLM-x32\...\{1AD79405-0A2D-43D6-82AE-8CB8B212D906}) (Version: 3.9.0.3 - Microsoft Corporation) Hidden
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.1.2196.8931 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{6501DB5B-B58A-4021-8F3C-25A6CF01BC72}) (Version: 3.1.1126.51066 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{EA62D3A4-587F-43C9-8C56-FEF454BE720A}) (Version: 3.1.1126.51066 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2017 Update 9 Office Integration (x64) (HKLM\...\{4F62310B-5C05-3A89-A182-713AB10514E7}) (Version: 15.129.31804 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2017 Update 9 Office Integration Language Pack (x64) - ENU (HKLM\...\{67E00724-8C7F-3830-9FBA-2F87F11C12C9}) (Version: 15.129.31804 - Microsoft Corporation) Hidden
Microsoft Web Deploy 4.0 (HKLM\...\{DB7B43E1-BB6C-4417-9F20-2488FD8EECC8}) (Version: 10.0.5402 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.22 (x64) (HKLM\...\{D5C6F442-F51D-4D15-82C1-61E3435BA3C8}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.22 (x86) (HKLM-x32\...\{EDB662A8-AD69-44B1-B2FB-6E9BF86BA0B9}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM\...\{4CD6FFC6-FA14-4016-A7A6-B7E3D6286331}) (Version: 40.56.30911 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x86) (HKLM-x32\...\{3F927D21-88CF-4113-87C4-7F5D90ACFD5C}) (Version: 40.56.30911 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.16 (x64) (HKLM\...\{90B8150E-08C5-4225-9F94-9BBB39D82601}) (Version: 40.64.31121 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.16 (x64) (HKLM-x32\...\{c34fb08d-bd27-4d0b-a7bc-f7d5359f9518}) (Version: 5.0.16.31121 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.0 (x64) (HKLM\...\{C3505345-F775-48A3-9657-F9F0B4C1932F}) (Version: 48.3.31217 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.0 (x64) (HKLM-x32\...\{04da1419-5002-4781-bd5d-829a8fb420e5}) (Version: 6.0.0.30623 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.2 (x64) (HKLM\...\{70D77D60-C620-4829-AF52-7AB767A8BB52}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.2 (x86) (HKLM-x32\...\{DE561533-408D-4E2C-BB6E-05960A801450}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 3.1.0 (x64) (HKLM\...\{7519423C-A977-4160-83A2-48633600A216}) (Version: 24.64.28315 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 5.0.0 (x64) (HKLM\...\{B7846BB6-4EDE-409B-9147-631286EF7FDD}) (Version: 40.0.29420 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.2 (x64) (HKLM\...\{54E0FF16-E612-459E-9EB1-1C3D84D4DB13}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-6.0.200 (HKLM\...\{FCB866C3-1C7F-48F1-82AA-27CDF5EDBF07}) (Version: 124.50.2 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-6.0.200 (HKLM\...\{2685B6AE-7BBA-4305-A0C6-D85E95E6DFE3}) (Version: 60.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-6.0.200 (HKLM\...\{D9C7F250-1F44-4F17-9114-892FE9B9392E}) (Version: 60.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-6.0.200 (HKLM\...\{5023AA6C-3434-4651-97F4-A99E519A46BA}) (Version: 48.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-6.0.200 (HKLM\...\{E654192D-D623-4F63-81B5-7B01FD812D47}) (Version: 24.50.2441 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-6.0.200 (HKLM\...\{ABB96929-74DA-4C9E-A79F-5482C80E2651}) (Version: 60.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Manifest (HKLM\...\{5A247A95-DDD4-4C69-9BA5-2C94E9157502}) (Version: 48.27.37284 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Manifest (HKLM\...\{C7BBAC8B-9DE6-4893-A317-D3894F819334}) (Version: 48.3.37295 - Microsoft Corporation) Hidden
Microsoft-System-CLR-Typen für SQL Server 2019 (HKLM\...\{A2494B75-7366-47C0-A58F-C41BEE9317E6}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2019 CTP2.2 (HKLM-x32\...\{BF16A1DB-06A6-4A8E-B7A8-61F1F9C9FBA3}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server vNext CTP1.6 (HKLM\...\{598EF772-9320-43B6-9D3C-A60A1F6A804E}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server vNext CTP1.6 (HKLM-x32\...\{2773DECE-0FE5-4CA9-96A8-621E0185388F}) (Version: 15.0.600.33 - Microsoft Corporation)
MIDI-OX (HKLM-x32\...\{A6457851-5EA9-45B0-AF1D-D2A0A4781CFB}) (Version: 7.02.372 - MIDIOX Computing)
Minecraft Launcher (HKLM-x32\...\{911FBC64-4C64-4B8F-A637-B34832638C86}) (Version: 1.0.0.0 - Mojang)
MINIONAPP (HKLM-x32\...\MINIONAPP) (Version:  - )
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
MSI Kombustor 4.1.15.0 (64-bit) (HKLM\...\{F3D3CC6B-9AD7-4F43-8C69-40D5902FDC5C}}_is1) (Version:  - MSI / Geeks3D)
MySQL Connector Net 8.0.28 (HKLM-x32\...\{DDA9C4B3-766C-41FC-9BA2-615524AAF36B}) (Version: 8.0.28 - Oracle)
MySQL for Visual Studio 1.2.10 (HKLM-x32\...\{FFB40224-64C0-4D82-ADC4-6B9434B90800}) (Version: 1.2.10 - Oracle)
MySQL Shell 8.0.28 (HKLM\...\{2112E2EB-B278-4C5A-AA73-D9AD0205BAAC}) (Version: 8.0.28 - Oracle and/or its affiliates)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.4 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.131 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.131 - NVIDIA Corporation)
NVIDIA Grafiktreiber 517.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.48 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.39.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
obs-midi version 0.3.0 (HKLM-x32\...\{117EE44F-48E1-49E5-A381-CC8D9195CF35}_is1) (Version: 0.3.0 - Christopher Yarger)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20342 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Paket zur Festlegung von "Doc Redirected"-Zielversionen von Microsoft .NET Framework 4.7.1 (Deutsch) (HKLM-x32\...\{5B970BE4-A2F2-41BD-8B91-FEA8DAA1DB9B}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.7.2 (Deutsch) (HKLM-x32\...\{98FE7C2A-22A4-401A-B45B-2AA107C06DD7}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.8 (Deutsch) (HKLM-x32\...\{9E68042B-8597-4DE3-BA10-D1198BA9316B}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
ProtonVPN (HKLM-x32\...\{5D8EB116-AEE3-4BA2-9431-E429F0924940}) (Version: 1.25.0 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.25.0) (Version: 1.25.0 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
ProtonVPNTun (HKLM-x32\...\{C953D354-0C14-4CB5-AB42-0A9E40F55857}) (Version: 0.13.0 - Proton Technologies AG)
PrusaSlicer 2.5.0 (HKLM\...\{F7A53CE7-528F-429F-AABB-E54ECE5FD63E}) (Version: 2.5.0 - Prusa Research) Hidden
PrusaSlicer 2.5.0 (HKLM\...\PrusaSlicer 2.5.0 2.5.0) (Version: 2.5.0 - Prusa Research)
PuTTY release 0.76 (64-bit) (HKLM\...\{1E0D5689-40F1-4E46-ABBB-EAAC68B5CD89}) (Version: 0.76.0.0 - Simon Tatham)
PyCharm Community Edition 2021.3.1 (HKLM-x32\...\PyCharm Community Edition 2021.3.1) (Version: 213.6461.77 - JetBrains s.r.o.)
Python 3.9.7 (64-bit) (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\{0f0bf1a5-3ec1-459b-ab7c-916db941f50d}) (Version: 3.9.7150.0 - Python Software Foundation)
Python 3.9.7 Core Interpreter (64-bit) (HKLM\...\{88D4EF59-607D-43AD-B7C7-F5A753740FD1}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Development Libraries (64-bit) (HKLM\...\{97496FC6-5044-4A2A-BACD-40A44F38D483}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Documentation (64-bit) (HKLM\...\{AA408E09-EBB3-470F-8D63-5AA0C46C2DA2}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Executables (64-bit) (HKLM\...\{870EC220-FEAE-481D-8B29-B4B0DF5402FA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 pip Bootstrap (64-bit) (HKLM\...\{F1280AA2-AAC3-41AB-9616-CCF00814E626}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Standard Library (64-bit) (HKLM\...\{05903EEF-72A2-4C1A-AD35-41AD6C7094A8}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Tcl/Tk Support (64-bit) (HKLM\...\{6E8EAD3C-6F0C-494C-9C12-E10C5B5EE7EA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Test Suite (64-bit) (HKLM\...\{67D79D6E-8497-4EE6-850B-834D3A27553F}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Utility Scripts (64-bit) (HKLM\...\{4110826A-903C-410C-9785-7848A51B9CC9}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{99719382-D7A9-4DC2-BF0C-C23B730A313D}) (Version: 3.9.7546.0 - Python Software Foundation)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.0831.083015 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8273 - Realtek Semiconductor Corp.)
Red 2 & Red 3 Plug-in Suite version 1.1 (HKLM\...\Red 2 & Red 3 Plug-in Suite_is1) (Version: 1.1 - Focusrite Audio Engineering Limited)
REDlauncher (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Roblox Player for lucap (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for lucap (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\roblox-studio) (Version:  - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.63.962 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games)
rtpMIDIBlockLegacy (HKLM-x32\...\{FD937297-84C3-41A5-B5DF-1FAEEE669D68}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Snapmaker Luban 4.4.0 (HKLM\...\4c329381-cbe6-5eac-8b35-1ff73ff2e943) (Version: 4.4.0 - Snapmaker Dev Team)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.28779 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.34.4 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.43.0 - TechPowerUp)
Telegram Desktop version 4.1.1 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.1.1 - Telegram FZ-LLC)
Tesseract-OCR - open source OCR engine (HKLM\...\Tesseract-OCR) (Version: v5.0.1.20220118 - Tesseract-OCR community)
teVirtualMIDI64 (HKLM\...\{2F802731-3731-453E-B30B-4381BEED22AC}) (Version: 1.3.0.43 - Tobias Erichsen) Hidden
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Tools for .Net 3.5 - DEU Lang Pack (HKLM-x32\...\{13BD574A-7F41-420A-B486-7A2D4CEB7F3B}) (Version: 3.11.50727 - Microsoft Corporation) Hidden
Tools for .Net 3.5 (HKLM-x32\...\{1690CE56-2231-4E59-9006-A0876D949EA8}) (Version: 3.11.50727 - Microsoft Corporation) Hidden
Tower of Fantasy (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\tof_launcher) (Version:  - Hotta Studio)
TypeScript SDK (HKLM-x32\...\{6D0FC687-BA41-4DFD-80B4-3469E567AA0F}) (Version: 4.3.5.0 - Microsoft Corporation) Hidden
TypeScript SDK (HKLM-x32\...\{E6521CE7-0C2F-461D-8B83-CB40BC26F6A5}) (Version: 3.1.7.0 - Microsoft Corporation) Hidden
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 127.4.10629 - Ubisoft)
Ultimaker Cura 5.0.0 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Ultimaker Cura 5.0.0) (Version: 5.0.0.0 - Ultimaker B.V.)
Ultimaker Cura 5.1.0 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Ultimaker Cura 5.1.0) (Version: 5.1.0 - Ultimaker B.V.)
Unigine Superposition Benchmark 1.1 (HKLM\...\Superposition_is1) (Version: 1.1 - UNIGINE)
Unity (HKLM-x32\...\Unity) (Version: 2020.3.11f1 - Unity Technologies ApS)
Unity 2021.1.16f1 (HKLM-x32\...\Unity 2021.1.16f1) (Version: 2021.1.16f1 - Unity Technologies ApS)
Unity Hub 2.4.5 (HKLM\...\{Unity Technologies - Hub}) (Version: 2.4.5 - Unity Technologies Inc.)
Unity Hub 3.0.0-beta.2 (HKLM\...\Unity Technologies - Hub) (Version: 3.0.0-beta.2 - Unity Technologies Inc.)
Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VB-CABLE C+D Package (HKLM-x32\...\VB:VBCABLE_CD {C76D3BC2-E852-4d06}) (Version:  - VB-Audio Software)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
VBCABLE-A, The Virtual Audio Cable (HKLM\...\VB:VBCABLEA {87459874-1236-4469}) (Version:  - VB-Audio Software)
VBCABLE-B, The Virtual Audio Cable (HKLM\...\VB:VBCABLEB {87459874-1236-4469}) (Version:  - VB-Audio Software)
vcpp_crt.redist.clickonce (HKLM-x32\...\{86A64DD6-2619-4D30-B777-75568A3EE56D}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{DE76BFB9-CBA9-48EB-8AAB-31292E7F1D0A}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{83D25813-8527-4DA7-A514-969B674269BC}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{9E49E95C-CF02-412D-AD53-FB1F37D8BDD8}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Resource Package (HKLM-x32\...\{66EEDDAB-DF4D-424D-8E15-2D9B41C90397}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM64 Appx Package (HKLM-x32\...\{CCAC309A-EC2D-4A5E-BA76-3638E6D651F4}) (Version: 14.16.27027 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM64 Appx Package (HKLM-x32\...\{D076C56D-9DDE-462F-A1E8-2C7DF2C0E7A6}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{41EF416D-AD5E-432D-9BFE-0E5BE62E2F1E}) (Version: 14.16.27027 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{C20A5080-9391-4126-A953-D362BD8B5240}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{EEAD071F-AC16-42DB-9EBA-FC8A466C9382}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual Studio Community 2019 (HKLM-x32\...\4429726e) (Version: 16.11.10 - Microsoft Corporation)
Visual Studio Enterprise 2017 (HKLM-x32\...\5cf6f237) (Version: 15.9.44 - Microsoft Corporation)
Visual Studio Enterprise 2022 (HKLM-x32\...\d4e2f3c5) (Version: 17.1.0 - Microsoft Corporation)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.34.2.0 - Voicemod S.L.)
VS Immersive Activate Helper (HKLM-x32\...\{C0ACF658-B4DC-4CBB-B8F2-9E667D69919A}) (Version: 17.0.114.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{43F73608-5C94-436F-A1E6-E09ACE680391}) (Version: 17.0.114.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{9EC852BD-33D2-457C-99BB-ED3099B8176F}) (Version: 17.0.114.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{2D12F791-263F-4ABA-B7A8-5485933CADCF}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{B8B0A861-C76A-4DBA-B8D5-8830511173A3}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{16946E6F-037E-4A92-A30C-80293603EEC9}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{15CE6C23-B92A-4B2B-8521-6FA81661068B}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_codecoveragemsi (HKLM-x32\...\{95913D6F-B6F3-440F-ACEA-8B0ABD5FA275}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_codeduitestframeworkmsi (HKLM-x32\...\{4379D9C7-B16D-486C-BC6D-43550A4C55EE}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{5C127D2C-BC0B-44B8-A1A5-34E9E7A116FC}) (Version: 16.11.31911 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{08693C65-8459-4C66-8AF3-15F091F28F87}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{7571C303-621A-4ACF-A392-BD6B9B3C67BF}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{EB7405ED-A99C-47D4-8516-C5C35704B07C}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{3AFF0601-10FB-491C-8F07-CBE9FA2BC180}) (Version: 17.1.32210 - Microsoft Corporation) Hidden
vs_cuitcommoncoremsi (HKLM-x32\...\{060D7518-16AC-41F1-9956-38CA636FCF7B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_cuitextensionmsi (HKLM-x32\...\{88484E59-774D-4947-AF0E-4524D6C3147D}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_cuitextensionmsi_x64 (HKLM-x32\...\{184D5702-3AD2-4F0D-95E6-11E1C75A9298}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvsharedmsi (HKLM-x32\...\{923446B9-70EB-4850-95D7-1A1AB5D111CD}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{5C99AE76-BEF9-4D4B-A77A-1B63238B86B0}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_enterprisemsi (HKLM-x32\...\{6E0FB913-0E76-44B5-B0D4-2B71A7984BD2}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{2C910925-05EE-403B-8295-D2593E11F751}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{46F71CD4-4841-4B77-A491-9933B98F8D0D}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{9DCCEEF7-CC00-4054-9879-7E0A12E5CF0A}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{B6BAC9A6-A70D-4E4D-B90A-7EE2B336E090}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{3161DA68-DD37-4798-82DB-B3A0BD6BA233}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{883D29E5-9A41-4C45-A192-C10B8078BF0C}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{05A82EA9-8768-4E1B-B16C-FCCF299D331C}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{FB59095C-C7C6-4CA6-B300-852B50AB976D}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{53D1C36A-E35A-45B3-801B-F49BDD425293}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{786313C8-40FA-4E06-A625-B1B30B66E872}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{FEFEDA38-9B6A-4374-8D43-7D5517152080}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{CC15CA94-9817-4914-A9ED-A694A2F27783}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_networkemulationmsi_x64 (HKLM-x32\...\{44FFB63E-E35B-41BE-8E9B-149B1AF65493}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_professionalmsi (HKLM-x32\...\{C135A30B-7258-4E11-8660-87C5642A4AAE}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{4EF9011A-8E81-4D6F-9CB9-DBF0B1B12809}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{874561BE-97AD-4865-8512-579D41009147}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
win-capture-audio version 2.2.3 (HKLM-x32\...\{406FD363-BC38-47EE-AF53-7F6FB4D56ECE}_is1) (Version: 2.2.3 - bozbez)
Windows App Certification Kit Native Components (HKLM\...\{398B9866-66DD-753F-761B-E74A270435CC}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{4FC3E9F0-8B10-DBFB-EA4B-FCA87274FC59}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{7718961C-5622-0714-906E-89E9751FA8F4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{EC74C9E5-A88F-D4DF-1DD0-FA42FFBB298D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{942262C5-DA88-830D-7140-C5BCC896DD60}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows IoT Extension SDK (HKLM-x32\...\{110B5402-97D4-DDA2-7B42-665D8325A44F}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{AC8F20B3-36BB-DE22-CA37-43BC967B3F47}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{B38CF8FF-C0D9-B11D-6484-B95A81C72DDC}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{6FF4EDB8-56EA-640C-47CA-54C845F7D273}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Phone SDK 8.0 Assemblies for Visual Studio 2017 (HKLM-x32\...\{7D80B045-3223-3481-AC8F-B0BBA3A25B6F}) (Version: 15.0.28302 - Microsoft Corporation) Hidden
Windows SDK (HKLM-x32\...\{ED060DBD-1A21-7554-F2E1-06A0EE45900D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{EA15DC17-4379-6850-16FA-D6527641A8DD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{BFC2CA21-326B-90D1-B0E5-F1327411D4A5}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{441FA049-A2AB-7E8D-375D-5C9720CD3325}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{492AAE4A-619E-64BF-6173-DB4E25D67533}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{C971A14A-F045-BD6A-C670-05C7B74A37FE}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{323350A8-D3DC-2F8C-2976-E59E2C132B74}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{51ACC3C5-D131-0916-3F0C-59455F32E6B0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{AE5CE40F-6C6D-C95F-FD37-D9EF7093CA99}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{D5B8B2F7-680B-B6D4-6353-377C73C0F8A8}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{9D5486B4-7458-1A53-E92F-8CFD4AF85D4B}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{8308EFA9-D647-6BF4-6525-349091FBD528}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{F770E8F3-139B-0373-8692-BF619445B8C2}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{90B0B603-7728-F869-3927-73232379BA5B}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{F84F82F2-4D6F-7EE7-A5EC-C57ECBAB3513}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{2DD06060-C61D-7C3A-AA55-6E3FD9493D61}) (Version: 10.1.17763.132 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{CA7A8A65-AB2E-43AA-4110-10C50115E211}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{1B278824-7541-EA8F-FFA1-8B73EC7146D5}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{36AA7E63-76E9-E591-C985-272415268810}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{929C5E30-584A-9E44-2C03-08AA27927317}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{785711EA-DD49-D232-BB29-D48350CC458F}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{DAED8629-A799-B67F-9751-F3A1C60EE335}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{A128C4CE-88C8-8BDF-FBE9-A517979E0BDD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{BA610F2C-C1FA-0A65-2B4D-8272223AC061}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{9A0DC6A1-E91D-EB94-FB4D-41DDDE8A225D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{FBA500B3-235D-41E5-D748-F9FFD2C881FD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{C1C8121A-6BDE-478E-3685-C09F9287D6F0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{70DB40AD-109B-C0CB-9DBF-8B1EDAEBFF61}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{58770E7F-37C0-70F9-6CBF-2B18503B0EE0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Simulator - ENU (HKLM-x32\...\{A4646537-CE71-480A-9A2B-AAFE03334996}) (Version: 15.0.27729 - Microsoft Corporation) Hidden
Windows Simulator (HKLM-x32\...\{F9F1A5B3-D8DE-4995-B14B-1ED4AFA7A003}) (Version: 15.0.27729 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{A8B548F5-D495-BB71-F673-2D48FD7E764C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{F57D8118-1428-ECB8-0729-A577A9A1DEA8}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
windows_toolscorepkg (HKLM-x32\...\{A0669C27-8927-49FE-A039-5C1792620DCE}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Razer Inc. (WinUSB) USB  (05/04/2016 6.2.9200.16385) (HKLM\...\874D6B1A2BD2AE8FF3594AB704F2A4A3F8342FB5) (Version: 05/04/2016 6.2.9200.16385 - Razer Inc.)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinSCP 5.19.5 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\winscp3_is1) (Version: 5.19.5 - Martin Prikryl)

Packages:
=========
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-08-09] (INTEL CORP) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-17] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10801.429.0_x64__8wekyb3d8bbwe [2022-08-25] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-10-06] (NVIDIA Corp.)
Python 3.10 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.2032.0_x64__qbz5n2kfra8p0 [2022-09-06] (Python Software Foundation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0 [2022-10-06] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-04] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\lucap\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\lucap\AppData\Local\Autodesk\webdeploy\production\3f77c28c02b1b466e9d910ef562e48d42f47cc2b\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Proton Technologies AG -> )
CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}\InprocServer32 -> C:\Users\lucap\AppData\Local\Programs\WinSCP\DragExt64.dll (Martin Prikryl -> Martin Prikryl)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-01-19] (Notepad++ -> )
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => G:\VMware\vmdkShellExt.dll [2022-02-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => G:\VMware\x64\vmdkShellExt64.dll [2022-02-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\nvshext.dll [2022-09-22] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games\MY.GAMES Игровой центр.lnk -> C:\Users\lucap\AppData\Local\GameCenter\GameCenter.exe (Keine Datei) <==== Cyrillic
ShortcutWithArgument: C:\Users\lucap\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c2854863be7afae2\MetaMask.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=nkbihfbeogaeaoehlefnkodbefgpgknn --app-url --app-launch-source=4

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2022-08-12 10:14 - 2022-08-09 04:52 - 001427968 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2022-01-30 04:10 - 2019-05-03 11:41 - 001750016 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Voicemod Desktop\CefSharp.Core.dll
2022-08-20 15:07 - 2022-08-20 15:07 - 000967168 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\VB\Voicemeeter\mp3lame\lame_enc.dll
2022-01-30 04:10 - 2019-04-25 10:23 - 109914112 _____ () [Datei ist nicht signiert] C:\Program Files\Voicemod Desktop\libcef.dll
2019-07-15 11:20 - 2019-07-15 11:20 - 000126976 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2021-03-04 16:21 - 2021-03-04 16:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-03-04 16:21 - 2021-03-04 16:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2010-06-17 01:51 - 2010-06-17 01:51 - 000106546 _____ (MIDIOX Computing) [Datei ist nicht signiert] C:\Program Files (x86)\MIDIOX\MMCBKNT.DLL
2010-06-17 01:51 - 2010-06-17 01:51 - 000086065 _____ (MIDIOX Computing) [Datei ist nicht signiert] C:\Program Files (x86)\MIDIOX\moxlib.dll
2022-05-05 17:44 - 2022-05-05 17:44 - 002122240 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2022-01-30 04:10 - 2019-04-25 10:22 - 000799744 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files\Voicemod Desktop\chrome_elf.dll
2021-12-11 18:47 - 2021-12-11 18:47 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-12-11 18:47 - 2021-12-11 18:47 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2021-12-11 18:47 - 2021-12-11 18:47 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\muoxrych.sys:changelist [224]
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [3442]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk:075A04AA92 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk:8BD81608B2 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk:7F26D44B90 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk:6569B2479D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk:D689419597 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk:CF2917E869 [10]
AlternateDataStreams: C:\Users\lucap\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\lucap\Anwendungsdaten:0b3c2611a8001a318a8f9e5790a4bd7d [394]
AlternateDataStreams: C:\Users\lucap\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\lucap\AppData\Roaming:0b3c2611a8001a318a8f9e5790a4bd7d [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9040]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_341\bin\ssv.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\sharepoint.com -> hxxps://wpdgroup-files.sharepoint.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-03-19 06:49 - 2021-11-11 22:26 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2022-02-24 00:33 - 2022-04-01 23:38 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.27.96.1 DESKTOP-N6Q3QEM.mshome.net # 2027 3 3 31 21 38 18 281

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %C_EM64T_REDIST11%bin\Intel64;G:\VMware\bin\;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Intel\Intel(R) Memory and Storage Tool\;C:\Program Files\PuTTY\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Git\cmd;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lucap\AppData\Local\Microsoft\Windows\Themes\Nina+Luca\DesktopBackground\{ae246f3e-2323-47cd-acd2-ec2f649d66b2}.jpg
DNS Servers: 8.8.8.8 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 ist aktiviert.

Network Binding:
=============
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) 
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) 
ProtonVPN TUN: VMware Bridge Protocol -> vmware_bridge (enabled) 
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) 
LAN-Verbindung: VMware Bridge Protocol -> vmware_bridge (enabled) 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "DTS Audio.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\StartupFolder: => "Voicemeeter (VB-Audio).LNK"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "GameCenter"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "GogGalaxy"

Hier ist der 2. Teil der Logs:
https://www.trojaner-board.de/205322-addition-log-teil2-windows-10-21h2-windowsdefender-meldet-trojan-msil-bladabindi-oe-mtb-log-teil2.html#post1768780

legendevent · 08.10.2022, 16:26

Hier der 2. Teil vom Additionlog und danach der FRST Log

Code:

ATTFilter

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{B055CD66-6E58-421C-9689-1A715B9DC120}C:\users\lucap\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lucap\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A1E52362-8CF1-459D-A85A-3DD89034BA97}C:\users\lucap\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lucap\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1AE35F62-FC60-47FF-AC33-277333B7DE97}C:\program files\daedalus mainnet\daedalus mainnet.exe] => (Allow) C:\program files\daedalus mainnet\daedalus mainnet.exe (GitHub, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{68C622B7-2A5B-4F9F-8AC1-6A6D64D77509}C:\program files\daedalus mainnet\daedalus mainnet.exe] => (Allow) C:\program files\daedalus mainnet\daedalus mainnet.exe (GitHub, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D4102AF4-482A-493C-B3BC-F449B42CEE21}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [UDP Query User{911A43CD-A386-4534-9947-C31F2774BF8B}C:\users\lucap\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe] => (Allow) C:\users\lucap\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe => Keine Datei
FirewallRules: [TCP Query User{3186B7E1-C803-4DA7-8F56-59E7BDD66B18}C:\users\lucap\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe] => (Allow) C:\users\lucap\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe => Keine Datei
FirewallRules: [{50A838E3-1FE8-4E62-8136-92807E5966C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0D5B8BE2-8BEA-4851-8F08-F18DD5D43B37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B8C5DA5D-9163-4107-AC8C-2B44055563FE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{706E0FB1-CF71-4F62-8BFD-9D4184121E6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A856504B-938F-494F-8952-4267B8EE7864}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{C8EEEFE7-60EC-4496-8E52-4005B75C3313}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{DBBFBB69-6FCA-4814-BDD7-82F0E3755C37}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{4163EC52-B9EC-42E5-A11B-5DB7F46ADCE2}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{4B9F176B-ED9F-4897-AA2D-3E76381B5D70}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{BE0F3533-AFDE-43DB-ABAC-4830B7BAD71E}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{6D2D2A1A-136D-4BE5-98C2-BC062A5C085C}D:\battlenet\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battlenet\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [UDP Query User{6AC11A53-471E-4F88-8171-7B0B4FED3368}D:\battlenet\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battlenet\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [{B1BDDD19-26A0-4CE4-8083-0209AF7BC9AA}] => (Allow) E:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe (Unity Technologies ApS) [Datei ist nicht signiert]
FirewallRules: [{392A9D61-7C90-4FF6-8AB5-3C01EE4B834E}] => (Allow) E:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe (Unity Technologies ApS) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{7528AF07-A512-4AAE-B20D-B4C6F2097F07}C:\users\lucap\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\lucap\appdata\local\gamecenter\gamecenter.exe => Keine Datei
FirewallRules: [UDP Query User{BC484671-BE68-48A8-9493-BE2DF6574840}C:\users\lucap\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\lucap\appdata\local\gamecenter\gamecenter.exe => Keine Datei
FirewallRules: [{B9B2106D-2CFC-47AC-B26C-04A13CAC4591}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{139F9C58-CF73-4AAC-AD70-E248D02EB8ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{D126B0DF-9FF8-484C-911D-79E3C1BA026F}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{9FD1CE5D-13C1-402A-8F15-EA08AF337FA2}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{5D22B059-C16D-4F78-9B25-06AB440C8DAB}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{0FB5E468-B82B-490A-A432-82670F257983}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{F5DFC3F6-CB5B-45A0-9709-4746E31116C2}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{41F38958-2A46-444C-91E1-E3518CBE29D7}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{FCD57E13-ED76-4861-ACF3-CCC9026A5D47}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [{0A233FB7-3D50-4D26-A7D3-AA137B8F21DF}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Scavengers\Scavengers_Launcher.exe (Epic Games, Inc) [Datei ist nicht signiert]
FirewallRules: [{40F931E0-1FA1-40A7-80A3-4B02F70EC2F9}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Scavengers\Scavengers_Launcher.exe (Epic Games, Inc) [Datei ist nicht signiert]
FirewallRules: [{EB01688F-4A42-4480-AA19-1DD3D0374B9E}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [{E387A6B4-1684-44AE-ABA5-A9C9261EA39A}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [{E045F99A-CBE7-43A2-8012-4661B4125068}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe => Keine Datei
FirewallRules: [{166C57C6-07B7-4F49-AB50-F8CDB5A5B5F6}] => (Block) C:\Program Files\Unity\Editor\Unity.exe => Keine Datei
FirewallRules: [{93702EF5-4211-48A4-A6E2-B0FF88261EBF}] => (Allow) C:\Program Files\Unity\Hub\Editor\2020.3.11f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{B96E94CA-B3A8-4BA9-B502-AFB555A4C5CF}] => (Block) C:\Program Files\Unity\Hub\Editor\2020.3.11f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{25719415-8AD5-4E7C-8BCE-D43229B7E7DF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2D095F1-26FF-4314-AFBB-9ECBC0BEF989}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{307FDA5B-742A-4066-9EFC-DF1F235E9464}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Police Simulator Patrol Officers\Boston.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{E061731D-11B3-4186-9E8E-F0870ABC650E}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Police Simulator Patrol Officers\Boston.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{9F719FDF-B9F9-4416-973D-4431291AB29E}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{77A609ED-531E-46FB-B3FB-8ED634D9DEF1}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{EF59AC6E-EF84-487F-9659-C8A7634FF108}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Back4BloodBeta\Gobi\Binaries\Win64\Back4Blood.exe => Keine Datei
FirewallRules: [{DFE1675B-6718-497D-B6FE-96B1EA308010}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Back4BloodBeta\Gobi\Binaries\Win64\Back4Blood.exe => Keine Datei
FirewallRules: [{558ADEA4-85FE-4703-94E7-72A0029221E0}] => (Allow) C:\Program Files\Unity\Hub\Editor\2021.1.16f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{837BD691-2D10-47E9-A6B5-07C2EA58AE24}] => (Block) C:\Program Files\Unity\Hub\Editor\2021.1.16f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{69F665B3-BD1C-4A79-AECC-72285FB4F5AB}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => Keine Datei
FirewallRules: [{BE4BCCF2-2AC5-40B5-AF0B-D110A220AC9F}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [TCP Query User{C0A47962-166E-4A7D-A592-D7EC32C73B6D}F:\spiele\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [UDP Query User{9050EDC6-5E68-450D-8827-B6141D0E5F21}F:\spiele\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [TCP Query User{BCA289C6-CAA7-4C3C-BF00-A28F684FD58A}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [UDP Query User{441AF1A6-6E29-4745-9EF9-2E9D51D5DCB1}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [{8E01B8E0-E189-42F6-B6CB-39716C595B57}] => (Block) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [{66478A40-FBC1-49C1-A915-C582A8F155DF}] => (Block) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [TCP Query User{737394C3-53A5-40D0-8CD0-0627DB9DCCE9}C:\program files\java\jdk-17.0.1\bin\javaw.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\javaw.exe
FirewallRules: [UDP Query User{88DD6837-1624-46F2-A4FF-11AD3952DE59}C:\program files\java\jdk-17.0.1\bin\javaw.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\javaw.exe
FirewallRules: [{DD823069-F27D-43C1-B1D2-9A2FF2CF7D8F}] => (Block) C:\program files\java\jdk-17.0.1\bin\javaw.exe
FirewallRules: [{45BA234D-0242-498A-A30F-E59B00C7DAD2}] => (Block) C:\program files\java\jdk-17.0.1\bin\javaw.exe
FirewallRules: [TCP Query User{D1DA5D7E-0525-4ADD-817C-F3E6B3222913}C:\program files\java\jdk-17.0.1\bin\java.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [UDP Query User{34B01248-7CBB-4162-9863-8E84F04F3C4D}C:\program files\java\jdk-17.0.1\bin\java.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [{6F7C6BAF-2095-4F2E-9EC6-D2F043234DD7}] => (Block) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [{F4AC9896-E2A6-4E54-A6AB-8381945C22DA}] => (Block) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [TCP Query User{93987B60-318F-4237-B227-CAE224486B52}C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe
FirewallRules: [UDP Query User{D6984EA7-CB63-4FE9-A9A9-9AC9C66C558A}C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe
FirewallRules: [{3FE6117E-CD69-4EC5-B4A9-FBC09F6C70C4}] => (Block) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe
FirewallRules: [{A2FDE404-11DE-48D5-8C71-854FE8ACA7D6}] => (Block) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe
FirewallRules: [TCP Query User{8D16BE4E-CE80-437F-9C2F-ED95379B923E}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{930E237A-89C5-44EB-8B49-4019D456C512}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{437B7E93-0B86-47E5-B415-D440862E26A4}] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{5060D30D-E5DA-4759-BC3B-EA91F7FCA27A}] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{6673FE6F-1386-4460-82D4-EDD4485A2EE2}C:\program files\java\jre1.8.0_311\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_311\bin\java.exe => Keine Datei
FirewallRules: [UDP Query User{5875C373-FD26-4B95-9B71-1A56A875D08B}C:\program files\java\jre1.8.0_311\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_311\bin\java.exe => Keine Datei
FirewallRules: [{17830A47-3CA0-4C41-8DFE-7C5FD2C118F7}] => (Block) C:\program files\java\jre1.8.0_311\bin\java.exe => Keine Datei
FirewallRules: [{72059373-C071-4E14-BE6E-39C57A40D014}] => (Block) C:\program files\java\jre1.8.0_311\bin\java.exe => Keine Datei
FirewallRules: [TCP Query User{699B7CC1-44B8-47AA-8F38-02505DBF4A16}C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{77DBCCBC-D06A-4892-94FF-0A7BB3809ED3}C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{24C452F0-C820-40AC-B7B1-994493370F4A}] => (Block) C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{365D501F-3B7D-4E1E-8D48-ED1D5EBB00D5}] => (Block) C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{17E62ECE-4E95-47FC-81C9-7218DF7035EF}C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{22102CE2-5763-45DF-A0DE-9B2F8D9D2F3C}C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{CD77AFA6-684A-45D1-9A9F-9A9620DB631F}] => (Block) C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{73CAC0DD-3524-4C10-A59B-09A6D9C0CCDB}] => (Block) C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [TCP Query User{F4A9DBA8-CAC5-4956-A908-5B998134BC90}F:\spiele\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe => Keine Datei
FirewallRules: [UDP Query User{FB02D43E-06CA-451C-8114-227B54D3B52D}F:\spiele\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe => Keine Datei
FirewallRules: [TCP Query User{1896F537-C6AD-4200-8CC5-DA440CF9FABE}F:\battlefield2042\battlefield 2042\bf2042.exe] => (Allow) F:\battlefield2042\battlefield 2042\bf2042.exe => Keine Datei
FirewallRules: [UDP Query User{AC9B4935-4DF9-4571-AFFC-22DCD7140D05}F:\battlefield2042\battlefield 2042\bf2042.exe] => (Allow) F:\battlefield2042\battlefield 2042\bf2042.exe => Keine Datei
FirewallRules: [{1F4633A3-EAC3-4DF3-BF00-6F7B61614AAF}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe => Keine Datei
FirewallRules: [{5FA054FD-65E7-4413-A46F-6923A001A764}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe => Keine Datei
FirewallRules: [{C30359CA-B904-420E-BC92-E1B571E04C76}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe => Keine Datei
FirewallRules: [{8A6C56E0-FCB7-4F3E-BB01-3CA1686FC9B0}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe => Keine Datei
FirewallRules: [TCP Query User{0192CD57-CB68-4E5A-94FD-307849245684}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Keine Datei
FirewallRules: [UDP Query User{834189CB-CB43-4CFE-9CB9-422A29717A51}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Keine Datei
FirewallRules: [TCP Query User{3B78FFFD-4FB2-4254-9DF3-B1B72BDF95F4}F:\spiele\riot games\riot client\riotclientservices.exe] => (Allow) F:\spiele\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{2719E38A-59AA-4A70-B8C7-265700BACCAD}F:\spiele\riot games\riot client\riotclientservices.exe] => (Allow) F:\spiele\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{EB58D4DC-655C-4A68-8F88-526BF58DA41E}F:\spiele\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe => Keine Datei
FirewallRules: [UDP Query User{498F12DF-6B0D-49A7-B5A7-3347DCBF2F1E}F:\spiele\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe => Keine Datei
FirewallRules: [TCP Query User{D87B8B17-18B3-4CE5-9D00-E8B3165D14F9}C:\program files\jetbrains\pycharm community edition 2021.3.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2021.3.1\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{876C2405-4AE4-42A1-836C-EEED4D10E361}C:\program files\jetbrains\pycharm community edition 2021.3.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2021.3.1\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{D82947DF-6D10-4184-B867-B90BCDE230CC}] => (Allow) F:\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{9B8ECDA9-B8F3-42E1-A678-8D353D384CA7}] => (Allow) F:\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{B14D4F6D-91A4-414C-B68C-3CECB7DF9C4B}] => (Allow) F:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{46126EC3-C382-4618-82D7-F6490A34F14F}] => (Allow) F:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{ABC6390E-8360-46BD-B335-F0D6D4ADFFBD}F:\spiele\steamlibrary\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{F9037371-3110-4E3E-962C-6FCFA6AB3D8B}F:\spiele\steamlibrary\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [Datei ist nicht signiert]
FirewallRules: [{6F64AE58-95EA-4BFE-AAF5-5DD0CFDFB20D}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{493E56C8-8CEA-4500-9186-2EF521F129C6}G:\visual studio\2022\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe] => (Allow) G:\visual studio\2022\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B77F7B39-2D43-4530-9D5A-5716E396A6D7}G:\visual studio\2022\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe] => (Allow) G:\visual studio\2022\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{623FD68D-0B24-4BAC-8F2B-C5EA6F6D084B}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{2E5CF565-0E00-4231-A101-232E41862224}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{36C2551E-C59B-4567-8BE0-3C82091FD0F2}F:\spiele\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [UDP Query User{CDEB9012-DA93-481D-87DE-A0EE9166910F}F:\spiele\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [{6F50DB18-63D4-444A-94A7-F9CE53ACC79D}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{85FF5C82-A422-421C-AFA0-E78D5958EF89}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [{2BBA24EC-CA88-4FFE-BC32-E6489566E631}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{D1753862-5580-469A-AE25-1CAF9D2A9D7F}F:\spiele\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{1B34FDE8-10AF-456F-921B-288131AD2317}F:\spiele\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [{C74578E8-8DF1-41CA-B006-4DCDB273F43E}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Hydroneer\Mining.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D95A059F-9CCB-4FF4-A6FC-D353914D500B}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Hydroneer\Mining.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{268248C2-F75A-4018-9F27-F90A9704CF48}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{28CD5A59-F0A5-4FB4-B6E6-22E14B6DD5BA}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{DB4DAC25-0B2A-4ECA-AFF7-4465774A9573}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{AC4C275F-AD7D-4319-9CCD-C1958756B3F1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{F06BA117-1824-4AC1-8034-8602CD719F10}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe => Keine Datei
FirewallRules: [{95CC9589-F13A-4786-A1A6-5C94FCEA4A66}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe => Keine Datei
FirewallRules: [TCP Query User{7852ADD3-EF3C-4EB3-8587-69F4C57D5220}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9A1AA7F5-E34E-42C2-AC65-75445139E2AC}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{87E5A834-F205-4B1C-BEDB-82DBCDB10079}F:\spiele\steamlibrary\steamapps\common\arma reforger\armareforgersteam.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\arma reforger\armareforgersteam.exe => Keine Datei
FirewallRules: [UDP Query User{BEA55C9C-DB24-4CF6-A621-6458D67A3660}F:\spiele\steamlibrary\steamapps\common\arma reforger\armareforgersteam.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\arma reforger\armareforgersteam.exe => Keine Datei
FirewallRules: [{8555DB45-A979-4A50-8411-87AA5D59B266}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{E70546CD-62EA-483C-8175-A8FCE85943C0}C:\program files\ultimaker cura 5.0.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.0.0\ultimaker-cura.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4E78B0F4-1867-4C01-84FF-B3AFAA6A1D68}C:\program files\ultimaker cura 5.0.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.0.0\ultimaker-cura.exe () [Datei ist nicht signiert]
FirewallRules: [{0CC070C7-10B6-47C6-8ED1-A17B5F4AB320}] => (Allow) F:\AssassinsCreedOrigins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{57A46265-9A7F-42B3-951A-1EC892F41BAC}] => (Allow) F:\AssassinsCreedOrigins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{EB3EA712-4F35-48D5-9E8A-F3EDDD4514B6}] => (Allow) D:\SteamLibrary\steamapps\common\The Cycle\Prospect_BE.exe => Keine Datei
FirewallRules: [{5398AC86-7029-4EF6-BC3F-C920940BC8AF}] => (Allow) D:\SteamLibrary\steamapps\common\The Cycle\Prospect_BE.exe => Keine Datei
FirewallRules: [{56EAEAA8-A6D6-4BF2-A6D1-AB0386EAC701}] => (Allow) D:\SteamLibrary\steamapps\common\Tales of Arise Demo Version\Arise\Binaries\Win64\Tales of Arise.exe => Keine Datei
FirewallRules: [{CB4C5C87-EEFE-49E7-952B-0BD31113ADF8}] => (Allow) D:\SteamLibrary\steamapps\common\Tales of Arise Demo Version\Arise\Binaries\Win64\Tales of Arise.exe => Keine Datei
FirewallRules: [TCP Query User{21B320B5-F904-4BAA-8B54-EE9EA37E7E7A}C:\users\lucap\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\lucap\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{AC3E93D8-9931-4CF0-AEAC-AE05000AB27D}C:\users\lucap\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\lucap\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{A56E9D8F-52A9-49CE-A570-EEEE12EDEE98}D:\rockstar\grand theft auto v\gta5.exe] => (Allow) D:\rockstar\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{C1C3CBA6-81D8-4187-97BE-018BA94F1B32}D:\rockstar\grand theft auto v\gta5.exe] => (Allow) D:\rockstar\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{117A9D67-0985-4FFA-BADB-8F96899322A7}] => (Allow) G:\VMware\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{0E30DB09-77B9-49C8-842E-570C8EE69EF1}] => (Allow) G:\VMware\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{972AE3AA-089C-4E1D-8F02-FBFA154D9907}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40E27852-6E2E-4612-A565-F9C0902EE6CA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9358E5D-F93E-4922-A2BB-AA588ECA44EC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{41B79784-1A75-43F3-8658-F9AD37E6CF26}] => (Allow) F:\Grand\GrandRP Launcher\RAGEMP\ragemp_v.exe => Keine Datei
FirewallRules: [{05AB3C4F-3398-424C-BA3D-0C387CC9318A}] => (Allow) F:\Grand\GrandRP Launcher\RAGEMP\ragemp_v.exe => Keine Datei
FirewallRules: [TCP Query User{E2624B3C-B63A-4E3D-B7CB-3B746EF367B2}F:\grand\grandrp launcher\ragemp\cef\ragemp_game_ui.exe] => (Allow) F:\grand\grandrp launcher\ragemp\cef\ragemp_game_ui.exe => Keine Datei
FirewallRules: [UDP Query User{3534449D-83F5-42D2-AFC8-1FF4F2140B78}F:\grand\grandrp launcher\ragemp\cef\ragemp_game_ui.exe] => (Allow) F:\grand\grandrp launcher\ragemp\cef\ragemp_game_ui.exe => Keine Datei
FirewallRules: [{A6CB9AF2-C1BD-4C58-85F0-72122A13071D}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert]
FirewallRules: [{A6BA0C1E-4589-4641-8221-B83D3A7189F3}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert]
FirewallRules: [{06DDCE8D-1D35-4E5C-BD26-6EC0C1190E8E}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{F1D043C6-AF09-420E-BCF8-574308AC55E5}] => (Allow) D:\NosTale\DYNZEN\DZLauncher.exe => Keine Datei
FirewallRules: [TCP Query User{DFE0B60F-0C34-4B3E-95DF-A98403813AD2}F:\spiele\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{8E7DEAE5-29E0-40B7-9B00-26CDAFDBAFDD}F:\spiele\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{3815DCB4-4591-4FF0-B3C2-8E628E0E7602}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Ready Or Not\ReadyOrNot.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{E2CFB573-1990-4340-A0CC-B2AF5AEF9F96}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Ready Or Not\ReadyOrNot.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{EA9903D6-2FEB-40AF-9153-5BC9E2F2CD4A}] => (Allow) C:\Users\lucap\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{7F4A241C-CD04-4433-8BA0-FA2F0E15B097}] => (Allow) C:\Users\lucap\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{45CAE728-35C2-4D15-A3B2-0EBEB3AF420A}] => (Allow) F:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe () [Datei ist nicht signiert]
FirewallRules: [{EA6B7BE8-FB02-4B2E-8C5C-4652CD5AE9FD}] => (Allow) F:\Tower Of Fantasy\Launcher\intl_service\intl_service.exe (PROXIMA BETA PTE. LIMITED -> PROXIMA BETA PTE. LIMITED)
FirewallRules: [TCP Query User{A8DF2F81-EDE1-4ECA-AA92-2DC2B127920C}C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe (BUREL VINCENT -> VB-AUDIO Software)
FirewallRules: [UDP Query User{2057F51F-E21F-4D1E-B60D-CEDE15D222AE}C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe (BUREL VINCENT -> VB-AUDIO Software)
FirewallRules: [{692A2D6E-857F-459E-9B18-4C2B4D83B15B}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{81340C5E-4264-4EC2-B18D-439718F5D19B}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{DFA2ACAE-EE2B-4B5C-8F0D-2403DE2D045F}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{237EC99F-5B57-441D-84D4-351E223149EE}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{DBE8CF1D-C974-4FDB-9E59-8FE49B7EE7ED}C:\program files (x86)\vb\voicemeeter\vban2midi.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\vban2midi.exe (BUREL VINCENT -> Audio Mechanic & Sound Breeder)
FirewallRules: [UDP Query User{6D1DB665-ADAF-408B-9D9D-ADC9365FB024}C:\program files (x86)\vb\voicemeeter\vban2midi.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\vban2midi.exe (BUREL VINCENT -> Audio Mechanic & Sound Breeder)
FirewallRules: [{951CF11F-8391-477F-B041-0CBE5DD78EA0}] => (Allow) C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{88BE0DBC-ECCC-42EB-9D96-F47C86F8F6E3}C:\program files\windowsapps\60992midimixer.midimixer_2.7.1.0_x64__crf4gtfkaz836\app\midi mixer.exe] => (Allow) C:\program files\windowsapps\60992midimixer.midimixer_2.7.1.0_x64__crf4gtfkaz836\app\midi mixer.exe => Keine Datei
FirewallRules: [UDP Query User{3AF61B7E-292A-499F-88DB-4255490489D1}C:\program files\windowsapps\60992midimixer.midimixer_2.7.1.0_x64__crf4gtfkaz836\app\midi mixer.exe] => (Allow) C:\program files\windowsapps\60992midimixer.midimixer_2.7.1.0_x64__crf4gtfkaz836\app\midi mixer.exe => Keine Datei
FirewallRules: [TCP Query User{5911571C-C5B4-4DC8-B670-2D8AD377B5B4}C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{EC2BF018-F76E-462D-BAF7-0F979E59CEFB}C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe () [Datei ist nicht signiert]
FirewallRules: [{7D86D7D0-4C87-41C1-A047-5794AF31A2B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5ECA1D9E-3903-4707-9DCD-FD1E333AF14F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D659C383-BFFB-441C-8578-0C5A8D5462B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E8B52B02-B037-48CF-80AB-2C95F4AC9360}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1A15F107-105B-4831-9C53-1443DF4C4F1B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4C0CCBF6-B597-4AA2-A0FC-DB5378670302}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => Keine Datei
FirewallRules: [{D8DDB4DC-83D9-40F4-8B6F-5EC24F6B73CD}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => Keine Datei
FirewallRules: [{6F3BA182-78F5-482C-A49F-C511B0FBAE3A}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => Keine Datei
FirewallRules: [{97EBFA5D-86AF-4F8E-B842-B2AFFC05EADD}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => Keine Datei
FirewallRules: [{D70BA585-9F18-486A-867C-DD5FCDCA7495}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => Keine Datei
FirewallRules: [{40C71959-665F-42D5-98EC-8297C8E97B34}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => Keine Datei
FirewallRules: [{BE341D90-900D-4492-941C-858650DB7025}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => Keine Datei
FirewallRules: [{92DAC700-1482-48B5-B808-0EDB4D8EB6D5}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => Keine Datei
FirewallRules: [TCP Query User{3C792DFA-6126-4549-A900-BE7941F66F15}F:\fallguys\fallguys_client_game.exe] => (Allow) F:\fallguys\fallguys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{BDFC7BB3-7868-4C6B-BD8C-046AD421F6FB}F:\fallguys\fallguys_client_game.exe] => (Allow) F:\fallguys\fallguys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{B6E08354-F876-494F-96B3-03781414CFFB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7417C2D0-90D5-48DA-9103-D1255EABAA72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F1B334B-4F1C-447E-9A14-C20BF51C7A25}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{56EBA9CA-9C21-4D60-B927-1E0400E9A663}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{2379138D-3C4D-4301-9DFB-773D433E0FC5}F:\spiele\steamlibrary\steamapps\common\need for speed heat\needforspeedheat.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\need for speed heat\needforspeedheat.exe (Electronic Arts) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{C69606C5-3333-446C-A9E7-E3B6F6598601}F:\spiele\steamlibrary\steamapps\common\need for speed heat\needforspeedheat.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\need for speed heat\needforspeedheat.exe (Electronic Arts) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{646CDBDC-F055-40B7-8FD4-EEBF8FCC7CD7}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{B22FCC24-3317-4657-BF24-FCE63EB75AAA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{2C4FA44B-BD01-4553-B419-40CCEE0FFEC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3FCF19E3-141E-4FE9-A3DC-1CE7BA71B22A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E93DFDFC-4B44-4C20-AB6B-015169ECAE94}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B17FD12C-6EC7-4FDF-AF8B-E2170BF9DEE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{93559D56-70AE-43EC-B1C6-80F72CAC6058}C:\program files\windowsapps\60992midimixer.midimixer_2.7.2.0_x64__crf4gtfkaz836\app\midi mixer.exe] => (Block) C:\program files\windowsapps\60992midimixer.midimixer_2.7.2.0_x64__crf4gtfkaz836\app\midi mixer.exe => Keine Datei
FirewallRules: [UDP Query User{8A4E43D8-AF77-414D-9CF3-C243950AA9D3}C:\program files\windowsapps\60992midimixer.midimixer_2.7.2.0_x64__crf4gtfkaz836\app\midi mixer.exe] => (Block) C:\program files\windowsapps\60992midimixer.midimixer_2.7.2.0_x64__crf4gtfkaz836\app\midi mixer.exe => Keine Datei
FirewallRules: [{7DB580C6-1B2F-43DA-A737-93E1F63F6589}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34F00B60-ABD5-4103-81C2-1889EEBB07DE}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc)
FirewallRules: [{B05183D0-8D14-4D26-B17E-3CD2CA80799A}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc)
FirewallRules: [{644DD8B7-084E-460B-9CCC-83065184042D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{62618D68-3EDF-4A8F-80CD-98387333B5DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AEAAEC2B-B850-4C56-A07C-28E888B37252}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{59FB57F8-F023-45C0-BB36-809F0D8F8528}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{36B14B7B-E050-48B4-80A4-4D12457652B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{051FC682-B9B8-4327-BCEE-45005D045A9B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0320B9D-14DB-4031-8931-4D2EABDE44B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D18ABDFC-8E97-4DC2-A6BD-403923FFC6A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Wiederherstellungspunkte =========================

08-10-2022 14:46:07 Removed DB Browser for SQLite

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (10/08/2022 04:13:23 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (10/08/2022 03:56:05 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (10/08/2022 03:47:39 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (10/08/2022 03:38:40 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (10/08/2022 03:33:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT-AUTORITÄT)
Description: Die Registrierungsdatei konnte nicht entladen werden. Der für die Registrierung verwendete Arbeitsspeicher wurde nicht freigegeben. Dieses wird oft durch Dienste verursacht, die unter einem Benutzerkonto ausgeführt werden. Versuchen Sie die Dienste entweder unter dem Konto "LocalService" oder "NetworkService" auszuführen. 

 Details - Zugriff verweigert

Error: (10/08/2022 03:33:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT-AUTORITÄT)
Description: Die Registrierungsdatei konnte nicht entladen werden. Der für die Registrierung verwendete Arbeitsspeicher wurde nicht freigegeben. Dieses wird oft durch Dienste verursacht, die unter einem Benutzerkonto ausgeführt werden. Versuchen Sie die Dienste entweder unter dem Konto "LocalService" oder "NetworkService" auszuführen. 

 Details - Zugriff verweigert

Error: (10/08/2022 03:10:16 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (10/08/2022 03:04:09 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.


Systemfehler:
=============
Error: (10/08/2022 04:08:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/08/2022 04:08:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N6Q3QEM)
Description: Der Server "{3EEF301F-B596-4C0B-BD92-013BEAFCE793}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/08/2022 04:08:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N6Q3QEM)
Description: Der Server "{9AA46009-3CE0-458A-A354-715610A075E6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/08/2022 04:08:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N6Q3QEM)
Description: Der Server "{3EEF301F-B596-4C0B-BD92-013BEAFCE793}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/08/2022 03:47:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/08/2022 03:05:11 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N6Q3QEM)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/08/2022 02:36:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ElevationService" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.


Windows Defender:
================
Date: 2022-10-08 16:10:26
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1750.0, AS: 1.375.1750.0, NIS: 1.375.1750.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-10-08 16:10:06
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1750.0, AS: 1.375.1750.0, NIS: 1.375.1750.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-10-08 15:53:05
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1748.0, AS: 1.375.1748.0, NIS: 1.375.1748.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-10-08 15:52:40
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1748.0, AS: 1.375.1748.0, NIS: 1.375.1748.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-10-08 15:35:49
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1748.0, AS: 1.375.1748.0, NIS: 1.375.1748.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

CodeIntegrity:
===============
Date: 2022-10-08 16:09:20
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-08 13:58:50
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 1302 03/15/2018
Hauptplatine: ASUSTeK COMPUTER INC. PRIME Z270-A
Prozessor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 32634.62 MB
Verfügbarer physikalischer RAM: 23974.25 MB
Summe virtueller Speicher: 37498.62 MB
Verfügbarer virtueller Speicher: 26247.6 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.34 GB) (Free:19.17 GB) (Model: WDC WDS250G1B0A-00H9H0) NTFS
Drive d: (NOS SCRIPTS ETC) (Fixed) (Total:232.87 GB) (Free:58.65 GB) (Model: WDC WDS250G2B0A-00SM50) NTFS
Drive e: (Spiele) (Fixed) (Total:111.77 GB) (Free:90.55 GB) (Model: Samsung SSD 850 EVO 120GB) NTFS
Drive f: (SPIELE) (Fixed) (Total:953.75 GB) (Free:429.95 GB) (Model: NVMe INTEL SSDPEKNW01) NTFS
Drive g: (Volume) (Fixed) (Total:3726.01 GB) (Free:3399.85 GB) (Model: Intel Raid 5 Volume) NTFS

\\?\Volume{fee8127b-0287-4419-ab72-623081b28278}\ () (Fixed) (Total:0.53 GB) (Free:0.07 GB) NTFS
\\?\Volume{81bd91a3-ae1c-46fa-b246-6053b52b7a21}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 10891089)

Partition: GPT.

==========================================================
Disk: 2 (Size: 111.8 GB) (Disk ID: 5E962306)

Partition: GPT.

==========================================================
Disk: 3 (Size: 953.9 GB) (Disk ID: 424CFB2F)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-10-2022 01
durchgeführt von lucap (Administrator) auf DESKTOP-N6Q3QEM (08-10-2022 16:25:58)
Gestartet von C:\Users\lucap\OneDrive\Downloads
Geladene Profile: lucap
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.2006 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(BUREL VINCENT -> VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxEM.exe
(explorer.exe ->) (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.) C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <24>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Voicemod Sociedad Limitada -> Voicemod) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(MIDIOX Computing) [Datei ist nicht signiert] C:\Program Files (x86)\MIDIOX\midiox.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Audio\dts_apo_service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert] C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_a9a8972288e9f3b5\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) G:\VMware\vmware-authd.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\lucap\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1940_none_7dd80d767cb5c7b0\TiWorker.exe
(Tobias Erichsen -> Tobias Erichsen) C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071192 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3190384 2021-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe [767552 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2022-08-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Discord] => C:\Users\lucap\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234088 2022-10-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3536912 2022-08-30] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-10-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [MicrosoftEdgeAutoLaunch_B6C3CFB90E847814C26F519221487FC3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852200 2022-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7395712 2022-07-15] (Voicemod Sociedad Limitada -> Voicemod)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [loopMIDI] => C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe [5516048 2019-12-14] (Tobias Erichsen -> Tobias Erichsen)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {240be0e0-4410-11ec-86c1-107b4449e208} - "H:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {7601382e-d761-11eb-86a5-107b4449e208} - "H:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {c16004ab-d64c-11eb-86a4-107b4449e208} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {c16004d9-d64c-11eb-86a4-107b4449e208} - "I:\HiSuiteDownLoader.exe" 
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3536912 2022-08-30] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DTS Audio.lnk [2022-08-26]
ShortcutTarget: DTS Audio.lnk -> C:\Program Files (x86)\DTS, Inc\DTS Audio\APO3GUI.exe (DTS, Inc. -> DTS, Inc.)
Startup: C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-08-25]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {12E73802-EFFC-44D4-A369-4DFFE7B10DEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C85745B-1881-4798-BC3F-4F3C6B878ECD} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Audio\dts_apo_task.exe [18872 2017-10-12] (DTS, Inc. -> )
Task: {311DDC7D-7673-402F-86C8-88A19A21F812} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-04] (Google LLC -> Google LLC)
Task: {36EF88C9-F743-4AC7-B31F-65BD4E2D2A86} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {687E1730-DB71-4A88-9B02-547DDDC51837} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {68CFA4DA-810E-48FF-A650-499BBFCE5CD0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {698AD474-4843-4F2C-8198-6399FE7095C3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7203C8CE-0ACA-433B-99A1-4746CB58FC8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {765AD24E-41C0-4C9F-B7A9-38BA76E2DCD0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AE912EF-283C-438A-A0FE-05A61DBB6D35} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {816FD7A4-7A4A-4CF1-B822-5EA0E149D882} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {867E1E2D-2A4A-4EC4-A147-942B921F80BB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {93258BEB-042B-4725-8629-8D9E008577D6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9A4E5566-26EC-46E0-918E-800547AA7C1F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C89A927-106E-401A-801B-A4F33D531CDF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A2C56940-5125-4D38-B4D7-6452E189E235} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A3853235-82B5-4580-9B42-4A2FE3EE29FC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {A576DCD2-E365-4610-95C2-2821E34CF238} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {A74D69AE-9E3A-4B5D-B0E6-3FD358E630D1} - System32\Tasks\start midi-oz => C:\Windows\System32\cmd.exe /c "C:\temp\startup.cmd" <==== ACHTUNG
Task: {AA16FBE1-3E3F-4A01-AED7-9A909D1561F9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {AC920503-EBED-46A3-84ED-98FD216164C2} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [66472 2022-02-23] (Microsoft Corporation -> Microsoft)
Task: {AF4438FC-F219-45C7-AC13-68B99DB0ABC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {BDC6789C-60F1-4E6B-8905-EC208695834D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CED268C7-6920-4CB5-A868-5A9D010DB262} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {D023164B-2C3C-40F7-A782-88FE00901BA2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E1A6ACE0-6CFE-4C42-AB35-FF61BBA682F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E6A7B228-6E3C-4323-AE3F-CC1A76CE24ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E97B96C3-427D-4D22-8923-45BC8E1C3940} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-04] (Google LLC -> Google LLC)
Task: {EE5C9847-8EA2-435B-8B27-8D23D8941A9F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FD6AE452-F296-4990-9EA8-C491BBE741FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [44128 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [44128 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [48224 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [48224 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8b5c4eb8-24db-4e98-b000-80fb2575bb5a}: [NameServer] 8.8.8.8,1.1.1.1
Tcpip\..\Interfaces\{8b5c4eb8-24db-4e98-b000-80fb2575bb5a}: [DhcpNameServer] 192.168.0.1

Edge: 
=======
DownloadDir: C:\Users\lucap\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-08]
Edge DownloadDir: Default -> C:\Users\lucap\OneDrive\Downloads
Edge Notifications: Default -> hxxp://127.0.0.1
Edge Extension: (Honey: Automatische Coupons & Prämien) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2022-08-17]
Edge Extension: (WooCommerce AliExpress Dropshipping Extension) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\egamhjcccjiflajhhinondgonlldjgba [2022-10-06]
Edge Extension: (Binance Wallet) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2022-09-02]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-08-29]
Edge Extension: (BetterTTV) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2022-10-01]
Edge Extension: (Netflix Party is now Teleparty) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\igbncjcgfkfnfgbaieiimpfkobabmkce [2022-10-03]
Edge Extension: (Twitch Adblock) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljhnljhabgjcihjoihakgdiicdjncpkd [2022-09-13]
Edge Extension: (MetaMask) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-10-03]
Edge Profile: C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-08-17]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-07-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default [2022-08-29]
CHR Extension: (MEGA) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2022-08-26]
CHR Extension: (Social Blade) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2022-06-02] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ACHTUNG
CHR Extension: (uBlock Origin) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-08-26]
CHR Extension: (Trusted Shops-Erweiterung für Google Chrome) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcpnemckonbbmnoakbjgjkgokkbaeo [2021-03-31]
CHR Extension: (Google Docs Offline) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-30]
CHR Extension: (UltraWide Video) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\lngfncacljheahfpahadgipefkbagpdl [2021-10-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-04]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-08-05] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477392 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Audio\dts_apo_service.exe [26560 2017-10-12] (DTS, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-10-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-07-07] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-08-21] (Epic Games Inc. -> Epic Games, Inc.)
R2 Focusrite Control Server; C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [1449472 2022-05-26] (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2021-12-09] (FUTUREMARK INC -> Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2128360 2022-09-05] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-09-05] (GOG Sp. z o.o. -> GOG.com)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [116840 2021-12-20] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-12-20] (Proton Technologies AG -> )
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2021-12-20] (Proton Technologies AG -> )
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2032048 2022-08-16] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [480176 2022-08-16] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354232 2022-06-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300560 2022-08-29] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; D:\Rockstar\RockstarService.exe [2579840 2022-09-06] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-08-12] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14802240 2022-09-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [6020336 2022-05-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10420944 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VMAuthdService; G:\VMware\vmware-authd.exe [83224 2022-02-18] (VMware, Inc. -> VMware, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [9280816 2022-05-11] (PUBG CORPORATION -> KRAFTON, Inc)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 CEDRIVER60; G:\CheatEngine\dbk64.sys [111800 2020-09-05] (Cheat Engine -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [105192 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsb; C:\WINDOWS\System32\drivers\FocusriteUsb.sys [197280 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbAudio; C:\WINDOWS\System32\drivers\FocusriteUsbAudio.sys [97952 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteusbSwRoot; C:\WINDOWS\System32\drivers\FocusriteusbSwRoot.sys [110864 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
S3 Focusriteusb_AUDIO; C:\WINDOWS\system32\drivers\FocusriteusbAudio.sys [97952 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-13] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
S3 MpKsl10600fd0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{727F338F-8EC6-4024-9249-352339F9561D}\MpKslDrv.sys [228600 2022-09-20] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl1a3e5c53; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D2203E7-D469-4F14-BC4E-145A3E4FA34A}\MpKslDrv.sys [228600 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl33c2747f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{727F338F-8EC6-4024-9249-352339F9561D}\MpKslDrv.sys [228600 2022-09-20] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl56a2ee45; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9E68D640-E16F-43CE-AC7C-3E603598ECB0}\MpKslDrv.sys [228600 2022-10-07] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl691e1757; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF5C65BD-5A4A-41FD-8654-4F2CF32F0910}\MpKslDrv.sys [228600 2022-09-10] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl843bb538; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BF9914C-43C2-4F11-97F5-536185762338}\MpKslDrv.sys [228600 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
R3 MpKslc2077d2e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2C27C39-8865-4134-9FD6-64FAFB5160CF}\MpKslDrv.sys [228600 2022-10-08] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsld211921d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BF9914C-43C2-4F11-97F5-536185762338}\MpKslDrv.sys [228600 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsldf989437; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C21986D5-1A4F-441E-816D-C0B37322DF85}\MpKslDrv.sys [228600 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
S1 muoxrych; C:\WINDOWS\system32\drivers\muoxrych.sys [52472 2022-10-08] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [55128 2021-06-10] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0085; C:\WINDOWS\System32\drivers\RzDev_0085.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0221; C:\WINDOWS\System32\drivers\RzDev_0221.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 teVirtualMIDI64; C:\WINDOWS\System32\drivers\teVirtualMIDI64.sys [53120 2019-12-07] (Tobias Erichsen -> Tobias Erichsen)
R3 VBAudio101WDMCableCMME; C:\WINDOWS\System32\drivers\vbaudio_cablec64_win10.sys [69832 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudio102WDMCableDMME; C:\WINDOWS\System32\drivers\vbaudio_cabled64_win10.sys [69616 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACAMME; C:\WINDOWS\System32\drivers\vbaudio_cablea64_win7.sys [41144 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACBMME; C:\WINDOWS\System32\drivers\vbaudio_cableb64_win7.sys [41144 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2022-08-20] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2022-08-20] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2022-08-20] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8736232 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [60344 2022-01-12] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2022-02-18] (VMware, Inc. -> VMware, Inc.)
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2022-07-04] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2021-08-16] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [1431256 2022-05-28] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S1 oerkaavk; \??\C:\WINDOWS\system32\drivers\oerkaavk.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-10-08 16:25 - 2022-10-08 16:26 - 000000000 ____D C:\FRST
2022-10-08 14:32 - 2022-10-08 16:09 - 000000000 ____D C:\Intel
2022-10-08 14:32 - 2022-10-08 14:32 - 000000000 ____D C:\WINDOWS\Panther
2022-10-08 14:31 - 2022-10-08 14:31 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000045-000000.txt
2022-10-08 03:09 - 2022-10-08 03:09 - 000000000 ____D C:\Users\lucap\AppData\Local\Manager_V2
2022-10-08 02:54 - 2022-10-08 02:55 - 000000000 ____D C:\Users\lucap\AppData\Roaming\dll 2.0
2022-10-08 02:53 - 2022-10-08 02:53 - 000000000 ____D C:\Users\lucap\AppData\Roaming\1337
2022-10-06 01:00 - 2022-10-06 01:01 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-10-06 00:58 - 2022-09-22 17:12 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001472000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001432328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001432328 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 001536504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 001182712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 000865784 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 000771584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-10-06 00:58 - 2022-09-22 17:08 - 000687616 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 002127864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 001607672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 001059320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 000845304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 000456184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-10-06 00:58 - 2022-09-22 17:06 - 010270208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 008803832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 005751288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 005362680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 003066872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-10-06 00:58 - 2022-09-22 17:05 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-10-06 00:58 - 2022-09-22 17:04 - 006367384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-10-06 00:58 - 2022-09-22 02:35 - 000093312 _____ C:\WINDOWS\system32\nvinfo.pb
2022-10-06 00:58 - 2022-09-22 02:35 - 000042536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-10-05 20:56 - 2022-10-05 20:57 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2022-10-05 20:56 - 2022-10-05 20:56 - 000001211 _____ C:\Users\Public\Desktop\GOG GALAXY.lnk
2022-10-05 20:56 - 2022-10-05 20:56 - 000001211 _____ C:\ProgramData\Desktop\GOG GALAXY.lnk
2022-10-05 20:56 - 2022-10-05 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2022-10-05 20:56 - 2022-10-05 20:56 - 000000000 ____D C:\ProgramData\GOG.com
2022-10-03 13:18 - 2022-10-03 13:18 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000044-000000.txt
2022-10-02 19:17 - 2022-10-02 19:18 - 000000000 ____D C:\Users\lucap\OneDrive\Dokumente\Need for Speed Heat
2022-09-30 21:06 - 2022-09-30 21:06 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000043-000000.txt
2022-09-27 21:51 - 2022-09-27 21:51 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000042-000000.txt
2022-09-24 17:16 - 2022-09-24 17:16 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000041-000000.txt
2022-09-20 20:01 - 2022-09-20 20:01 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000040-000000.txt
2022-09-18 18:00 - 2022-09-18 18:00 - 000001434 _____ C:\WINDOWS\system32\default_error_stack-000039-000000.txt
2022-09-17 14:03 - 2022-09-17 14:03 - 000000848 _____ C:\Users\Public\Desktop\PrusaSlicer 2.5.0.lnk
2022-09-17 14:03 - 2022-09-17 14:03 - 000000848 _____ C:\ProgramData\Desktop\PrusaSlicer 2.5.0.lnk
2022-09-17 14:03 - 2022-09-17 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2022-09-17 14:03 - 2022-09-17 14:03 - 000000000 ____D C:\Program Files\Prusa3D
2022-09-14 09:05 - 2022-09-14 09:05 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-14 09:02 - 2022-09-14 09:02 - 000000000 ___HD C:\$WinREAgent
2022-09-10 14:17 - 2022-09-10 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura
2022-09-10 14:16 - 2022-09-10 14:17 - 000000000 ____D C:\Program Files\Ultimaker Cura 5.1.0

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-10-08 16:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-08 16:24 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-08 16:13 - 2021-07-12 16:58 - 000798412 _____ C:\WINDOWS\system32\perfh019.dat
2022-10-08 16:13 - 2021-07-12 16:58 - 000168616 _____ C:\WINDOWS\system32\perfc019.dat
2022-10-08 16:13 - 2021-03-04 22:58 - 002817182 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-08 16:13 - 2019-12-07 16:51 - 000790272 _____ C:\WINDOWS\system32\perfh007.dat
2022-10-08 16:13 - 2019-12-07 16:51 - 000170120 _____ C:\WINDOWS\system32\perfc007.dat
2022-10-08 16:13 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-08 16:11 - 2021-03-04 14:41 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 16:10 - 2022-01-30 04:10 - 000000000 ____D C:\ProgramData\Voicemod
2022-10-08 16:09 - 2022-08-09 20:31 - 000000000 __SHD C:\Users\lucap\IntelGraphicsProfiles
2022-10-08 16:09 - 2021-07-18 10:52 - 000000000 ____D C:\ProgramData\VMware
2022-10-08 16:09 - 2021-03-28 21:22 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-08 16:09 - 2021-03-04 22:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-08 16:09 - 2021-03-04 22:48 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-08 16:09 - 2021-03-03 09:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-10-08 16:09 - 2021-03-03 01:47 - 000000000 ___RD C:\Users\lucap\OneDrive
2022-10-08 16:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-08 16:08 - 2022-08-20 15:17 - 000043136 _____ C:\Users\lucap\AppData\Roaming\VoiceMeeterBananaDefault.xml
2022-10-08 16:08 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-08 15:41 - 2021-03-20 03:20 - 000000000 ____D C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2022-10-08 15:41 - 2021-03-03 02:05 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-08 15:41 - 2021-03-03 01:46 - 000000000 ____D C:\Users\lucap\AppData\Local\Packages
2022-10-08 15:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-08 15:40 - 2022-08-26 12:28 - 000000000 ____D C:\Program Files\Common Files\VST3
2022-10-08 15:40 - 2022-06-26 18:11 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-10-08 15:33 - 2021-03-04 22:08 - 000000000 ____D C:\Users\lucap
2022-10-08 15:00 - 2021-03-10 00:48 - 000000000 ____D C:\Users\lucap\AppData\Local\CrashDumps
2022-10-08 14:59 - 2022-08-09 20:03 - 000000000 ____D C:\ProgramData\Logitech
2022-10-08 14:46 - 2022-08-09 20:03 - 000000000 ____D C:\Program Files (x86)\Logitech
2022-10-08 14:05 - 2021-03-03 02:04 - 000000000 ____D C:\Users\lucap\AppData\Local\D3DSCache
2022-10-08 14:02 - 2021-03-04 22:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-08 13:49 - 2021-03-04 14:02 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-08 13:49 - 2021-03-04 14:02 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-08 13:49 - 2021-03-04 14:02 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2022-10-08 03:42 - 2021-03-03 21:24 - 000000000 ____D C:\Users\lucap\AppData\Roaming\discord
2022-10-08 03:28 - 2021-06-08 20:43 - 000000000 ____D C:\Users\lucap\AppData\Local\.IdentityService
2022-10-08 02:48 - 2021-03-03 21:24 - 000000000 ____D C:\Users\lucap\AppData\Local\Discord
2022-10-08 02:09 - 2022-01-26 22:06 - 000000000 _____ C:\WINDOWS\ftoken.txt
2022-10-08 00:55 - 2022-06-04 13:32 - 000002833 _____ C:\Users\lucap\.snapmaker-luban.json
2022-10-08 00:55 - 2022-06-04 13:32 - 000000000 ____D C:\Users\lucap\AppData\Roaming\snapmaker-luban
2022-10-07 23:01 - 2021-03-05 00:05 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-07 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-07 04:44 - 2021-03-09 22:08 - 000000000 ____D C:\Program Files (x86)\Steam
2022-10-07 01:29 - 2022-01-30 04:10 - 000000000 ____D C:\Users\lucap\AppData\Local\Voicemod
2022-10-06 16:48 - 2022-07-07 23:33 - 000000000 ____D C:\Users\lucap\AppData\Roaming\EasyAntiCheat
2022-10-06 15:08 - 2021-11-20 21:32 - 000153064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 002835944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000447976 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000067048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-10-06 15:05 - 2021-04-04 22:06 - 000000000 ____D C:\Users\lucap\AppData\Local\NVIDIA
2022-10-06 15:02 - 2021-03-04 22:48 - 000465432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-06 15:01 - 2021-06-13 22:58 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-10-06 02:50 - 2022-07-09 12:37 - 000000000 ____D C:\Users\lucap\AppData\Roaming\legacy-games-launcher
2022-10-06 00:57 - 2021-03-28 21:22 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-10-06 00:57 - 2021-03-28 21:22 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2022-10-06 00:57 - 2021-03-03 01:57 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-10-06 00:57 - 2021-03-03 01:46 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-06 00:57 - 2021-03-03 01:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-06 00:53 - 2022-08-26 18:10 - 000000000 ____D C:\Users\lucap\AppData\Roaming\obs-studio
2022-10-05 21:16 - 2022-06-29 22:15 - 000000000 ____D C:\Users\lucap\AppData\Local\DigitalEntitlements
2022-10-05 21:16 - 2022-06-29 22:14 - 000000000 ____D C:\Users\lucap\AppData\Local\FiveM
2022-10-05 14:32 - 2022-01-26 15:22 - 000000000 ____D C:\Users\lucap\AppData\Roaming\GitHub Desktop
2022-10-05 13:15 - 2022-08-26 09:08 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2022-10-05 13:15 - 2022-08-08 19:38 - 000000865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2022-10-05 13:15 - 2022-02-24 05:02 - 000001800 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk
2022-10-05 13:15 - 2022-02-24 00:17 - 000001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk
2022-10-05 13:15 - 2021-06-28 17:31 - 000000016 _____ C:\ProgramData\mntemp
2022-10-05 13:15 - 2021-03-20 05:14 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-10-05 13:15 - 2021-03-04 16:23 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2022-10-05 13:14 - 2021-05-22 21:37 - 000000000 ____D C:\ProgramData\Riot Games
2022-10-05 13:11 - 2021-06-13 22:51 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-10-05 02:00 - 2021-12-11 18:46 - 000000000 ____D C:\Users\lucap\AppData\Roaming\Origin
2022-10-05 02:00 - 2021-12-11 18:46 - 000000000 ____D C:\ProgramData\Origin
2022-10-05 01:52 - 2021-12-11 18:46 - 000000000 ____D C:\Users\lucap\AppData\Local\Origin
2022-10-03 22:47 - 2021-12-11 00:38 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3740623257-3560467387-1776860099-1001
2022-10-03 22:47 - 2021-03-04 22:53 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3740623257-3560467387-1776860099-1001
2022-10-03 22:47 - 2021-03-04 22:08 - 000002399 _____ C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-02 19:16 - 2021-12-11 18:47 - 000000000 ____D C:\Program Files (x86)\Origin
2022-10-02 05:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-01 22:15 - 2022-06-04 14:21 - 000000000 ____D C:\Users\lucap\AppData\Local\Autodesk
2022-10-01 00:02 - 2021-03-20 05:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-09-30 21:12 - 2021-03-04 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-09-30 21:12 - 2021-03-04 16:20 - 000000000 ____D C:\Program Files\Microsoft Office
2022-09-25 21:16 - 2022-08-31 01:46 - 000043136 _____ C:\Users\lucap\OneDrive\Dokumente\voicemeeter_v3_streaming_midi_control_2022-08-31.xml
2022-09-22 20:46 - 2022-08-21 12:38 - 000000000 ____D C:\Users\lucap\AppData\Roaming\PrusaSlicer
2022-09-22 17:12 - 2022-07-02 22:58 - 001213416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-09-22 17:04 - 2021-12-30 00:09 - 007483880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-09-22 02:35 - 2021-03-03 01:56 - 000129576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-09-21 10:49 - 2022-06-04 13:25 - 000002068 _____ C:\Users\Public\Desktop\Snapmaker Luban.lnk
2022-09-21 10:49 - 2022-06-04 13:25 - 000002068 _____ C:\ProgramData\Desktop\Snapmaker Luban.lnk
2022-09-21 10:49 - 2022-06-04 13:25 - 000000000 ____D C:\Program Files\Snapmaker Luban
2022-09-17 12:03 - 2021-03-03 01:46 - 000000000 ___RD C:\Users\lucap\3D Objects
2022-09-16 15:10 - 2021-03-04 14:42 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-16 15:10 - 2021-03-04 14:42 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-16 15:10 - 2021-03-04 14:42 - 000002198 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2022-09-15 12:03 - 2021-03-09 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-09-15 12:02 - 2021-03-09 18:47 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2022-09-15 00:27 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-09-15 00:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-15 00:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-14 09:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-14 09:05 - 2021-03-04 22:51 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-14 09:02 - 2021-03-03 04:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-14 08:59 - 2021-03-03 04:09 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-14 00:45 - 2021-11-16 09:47 - 000000000 ____D C:\Users\lucap\AppData\Roaming\Telegram Desktop
2022-09-12 07:07 - 2021-03-28 21:22 - 002884648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2022-09-12 07:07 - 2021-03-28 21:22 - 002220072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2022-09-12 07:07 - 2021-03-28 21:22 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2022-09-11 14:13 - 2022-01-01 14:29 - 000000000 ____D C:\Users\lucap\AppData\Local\ElevatedDiagnostics
2022-09-10 14:17 - 2022-06-04 14:41 - 000000000 ____D C:\Users\lucap\AppData\Roaming\cura
2022-09-10 14:17 - 2022-06-04 14:41 - 000000000 ____D C:\Users\lucap\AppData\Local\cura

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-05-23 01:27 - 2021-11-17 19:52 - 000000032 _____ () C:\Users\lucap\AppData\Roaming\.machineId
2021-08-22 22:27 - 2021-08-26 08:27 - 000000203 _____ () C:\Users\lucap\AppData\Roaming\jjv5conf.json
2022-08-13 13:08 - 2022-08-13 13:08 - 000001004 _____ () C:\Users\lucap\AppData\Roaming\tof_launcher.reg
2022-08-20 15:17 - 2022-10-08 16:08 - 000043136 _____ () C:\Users\lucap\AppData\Roaming\VoiceMeeterBananaDefault.xml
2022-08-20 15:47 - 2022-08-28 23:07 - 000007444 _____ () C:\Users\lucap\AppData\Roaming\VoiceMeeterDefault.xml
2022-01-05 20:26 - 2022-02-24 05:30 - 000000128 _____ () C:\Users\lucap\AppData\Roaming\winscp.rnd
2022-01-14 01:50 - 2022-02-24 14:52 - 000000128 _____ () C:\Users\lucap\AppData\Local\PUTTY.RND
2021-03-21 00:11 - 2021-03-21 00:11 - 000000001 _____ () C:\Users\lucap\AppData\Local\RawCopy.1.10.agreement
2021-03-21 00:11 - 2021-03-21 01:37 - 000000057 _____ () C:\Users\lucap\AppData\Local\RawCopy.opendialog.dir
2021-03-21 00:11 - 2021-03-21 01:37 - 000000001 _____ () C:\Users\lucap\AppData\Local\RawCopy.opendialog.filterindex
2021-03-21 00:11 - 2021-03-21 01:37 - 000000090 _____ () C:\Users\lucap\AppData\Local\RawCopy.sourcedisk.filepath
2021-03-21 00:11 - 2021-03-21 01:37 - 000000001 _____ () C:\Users\lucap\AppData\Local\RawCopy.sourcedisk.index
2022-02-23 15:34 - 2022-02-23 15:34 - 000000869 _____ () C:\Users\lucap\AppData\Local\recently-used.xbel
2021-10-19 10:44 - 2021-10-19 11:28 - 000007610 _____ () C:\Users\lucap\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

M-K-D-B · 09.10.2022, 09:05

Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen.

Bitte beachte unsere Regeln während der Bereinigung!

Schritt 1
Führe Malwarebytes' AntiMalware (MBAM) gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.

Schritt 2
Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.

Schritt 3

Starte FRST erneut und klicke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort:

die Logdatei von MBAM
die Logdatei von AdwCleaner
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt)

legendevent · 09.10.2022, 16:02

Hallo Matthias,

vielen Dank für die Hilfe und Zeit.
Hier findest du alle Logs. In den Programmen habe ich jeweils CheatEngine als Programm ausgenommen, da diese das Programm als false positive gescannt haben.

MBAM:

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 09.10.22
Scan-Zeit: 13:35
Protokolldatei: 6e1cd25a-47c6-11ed-9140-107b4449e208.json

-Softwaredaten-
Version: 4.5.14.210
Komponentenversion: 1.0.1772
Version des Aktualisierungspakets: 1.0.60813
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19044.2006)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-N6Q3QEM\lucap

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 444447
Erkannte Bedrohungen: 3
In die Quarantäne verschobene Bedrohungen: 1
Abgelaufene Zeit: 8 Min., 1 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
HackTool.CheatEngine, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EasyAntiCheat, Keine Aktion durch Benutzer, 7653, 1049114, , , , , , 

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 2
HackTool.CheatEngine, C:\PROGRAM FILES (X86)\EASYANTICHEAT\EASYANTICHEAT.EXE, Keine Aktion durch Benutzer, 7653, 1049114, 1.0.60813, , ame, , 998A809AF926233DF4412F6D3A604FBE, 1741EE40E7756DFB726DA441EB6F99F9FDCC88FC9475F9127F9C6A6028C5D097
Malware.AI.852122222, C:\USERS\LUCAP\APPDATA\ROAMING\1337\GOOGLEAPP.EXE, In Quarantäne, 1000000, 852122222, 1.0.60813, 264F9B4BCB48E90032CA5A6E, dds, 01983491, DCD551510607346316EA5416AC18B88C, 77974A268BE5F21DF54686EF03422D25B9D1F56AD67BBB8326B16DF2F9DF63AF

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

im nächsten Beitrag folgen die anderen Logs, da diese wieder die 12k Zeichen Marke sprengen.

Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-10-2022 01
durchgeführt von lucap (09-10-2022 14:27:58)
Gestartet von C:\Users\lucap\OneDrive\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.2006 (X64) (2021-03-04 20:53:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-3740623257-3560467387-1776860099-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3740623257-3560467387-1776860099-503 - Limited - Disabled)
Gast (S-1-5-21-3740623257-3560467387-1776860099-501 - Limited - Disabled)
lucap (S-1-5-21-3740623257-3560467387-1776860099-1001 - Administrator - Enabled) => C:\Users\lucap
WDAGUtilityAccount (S-1-5-21-3740623257-3560467387-1776860099-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3DMark 11 (HKLM\...\{07B785F0-6B14-432A-AFC9-6CB6B964625F}) (Version: 1.0.179.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{62d249f0-7380-49a0-bca0-3a38aa527c42}) (Version: 1.0.179.0 - Futuremark)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Ableton Live 11 Lite (HKLM\...\{7C9CCB77-62D3-45E0-AA5B-3067E488657D}) (Version: 11.0.0.0 - Ableton) Hidden
Ableton Live 11 Lite (HKLM-x32\...\{052f0620-aee0-4494-a75e-fddf2a701d06}) (Version: 11.0.0.0 - Ableton)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AHK to Background (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\52f4ab0ef26fc704) (Version: 1.0.0.11 - AHK to Background)
Akai Professional MPX File Conversion Utility (HKLM-x32\...\MPXFileConversionUtility) (Version:  - )
Amazon Games (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.3.8336.1 - Amazon.com Services, Inc.)
Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
Autodesk Fusion 360 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.14337 - Autodesk, Inc.)
AutoHotkey 1.1.33.09 (HKLM\...\AutoHotkey) (Version: 1.1.33.09 - Lexikos)
AutoIt v3.3.14.5 (HKLM-x32\...\AutoItv3) (Version: 3.3.14.5 - AutoIt Team)
Badlion Client (HKLM\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 3.5.2 - Badlion)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blitz (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.16.2 - Blitz, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{5A260D5A-95D3-4956-8E0A-E182CC4144ED}) (Version: 4.8.04162 - Microsoft Corporation) Hidden
CPUID ASUS CPU-Z 2.01 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 2.01 - CPUID, Inc.)
Daedalus Mainnet (HKLM-x32\...\Daedalus Mainnet) (Version: 4.3.1 - IOHK)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DTS Audio (HKLM-x32\...\{D5137AAA-45D7-4136-9506-BD1A623688AD}) (Version: 1.00.7300 - DTS, Inc.)
DynZen NosTale version 1.0.1 (HKLM-x32\...\{AB0348A4-2411-4EA6-8DA5-D1995E1D68D3}_is1) (Version: 1.0.1 - DynZen)
Eastmile Client version 2.0 (HKLM-x32\...\{EE145DD9-4884-4531-8A3C-775A6FF005E7}_is1) (Version: 2.0 - Eastmile)
Entity Framework 6.2.0 Tools  for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2019 (HKLM-x32\...\{F878746A-C5F7-420A-A672-4DFEF74ADC3A}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2022 (HKLM-x32\...\{BA73F2EE-EEB4-4A9C-BAF4-AC3599983E8B}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{E0419FB0-0C46-4F07-9D5B-2FD78A8C45ED}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
FiveM (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\CitizenFX_FiveM) (Version:  - Cfx.re)
Focusrite Audio Drivers 4.102.4.735 (HKLM\...\Focusrite Audio Drivers_is1) (Version: 4.102.4.735 - Focusrite Audio Engineering, Ltd.)
Focusrite Control 3.11.0.1983 (HKLM\...\Focusrite Control_is1) (Version: 3.11.0.1983 - Focusrite Audio Engineering Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{63C33A87-484C-4D23-BAA4-5658DD908D8E}) (Version: 5.45.1044.0 - Futuremark)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.11.2.0 - miHoYo Co.,Ltd)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Git (HKLM\...\Git_is1) (Version: 2.35.1.2 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\GitHubDesktop) (Version: 2.9.6 - GitHub, Inc.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 105.0.5195.127 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2699.0 - Rockstar Games)
GrandRP Launcher 1.0 version 1.0 (HKLM-x32\...\{D0A3CE4B-226D-159F-2A2C-D4BE0BA4228D}_is1) (Version: 1.0 - Grand RolePlay)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.550 - Huawei Technologies Co., Ltd.)
icecap_collection_neutral (HKLM-x32\...\{04C533D3-8445-4E47-A351-A66B1DA1B631}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collection_neutral (HKLM-x32\...\{1036893D-9917-4E70-B96C-8D72A2B224BC}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{289873DF-80D0-4D7D-8068-D25D342A26FA}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{4CDCF412-13D2-48AD-B98C-3AB4A771A127}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{13AC1F0D-2185-48E9-8274-884BD9E53C7F}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{4B691388-E031-4268-A096-95173D1E6E0F}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{87A0DCD8-E774-4484-8676-B5214CCB8B5A}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{5A86972C-9DB5-40AA-B4EB-0ACE96AFDF88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{D072CF88-3B90-4367-85BC-A8516986690F}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{F9CE4297-DD31-437B-91AC-DC90574288A2}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{028D4B22-B70B-447E-9B80-8E3E98CB2667}) (Version: 10.0.06027 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - ) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{9B7D5CA0-5521-458D-88D9-AF7D9A06E753}) (Version: 11.1.072 - Intel Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{D17293BC-1678-4281-B94E-DBCF66AE7611}) (Version: 2.4.08919 - Intel Corporation)
Intel(R) Memory and Storage Tool (HKLM\...\{D9F2D22C-A2FB-45D1-B84D-FFBE8950459D}) (Version: 1.11.165 - Intel)
Intel(R) NVME Miniport and Filter Device Management (HKLM\...\{D44F19E2-5189-4415-AEF8-BF6D258B474A}) (Version: 5.3.0.1005 - Intel Corporation) Hidden
Intel(R) NVME Miniport and Filter Device Management (HKLM-x32\...\{12d24f04-f633-49f9-9006-53fa577aa7e7}) (Version: 5.3.0.1005 - )
Intel® Driver & Support Assistant (HKLM-x32\...\{8e97d87d-065f-48c1-bd2b-f7bff04dcfc1}) (Version: 21.6.39.7 - Intel)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IP Camera Adapter (HKLM-x32\...\{02C8886B-FB8F-4666-960B-36DFB37786B1}) (Version: 4.0.0.0 - Pavel Khlebovich) Hidden
Java 8 Update 341 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Java(TM) SE Development Kit 17.0.1 (64-bit) (HKLM\...\{7ECAAC8F-FBBE-5265-BBF4-0AC48139FB26}) (Version: 17.0.1.0 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 2.49 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.49 - Dominik Reichl)
Kits Configuration Installer (HKLM-x32\...\{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 - Microsoft) Hidden
Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{E1F68FC9-F23C-4F44-8092-CAC55E43A80B}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legacy Games Launcher 1.4.3 (HKLM\...\da414c81-a9fd-5732-bd5e-8acced116298) (Version: 1.4.3 - Legacy Games)
Logi Firmware Update Tool for Tap (HKLM-x32\...\FWUpdateTap) (Version: 1.6.23.0 - Logitech Europe S.A.)
loopMIDI (HKLM-x32\...\{6b220f45-42ca-435c-95fd-1764cb849122}) (Version: 1.0.16.27 - Tobias Erichsen)
loopMIDI (HKLM-x32\...\{DF96DB4C-DB0F-4CCF-9769-464BC9EA859F}) (Version: 1.0.16.27 - Tobias Erichsen) Hidden
loopMIDIBlockLegacy (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
LOSTARK (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\LOSTARK) (Version: 1.104 - MY.GAMES)
Malwarebytes version 4.5.14.210 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.14.210 - Malwarebytes)
Microsoft .NET 6.0 Templates 6.0.200 (x64) (HKLM\...\{55A933C9-61E4-4958-A086-83CE936D88B2}) (Version: 24.4.48461 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 5.0.14 (x64) (HKLM\...\{B6D217CB-F393-40DD-AC17-9989D8E8A714}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 5.0.14 (x64_arm) (HKLM\...\{400881A4-1434-42D1-BB9F-9F3B996E64F4}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 5.0.14 (x64_arm64) (HKLM\...\{4B983237-0EE4-48AF-BB67-0607E8DEE562}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 5.0.14 (x64_x86) (HKLM\...\{1D25A8A0-2D84-41B4-B0F0-32EF1151F625}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.2 (x64) (HKLM\...\{E880145C-89F2-44EE-973D-03DF3026FF75}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.2 (x64_arm) (HKLM\...\{DCAE22BC-0045-4E1D-8E55-45CD6A0B9DA7}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.2 (x64_arm64) (HKLM\...\{BC04A133-2C27-4C19-A1D8-48FCC9C7D94F}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.2 (x64_x86) (HKLM\...\{94079648-6999-4938-B069-6C59E43A3BB0}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Core 3.1 Templates 5.0.405 (x64) (HKLM\...\{D20D560E-2176-4ECF-A344-7B43EB17377F}) (Version: 12.21.61060 - Microsoft Corporation) Hidden
Microsoft .NET Core 5.0 Templates 5.0.405 (x64) (HKLM\...\{9372651C-BB0D-4D01-AFAC-1D91929393EC}) (Version: 20.7.44676 - Microsoft Corporation) Hidden
Microsoft .NET Core AppHost Pack - 3.1.22 (x64) (HKLM\...\{23B200E6-5E51-403D-A3F5-62CD42B23D7D}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core AppHost Pack - 3.1.22 (x64_arm) (HKLM\...\{A8D05936-3B6A-4F1A-8B31-C47A1CF55DF7}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core AppHost Pack - 3.1.22 (x64_arm64) (HKLM\...\{C883FEA0-0193-4C6B-BAF3-DA9FA7B6510E}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core AppHost Pack - 3.1.22 (x64_x86) (HKLM\...\{3AB1D96B-C73E-4C77-BED9-85591FC3BF14}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core Host - 2.1.30 (x64) (HKLM\...\{8FD66631-B964-4E12-92E1-A8A4CAD5D14C}) (Version: 16.120.30411 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 2.1.30 (x64) (HKLM\...\{EB291DFA-DEDE-4355-98D9-17F95E91C437}) (Version: 16.120.30411 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 2.1.30 (x64) (HKLM\...\{92A0517D-D5F9-4D8F-87F9-83ABC04240C2}) (Version: 16.120.30411 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.22 (x64) (HKLM\...\{44D628C6-14F5-48F2-89F9-6C0A5FF2B9F0}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.22 (x86) (HKLM-x32\...\{54C416DE-9495-4FFC-B2A7-E7AF82DEA8A4}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core SDK 2.1.526 (x64) (HKLM\...\{77DCC379-7B83-4D9A-8D77-1FB5A5175135}) (Version: 8.147.42380 - Microsoft Corporation) Hidden
Microsoft .NET Core SDK 2.1.526 (x64) (HKLM-x32\...\{a61ab325-4d4c-416b-a9c0-bfd07d8890ae}) (Version: 2.1.526 - Microsoft Corporation)
Microsoft .NET Core Targeting Pack - 3.1.0 (x64) (HKLM\...\{31EDE1E7-C855-4633-9D73-56F566136567}) (Version: 24.64.28315 - Microsoft Corporation) Hidden
Microsoft .NET CoreRuntime For CoreCon (HKLM-x32\...\{48A8F171-52F2-372B-8414-EA50617708BE}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft .NET CoreRuntime SDK (HKLM-x32\...\{12702494-9E6A-3F5E-9441-2B7D258A639B}) (Version: 1.1.27004.0 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 Targeting Pack (deu) (HKLM-x32\...\{96E8FAD6-EC2D-40F2-A230-7F81CD52FB43}) (Version: 3.5.27729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.1 Targeting Pack (HKLM-x32\...\{5686C5E9-A3B3-451E-A2EA-4C246CDE5CC9}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (Deutsch) (HKLM-x32\...\{5F62E29E-C154-44CB-81D6-696FB3474844}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.16 (x64) (HKLM\...\{DAA471F4-54A9-4820-A1C5-266B5153C144}) (Version: 40.64.31117 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.2 (x64) (HKLM\...\{FCA58978-1518-4AA5-9B43-D9D3CDE9C314}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.14 (x64) (HKLM\...\{8D88F0E2-CE9B-4A6D-8309-FDC562195F5B}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.14 (x86) (HKLM-x32\...\{64E80A14-A4CE-4209-9E96-E3B33957FE7C}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.16 (x64) (HKLM\...\{29CBA832-8D09-42D0-82F4-3583EE247A5E}) (Version: 40.64.31117 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.0 (x64) (HKLM\...\{740DEBEB-4049-4179-AF82-673DE9E7F52E}) (Version: 48.3.31210 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.2 (x64) (HKLM\...\{400912BD-8880-45D6-B657-CC52E9297295}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.2 (x86) (HKLM-x32\...\{D2704ECD-6F5F-4B2E-B895-848B1403ACE7}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Native SDK (HKLM-x32\...\{A527D13C-CB86-3604-BFDC-68F585895663}) (Version: 15.0.24211.06 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.14 (x64) (HKLM\...\{B810ACDF-1C0C-4108-9B92-12F1674FA444}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.14 (x86) (HKLM-x32\...\{B53264E4-665F-4F04-BF0C-7F9C9B7A5640}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.16 (x64) (HKLM\...\{16E242C4-24A9-4381-8023-0F246750CA47}) (Version: 40.64.31117 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.16 (x64) (HKLM-x32\...\{68696b91-f423-4e8e-a58f-631366d0f77a}) (Version: 5.0.16.31117 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.0 (x64) (HKLM\...\{0875A1B4-8C93-48C7-BEC9-4E549B550B1B}) (Version: 48.3.31210 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.2 (x64) (HKLM\...\{09BE57EC-66FA-4C4D-ABED-EBCB6A6BF6EA}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.2 (x86) (HKLM-x32\...\{A54C9C13-9F3E-4E95-8BE0-7A36A1F80245}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET SDK 5.0.405 (x64) from Visual Studio (HKLM\...\{316B05A5-52B6-436C-9C79-2049DD149D96}) (Version: 5.4.522.6820 - Microsoft Corporation)
Microsoft .NET SDK 6.0.200 (x64) from Visual Studio (HKLM\...\{00D9D07C-9962-4CBB-9AA2-9EF1383B5B2D}) (Version: 6.2.22.10605 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 5.0.0 (x64) (HKLM\...\{34761DB2-89B9-4981-8122-5B1FAE3B7069}) (Version: 40.0.29419 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.2 (x64) (HKLM\...\{27C5AAF6-5B72-44B0-924C-4BB0C170216C}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 5.0.405 (x64) (HKLM\...\{BEA7472D-97F2-464B-814D-CC0F473FC337}) (Version: 20.5.61060 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 6.0.200 (x64) (HKLM\...\{D66C8045-2D1E-4346-AAFA-76A34758E10C}) (Version: 24.4.48461 - Microsoft Corporation) Hidden
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.15629.20156 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM\...\{90140000-00D1-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Access database engine 2016 (English) (HKLM-x32\...\{90160000-00D1-0409-0000-0000000FF1CE}) (Version: 16.0.5044.1000 - Microsoft Corporation)
Microsoft ASP.NET Core 2.1.30 Shared Framework (x64) (HKLM\...\{3F0FA3FE-95FA-3B48-ABD1-46FB4DA4021E}) (Version: 2.1.30.60071 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 3.1.10 Targeting Pack (x64) (HKLM\...\{FEA48357-CE2F-3ED0-B2A0-8548BEC6F111}) (Version: 3.1.10.20520 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 3.1.22 Shared Framework (x64) (HKLM\...\{6AFBB1FC-92B4-38D1-8125-A5F297FDA27D}) (Version: 3.1.22.21579 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 3.1.22 Shared Framework (x86) (HKLM-x32\...\{7BD85F66-ABB6-3590-B637-22311F25619B}) (Version: 3.1.22.21579 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 5.0.0 Targeting Pack (x64) (HKLM\...\{7E0C04EC-9D6F-36CD-A821-DC8493EE407F}) (Version: 5.0.0.20526 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 5.0.14 Shared Framework (x64) (HKLM\...\{1DDE3A7E-9E64-38C4-A76B-EEC6CE0EC9C6}) (Version: 5.0.14.22063 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 5.0.14 Shared Framework (x86) (HKLM-x32\...\{E2E8FB3E-9513-31E4-9C66-B2DC0B9FC02C}) (Version: 5.0.14.22063 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.2 Shared Framework (x64) (HKLM\...\{941F2C43-D8FE-3DD0-8D2C-FE8169AD45A0}) (Version: 6.0.2.22064 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.2 Shared Framework (x86) (HKLM-x32\...\{E3B72D89-87A4-3961-B980-9DCC0487D6B2}) (Version: 6.0.2.22064 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.2 Targeting Pack (x64) (HKLM\...\{3220319F-4406-39D1-982A-3A678EA8D24A}) (Version: 6.0.2.22064 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core Module for IIS Express (HKLM\...\{FAFEE5E3-E00A-4CE8-B495-8F66A5FAB236}) (Version: 12.2.18292.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core Module V2 for IIS Express (HKLM\...\{F6EADEFA-482E-483C-B3D6-8B3567EE8FDB}) (Version: 16.0.21269.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Diagnostic Pack for Visual Studio (HKLM-x32\...\{CC2EFF16-2D75-3AFA-801F-90E59F7D7331}) (Version: 17.1.358.51495 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Tools Packages 15.0 - DEU (HKLM-x32\...\{FDB3AB25-DEE7-3438-9E2A-571F9F23F26E}) (Version: 1.0.30615.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Tools Packages 15.0 - ENU (HKLM-x32\...\{B3CA5EDB-F084-325C-AA50-247A3A476496}) (Version: 1.0.30615.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Tools Packages 17.0 - DEU (HKLM-x32\...\{313B1F5D-40A5-3190-9474-AD4CEDE068C2}) (Version: 17.0.10526.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Tools Packages 17.0 - ENU (HKLM-x32\...\{6332F84D-AEE5-3162-BCF4-329EE17B9662}) (Version: 17.0.10526.0 - Microsoft Corporation) Hidden
Microsoft Azure Authoring Tools - v2.9.7 (HKLM\...\{90462BD2-DF5B-449C-A401-FCC1DC264E4E}) (Version: 2.9.8999.45 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.9.7 (HKLM\...\{04CA054C-2F40-44B0-8610-8D51EC9444FE}) (Version: 2.9.8999.43 - Microsoft Corporation) Hidden
Microsoft Azure Compute Emulator - v2.9.7 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.7) (Version: 2.9.8999.43 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Azure Storage Emulator - v5.10 (HKLM-x32\...\{41AC2282-F083-4495-8306-2D6ABC7D5CA2}) (Version: 5.10.19227.2113 - Microsoft Corporation) Hidden
Microsoft Azure Storage Emulator - v5.10 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.10) (Version: 5.10.19227.2113 - Microsoft Corporation)
Microsoft Command Line Utilities 15 for SQL Server (HKLM\...\{41C0DB18-1790-465E-B0DD-D9CAA35CACBE}) (Version: 15.0.1300.359 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.37 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.34 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft NetStandard SDK (HKLM-x32\...\{737FDDA7-B944-4CB5-92D9-3D56373BD301}) (Version: 15.0.51105 - Microsoft Corporation) Hidden
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{97FA5676-7F15-4C39-BFA1-CE67BA1833C2}) (Version: 17.7.2.1 - Microsoft Corporation)
Microsoft Office Professional 2016 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 16.0.15629.20156 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Portable Library Multi-Targeting Pack (HKLM-x32\...\{812F31DC-FAA6-3979-B3D6-5D6BAAF2945D}) (Version: 15.0.26621.02 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (HKLM-x32\...\{D3A63893-9B6A-3DC2-BD7B-31BD85665988}) (Version: 15.0.26621.02 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9198AD57-6396-4DF8-8D0C-20EA764F7986}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Native Client  (HKLM\...\{E9AD0F97-5DF2-4F5B-BC5B-F524D21BF165}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{33B8D051-4DF5-4103-8FDB-8663E468A204}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server 2019 LocalDB  (HKLM\...\{36E492B8-CB83-4DA5-A5D2-D99A8E8228A1}) (Version: 15.0.4153.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Teams) (Version: 1.5.00.9163 - Microsoft Corporation)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}) (Version: 17.0.0.5175695 - Microsoft) Hidden
Microsoft UniversalWindowsPlatform SDK (HKLM-x32\...\{1DFB90F4-6C58-4AE6-BA4E-E0AE3C9062C7}) (Version: 15.9.10 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30708 (HKLM-x32\...\{ee198d9f-cfe1-4f8a-bf5f-7b1be355b63d}) (Version: 14.30.30708.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 X64 Debug Runtime - 14.16.27033 (HKLM\...\{FBB6370A-2B31-4E7F-9046-FEC401A98F12}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X86 Debug Runtime - 14.16.27033 (HKLM-x32\...\{54E71599-88E8-4A50-8435-BE40755DB005}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30708 (HKLM\...\{12A2980B-E47B-491B-92F5-0BC703841ED4}) (Version: 14.30.30708 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30708 (HKLM\...\{AE043016-3897-41D4-870B-1DAEE62CF152}) (Version: 14.30.30708 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2017 Tools for Unity (HKLM-x32\...\{1AD79405-0A2D-43D6-82AE-8CB8B212D906}) (Version: 3.9.0.3 - Microsoft Corporation) Hidden
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.1.2196.8931 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{6501DB5B-B58A-4021-8F3C-25A6CF01BC72}) (Version: 3.1.1126.51066 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{EA62D3A4-587F-43C9-8C56-FEF454BE720A}) (Version: 3.1.1126.51066 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2017 Update 9 Office Integration (x64) (HKLM\...\{4F62310B-5C05-3A89-A182-713AB10514E7}) (Version: 15.129.31804 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2017 Update 9 Office Integration Language Pack (x64) - ENU (HKLM\...\{67E00724-8C7F-3830-9FBA-2F87F11C12C9}) (Version: 15.129.31804 - Microsoft Corporation) Hidden
Microsoft Web Deploy 4.0 (HKLM\...\{DB7B43E1-BB6C-4417-9F20-2488FD8EECC8}) (Version: 10.0.5402 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.22 (x64) (HKLM\...\{D5C6F442-F51D-4D15-82C1-61E3435BA3C8}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.22 (x86) (HKLM-x32\...\{EDB662A8-AD69-44B1-B2FB-6E9BF86BA0B9}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM\...\{4CD6FFC6-FA14-4016-A7A6-B7E3D6286331}) (Version: 40.56.30911 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x86) (HKLM-x32\...\{3F927D21-88CF-4113-87C4-7F5D90ACFD5C}) (Version: 40.56.30911 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.16 (x64) (HKLM\...\{90B8150E-08C5-4225-9F94-9BBB39D82601}) (Version: 40.64.31121 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.16 (x64) (HKLM-x32\...\{c34fb08d-bd27-4d0b-a7bc-f7d5359f9518}) (Version: 5.0.16.31121 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.0 (x64) (HKLM\...\{C3505345-F775-48A3-9657-F9F0B4C1932F}) (Version: 48.3.31217 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.0 (x64) (HKLM-x32\...\{04da1419-5002-4781-bd5d-829a8fb420e5}) (Version: 6.0.0.30623 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.2 (x64) (HKLM\...\{70D77D60-C620-4829-AF52-7AB767A8BB52}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.2 (x86) (HKLM-x32\...\{DE561533-408D-4E2C-BB6E-05960A801450}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 3.1.0 (x64) (HKLM\...\{7519423C-A977-4160-83A2-48633600A216}) (Version: 24.64.28315 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 5.0.0 (x64) (HKLM\...\{B7846BB6-4EDE-409B-9147-631286EF7FDD}) (Version: 40.0.29420 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.2 (x64) (HKLM\...\{54E0FF16-E612-459E-9EB1-1C3D84D4DB13}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-6.0.200 (HKLM\...\{FCB866C3-1C7F-48F1-82AA-27CDF5EDBF07}) (Version: 124.50.2 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-6.0.200 (HKLM\...\{2685B6AE-7BBA-4305-A0C6-D85E95E6DFE3}) (Version: 60.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-6.0.200 (HKLM\...\{D9C7F250-1F44-4F17-9114-892FE9B9392E}) (Version: 60.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-6.0.200 (HKLM\...\{5023AA6C-3434-4651-97F4-A99E519A46BA}) (Version: 48.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-6.0.200 (HKLM\...\{E654192D-D623-4F63-81B5-7B01FD812D47}) (Version: 24.50.2441 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-6.0.200 (HKLM\...\{ABB96929-74DA-4C9E-A79F-5482C80E2651}) (Version: 60.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Manifest (HKLM\...\{5A247A95-DDD4-4C69-9BA5-2C94E9157502}) (Version: 48.27.37284 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Manifest (HKLM\...\{C7BBAC8B-9DE6-4893-A317-D3894F819334}) (Version: 48.3.37295 - Microsoft Corporation) Hidden
Microsoft-System-CLR-Typen für SQL Server 2019 (HKLM\...\{A2494B75-7366-47C0-A58F-C41BEE9317E6}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2019 CTP2.2 (HKLM-x32\...\{BF16A1DB-06A6-4A8E-B7A8-61F1F9C9FBA3}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server vNext CTP1.6 (HKLM\...\{598EF772-9320-43B6-9D3C-A60A1F6A804E}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server vNext CTP1.6 (HKLM-x32\...\{2773DECE-0FE5-4CA9-96A8-621E0185388F}) (Version: 15.0.600.33 - Microsoft Corporation)
MIDI-OX (HKLM-x32\...\{A6457851-5EA9-45B0-AF1D-D2A0A4781CFB}) (Version: 7.02.372 - MIDIOX Computing)
Minecraft Launcher (HKLM-x32\...\{911FBC64-4C64-4B8F-A637-B34832638C86}) (Version: 1.0.0.0 - Mojang)
MINIONAPP (HKLM-x32\...\MINIONAPP) (Version:  - )
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
MSI Kombustor 4.1.15.0 (64-bit) (HKLM\...\{F3D3CC6B-9AD7-4F43-8C69-40D5902FDC5C}}_is1) (Version:  - MSI / Geeks3D)
MySQL Connector Net 8.0.28 (HKLM-x32\...\{DDA9C4B3-766C-41FC-9BA2-615524AAF36B}) (Version: 8.0.28 - Oracle)
MySQL for Visual Studio 1.2.10 (HKLM-x32\...\{FFB40224-64C0-4D82-ADC4-6B9434B90800}) (Version: 1.2.10 - Oracle)
MySQL Shell 8.0.28 (HKLM\...\{2112E2EB-B278-4C5A-AA73-D9AD0205BAAC}) (Version: 8.0.28 - Oracle and/or its affiliates)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.4 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.131 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.131 - NVIDIA Corporation)
NVIDIA Grafiktreiber 517.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.48 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.39.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
obs-midi version 0.3.0 (HKLM-x32\...\{117EE44F-48E1-49E5-A381-CC8D9195CF35}_is1) (Version: 0.3.0 - Christopher Yarger)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20342 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Paket zur Festlegung von "Doc Redirected"-Zielversionen von Microsoft .NET Framework 4.7.1 (Deutsch) (HKLM-x32\...\{5B970BE4-A2F2-41BD-8B91-FEA8DAA1DB9B}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.7.2 (Deutsch) (HKLM-x32\...\{98FE7C2A-22A4-401A-B45B-2AA107C06DD7}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.8 (Deutsch) (HKLM-x32\...\{9E68042B-8597-4DE3-BA10-D1198BA9316B}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
ProtonVPN (HKLM-x32\...\{5D8EB116-AEE3-4BA2-9431-E429F0924940}) (Version: 1.25.0 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.25.0) (Version: 1.25.0 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
ProtonVPNTun (HKLM-x32\...\{C953D354-0C14-4CB5-AB42-0A9E40F55857}) (Version: 0.13.0 - Proton Technologies AG)
PrusaSlicer 2.5.0 (HKLM\...\{F7A53CE7-528F-429F-AABB-E54ECE5FD63E}) (Version: 2.5.0 - Prusa Research) Hidden
PrusaSlicer 2.5.0 (HKLM\...\PrusaSlicer 2.5.0 2.5.0) (Version: 2.5.0 - Prusa Research)
PuTTY release 0.76 (64-bit) (HKLM\...\{1E0D5689-40F1-4E46-ABBB-EAAC68B5CD89}) (Version: 0.76.0.0 - Simon Tatham)
PyCharm Community Edition 2021.3.1 (HKLM-x32\...\PyCharm Community Edition 2021.3.1) (Version: 213.6461.77 - JetBrains s.r.o.)
Python 3.9.7 (64-bit) (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\{0f0bf1a5-3ec1-459b-ab7c-916db941f50d}) (Version: 3.9.7150.0 - Python Software Foundation)
Python 3.9.7 Core Interpreter (64-bit) (HKLM\...\{88D4EF59-607D-43AD-B7C7-F5A753740FD1}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Development Libraries (64-bit) (HKLM\...\{97496FC6-5044-4A2A-BACD-40A44F38D483}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Documentation (64-bit) (HKLM\...\{AA408E09-EBB3-470F-8D63-5AA0C46C2DA2}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Executables (64-bit) (HKLM\...\{870EC220-FEAE-481D-8B29-B4B0DF5402FA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 pip Bootstrap (64-bit) (HKLM\...\{F1280AA2-AAC3-41AB-9616-CCF00814E626}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Standard Library (64-bit) (HKLM\...\{05903EEF-72A2-4C1A-AD35-41AD6C7094A8}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Tcl/Tk Support (64-bit) (HKLM\...\{6E8EAD3C-6F0C-494C-9C12-E10C5B5EE7EA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Test Suite (64-bit) (HKLM\...\{67D79D6E-8497-4EE6-850B-834D3A27553F}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Utility Scripts (64-bit) (HKLM\...\{4110826A-903C-410C-9785-7848A51B9CC9}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{99719382-D7A9-4DC2-BF0C-C23B730A313D}) (Version: 3.9.7546.0 - Python Software Foundation)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.0831.083015 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8273 - Realtek Semiconductor Corp.)
Red 2 & Red 3 Plug-in Suite version 1.1 (HKLM\...\Red 2 & Red 3 Plug-in Suite_is1) (Version: 1.1 - Focusrite Audio Engineering Limited)
REDlauncher (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Roblox Player for lucap (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for lucap (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\roblox-studio) (Version:  - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.63.962 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games)
rtpMIDIBlockLegacy (HKLM-x32\...\{FD937297-84C3-41A5-B5DF-1FAEEE669D68}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Snapmaker Luban 4.4.0 (HKLM\...\4c329381-cbe6-5eac-8b35-1ff73ff2e943) (Version: 4.4.0 - Snapmaker Dev Team)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.28779 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.34.4 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.43.0 - TechPowerUp)
Telegram Desktop version 4.1.1 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.1.1 - Telegram FZ-LLC)
Tesseract-OCR - open source OCR engine (HKLM\...\Tesseract-OCR) (Version: v5.0.1.20220118 - Tesseract-OCR community)
teVirtualMIDI64 (HKLM\...\{2F802731-3731-453E-B30B-4381BEED22AC}) (Version: 1.3.0.43 - Tobias Erichsen) Hidden
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Tools for .Net 3.5 - DEU Lang Pack (HKLM-x32\...\{13BD574A-7F41-420A-B486-7A2D4CEB7F3B}) (Version: 3.11.50727 - Microsoft Corporation) Hidden
Tools for .Net 3.5 (HKLM-x32\...\{1690CE56-2231-4E59-9006-A0876D949EA8}) (Version: 3.11.50727 - Microsoft Corporation) Hidden
Tower of Fantasy (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\tof_launcher) (Version:  - Hotta Studio)
TypeScript SDK (HKLM-x32\...\{6D0FC687-BA41-4DFD-80B4-3469E567AA0F}) (Version: 4.3.5.0 - Microsoft Corporation) Hidden
TypeScript SDK (HKLM-x32\...\{E6521CE7-0C2F-461D-8B83-CB40BC26F6A5}) (Version: 3.1.7.0 - Microsoft Corporation) Hidden
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 127.4.10629 - Ubisoft)
Ultimaker Cura 5.0.0 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Ultimaker Cura 5.0.0) (Version: 5.0.0.0 - Ultimaker B.V.)
Ultimaker Cura 5.1.0 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Ultimaker Cura 5.1.0) (Version: 5.1.0 - Ultimaker B.V.)
Unigine Superposition Benchmark 1.1 (HKLM\...\Superposition_is1) (Version: 1.1 - UNIGINE)
Unity (HKLM-x32\...\Unity) (Version: 2020.3.11f1 - Unity Technologies ApS)
Unity 2021.1.16f1 (HKLM-x32\...\Unity 2021.1.16f1) (Version: 2021.1.16f1 - Unity Technologies ApS)
Unity Hub 2.4.5 (HKLM\...\{Unity Technologies - Hub}) (Version: 2.4.5 - Unity Technologies Inc.)
Unity Hub 3.0.0-beta.2 (HKLM\...\Unity Technologies - Hub) (Version: 3.0.0-beta.2 - Unity Technologies Inc.)
Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VB-CABLE C+D Package (HKLM-x32\...\VB:VBCABLE_CD {C76D3BC2-E852-4d06}) (Version:  - VB-Audio Software)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
VBCABLE-A, The Virtual Audio Cable (HKLM\...\VB:VBCABLEA {87459874-1236-4469}) (Version:  - VB-Audio Software)
VBCABLE-B, The Virtual Audio Cable (HKLM\...\VB:VBCABLEB {87459874-1236-4469}) (Version:  - VB-Audio Software)
vcpp_crt.redist.clickonce (HKLM-x32\...\{86A64DD6-2619-4D30-B777-75568A3EE56D}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{DE76BFB9-CBA9-48EB-8AAB-31292E7F1D0A}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{83D25813-8527-4DA7-A514-969B674269BC}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{9E49E95C-CF02-412D-AD53-FB1F37D8BDD8}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Resource Package (HKLM-x32\...\{66EEDDAB-DF4D-424D-8E15-2D9B41C90397}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM64 Appx Package (HKLM-x32\...\{CCAC309A-EC2D-4A5E-BA76-3638E6D651F4}) (Version: 14.16.27027 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM64 Appx Package (HKLM-x32\...\{D076C56D-9DDE-462F-A1E8-2C7DF2C0E7A6}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{41EF416D-AD5E-432D-9BFE-0E5BE62E2F1E}) (Version: 14.16.27027 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{C20A5080-9391-4126-A953-D362BD8B5240}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{EEAD071F-AC16-42DB-9EBA-FC8A466C9382}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual Studio Community 2019 (HKLM-x32\...\4429726e) (Version: 16.11.10 - Microsoft Corporation)
Visual Studio Enterprise 2017 (HKLM-x32\...\5cf6f237) (Version: 15.9.44 - Microsoft Corporation)
Visual Studio Enterprise 2022 (HKLM-x32\...\d4e2f3c5) (Version: 17.1.0 - Microsoft Corporation)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.34.2.0 - Voicemod S.L.)
VS Immersive Activate Helper (HKLM-x32\...\{C0ACF658-B4DC-4CBB-B8F2-9E667D69919A}) (Version: 17.0.114.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{43F73608-5C94-436F-A1E6-E09ACE680391}) (Version: 17.0.114.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{9EC852BD-33D2-457C-99BB-ED3099B8176F}) (Version: 17.0.114.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{2D12F791-263F-4ABA-B7A8-5485933CADCF}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{B8B0A861-C76A-4DBA-B8D5-8830511173A3}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{16946E6F-037E-4A92-A30C-80293603EEC9}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{15CE6C23-B92A-4B2B-8521-6FA81661068B}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_codecoveragemsi (HKLM-x32\...\{95913D6F-B6F3-440F-ACEA-8B0ABD5FA275}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_codeduitestframeworkmsi (HKLM-x32\...\{4379D9C7-B16D-486C-BC6D-43550A4C55EE}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{5C127D2C-BC0B-44B8-A1A5-34E9E7A116FC}) (Version: 16.11.31911 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{08693C65-8459-4C66-8AF3-15F091F28F87}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{7571C303-621A-4ACF-A392-BD6B9B3C67BF}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{EB7405ED-A99C-47D4-8516-C5C35704B07C}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{3AFF0601-10FB-491C-8F07-CBE9FA2BC180}) (Version: 17.1.32210 - Microsoft Corporation) Hidden
vs_cuitcommoncoremsi (HKLM-x32\...\{060D7518-16AC-41F1-9956-38CA636FCF7B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_cuitextensionmsi (HKLM-x32\...\{88484E59-774D-4947-AF0E-4524D6C3147D}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_cuitextensionmsi_x64 (HKLM-x32\...\{184D5702-3AD2-4F0D-95E6-11E1C75A9298}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvsharedmsi (HKLM-x32\...\{923446B9-70EB-4850-95D7-1A1AB5D111CD}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{5C99AE76-BEF9-4D4B-A77A-1B63238B86B0}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_enterprisemsi (HKLM-x32\...\{6E0FB913-0E76-44B5-B0D4-2B71A7984BD2}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{2C910925-05EE-403B-8295-D2593E11F751}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{46F71CD4-4841-4B77-A491-9933B98F8D0D}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{9DCCEEF7-CC00-4054-9879-7E0A12E5CF0A}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{B6BAC9A6-A70D-4E4D-B90A-7EE2B336E090}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{3161DA68-DD37-4798-82DB-B3A0BD6BA233}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{883D29E5-9A41-4C45-A192-C10B8078BF0C}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{05A82EA9-8768-4E1B-B16C-FCCF299D331C}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{FB59095C-C7C6-4CA6-B300-852B50AB976D}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{53D1C36A-E35A-45B3-801B-F49BDD425293}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{786313C8-40FA-4E06-A625-B1B30B66E872}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{FEFEDA38-9B6A-4374-8D43-7D5517152080}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{CC15CA94-9817-4914-A9ED-A694A2F27783}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_networkemulationmsi_x64 (HKLM-x32\...\{44FFB63E-E35B-41BE-8E9B-149B1AF65493}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_professionalmsi (HKLM-x32\...\{C135A30B-7258-4E11-8660-87C5642A4AAE}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{4EF9011A-8E81-4D6F-9CB9-DBF0B1B12809}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{874561BE-97AD-4865-8512-579D41009147}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
win-capture-audio version 2.2.3 (HKLM-x32\...\{406FD363-BC38-47EE-AF53-7F6FB4D56ECE}_is1) (Version: 2.2.3 - bozbez)
Windows App Certification Kit Native Components (HKLM\...\{398B9866-66DD-753F-761B-E74A270435CC}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{4FC3E9F0-8B10-DBFB-EA4B-FCA87274FC59}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{7718961C-5622-0714-906E-89E9751FA8F4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{EC74C9E5-A88F-D4DF-1DD0-FA42FFBB298D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{942262C5-DA88-830D-7140-C5BCC896DD60}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows IoT Extension SDK (HKLM-x32\...\{110B5402-97D4-DDA2-7B42-665D8325A44F}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{AC8F20B3-36BB-DE22-CA37-43BC967B3F47}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{B38CF8FF-C0D9-B11D-6484-B95A81C72DDC}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{6FF4EDB8-56EA-640C-47CA-54C845F7D273}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Phone SDK 8.0 Assemblies for Visual Studio 2017 (HKLM-x32\...\{7D80B045-3223-3481-AC8F-B0BBA3A25B6F}) (Version: 15.0.28302 - Microsoft Corporation) Hidden
Windows SDK (HKLM-x32\...\{ED060DBD-1A21-7554-F2E1-06A0EE45900D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{EA15DC17-4379-6850-16FA-D6527641A8DD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{BFC2CA21-326B-90D1-B0E5-F1327411D4A5}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{441FA049-A2AB-7E8D-375D-5C9720CD3325}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{492AAE4A-619E-64BF-6173-DB4E25D67533}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{C971A14A-F045-BD6A-C670-05C7B74A37FE}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{323350A8-D3DC-2F8C-2976-E59E2C132B74}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{51ACC3C5-D131-0916-3F0C-59455F32E6B0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{AE5CE40F-6C6D-C95F-FD37-D9EF7093CA99}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{D5B8B2F7-680B-B6D4-6353-377C73C0F8A8}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{9D5486B4-7458-1A53-E92F-8CFD4AF85D4B}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{8308EFA9-D647-6BF4-6525-349091FBD528}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{F770E8F3-139B-0373-8692-BF619445B8C2}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{90B0B603-7728-F869-3927-73232379BA5B}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{F84F82F2-4D6F-7EE7-A5EC-C57ECBAB3513}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{2DD06060-C61D-7C3A-AA55-6E3FD9493D61}) (Version: 10.1.17763.132 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{CA7A8A65-AB2E-43AA-4110-10C50115E211}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{1B278824-7541-EA8F-FFA1-8B73EC7146D5}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{36AA7E63-76E9-E591-C985-272415268810}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{929C5E30-584A-9E44-2C03-08AA27927317}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{785711EA-DD49-D232-BB29-D48350CC458F}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{DAED8629-A799-B67F-9751-F3A1C60EE335}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{A128C4CE-88C8-8BDF-FBE9-A517979E0BDD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{BA610F2C-C1FA-0A65-2B4D-8272223AC061}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{9A0DC6A1-E91D-EB94-FB4D-41DDDE8A225D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{FBA500B3-235D-41E5-D748-F9FFD2C881FD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{C1C8121A-6BDE-478E-3685-C09F9287D6F0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{70DB40AD-109B-C0CB-9DBF-8B1EDAEBFF61}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{58770E7F-37C0-70F9-6CBF-2B18503B0EE0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Simulator - ENU (HKLM-x32\...\{A4646537-CE71-480A-9A2B-AAFE03334996}) (Version: 15.0.27729 - Microsoft Corporation) Hidden
Windows Simulator (HKLM-x32\...\{F9F1A5B3-D8DE-4995-B14B-1ED4AFA7A003}) (Version: 15.0.27729 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{A8B548F5-D495-BB71-F673-2D48FD7E764C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{F57D8118-1428-ECB8-0729-A577A9A1DEA8}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
windows_toolscorepkg (HKLM-x32\...\{A0669C27-8927-49FE-A039-5C1792620DCE}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Razer Inc. (WinUSB) USB  (05/04/2016 6.2.9200.16385) (HKLM\...\874D6B1A2BD2AE8FF3594AB704F2A4A3F8342FB5) (Version: 05/04/2016 6.2.9200.16385 - Razer Inc.)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinSCP 5.19.5 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\winscp3_is1) (Version: 5.19.5 - Martin Prikryl)

Packages:
=========
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-08-09] (INTEL CORP) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-17] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10801.429.0_x64__8wekyb3d8bbwe [2022-08-25] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-10-06] (NVIDIA Corp.)
Python 3.10 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.2032.0_x64__qbz5n2kfra8p0 [2022-09-06] (Python Software Foundation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0 [2022-10-06] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-04] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\lucap\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\lucap\AppData\Local\Autodesk\webdeploy\production\3f77c28c02b1b466e9d910ef562e48d42f47cc2b\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Proton Technologies AG -> )
CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}\InprocServer32 -> C:\Users\lucap\AppData\Local\Programs\WinSCP\DragExt64.dll (Martin Prikryl -> Martin Prikryl)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-01-19] (Notepad++ -> )
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => G:\VMware\vmdkShellExt.dll [2022-02-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => G:\VMware\x64\vmdkShellExt64.dll [2022-02-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-09] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\nvshext.dll [2022-09-22] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-09] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games\MY.GAMES Игровой центр.lnk -> C:\Users\lucap\AppData\Local\GameCenter\GameCenter.exe (Keine Datei) <==== Cyrillic
ShortcutWithArgument: C:\Users\lucap\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c2854863be7afae2\MetaMask.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=nkbihfbeogaeaoehlefnkodbefgpgknn --app-url --app-launch-source=4

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2022-08-12 10:14 - 2022-08-09 04:52 - 001427968 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2022-01-30 04:10 - 2019-05-03 11:41 - 001750016 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Voicemod Desktop\CefSharp.Core.dll
2022-08-20 15:07 - 2022-08-20 15:07 - 000967168 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\VB\Voicemeeter\mp3lame\lame_enc.dll
2022-01-30 04:10 - 2019-04-25 10:23 - 109914112 _____ () [Datei ist nicht signiert] C:\Program Files\Voicemod Desktop\libcef.dll
2021-03-21 00:10 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
2019-07-15 11:20 - 2019-07-15 11:20 - 000126976 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2010-06-17 01:51 - 2010-06-17 01:51 - 000106546 _____ (MIDIOX Computing) [Datei ist nicht signiert] C:\Program Files (x86)\MIDIOX\MMCBKNT.DLL
2010-06-17 01:51 - 2010-06-17 01:51 - 000086065 _____ (MIDIOX Computing) [Datei ist nicht signiert] C:\Program Files (x86)\MIDIOX\moxlib.dll
2022-05-05 17:44 - 2022-05-05 17:44 - 002122240 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2022-01-30 04:10 - 2019-04-25 10:22 - 000799744 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files\Voicemod Desktop\chrome_elf.dll
2021-12-11 18:47 - 2021-12-11 18:47 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-12-11 18:47 - 2021-12-11 18:47 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2021-12-11 18:47 - 2021-12-11 18:47 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [3442]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk:075A04AA92 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk:8BD81608B2 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk:7F26D44B90 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk:6569B2479D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk:D689419597 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk:CF2917E869 [10]
AlternateDataStreams: C:\Users\lucap\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\lucap\Anwendungsdaten:0b3c2611a8001a318a8f9e5790a4bd7d [394]
AlternateDataStreams: C:\Users\lucap\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\lucap\AppData\Roaming:0b3c2611a8001a318a8f9e5790a4bd7d [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9040]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_341\bin\ssv.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\sharepoint.com -> hxxps://wpdgroup-files.sharepoint.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-03-19 06:49 - 2021-11-11 22:26 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2022-02-24 00:33 - 2022-04-01 23:38 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.27.96.1 DESKTOP-N6Q3QEM.mshome.net # 2027 3 3 31 21 38 18 281

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %C_EM64T_REDIST11%bin\Intel64;G:\VMware\bin\;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Intel\Intel(R) Memory and Storage Tool\;C:\Program Files\PuTTY\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Git\cmd;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lucap\AppData\Local\Microsoft\Windows\Themes\Nina+Luca\DesktopBackground\{ae246f3e-2323-47cd-acd2-ec2f649d66b2}.jpg
DNS Servers: 8.8.8.8 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 ist aktiviert.

Network Binding:
=============
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) 
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) 
ProtonVPN TUN: VMware Bridge Protocol -> vmware_bridge (enabled) 
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) 
LAN-Verbindung: VMware Bridge Protocol -> vmware_bridge (enabled) 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "DTS Audio.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\StartupFolder: => "Voicemeeter (VB-Audio).LNK"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "GameCenter"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "GogGalaxy"

Additionlog folgt und die anderen auch.

legendevent · 09.10.2022, 16:03

Addition Teil2:

Code:

ATTFilter

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{B055CD66-6E58-421C-9689-1A715B9DC120}C:\users\lucap\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lucap\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A1E52362-8CF1-459D-A85A-3DD89034BA97}C:\users\lucap\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lucap\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1AE35F62-FC60-47FF-AC33-277333B7DE97}C:\program files\daedalus mainnet\daedalus mainnet.exe] => (Allow) C:\program files\daedalus mainnet\daedalus mainnet.exe (GitHub, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{68C622B7-2A5B-4F9F-8AC1-6A6D64D77509}C:\program files\daedalus mainnet\daedalus mainnet.exe] => (Allow) C:\program files\daedalus mainnet\daedalus mainnet.exe (GitHub, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D4102AF4-482A-493C-B3BC-F449B42CEE21}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [UDP Query User{911A43CD-A386-4534-9947-C31F2774BF8B}C:\users\lucap\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe] => (Allow) C:\users\lucap\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe => Keine Datei
FirewallRules: [TCP Query User{3186B7E1-C803-4DA7-8F56-59E7BDD66B18}C:\users\lucap\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe] => (Allow) C:\users\lucap\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe => Keine Datei
FirewallRules: [{50A838E3-1FE8-4E62-8136-92807E5966C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0D5B8BE2-8BEA-4851-8F08-F18DD5D43B37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B8C5DA5D-9163-4107-AC8C-2B44055563FE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{706E0FB1-CF71-4F62-8BFD-9D4184121E6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A856504B-938F-494F-8952-4267B8EE7864}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{C8EEEFE7-60EC-4496-8E52-4005B75C3313}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{DBBFBB69-6FCA-4814-BDD7-82F0E3755C37}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{4163EC52-B9EC-42E5-A11B-5DB7F46ADCE2}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{4B9F176B-ED9F-4897-AA2D-3E76381B5D70}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{BE0F3533-AFDE-43DB-ABAC-4830B7BAD71E}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{6D2D2A1A-136D-4BE5-98C2-BC062A5C085C}D:\battlenet\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battlenet\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [UDP Query User{6AC11A53-471E-4F88-8171-7B0B4FED3368}D:\battlenet\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battlenet\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [{B1BDDD19-26A0-4CE4-8083-0209AF7BC9AA}] => (Allow) E:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe (Unity Technologies ApS) [Datei ist nicht signiert]
FirewallRules: [{392A9D61-7C90-4FF6-8AB5-3C01EE4B834E}] => (Allow) E:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe (Unity Technologies ApS) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{7528AF07-A512-4AAE-B20D-B4C6F2097F07}C:\users\lucap\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\lucap\appdata\local\gamecenter\gamecenter.exe => Keine Datei
FirewallRules: [UDP Query User{BC484671-BE68-48A8-9493-BE2DF6574840}C:\users\lucap\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\lucap\appdata\local\gamecenter\gamecenter.exe => Keine Datei
FirewallRules: [{B9B2106D-2CFC-47AC-B26C-04A13CAC4591}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{139F9C58-CF73-4AAC-AD70-E248D02EB8ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{D126B0DF-9FF8-484C-911D-79E3C1BA026F}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{9FD1CE5D-13C1-402A-8F15-EA08AF337FA2}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{5D22B059-C16D-4F78-9B25-06AB440C8DAB}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{0FB5E468-B82B-490A-A432-82670F257983}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{F5DFC3F6-CB5B-45A0-9709-4746E31116C2}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{41F38958-2A46-444C-91E1-E3518CBE29D7}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{FCD57E13-ED76-4861-ACF3-CCC9026A5D47}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [{0A233FB7-3D50-4D26-A7D3-AA137B8F21DF}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Scavengers\Scavengers_Launcher.exe (Epic Games, Inc) [Datei ist nicht signiert]
FirewallRules: [{40F931E0-1FA1-40A7-80A3-4B02F70EC2F9}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Scavengers\Scavengers_Launcher.exe (Epic Games, Inc) [Datei ist nicht signiert]
FirewallRules: [{EB01688F-4A42-4480-AA19-1DD3D0374B9E}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [{E387A6B4-1684-44AE-ABA5-A9C9261EA39A}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [{E045F99A-CBE7-43A2-8012-4661B4125068}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe => Keine Datei
FirewallRules: [{166C57C6-07B7-4F49-AB50-F8CDB5A5B5F6}] => (Block) C:\Program Files\Unity\Editor\Unity.exe => Keine Datei
FirewallRules: [{93702EF5-4211-48A4-A6E2-B0FF88261EBF}] => (Allow) C:\Program Files\Unity\Hub\Editor\2020.3.11f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{B96E94CA-B3A8-4BA9-B502-AFB555A4C5CF}] => (Block) C:\Program Files\Unity\Hub\Editor\2020.3.11f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{25719415-8AD5-4E7C-8BCE-D43229B7E7DF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2D095F1-26FF-4314-AFBB-9ECBC0BEF989}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{307FDA5B-742A-4066-9EFC-DF1F235E9464}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Police Simulator Patrol Officers\Boston.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{E061731D-11B3-4186-9E8E-F0870ABC650E}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Police Simulator Patrol Officers\Boston.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{9F719FDF-B9F9-4416-973D-4431291AB29E}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{77A609ED-531E-46FB-B3FB-8ED634D9DEF1}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{EF59AC6E-EF84-487F-9659-C8A7634FF108}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Back4BloodBeta\Gobi\Binaries\Win64\Back4Blood.exe => Keine Datei
FirewallRules: [{DFE1675B-6718-497D-B6FE-96B1EA308010}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Back4BloodBeta\Gobi\Binaries\Win64\Back4Blood.exe => Keine Datei
FirewallRules: [{558ADEA4-85FE-4703-94E7-72A0029221E0}] => (Allow) C:\Program Files\Unity\Hub\Editor\2021.1.16f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{837BD691-2D10-47E9-A6B5-07C2EA58AE24}] => (Block) C:\Program Files\Unity\Hub\Editor\2021.1.16f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{69F665B3-BD1C-4A79-AECC-72285FB4F5AB}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => Keine Datei
FirewallRules: [{BE4BCCF2-2AC5-40B5-AF0B-D110A220AC9F}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [TCP Query User{C0A47962-166E-4A7D-A592-D7EC32C73B6D}F:\spiele\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [UDP Query User{9050EDC6-5E68-450D-8827-B6141D0E5F21}F:\spiele\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [TCP Query User{BCA289C6-CAA7-4C3C-BF00-A28F684FD58A}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [UDP Query User{441AF1A6-6E29-4745-9EF9-2E9D51D5DCB1}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [{8E01B8E0-E189-42F6-B6CB-39716C595B57}] => (Block) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [{66478A40-FBC1-49C1-A915-C582A8F155DF}] => (Block) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [TCP Query User{737394C3-53A5-40D0-8CD0-0627DB9DCCE9}C:\program files\java\jdk-17.0.1\bin\javaw.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\javaw.exe
FirewallRules: [UDP Query User{88DD6837-1624-46F2-A4FF-11AD3952DE59}C:\program files\java\jdk-17.0.1\bin\javaw.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\javaw.exe
FirewallRules: [{DD823069-F27D-43C1-B1D2-9A2FF2CF7D8F}] => (Block) C:\program files\java\jdk-17.0.1\bin\javaw.exe
FirewallRules: [{45BA234D-0242-498A-A30F-E59B00C7DAD2}] => (Block) C:\program files\java\jdk-17.0.1\bin\javaw.exe
FirewallRules: [TCP Query User{D1DA5D7E-0525-4ADD-817C-F3E6B3222913}C:\program files\java\jdk-17.0.1\bin\java.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [UDP Query User{34B01248-7CBB-4162-9863-8E84F04F3C4D}C:\program files\java\jdk-17.0.1\bin\java.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [{6F7C6BAF-2095-4F2E-9EC6-D2F043234DD7}] => (Block) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [{F4AC9896-E2A6-4E54-A6AB-8381945C22DA}] => (Block) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [TCP Query User{93987B60-318F-4237-B227-CAE224486B52}C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe
FirewallRules: [UDP Query User{D6984EA7-CB63-4FE9-A9A9-9AC9C66C558A}C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe
FirewallRules: [{3FE6117E-CD69-4EC5-B4A9-FBC09F6C70C4}] => (Block) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe
FirewallRules: [{A2FDE404-11DE-48D5-8C71-854FE8ACA7D6}] => (Block) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe
FirewallRules: [TCP Query User{8D16BE4E-CE80-437F-9C2F-ED95379B923E}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{930E237A-89C5-44EB-8B49-4019D456C512}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{437B7E93-0B86-47E5-B415-D440862E26A4}] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{5060D30D-E5DA-4759-BC3B-EA91F7FCA27A}] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{6673FE6F-1386-4460-82D4-EDD4485A2EE2}C:\program files\java\jre1.8.0_311\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_311\bin\java.exe => Keine Datei
FirewallRules: [UDP Query User{5875C373-FD26-4B95-9B71-1A56A875D08B}C:\program files\java\jre1.8.0_311\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_311\bin\java.exe => Keine Datei
FirewallRules: [{17830A47-3CA0-4C41-8DFE-7C5FD2C118F7}] => (Block) C:\program files\java\jre1.8.0_311\bin\java.exe => Keine Datei
FirewallRules: [{72059373-C071-4E14-BE6E-39C57A40D014}] => (Block) C:\program files\java\jre1.8.0_311\bin\java.exe => Keine Datei
FirewallRules: [TCP Query User{699B7CC1-44B8-47AA-8F38-02505DBF4A16}C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{77DBCCBC-D06A-4892-94FF-0A7BB3809ED3}C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{24C452F0-C820-40AC-B7B1-994493370F4A}] => (Block) C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{365D501F-3B7D-4E1E-8D48-ED1D5EBB00D5}] => (Block) C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{17E62ECE-4E95-47FC-81C9-7218DF7035EF}C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{22102CE2-5763-45DF-A0DE-9B2F8D9D2F3C}C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{CD77AFA6-684A-45D1-9A9F-9A9620DB631F}] => (Block) C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{73CAC0DD-3524-4C10-A59B-09A6D9C0CCDB}] => (Block) C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [TCP Query User{F4A9DBA8-CAC5-4956-A908-5B998134BC90}F:\spiele\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe => Keine Datei
FirewallRules: [UDP Query User{FB02D43E-06CA-451C-8114-227B54D3B52D}F:\spiele\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe => Keine Datei
FirewallRules: [TCP Query User{1896F537-C6AD-4200-8CC5-DA440CF9FABE}F:\battlefield2042\battlefield 2042\bf2042.exe] => (Allow) F:\battlefield2042\battlefield 2042\bf2042.exe => Keine Datei
FirewallRules: [UDP Query User{AC9B4935-4DF9-4571-AFFC-22DCD7140D05}F:\battlefield2042\battlefield 2042\bf2042.exe] => (Allow) F:\battlefield2042\battlefield 2042\bf2042.exe => Keine Datei
FirewallRules: [{1F4633A3-EAC3-4DF3-BF00-6F7B61614AAF}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe => Keine Datei
FirewallRules: [{5FA054FD-65E7-4413-A46F-6923A001A764}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe => Keine Datei
FirewallRules: [{C30359CA-B904-420E-BC92-E1B571E04C76}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe => Keine Datei
FirewallRules: [{8A6C56E0-FCB7-4F3E-BB01-3CA1686FC9B0}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe => Keine Datei
FirewallRules: [TCP Query User{0192CD57-CB68-4E5A-94FD-307849245684}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Keine Datei
FirewallRules: [UDP Query User{834189CB-CB43-4CFE-9CB9-422A29717A51}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Keine Datei
FirewallRules: [TCP Query User{3B78FFFD-4FB2-4254-9DF3-B1B72BDF95F4}F:\spiele\riot games\riot client\riotclientservices.exe] => (Allow) F:\spiele\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{2719E38A-59AA-4A70-B8C7-265700BACCAD}F:\spiele\riot games\riot client\riotclientservices.exe] => (Allow) F:\spiele\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{EB58D4DC-655C-4A68-8F88-526BF58DA41E}F:\spiele\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe => Keine Datei
FirewallRules: [UDP Query User{498F12DF-6B0D-49A7-B5A7-3347DCBF2F1E}F:\spiele\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe => Keine Datei
FirewallRules: [TCP Query User{D87B8B17-18B3-4CE5-9D00-E8B3165D14F9}C:\program files\jetbrains\pycharm community edition 2021.3.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2021.3.1\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{876C2405-4AE4-42A1-836C-EEED4D10E361}C:\program files\jetbrains\pycharm community edition 2021.3.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2021.3.1\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{D82947DF-6D10-4184-B867-B90BCDE230CC}] => (Allow) F:\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{9B8ECDA9-B8F3-42E1-A678-8D353D384CA7}] => (Allow) F:\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{B14D4F6D-91A4-414C-B68C-3CECB7DF9C4B}] => (Allow) F:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{46126EC3-C382-4618-82D7-F6490A34F14F}] => (Allow) F:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{ABC6390E-8360-46BD-B335-F0D6D4ADFFBD}F:\spiele\steamlibrary\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{F9037371-3110-4E3E-962C-6FCFA6AB3D8B}F:\spiele\steamlibrary\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [Datei ist nicht signiert]
FirewallRules: [{6F64AE58-95EA-4BFE-AAF5-5DD0CFDFB20D}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{493E56C8-8CEA-4500-9186-2EF521F129C6}G:\visual studio\2022\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe] => (Allow) G:\visual studio\2022\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B77F7B39-2D43-4530-9D5A-5716E396A6D7}G:\visual studio\2022\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe] => (Allow) G:\visual studio\2022\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{623FD68D-0B24-4BAC-8F2B-C5EA6F6D084B}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{2E5CF565-0E00-4231-A101-232E41862224}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{36C2551E-C59B-4567-8BE0-3C82091FD0F2}F:\spiele\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [UDP Query User{CDEB9012-DA93-481D-87DE-A0EE9166910F}F:\spiele\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [{6F50DB18-63D4-444A-94A7-F9CE53ACC79D}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{85FF5C82-A422-421C-AFA0-E78D5958EF89}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [{2BBA24EC-CA88-4FFE-BC32-E6489566E631}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{D1753862-5580-469A-AE25-1CAF9D2A9D7F}F:\spiele\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{1B34FDE8-10AF-456F-921B-288131AD2317}F:\spiele\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [{C74578E8-8DF1-41CA-B006-4DCDB273F43E}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Hydroneer\Mining.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D95A059F-9CCB-4FF4-A6FC-D353914D500B}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Hydroneer\Mining.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{268248C2-F75A-4018-9F27-F90A9704CF48}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{28CD5A59-F0A5-4FB4-B6E6-22E14B6DD5BA}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{DB4DAC25-0B2A-4ECA-AFF7-4465774A9573}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{AC4C275F-AD7D-4319-9CCD-C1958756B3F1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{F06BA117-1824-4AC1-8034-8602CD719F10}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe => Keine Datei
FirewallRules: [{95CC9589-F13A-4786-A1A6-5C94FCEA4A66}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe => Keine Datei
FirewallRules: [TCP Query User{7852ADD3-EF3C-4EB3-8587-69F4C57D5220}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9A1AA7F5-E34E-42C2-AC65-75445139E2AC}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{87E5A834-F205-4B1C-BEDB-82DBCDB10079}F:\spiele\steamlibrary\steamapps\common\arma reforger\armareforgersteam.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\arma reforger\armareforgersteam.exe => Keine Datei
FirewallRules: [UDP Query User{BEA55C9C-DB24-4CF6-A621-6458D67A3660}F:\spiele\steamlibrary\steamapps\common\arma reforger\armareforgersteam.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\arma reforger\armareforgersteam.exe => Keine Datei
FirewallRules: [{8555DB45-A979-4A50-8411-87AA5D59B266}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{E70546CD-62EA-483C-8175-A8FCE85943C0}C:\program files\ultimaker cura 5.0.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.0.0\ultimaker-cura.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4E78B0F4-1867-4C01-84FF-B3AFAA6A1D68}C:\program files\ultimaker cura 5.0.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.0.0\ultimaker-cura.exe () [Datei ist nicht signiert]
FirewallRules: [{0CC070C7-10B6-47C6-8ED1-A17B5F4AB320}] => (Allow) F:\AssassinsCreedOrigins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{57A46265-9A7F-42B3-951A-1EC892F41BAC}] => (Allow) F:\AssassinsCreedOrigins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{EB3EA712-4F35-48D5-9E8A-F3EDDD4514B6}] => (Allow) D:\SteamLibrary\steamapps\common\The Cycle\Prospect_BE.exe => Keine Datei
FirewallRules: [{5398AC86-7029-4EF6-BC3F-C920940BC8AF}] => (Allow) D:\SteamLibrary\steamapps\common\The Cycle\Prospect_BE.exe => Keine Datei
FirewallRules: [{56EAEAA8-A6D6-4BF2-A6D1-AB0386EAC701}] => (Allow) D:\SteamLibrary\steamapps\common\Tales of Arise Demo Version\Arise\Binaries\Win64\Tales of Arise.exe => Keine Datei
FirewallRules: [{CB4C5C87-EEFE-49E7-952B-0BD31113ADF8}] => (Allow) D:\SteamLibrary\steamapps\common\Tales of Arise Demo Version\Arise\Binaries\Win64\Tales of Arise.exe => Keine Datei
FirewallRules: [TCP Query User{21B320B5-F904-4BAA-8B54-EE9EA37E7E7A}C:\users\lucap\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\lucap\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{AC3E93D8-9931-4CF0-AEAC-AE05000AB27D}C:\users\lucap\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\lucap\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{A56E9D8F-52A9-49CE-A570-EEEE12EDEE98}D:\rockstar\grand theft auto v\gta5.exe] => (Allow) D:\rockstar\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{C1C3CBA6-81D8-4187-97BE-018BA94F1B32}D:\rockstar\grand theft auto v\gta5.exe] => (Allow) D:\rockstar\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{117A9D67-0985-4FFA-BADB-8F96899322A7}] => (Allow) G:\VMware\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{0E30DB09-77B9-49C8-842E-570C8EE69EF1}] => (Allow) G:\VMware\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{972AE3AA-089C-4E1D-8F02-FBFA154D9907}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40E27852-6E2E-4612-A565-F9C0902EE6CA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9358E5D-F93E-4922-A2BB-AA588ECA44EC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{41B79784-1A75-43F3-8658-F9AD37E6CF26}] => (Allow) F:\Grand\GrandRP Launcher\RAGEMP\ragemp_v.exe => Keine Datei
FirewallRules: [{05AB3C4F-3398-424C-BA3D-0C387CC9318A}] => (Allow) F:\Grand\GrandRP Launcher\RAGEMP\ragemp_v.exe => Keine Datei
FirewallRules: [TCP Query User{E2624B3C-B63A-4E3D-B7CB-3B746EF367B2}F:\grand\grandrp launcher\ragemp\cef\ragemp_game_ui.exe] => (Allow) F:\grand\grandrp launcher\ragemp\cef\ragemp_game_ui.exe => Keine Datei
FirewallRules: [UDP Query User{3534449D-83F5-42D2-AFC8-1FF4F2140B78}F:\grand\grandrp launcher\ragemp\cef\ragemp_game_ui.exe] => (Allow) F:\grand\grandrp launcher\ragemp\cef\ragemp_game_ui.exe => Keine Datei
FirewallRules: [{A6CB9AF2-C1BD-4C58-85F0-72122A13071D}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert]
FirewallRules: [{A6BA0C1E-4589-4641-8221-B83D3A7189F3}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert]
FirewallRules: [{06DDCE8D-1D35-4E5C-BD26-6EC0C1190E8E}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{F1D043C6-AF09-420E-BCF8-574308AC55E5}] => (Allow) D:\NosTale\DYNZEN\DZLauncher.exe => Keine Datei
FirewallRules: [TCP Query User{DFE0B60F-0C34-4B3E-95DF-A98403813AD2}F:\spiele\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{8E7DEAE5-29E0-40B7-9B00-26CDAFDBAFDD}F:\spiele\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{3815DCB4-4591-4FF0-B3C2-8E628E0E7602}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Ready Or Not\ReadyOrNot.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{E2CFB573-1990-4340-A0CC-B2AF5AEF9F96}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Ready Or Not\ReadyOrNot.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{EA9903D6-2FEB-40AF-9153-5BC9E2F2CD4A}] => (Allow) C:\Users\lucap\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{7F4A241C-CD04-4433-8BA0-FA2F0E15B097}] => (Allow) C:\Users\lucap\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{45CAE728-35C2-4D15-A3B2-0EBEB3AF420A}] => (Allow) F:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe () [Datei ist nicht signiert]
FirewallRules: [{EA6B7BE8-FB02-4B2E-8C5C-4652CD5AE9FD}] => (Allow) F:\Tower Of Fantasy\Launcher\intl_service\intl_service.exe (PROXIMA BETA PTE. LIMITED -> PROXIMA BETA PTE. LIMITED)
FirewallRules: [TCP Query User{A8DF2F81-EDE1-4ECA-AA92-2DC2B127920C}C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe (BUREL VINCENT -> VB-AUDIO Software)
FirewallRules: [UDP Query User{2057F51F-E21F-4D1E-B60D-CEDE15D222AE}C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe (BUREL VINCENT -> VB-AUDIO Software)
FirewallRules: [{692A2D6E-857F-459E-9B18-4C2B4D83B15B}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{81340C5E-4264-4EC2-B18D-439718F5D19B}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{DFA2ACAE-EE2B-4B5C-8F0D-2403DE2D045F}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{237EC99F-5B57-441D-84D4-351E223149EE}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{DBE8CF1D-C974-4FDB-9E59-8FE49B7EE7ED}C:\program files (x86)\vb\voicemeeter\vban2midi.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\vban2midi.exe (BUREL VINCENT -> Audio Mechanic & Sound Breeder)
FirewallRules: [UDP Query User{6D1DB665-ADAF-408B-9D9D-ADC9365FB024}C:\program files (x86)\vb\voicemeeter\vban2midi.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\vban2midi.exe (BUREL VINCENT -> Audio Mechanic & Sound Breeder)
FirewallRules: [{951CF11F-8391-477F-B041-0CBE5DD78EA0}] => (Allow) C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{88BE0DBC-ECCC-42EB-9D96-F47C86F8F6E3}C:\program files\windowsapps\60992midimixer.midimixer_2.7.1.0_x64__crf4gtfkaz836\app\midi mixer.exe] => (Allow) C:\program files\windowsapps\60992midimixer.midimixer_2.7.1.0_x64__crf4gtfkaz836\app\midi mixer.exe => Keine Datei
FirewallRules: [UDP Query User{3AF61B7E-292A-499F-88DB-4255490489D1}C:\program files\windowsapps\60992midimixer.midimixer_2.7.1.0_x64__crf4gtfkaz836\app\midi mixer.exe] => (Allow) C:\program files\windowsapps\60992midimixer.midimixer_2.7.1.0_x64__crf4gtfkaz836\app\midi mixer.exe => Keine Datei
FirewallRules: [TCP Query User{5911571C-C5B4-4DC8-B670-2D8AD377B5B4}C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{EC2BF018-F76E-462D-BAF7-0F979E59CEFB}C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe () [Datei ist nicht signiert]
FirewallRules: [{7D86D7D0-4C87-41C1-A047-5794AF31A2B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5ECA1D9E-3903-4707-9DCD-FD1E333AF14F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D659C383-BFFB-441C-8578-0C5A8D5462B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E8B52B02-B037-48CF-80AB-2C95F4AC9360}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1A15F107-105B-4831-9C53-1443DF4C4F1B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4C0CCBF6-B597-4AA2-A0FC-DB5378670302}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => Keine Datei
FirewallRules: [{D8DDB4DC-83D9-40F4-8B6F-5EC24F6B73CD}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => Keine Datei
FirewallRules: [{6F3BA182-78F5-482C-A49F-C511B0FBAE3A}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => Keine Datei
FirewallRules: [{97EBFA5D-86AF-4F8E-B842-B2AFFC05EADD}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => Keine Datei
FirewallRules: [{D70BA585-9F18-486A-867C-DD5FCDCA7495}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => Keine Datei
FirewallRules: [{40C71959-665F-42D5-98EC-8297C8E97B34}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => Keine Datei
FirewallRules: [{BE341D90-900D-4492-941C-858650DB7025}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => Keine Datei
FirewallRules: [{92DAC700-1482-48B5-B808-0EDB4D8EB6D5}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => Keine Datei
FirewallRules: [TCP Query User{3C792DFA-6126-4549-A900-BE7941F66F15}F:\fallguys\fallguys_client_game.exe] => (Allow) F:\fallguys\fallguys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{BDFC7BB3-7868-4C6B-BD8C-046AD421F6FB}F:\fallguys\fallguys_client_game.exe] => (Allow) F:\fallguys\fallguys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{B6E08354-F876-494F-96B3-03781414CFFB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7417C2D0-90D5-48DA-9103-D1255EABAA72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F1B334B-4F1C-447E-9A14-C20BF51C7A25}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{56EBA9CA-9C21-4D60-B927-1E0400E9A663}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{2379138D-3C4D-4301-9DFB-773D433E0FC5}F:\spiele\steamlibrary\steamapps\common\need for speed heat\needforspeedheat.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\need for speed heat\needforspeedheat.exe (Electronic Arts) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{C69606C5-3333-446C-A9E7-E3B6F6598601}F:\spiele\steamlibrary\steamapps\common\need for speed heat\needforspeedheat.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\need for speed heat\needforspeedheat.exe (Electronic Arts) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{646CDBDC-F055-40B7-8FD4-EEBF8FCC7CD7}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{B22FCC24-3317-4657-BF24-FCE63EB75AAA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{2C4FA44B-BD01-4553-B419-40CCEE0FFEC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3FCF19E3-141E-4FE9-A3DC-1CE7BA71B22A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E93DFDFC-4B44-4C20-AB6B-015169ECAE94}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B17FD12C-6EC7-4FDF-AF8B-E2170BF9DEE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{93559D56-70AE-43EC-B1C6-80F72CAC6058}C:\program files\windowsapps\60992midimixer.midimixer_2.7.2.0_x64__crf4gtfkaz836\app\midi mixer.exe] => (Block) C:\program files\windowsapps\60992midimixer.midimixer_2.7.2.0_x64__crf4gtfkaz836\app\midi mixer.exe => Keine Datei
FirewallRules: [UDP Query User{8A4E43D8-AF77-414D-9CF3-C243950AA9D3}C:\program files\windowsapps\60992midimixer.midimixer_2.7.2.0_x64__crf4gtfkaz836\app\midi mixer.exe] => (Block) C:\program files\windowsapps\60992midimixer.midimixer_2.7.2.0_x64__crf4gtfkaz836\app\midi mixer.exe => Keine Datei
FirewallRules: [{7DB580C6-1B2F-43DA-A737-93E1F63F6589}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34F00B60-ABD5-4103-81C2-1889EEBB07DE}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc)
FirewallRules: [{B05183D0-8D14-4D26-B17E-3CD2CA80799A}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc)
FirewallRules: [{644DD8B7-084E-460B-9CCC-83065184042D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{62618D68-3EDF-4A8F-80CD-98387333B5DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AEAAEC2B-B850-4C56-A07C-28E888B37252}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{59FB57F8-F023-45C0-BB36-809F0D8F8528}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{36B14B7B-E050-48B4-80A4-4D12457652B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{051FC682-B9B8-4327-BCEE-45005D045A9B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0320B9D-14DB-4031-8931-4D2EABDE44B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D18ABDFC-8E97-4DC2-A6BD-403923FFC6A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{DD265A5A-3F04-4C98-84C0-056B1797255E}C:\users\lucap\appdata\roaming\1337\easybot emulator.exe] => (Allow) C:\users\lucap\appdata\roaming\1337\easybot emulator.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{AB01F958-51E5-4786-98D7-562FB559706C}C:\users\lucap\appdata\roaming\1337\easybot emulator.exe] => (Allow) C:\users\lucap\appdata\roaming\1337\easybot emulator.exe () [Datei ist nicht signiert]

==================== Wiederherstellungspunkte =========================

08-10-2022 14:46:07 Removed DB Browser for SQLite

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (10/09/2022 02:28:00 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (10/09/2022 02:00:32 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (10/09/2022 11:00:30 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (10/09/2022 10:45:47 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.

Error: (10/09/2022 10:45:47 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]

Error: (10/08/2022 11:34:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Kaisen.exe, Version: 0.9.3.3181, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: nvd3dum.dll, Version: 31.0.15.1748, Zeitstempel: 0x632b3f71
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00952507
ID des fehlerhaften Prozesses: 0x2858
Startzeit der fehlerhaften Anwendung: 0x01d8db3d9b2bac20
Pfad der fehlerhaften Anwendung: D:\NosTale\Kaisen - Kopie\Kaisen.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\nvd3dum.dll
Berichtskennung: dd0d5330-7b3f-4178-8d8f-46f01651dbb5
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/08/2022 08:34:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm cheatengine-x86_64-SSE4-AVX2.exe Version 7.2.0.6541 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 276c

Startzeit: 01d8db3e034ed760

Beendigungszeit: 11

Anwendungspfad: G:\CheatEngine\cheatengine-x86_64-SSE4-AVX2.exe

Bericht-ID: d36fc851-7ac5-4e46-87aa-8fa726afb14a

Vollständiger Name des fehlerhaften Pakets: 

Relative Anwendungs-ID des fehlerhaften Pakets: 

Absturztyp: Unknown

Error: (10/08/2022 07:40:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Kaisen.exe, Version: 0.9.3.3181, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2454.1344.0, Zeitstempel: 0x562d8f27
Ausnahmecode: 0x80000003
Fehleroffset: 0x00186429
ID des fehlerhaften Prozesses: 0x15e0
Startzeit der fehlerhaften Anwendung: 0x01d8db3d1b9243cd
Pfad der fehlerhaften Anwendung: D:\NosTale\Kaisen - Kopie\Kaisen.exe
Pfad des fehlerhaften Moduls: D:\NosTale\Kaisen - Kopie\libcef.dll
Berichtskennung: 78121916-8f5b-48e9-a2db-eac9dd8c9f99
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (10/09/2022 01:36:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/09/2022 01:36:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Content Protection HECI Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/09/2022 01:36:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Content Protection HDCP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/09/2022 01:36:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Razer Game Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/09/2022 01:36:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DTS APO Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/09/2022 01:36:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Chroma Stream Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/09/2022 01:36:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/09/2022 01:36:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.


Windows Defender:
================
Date: 2022-10-09 10:53:37
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1788.0, AS: 1.375.1788.0, NIS: 1.375.1788.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-10-09 10:53:26
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1788.0, AS: 1.375.1788.0, NIS: 1.375.1788.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-10-08 18:57:03
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {819838DB-8CAB-4B32-9392-9599F11A7555}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Vollständige Überprüfung
Benutzer: DESKTOP-N6Q3QEM\lucap

Date: 2022-10-08 18:57:03
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKms&threatid=2147711767&enterprise=0
Name: HackTool:MSIL/AutoKms
Schweregrad: Hoch
Kategorie: Tool
Pfad: file:_C:\$Recycle.Bin\S-1-5-21-3740623257-3560467387-1776860099-1001\$RPZNQNK\KMSpico (1)\KMSpico\KMSELDI.exe; file:_C:\$Recycle.Bin\S-1-5-21-3740623257-3560467387-1776860099-1001\$RPZNQNK\KMSpico\KMSpico\Service_KMS.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Benutzer
Benutzer: DESKTOP-N6Q3QEM\lucap
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1750.0, AS: 1.375.1750.0, NIS: 1.375.1750.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-10-08 18:57:03
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Name: HackTool:Win32/AutoKMS
Schweregrad: Hoch
Kategorie: Tool
Pfad: file:_C:\$Recycle.Bin\S-1-5-21-3740623257-3560467387-1776860099-1001\$RPZNQNK\KMSpico\KMSpico\scripts\Install_Service.cmd; file:_C:\$Recycle.Bin\S-1-5-21-3740623257-3560467387-1776860099-1001\$RPZNQNK\KMSpico\KMSpico\scripts\Install_Task.cmd; file:_C:\$Recycle.Bin\S-1-5-21-3740623257-3560467387-1776860099-1001\$RPZNQNK\KMSpico\KMSpico\scripts\UnInstall_Service.cmd; file:_C:\$Recycle.Bin\S-1-5-21-3740623257-3560467387-1776860099-1001\$RPZNQNK\KMSpico\scripts\Install_Service.cmd; file:_C:\$Recycle.Bin\S-1-5-21-3740623257-3560467387-1776860099-1001\$RPZNQNK\KMSpico\scripts\Install_Task.cmd; file:_C:\$Recycle.Bin\S-1-5-21-3740623257-3560467387-1776860099-1001\$RPZNQNK\KMSpico\scripts\UnInstall_Service.cmd
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Benutzer
Benutzer: DESKTOP-N6Q3QEM\lucap
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1750.0, AS: 1.375.1750.0, NIS: 1.375.1750.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

CodeIntegrity:
===============
Date: 2022-10-09 14:18:57
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-09 13:02:17
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 1302 03/15/2018
Hauptplatine: ASUSTeK COMPUTER INC. PRIME Z270-A
Prozessor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 32634.62 MB
Verfügbarer physikalischer RAM: 25187.44 MB
Summe virtueller Speicher: 37498.62 MB
Verfügbarer virtueller Speicher: 27681.12 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.34 GB) (Free:12.34 GB) (Model: WDC WDS250G1B0A-00H9H0) NTFS
Drive d: (NOS SCRIPTS ETC) (Fixed) (Total:232.87 GB) (Free:51.94 GB) (Model: WDC WDS250G2B0A-00SM50) NTFS
Drive e: (Spiele) (Fixed) (Total:111.77 GB) (Free:90.55 GB) (Model: Samsung SSD 850 EVO 120GB) NTFS
Drive f: (SPIELE) (Fixed) (Total:953.75 GB) (Free:429.95 GB) (Model: NVMe INTEL SSDPEKNW01) NTFS
Drive g: (Volume) (Fixed) (Total:3726.01 GB) (Free:3400.3 GB) (Model: Intel Raid 5 Volume) NTFS

\\?\Volume{fee8127b-0287-4419-ab72-623081b28278}\ () (Fixed) (Total:0.53 GB) (Free:0.07 GB) NTFS
\\?\Volume{81bd91a3-ae1c-46fa-b246-6053b52b7a21}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 10891089)

Partition: GPT.

==========================================================
Disk: 2 (Size: 111.8 GB) (Disk ID: 5E962306)

Partition: GPT.

==========================================================
Disk: 3 (Size: 953.9 GB) (Disk ID: 424CFB2F)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

AdwCleaner:

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2022-08-22.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-09-2022
# Duration: 00:00:02
# OS:       Windows 10 (Build 19044.2006)
# Cleaned:  4
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\lucap\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted       Websuche

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1883 octets] - [09/10/2022 13:35:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-10-2022 01
durchgeführt von lucap (Administrator) auf DESKTOP-N6Q3QEM (09-10-2022 14:26:55)
Gestartet von C:\Users\lucap\OneDrive\Downloads
Geladene Profile: lucap
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.2006 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(BUREL VINCENT -> VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxEM.exe
(explorer.exe ->) (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.) C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <18>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Voicemod Sociedad Limitada -> Voicemod) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(MIDIOX Computing) [Datei ist nicht signiert] C:\Program Files (x86)\MIDIOX\midiox.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Audio\dts_apo_service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert] C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_a9a8972288e9f3b5\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) G:\VMware\vmware-authd.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\lucap\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Tobias Erichsen -> Tobias Erichsen) C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071192 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3190384 2021-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe [767552 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2022-08-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Discord] => C:\Users\lucap\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234088 2022-10-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3536912 2022-08-30] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-10-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [MicrosoftEdgeAutoLaunch_B6C3CFB90E847814C26F519221487FC3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852200 2022-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7395712 2022-07-15] (Voicemod Sociedad Limitada -> Voicemod)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [loopMIDI] => C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe [5516048 2019-12-14] (Tobias Erichsen -> Tobias Erichsen)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {240be0e0-4410-11ec-86c1-107b4449e208} - "H:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {7601382e-d761-11eb-86a5-107b4449e208} - "H:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {c16004ab-d64c-11eb-86a4-107b4449e208} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {c16004d9-d64c-11eb-86a4-107b4449e208} - "I:\HiSuiteDownLoader.exe" 
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3536912 2022-08-30] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DTS Audio.lnk [2022-08-26]
ShortcutTarget: DTS Audio.lnk -> C:\Program Files (x86)\DTS, Inc\DTS Audio\APO3GUI.exe (DTS, Inc. -> DTS, Inc.)
Startup: C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-08-25]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1C85745B-1881-4798-BC3F-4F3C6B878ECD} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Audio\dts_apo_task.exe [18872 2017-10-12] (DTS, Inc. -> )
Task: {311DDC7D-7673-402F-86C8-88A19A21F812} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-04] (Google LLC -> Google LLC)
Task: {36EF88C9-F743-4AC7-B31F-65BD4E2D2A86} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {68CFA4DA-810E-48FF-A650-499BBFCE5CD0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {698AD474-4843-4F2C-8198-6399FE7095C3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7203C8CE-0ACA-433B-99A1-4746CB58FC8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {765AD24E-41C0-4C9F-B7A9-38BA76E2DCD0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AE912EF-283C-438A-A0FE-05A61DBB6D35} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {816FD7A4-7A4A-4CF1-B822-5EA0E149D882} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {867E1E2D-2A4A-4EC4-A147-942B921F80BB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {93258BEB-042B-4725-8629-8D9E008577D6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9A4E5566-26EC-46E0-918E-800547AA7C1F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C89A927-106E-401A-801B-A4F33D531CDF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A2C56940-5125-4D38-B4D7-6452E189E235} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A3853235-82B5-4580-9B42-4A2FE3EE29FC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {A576DCD2-E365-4610-95C2-2821E34CF238} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {A74D69AE-9E3A-4B5D-B0E6-3FD358E630D1} - System32\Tasks\start midi-oz => C:\Windows\System32\cmd.exe /c "C:\temp\startup.cmd" <==== ACHTUNG
Task: {AA16FBE1-3E3F-4A01-AED7-9A909D1561F9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {AC920503-EBED-46A3-84ED-98FD216164C2} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [66472 2022-02-23] (Microsoft Corporation -> Microsoft)
Task: {AF4438FC-F219-45C7-AC13-68B99DB0ABC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {BDC6789C-60F1-4E6B-8905-EC208695834D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CED268C7-6920-4CB5-A868-5A9D010DB262} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {D023164B-2C3C-40F7-A782-88FE00901BA2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E1A6ACE0-6CFE-4C42-AB35-FF61BBA682F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E97B96C3-427D-4D22-8923-45BC8E1C3940} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-04] (Google LLC -> Google LLC)
Task: {EE5C9847-8EA2-435B-8B27-8D23D8941A9F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8b5c4eb8-24db-4e98-b000-80fb2575bb5a}: [NameServer] 8.8.8.8,1.1.1.1
Tcpip\..\Interfaces\{8b5c4eb8-24db-4e98-b000-80fb2575bb5a}: [DhcpNameServer] 192.168.0.1

Edge: 
=======
DownloadDir: C:\Users\lucap\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-09]
Edge DownloadDir: Default -> C:\Users\lucap\OneDrive\Downloads
Edge Notifications: Default -> hxxp://127.0.0.1
Edge Extension: (Honey: Automatische Coupons & Prämien) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2022-08-17]
Edge Extension: (WooCommerce AliExpress Dropshipping Extension) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\egamhjcccjiflajhhinondgonlldjgba [2022-10-06]
Edge Extension: (Binance Wallet) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2022-09-02]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-08-29]
Edge Extension: (BetterTTV) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2022-10-01]
Edge Extension: (Netflix Party is now Teleparty) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\igbncjcgfkfnfgbaieiimpfkobabmkce [2022-10-03]
Edge Extension: (Twitch Adblock) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljhnljhabgjcihjoihakgdiicdjncpkd [2022-09-13]
Edge Extension: (MetaMask) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-10-03]
Edge Profile: C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-08-17]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-07-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default [2022-08-29]
CHR Extension: (MEGA) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2022-08-26]
CHR Extension: (Social Blade) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2022-06-02] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ACHTUNG
CHR Extension: (uBlock Origin) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-08-26]
CHR Extension: (Trusted Shops-Erweiterung für Google Chrome) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcpnemckonbbmnoakbjgjkgokkbaeo [2021-03-31]
CHR Extension: (Google Docs Offline) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-30]
CHR Extension: (UltraWide Video) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\lngfncacljheahfpahadgipefkbagpdl [2021-10-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-04]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-08-05] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477392 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Audio\dts_apo_service.exe [26560 2017-10-12] (DTS, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-10-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-07-07] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-08-21] (Epic Games Inc. -> Epic Games, Inc.)
R2 Focusrite Control Server; C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [1449472 2022-05-26] (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2021-12-09] (FUTUREMARK INC -> Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2128360 2022-09-05] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-09-05] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-10-09] (Malwarebytes Inc. -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [116840 2021-12-20] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-12-20] (Proton Technologies AG -> )
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2021-12-20] (Proton Technologies AG -> )
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2032048 2022-08-16] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [480176 2022-08-16] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354232 2022-06-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300560 2022-08-29] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; D:\Rockstar\RockstarService.exe [2579840 2022-09-06] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-08-12] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14802240 2022-09-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [6020336 2022-05-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10420944 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VMAuthdService; G:\VMware\vmware-authd.exe [83224 2022-02-18] (VMware, Inc. -> VMware, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [9280816 2022-05-11] (PUBG CORPORATION -> KRAFTON, Inc)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 CEDRIVER60; G:\CheatEngine\dbk64.sys [111800 2020-09-05] (Cheat Engine -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [105192 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsb; C:\WINDOWS\System32\drivers\FocusriteUsb.sys [197280 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbAudio; C:\WINDOWS\System32\drivers\FocusriteUsbAudio.sys [97952 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteusbSwRoot; C:\WINDOWS\System32\drivers\FocusriteusbSwRoot.sys [110864 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
S3 Focusriteusb_AUDIO; C:\WINDOWS\system32\drivers\FocusriteusbAudio.sys [97952 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-13] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-10-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193488 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [75216 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-10-09] (Malwarebytes Inc. -> Malwarebytes)
S3 MpKsl10600fd0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{727F338F-8EC6-4024-9249-352339F9561D}\MpKslDrv.sys [228600 2022-09-20] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl1a3e5c53; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D2203E7-D469-4F14-BC4E-145A3E4FA34A}\MpKslDrv.sys [228600 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl31261756; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{82E36148-8604-49B0-B7DA-F63CE9272DA1}\MpKslDrv.sys [228600 2022-10-09] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl33c2747f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{727F338F-8EC6-4024-9249-352339F9561D}\MpKslDrv.sys [228600 2022-09-20] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl56a2ee45; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9E68D640-E16F-43CE-AC7C-3E603598ECB0}\MpKslDrv.sys [228600 2022-10-07] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl691e1757; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF5C65BD-5A4A-41FD-8654-4F2CF32F0910}\MpKslDrv.sys [228600 2022-09-10] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl843bb538; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BF9914C-43C2-4F11-97F5-536185762338}\MpKslDrv.sys [228600 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsld211921d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BF9914C-43C2-4F11-97F5-536185762338}\MpKslDrv.sys [228600 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsldf989437; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C21986D5-1A4F-441E-816D-C0B37322DF85}\MpKslDrv.sys [228600 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [55128 2021-06-10] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0085; C:\WINDOWS\System32\drivers\RzDev_0085.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0221; C:\WINDOWS\System32\drivers\RzDev_0221.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 teVirtualMIDI64; C:\WINDOWS\System32\drivers\teVirtualMIDI64.sys [53120 2019-12-07] (Tobias Erichsen -> Tobias Erichsen)
R3 VBAudio101WDMCableCMME; C:\WINDOWS\System32\drivers\vbaudio_cablec64_win10.sys [69832 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudio102WDMCableDMME; C:\WINDOWS\System32\drivers\vbaudio_cabled64_win10.sys [69616 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACAMME; C:\WINDOWS\System32\drivers\vbaudio_cablea64_win7.sys [41144 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACBMME; C:\WINDOWS\System32\drivers\vbaudio_cableb64_win7.sys [41144 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2022-08-20] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2022-08-20] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2022-08-20] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8736232 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [60344 2022-01-12] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2022-02-18] (VMware, Inc. -> VMware, Inc.)
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2022-07-04] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2021-08-16] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [1431256 2022-05-28] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S1 khaqlkqk; \??\C:\WINDOWS\system32\drivers\khaqlkqk.sys [X]
S1 oerkaavk; \??\C:\WINDOWS\system32\drivers\oerkaavk.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-10-09 14:19 - 2022-10-09 14:19 - 000193488 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-10-09 14:19 - 2022-10-09 14:19 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-10-09 14:19 - 2022-10-09 14:19 - 000075216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-10-09 13:34 - 2022-10-09 13:43 - 000000000 ____D C:\Users\lucap\AppData\LocalLow\IGDump
2022-10-09 13:34 - 2022-10-09 13:34 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-09 13:34 - 2022-10-09 13:34 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-10-09 13:34 - 2022-10-09 13:34 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-09 13:34 - 2022-10-09 13:34 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-10-09 13:34 - 2022-10-09 13:34 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2022-10-09 13:34 - 2022-10-09 13:34 - 000000000 ____D C:\Users\lucap\AppData\Local\mbam
2022-10-09 13:33 - 2022-10-09 13:36 - 000000000 ____D C:\AdwCleaner
2022-10-09 13:33 - 2022-10-09 13:33 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-10-09 13:33 - 2022-10-09 13:33 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-10-09 13:33 - 2022-10-09 13:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-09 13:33 - 2022-10-09 13:33 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-09 10:57 - 2022-10-09 10:57 - 000000263 _____ C:\ProgramData\PhoenixBotLogin.ini
2022-10-09 10:45 - 2022-10-09 10:45 - 000000243 _____ C:\ProgramData\PhoenixBotLoaderSettings.ini
2022-10-08 16:25 - 2022-10-09 14:27 - 000000000 ____D C:\FRST
2022-10-08 14:32 - 2022-10-09 14:19 - 000000000 ____D C:\Intel
2022-10-08 14:32 - 2022-10-08 14:32 - 000000000 ____D C:\WINDOWS\Panther
2022-10-08 14:31 - 2022-10-08 14:31 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000045-000000.txt
2022-10-08 03:09 - 2022-10-08 03:09 - 000000000 ____D C:\Users\lucap\AppData\Local\Manager_V2
2022-10-08 02:54 - 2022-10-08 02:55 - 000000000 ____D C:\Users\lucap\AppData\Roaming\dll 2.0
2022-10-08 02:53 - 2022-10-09 14:19 - 000000000 ____D C:\Users\lucap\AppData\Roaming\1337
2022-10-06 01:00 - 2022-10-06 01:01 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-10-06 00:58 - 2022-09-22 17:12 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001472000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001432328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001432328 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 001536504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 001182712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 000865784 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 000771584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-10-06 00:58 - 2022-09-22 17:08 - 000687616 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 002127864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 001607672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 001059320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 000845304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 000456184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-10-06 00:58 - 2022-09-22 17:06 - 010270208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 008803832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 005751288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 005362680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 003066872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-10-06 00:58 - 2022-09-22 17:05 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-10-06 00:58 - 2022-09-22 17:04 - 006367384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-10-06 00:58 - 2022-09-22 02:35 - 000093312 _____ C:\WINDOWS\system32\nvinfo.pb
2022-10-06 00:58 - 2022-09-22 02:35 - 000042536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-10-05 20:56 - 2022-10-05 20:57 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2022-10-05 20:56 - 2022-10-05 20:56 - 000001211 _____ C:\Users\Public\Desktop\GOG GALAXY.lnk
2022-10-05 20:56 - 2022-10-05 20:56 - 000001211 _____ C:\ProgramData\Desktop\GOG GALAXY.lnk
2022-10-05 20:56 - 2022-10-05 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2022-10-05 20:56 - 2022-10-05 20:56 - 000000000 ____D C:\ProgramData\GOG.com
2022-10-03 13:18 - 2022-10-03 13:18 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000044-000000.txt
2022-10-02 19:17 - 2022-10-02 19:18 - 000000000 ____D C:\Users\lucap\OneDrive\Dokumente\Need for Speed Heat
2022-09-30 21:06 - 2022-09-30 21:06 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000043-000000.txt
2022-09-27 21:51 - 2022-09-27 21:51 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000042-000000.txt
2022-09-24 17:16 - 2022-09-24 17:16 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000041-000000.txt
2022-09-20 20:01 - 2022-09-20 20:01 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000040-000000.txt
2022-09-18 18:00 - 2022-09-18 18:00 - 000001434 _____ C:\WINDOWS\system32\default_error_stack-000039-000000.txt
2022-09-17 14:03 - 2022-09-17 14:03 - 000000848 _____ C:\Users\Public\Desktop\PrusaSlicer 2.5.0.lnk
2022-09-17 14:03 - 2022-09-17 14:03 - 000000848 _____ C:\ProgramData\Desktop\PrusaSlicer 2.5.0.lnk
2022-09-17 14:03 - 2022-09-17 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2022-09-17 14:03 - 2022-09-17 14:03 - 000000000 ____D C:\Program Files\Prusa3D
2022-09-14 09:05 - 2022-09-14 09:05 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-14 09:02 - 2022-09-14 09:02 - 000000000 ___HD C:\$WinREAgent
2022-09-10 14:17 - 2022-09-10 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura
2022-09-10 14:16 - 2022-09-10 14:17 - 000000000 ____D C:\Program Files\Ultimaker Cura 5.1.0

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-10-09 14:24 - 2022-01-30 04:10 - 000000000 ____D C:\ProgramData\Voicemod
2022-10-09 14:24 - 2021-03-28 21:22 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-09 14:24 - 2021-03-03 01:47 - 000000000 ___RD C:\Users\lucap\OneDrive
2022-10-09 14:23 - 2022-08-09 20:31 - 000000000 __SHD C:\Users\lucap\IntelGraphicsProfiles
2022-10-09 14:23 - 2021-07-12 16:58 - 000798412 _____ C:\WINDOWS\system32\perfh019.dat
2022-10-09 14:23 - 2021-07-12 16:58 - 000168616 _____ C:\WINDOWS\system32\perfc019.dat
2022-10-09 14:23 - 2021-03-04 22:58 - 002817182 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-09 14:23 - 2021-03-04 22:08 - 000000000 ____D C:\Users\lucap
2022-10-09 14:23 - 2021-03-04 14:41 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-09 14:23 - 2019-12-07 16:51 - 000790272 _____ C:\WINDOWS\system32\perfh007.dat
2022-10-09 14:23 - 2019-12-07 16:51 - 000170120 _____ C:\WINDOWS\system32\perfc007.dat
2022-10-09 14:23 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-09 14:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-09 14:19 - 2021-07-18 10:52 - 000000000 ____D C:\ProgramData\VMware
2022-10-09 14:19 - 2021-03-04 22:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-09 14:19 - 2021-03-04 22:48 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-09 14:19 - 2021-03-04 22:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-09 14:19 - 2021-03-03 09:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-10-09 14:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-09 13:33 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-09 10:45 - 2022-08-20 15:17 - 000043138 _____ C:\Users\lucap\AppData\Roaming\VoiceMeeterBananaDefault.xml
2022-10-09 10:45 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-08 23:34 - 2021-03-10 00:48 - 000000000 ____D C:\Users\lucap\AppData\Local\CrashDumps
2022-10-08 19:53 - 2021-06-08 20:43 - 000000000 ____D C:\Users\lucap\AppData\Local\.IdentityService
2022-10-08 16:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-08 15:41 - 2021-03-20 03:20 - 000000000 ____D C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2022-10-08 15:41 - 2021-03-03 02:05 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-08 15:41 - 2021-03-03 01:46 - 000000000 ____D C:\Users\lucap\AppData\Local\Packages
2022-10-08 15:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-08 15:40 - 2022-08-26 12:28 - 000000000 ____D C:\Program Files\Common Files\VST3
2022-10-08 15:40 - 2022-06-26 18:11 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-10-08 14:59 - 2022-08-09 20:03 - 000000000 ____D C:\ProgramData\Logitech
2022-10-08 14:46 - 2022-08-09 20:03 - 000000000 ____D C:\Program Files (x86)\Logitech
2022-10-08 14:05 - 2021-03-03 02:04 - 000000000 ____D C:\Users\lucap\AppData\Local\D3DSCache
2022-10-08 13:49 - 2021-03-04 14:02 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-08 13:49 - 2021-03-04 14:02 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-08 13:49 - 2021-03-04 14:02 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2022-10-08 03:42 - 2021-03-03 21:24 - 000000000 ____D C:\Users\lucap\AppData\Roaming\discord
2022-10-08 02:48 - 2021-03-03 21:24 - 000000000 ____D C:\Users\lucap\AppData\Local\Discord
2022-10-08 02:09 - 2022-01-26 22:06 - 000000000 _____ C:\WINDOWS\ftoken.txt
2022-10-08 00:55 - 2022-06-04 13:32 - 000002833 _____ C:\Users\lucap\.snapmaker-luban.json
2022-10-08 00:55 - 2022-06-04 13:32 - 000000000 ____D C:\Users\lucap\AppData\Roaming\snapmaker-luban
2022-10-07 23:01 - 2021-03-05 00:05 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-07 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-07 04:44 - 2021-03-09 22:08 - 000000000 ____D C:\Program Files (x86)\Steam
2022-10-07 01:29 - 2022-01-30 04:10 - 000000000 ____D C:\Users\lucap\AppData\Local\Voicemod
2022-10-06 16:48 - 2022-07-07 23:33 - 000000000 ____D C:\Users\lucap\AppData\Roaming\EasyAntiCheat
2022-10-06 15:08 - 2021-11-20 21:32 - 000153064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 002835944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000447976 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000067048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-10-06 15:05 - 2021-04-04 22:06 - 000000000 ____D C:\Users\lucap\AppData\Local\NVIDIA
2022-10-06 15:02 - 2021-03-04 22:48 - 000465432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-06 15:01 - 2021-06-13 22:58 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-10-06 02:50 - 2022-07-09 12:37 - 000000000 ____D C:\Users\lucap\AppData\Roaming\legacy-games-launcher
2022-10-06 00:57 - 2021-03-28 21:22 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-10-06 00:57 - 2021-03-28 21:22 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2022-10-06 00:57 - 2021-03-03 01:57 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-10-06 00:57 - 2021-03-03 01:46 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-06 00:57 - 2021-03-03 01:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-06 00:53 - 2022-08-26 18:10 - 000000000 ____D C:\Users\lucap\AppData\Roaming\obs-studio
2022-10-05 21:16 - 2022-06-29 22:15 - 000000000 ____D C:\Users\lucap\AppData\Local\DigitalEntitlements
2022-10-05 21:16 - 2022-06-29 22:14 - 000000000 ____D C:\Users\lucap\AppData\Local\FiveM
2022-10-05 14:32 - 2022-01-26 15:22 - 000000000 ____D C:\Users\lucap\AppData\Roaming\GitHub Desktop
2022-10-05 13:15 - 2022-08-26 09:08 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2022-10-05 13:15 - 2022-08-08 19:38 - 000000865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2022-10-05 13:15 - 2022-02-24 05:02 - 000001800 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk
2022-10-05 13:15 - 2022-02-24 00:17 - 000001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk
2022-10-05 13:15 - 2021-06-28 17:31 - 000000016 _____ C:\ProgramData\mntemp
2022-10-05 13:15 - 2021-03-20 05:14 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-10-05 13:15 - 2021-03-04 16:23 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2022-10-05 13:14 - 2021-05-22 21:37 - 000000000 ____D C:\ProgramData\Riot Games
2022-10-05 13:11 - 2021-06-13 22:51 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-10-05 02:00 - 2021-12-11 18:46 - 000000000 ____D C:\Users\lucap\AppData\Roaming\Origin
2022-10-05 02:00 - 2021-12-11 18:46 - 000000000 ____D C:\ProgramData\Origin
2022-10-05 01:52 - 2021-12-11 18:46 - 000000000 ____D C:\Users\lucap\AppData\Local\Origin
2022-10-03 22:47 - 2021-12-11 00:38 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3740623257-3560467387-1776860099-1001
2022-10-03 22:47 - 2021-03-04 22:53 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3740623257-3560467387-1776860099-1001
2022-10-03 22:47 - 2021-03-04 22:08 - 000002399 _____ C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-02 19:16 - 2021-12-11 18:47 - 000000000 ____D C:\Program Files (x86)\Origin
2022-10-02 05:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-01 22:15 - 2022-06-04 14:21 - 000000000 ____D C:\Users\lucap\AppData\Local\Autodesk
2022-10-01 00:02 - 2021-03-20 05:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-09-30 21:12 - 2021-03-04 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-09-30 21:12 - 2021-03-04 16:20 - 000000000 ____D C:\Program Files\Microsoft Office
2022-09-25 21:16 - 2022-08-31 01:46 - 000043136 _____ C:\Users\lucap\OneDrive\Dokumente\voicemeeter_v3_streaming_midi_control_2022-08-31.xml
2022-09-22 20:46 - 2022-08-21 12:38 - 000000000 ____D C:\Users\lucap\AppData\Roaming\PrusaSlicer
2022-09-22 17:12 - 2022-07-02 22:58 - 001213416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-09-22 17:04 - 2021-12-30 00:09 - 007483880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-09-22 02:35 - 2021-03-03 01:56 - 000129576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-09-21 10:49 - 2022-06-04 13:25 - 000002068 _____ C:\Users\Public\Desktop\Snapmaker Luban.lnk
2022-09-21 10:49 - 2022-06-04 13:25 - 000002068 _____ C:\ProgramData\Desktop\Snapmaker Luban.lnk
2022-09-21 10:49 - 2022-06-04 13:25 - 000000000 ____D C:\Program Files\Snapmaker Luban
2022-09-17 12:03 - 2021-03-03 01:46 - 000000000 ___RD C:\Users\lucap\3D Objects
2022-09-16 15:10 - 2021-03-04 14:42 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-16 15:10 - 2021-03-04 14:42 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-16 15:10 - 2021-03-04 14:42 - 000002198 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2022-09-15 12:03 - 2021-03-09 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-09-15 12:02 - 2021-03-09 18:47 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2022-09-15 00:27 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-09-15 00:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-15 00:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-14 09:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-14 09:05 - 2021-03-04 22:51 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-14 09:02 - 2021-03-03 04:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-14 08:59 - 2021-03-03 04:09 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-14 00:45 - 2021-11-16 09:47 - 000000000 ____D C:\Users\lucap\AppData\Roaming\Telegram Desktop
2022-09-12 07:07 - 2021-03-28 21:22 - 002884648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2022-09-12 07:07 - 2021-03-28 21:22 - 002220072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2022-09-12 07:07 - 2021-03-28 21:22 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2022-09-11 14:13 - 2022-01-01 14:29 - 000000000 ____D C:\Users\lucap\AppData\Local\ElevatedDiagnostics
2022-09-10 14:17 - 2022-06-04 14:41 - 000000000 ____D C:\Users\lucap\AppData\Roaming\cura
2022-09-10 14:17 - 2022-06-04 14:41 - 000000000 ____D C:\Users\lucap\AppData\Local\cura

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-05-23 01:27 - 2021-11-17 19:52 - 000000032 _____ () C:\Users\lucap\AppData\Roaming\.machineId
2021-08-22 22:27 - 2021-08-26 08:27 - 000000203 _____ () C:\Users\lucap\AppData\Roaming\jjv5conf.json
2022-08-13 13:08 - 2022-08-13 13:08 - 000001004 _____ () C:\Users\lucap\AppData\Roaming\tof_launcher.reg
2022-08-20 15:17 - 2022-10-09 10:45 - 000043138 _____ () C:\Users\lucap\AppData\Roaming\VoiceMeeterBananaDefault.xml
2022-08-20 15:47 - 2022-08-28 23:07 - 000007444 _____ () C:\Users\lucap\AppData\Roaming\VoiceMeeterDefault.xml
2022-01-05 20:26 - 2022-02-24 05:30 - 000000128 _____ () C:\Users\lucap\AppData\Roaming\winscp.rnd
2022-01-14 01:50 - 2022-02-24 14:52 - 000000128 _____ () C:\Users\lucap\AppData\Local\PUTTY.RND
2021-03-21 00:11 - 2021-03-21 00:11 - 000000001 _____ () C:\Users\lucap\AppData\Local\RawCopy.1.10.agreement
2021-03-21 00:11 - 2021-03-21 01:37 - 000000057 _____ () C:\Users\lucap\AppData\Local\RawCopy.opendialog.dir
2021-03-21 00:11 - 2021-03-21 01:37 - 000000001 _____ () C:\Users\lucap\AppData\Local\RawCopy.opendialog.filterindex
2021-03-21 00:11 - 2021-03-21 01:37 - 000000090 _____ () C:\Users\lucap\AppData\Local\RawCopy.sourcedisk.filepath
2021-03-21 00:11 - 2021-03-21 01:37 - 000000001 _____ () C:\Users\lucap\AppData\Local\RawCopy.sourcedisk.index
2022-02-23 15:34 - 2022-02-23 15:34 - 000000869 _____ () C:\Users\lucap\AppData\Local\recently-used.xbel
2021-10-19 10:44 - 2021-10-19 11:28 - 000007610 _____ () C:\Users\lucap\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

M-K-D-B · 09.10.2022, 19:43

Zitat:

Name: HackTool:MSIL/AutoKms
Schweregrad: Hoch
Kategorie: Tool
Pfad: file:_C:\$Recycle.Bin\S-1-5-21-3740623257-3560467387-1776860099-1001\$RPZNQNK\KMSpico (1)\KMSpico\KMSELDI.exe; file:_C:\$Recycle.Bin\S-1-5-21-3740623257-3560467387-1776860099-1001\$RPZNQNK\KMSpico\KMSpico\Service_KMS.exe

Finger weg von KMSpico, dadurch kommt Schadsoftware auf das System.

Nun kommt ein Fix mit FRST, ein Upload sowie ein neuer Scan.

Schritt 1
WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System verwendet werden!

Speichere deine Arbeiten und schließe alle offenen Programme, damit keine Daten verloren gehen.

Kopiere den gesamten Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
SystemRestore: On 
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
Task: {A74D69AE-9E3A-4B5D-B0E6-3FD358E630D1} - System32\Tasks\start midi-oz => C:\Windows\System32\cmd.exe /c "C:\temp\startup.cmd" <==== ACHTUNG
C:\temp
Shortcut: C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games\MY.GAMES Игровой центр.lnk -> C:\Users\lucap\AppData\Local\GameCenter\GameCenter.exe (Keine Datei) <==== Cyrillic
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "GameCenter"
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Notifications: Default -> hxxp://127.0.0.1
S1 khaqlkqk; \??\C:\WINDOWS\system32\drivers\khaqlkqk.sys [X]
S1 oerkaavk; \??\C:\WINDOWS\system32\drivers\oerkaavk.sys [X]
2022-10-08 03:09 - 2022-10-08 03:09 - 000000000 ____D C:\Users\lucap\AppData\Local\Manager_V2
2022-10-08 02:54 - 2022-10-08 02:55 - 000000000 ____D C:\Users\lucap\AppData\Roaming\dll 2.0
2022-10-08 02:53 - 2022-10-09 14:19 - 000000000 ____D C:\Users\lucap\AppData\Roaming\1337
CMD: type "C:\WINDOWS\system32\default_error_stack-000045-000000.txt"
C:\Users\lucap\AppData\Local\Temp\Server.exe
c:\Users\lucap\AppData\Roaming\Google Chrome.exe
C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [3442]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk:075A04AA92 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk:8BD81608B2 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk:7F26D44B90 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk:6569B2479D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk:D689419597 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk:CF2917E869 [10]
AlternateDataStreams: C:\Users\lucap\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\lucap\Anwendungsdaten:0b3c2611a8001a318a8f9e5790a4bd7d [394]
AlternateDataStreams: C:\Users\lucap\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\lucap\AppData\Roaming:0b3c2611a8001a318a8f9e5790a4bd7d [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9040]

startpowershell:
Function Remove-all-windefend-excludes {
$Paths=(Get-MpPreference).ExclusionPath
$Extensions=(Get-MpPreference).ExclusionExtension
$Processes=(Get-MpPreference).ExclusionProcess
foreach ($Path in $Paths) { Remove-MpPreference -ExclusionPath $Path -force}
foreach ($Extension in $Extensions) { Remove-MpPreference -ExclusionExtension $Extension -force}
foreach ($Process in $Processes) { Remove-MpPreference -ExclusionProcess $Process -force}
}
Set-MpPreference -DisableAutoExclusions $true -Force
Remove-all-windefend-excludes
endpowershell:
CMD: netsh winsock reset
CMD: ipconfig /flushdns
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
Hosts:
Zip: C:\FRST\Quarantine
RemoveProxy:
EmptyTemp:
End::

Starte nun FRST und klicke direkt auf den Button Reparieren.
Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!

Wichtig:
- Bitte gedulde dich, sobald du die Reparatur gestartet hast. Je nach Art und Umfang der notwendigen Reparaturen kann dies einige Minuten dauern.
  Eventuell erhältst du während der Reparatur auch die Information "keine Rückmeldung" von FRST. Das ist normal, du musst nichts weiter tun, nur warten.
- Mit diesem Fix werden alle temporären Dateien/Browserdaten sowie der Papierkorb gelöscht.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
Gegebenenfalls muss dein Rechner neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Mit Schritt 1 wurde ein .zip Archiv mit dem Schema < Datum_Uhrzeit.zip > (z. B. 20.02.2021_11.33.52.zip) auf deinem Desktop erstellt.

Besuche die Seite Submit a Malware Sample auf BleepingComputer.
Klicke auf Durchsuchen.
Wähle das erstellte .zip Archiv aus und klicke auf Öffnen.
Schreibe in das untere, leere Textfeld for M-K-D-B hinein und klicke auf den darunter liegenden Button Daten absenden.
Vielen Dank für deine Mitarbeit. Die hochgeladenen Dateien dienen zur Verbesserung der verwendeten Programme.

Schritt 3

Starte FRST erneut und klicke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort:

die Logdatei des FRST-Fix (fixlog.txt)
eine Rückmeldung bezüglich des Uploads
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt)

legendevent · 09.10.2022, 22:01

Hallo Matthias,

vielen Dank für die Mühe. Das mit KMSpico wusste ich nicht und werde ich deinstallieren! Ich habe den Defender nun nochmal laufen lassen und dieser findet auch keine Bedrohungen mehr! Reicht der Defender grundsätzlich oder sollte man sich nach einem externen Antiviren Programm umschauen? Beim ersten fix hat das Programm nach 30min nichts mehr gemacht und ich hab den PC neugestartet und den Fix erneut angestoßen. Dabei musste ich eine Datei im Quarantäne Ordner von Hand löschen, da diese Kyrillische Zeichen enthalten hatte. Dann ist es durch gelaufen und deswegen sind hier nun 2 Fix Logs:

Fix Log 1(aufgehangen):

Code:

ATTFilter

Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-10-2022 01
durchgeführt von lucap (09-10-2022 22:00:13) Run:1
Gestartet von C:\Users\lucap\OneDrive\Downloads
Geladene Profile: lucap
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Start::
SystemRestore: On 
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
Task: {A74D69AE-9E3A-4B5D-B0E6-3FD358E630D1} - System32\Tasks\start midi-oz => C:\Windows\System32\cmd.exe /c "C:\temp\startup.cmd" <==== ACHTUNG
C:\temp
Shortcut: C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games\MY.GAMES Игровой центр.lnk -> C:\Users\lucap\AppData\Local\GameCenter\GameCenter.exe (Keine Datei) <==== Cyrillic
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "GameCenter"
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Notifications: Default -> hxxp://127.0.0.1
S1 khaqlkqk; \??\C:\WINDOWS\system32\drivers\khaqlkqk.sys [X]
S1 oerkaavk; \??\C:\WINDOWS\system32\drivers\oerkaavk.sys [X]
2022-10-08 03:09 - 2022-10-08 03:09 - 000000000 ____D C:\Users\lucap\AppData\Local\Manager_V2
2022-10-08 02:54 - 2022-10-08 02:55 - 000000000 ____D C:\Users\lucap\AppData\Roaming\dll 2.0
2022-10-08 02:53 - 2022-10-09 14:19 - 000000000 ____D C:\Users\lucap\AppData\Roaming\1337
CMD: type "C:\WINDOWS\system32\default_error_stack-000045-000000.txt"
C:\Users\lucap\AppData\Local\Temp\Server.exe
c:\Users\lucap\AppData\Roaming\Google Chrome.exe
C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [3442]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk:075A04AA92 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk:8BD81608B2 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk:7F26D44B90 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk:6569B2479D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk:D689419597 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk:CF2917E869 [10]
AlternateDataStreams: C:\Users\lucap\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\lucap\Anwendungsdaten:0b3c2611a8001a318a8f9e5790a4bd7d [394]
AlternateDataStreams: C:\Users\lucap\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\lucap\AppData\Roaming:0b3c2611a8001a318a8f9e5790a4bd7d [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9040]

startpowershell:
Function Remove-all-windefend-excludes {
$Paths=(Get-MpPreference).ExclusionPath
$Extensions=(Get-MpPreference).ExclusionExtension
$Processes=(Get-MpPreference).ExclusionProcess
foreach ($Path in $Paths) { Remove-MpPreference -ExclusionPath $Path -force}
foreach ($Extension in $Extensions) { Remove-MpPreference -ExclusionExtension $Extension -force}
foreach ($Process in $Processes) { Remove-MpPreference -ExclusionProcess $Process -force}
}
Set-MpPreference -DisableAutoExclusions $true -Force
Remove-all-windefend-excludes
endpowershell:
CMD: netsh winsock reset
CMD: ipconfig /flushdns
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
Hosts:
Zip: C:\FRST\Quarantine
RemoveProxy:
EmptyTemp:
End::
*****************

SystemRestore: On => Fehler -> 5%
Wiederherstellungspunkt wurde erfolgreich erstellt.
Prozesse erfolgreich geschlossen.
C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\ProgramData\NTUSER.pol => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A74D69AE-9E3A-4B5D-B0E6-3FD358E630D1}" => erfolgreich entfernt
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A74D69AE-9E3A-4B5D-B0E6-3FD358E630D1}" => erfolgreich entfernt
C:\WINDOWS\System32\Tasks\start midi-oz => erfolgreich verschoben
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\start midi-oz" => erfolgreich entfernt
C:\temp => erfolgreich verschoben
C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games\MY.GAMES Игровой центр.lnk => erfolgreich verschoben
"HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\GameCenter" => erfolgreich entfernt
"HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GameCenter" => nicht gefunden
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => erfolgreich entfernt
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => erfolgreich entfernt
"Edge Notifications" => erfolgreich entfernt
khaqlkqk => Dienst nicht gefunden.
HKLM\System\CurrentControlSet\Services\oerkaavk => erfolgreich entfernt
oerkaavk => Dienst erfolgreich entfernt
C:\Users\lucap\AppData\Local\Manager_V2 => erfolgreich verschoben
C:\Users\lucap\AppData\Roaming\dll 2.0 => erfolgreich verschoben
C:\Users\lucap\AppData\Roaming\1337 => erfolgreich verschoben

========= type "C:\WINDOWS\system32\default_error_stack-000045-000000.txt" =========

---------------------------------------
[    *** Error Stack Dump BEGIN ***   ]
---------------------------------------
...Stack Protected Flag:...............[1].
...Stack Expandable Flag:..............[1].
...Stack Size Limited Flag:............[1].
...Stack Size Limit Size:..............[256].
...Stack Internal Error Flag:..........[0].
...Stack Max Entries:..................[16].
...Stack Entries Count:................[1].
...Stack Entries Address:..............[000002ABD4160960].
---------------------------------------
......ERROR ENTRY: [0]
---------------------------------------
.........Reported Inline:..............[0].
.........Out Of Cycle Flag:............[1].
.........Thread ID:....................[9740].
.........Last System Error Code:.......[0x57].
.........Error Path:...................[APPLICATION PATH].
.........Error Severity:...............[UN-RECOVERABLE].
.........Untranslated Error Code:......[680].
.........Error Code:...................[680: Unable To Open A Registry Key.].
.........Error Sample:.................[0].
.........Error Elapsed Time (in ms):...[0].
.........Error Time:...................[Sat Oct  8 14:31:45 2022].
.........Error File:...................[(...)\driver.c].
.........Error Line:...................[20580].
---------------------------------------
[     *** Error Stack Dump END ***    ]
---------------------------------------

========= Ende von CMD: =========

"C:\Users\lucap\AppData\Local\Temp\Server.exe" => nicht gefunden
"c:\Users\lucap\AppData\Roaming\Google Chrome.exe" => nicht gefunden
"C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe" => nicht gefunden
C:\ProgramData\DP45977C.lfl => ":677104FCAA" ADS erfolgreich entfernt
C:\ProgramData\mntemp => ":8EAD8B3507" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk => ":A1B76439FE" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk => ":075A04AA92" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk => ":09A0A90EF3" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk => ":8BD81608B2" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk => ":7F26D44B90" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk => ":6569B2479D" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk => ":D689419597" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk => ":B96E9B8455" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk => ":CF2917E869" ADS erfolgreich entfernt
C:\Users\lucap\Anwendungsdaten => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS erfolgreich entfernt
C:\Users\lucap\Anwendungsdaten => ":0b3c2611a8001a318a8f9e5790a4bd7d" ADS erfolgreich entfernt
"C:\Users\lucap\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS nicht gefunden.
"C:\Users\lucap\AppData\Roaming" => ":0b3c2611a8001a318a8f9e5790a4bd7d" ADS nicht gefunden.
C:\Users\Public\Shared Files => ":VersionCache" ADS erfolgreich entfernt

========= Powershell: =========


========= Ende von Powershell: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh advfirewall reset =========

OK.


========= Ende von CMD: =========


========= netsh advfirewall set allprofiles state ON =========

OK.


========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========

C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
================== Zip: ===================

Fixlog 2(erfolgreich):

Code:

ATTFilter

Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-10-2022 01
durchgeführt von lucap (09-10-2022 22:35:56) Run:3
Gestartet von C:\Users\lucap\OneDrive\Downloads
Geladene Profile: lucap
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Start::
SystemRestore: On 
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
Task: {A74D69AE-9E3A-4B5D-B0E6-3FD358E630D1} - System32\Tasks\start midi-oz => C:\Windows\System32\cmd.exe /c "C:\temp\startup.cmd" <==== ACHTUNG
C:\temp
Shortcut: C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games\MY.GAMES Игровой центр.lnk -> C:\Users\lucap\AppData\Local\GameCenter\GameCenter.exe (Keine Datei) <==== Cyrillic
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "GameCenter"
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Notifications: Default -> hxxp://127.0.0.1
S1 khaqlkqk; \??\C:\WINDOWS\system32\drivers\khaqlkqk.sys [X]
S1 oerkaavk; \??\C:\WINDOWS\system32\drivers\oerkaavk.sys [X]
2022-10-08 03:09 - 2022-10-08 03:09 - 000000000 ____D C:\Users\lucap\AppData\Local\Manager_V2
2022-10-08 02:54 - 2022-10-08 02:55 - 000000000 ____D C:\Users\lucap\AppData\Roaming\dll 2.0
2022-10-08 02:53 - 2022-10-09 14:19 - 000000000 ____D C:\Users\lucap\AppData\Roaming\1337
CMD: type "C:\WINDOWS\system32\default_error_stack-000045-000000.txt"
C:\Users\lucap\AppData\Local\Temp\Server.exe
c:\Users\lucap\AppData\Roaming\Google Chrome.exe
C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [3442]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk:075A04AA92 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk:8BD81608B2 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk:7F26D44B90 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk:6569B2479D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk:D689419597 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk:CF2917E869 [10]
AlternateDataStreams: C:\Users\lucap\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\lucap\Anwendungsdaten:0b3c2611a8001a318a8f9e5790a4bd7d [394]
AlternateDataStreams: C:\Users\lucap\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\lucap\AppData\Roaming:0b3c2611a8001a318a8f9e5790a4bd7d [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9040]

startpowershell:
Function Remove-all-windefend-excludes {
$Paths=(Get-MpPreference).ExclusionPath
$Extensions=(Get-MpPreference).ExclusionExtension
$Processes=(Get-MpPreference).ExclusionProcess
foreach ($Path in $Paths) { Remove-MpPreference -ExclusionPath $Path -force}
foreach ($Extension in $Extensions) { Remove-MpPreference -ExclusionExtension $Extension -force}
foreach ($Process in $Processes) { Remove-MpPreference -ExclusionProcess $Process -force}
}
Set-MpPreference -DisableAutoExclusions $true -Force
Remove-all-windefend-excludes
endpowershell:
CMD: netsh winsock reset
CMD: ipconfig /flushdns
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
Hosts:
Zip: C:\FRST\Quarantine
RemoveProxy:
EmptyTemp:
End::
         
*****************

SystemRestore: On => Fehler -> 5%
Wiederherstellungspunkt wurde erfolgreich erstellt.
Prozesse erfolgreich geschlossen.
"C:\WINDOWS\system32\GroupPolicy\Machine" => nicht gefunden
"C:\ProgramData\NTUSER.pol" => nicht gefunden
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A74D69AE-9E3A-4B5D-B0E6-3FD358E630D1}" => nicht gefunden
"C:\WINDOWS\System32\Tasks\start midi-oz" => nicht gefunden
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\start midi-oz" => nicht gefunden
"C:\temp" => nicht gefunden
"C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games\MY.GAMES Игровой центр.lnk" => nicht gefunden
"HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\GameCenter" => nicht gefunden
"HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GameCenter" => nicht gefunden
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => nicht gefunden
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => nicht gefunden
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => nicht gefunden
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => nicht gefunden
"Edge Notifications:" => nicht gefunden
khaqlkqk => Dienst nicht gefunden.
oerkaavk => Dienst nicht gefunden.
"C:\Users\lucap\AppData\Local\Manager_V2" => nicht gefunden
"C:\Users\lucap\AppData\Roaming\dll 2.0" => nicht gefunden
"C:\Users\lucap\AppData\Roaming\1337" => nicht gefunden

========= type "C:\WINDOWS\system32\default_error_stack-000045-000000.txt" =========

---------------------------------------
[    *** Error Stack Dump BEGIN ***   ]
---------------------------------------
...Stack Protected Flag:...............[1].
...Stack Expandable Flag:..............[1].
...Stack Size Limited Flag:............[1].
...Stack Size Limit Size:..............[256].
...Stack Internal Error Flag:..........[0].
...Stack Max Entries:..................[16].
...Stack Entries Count:................[1].
...Stack Entries Address:..............[000002ABD4160960].
---------------------------------------
......ERROR ENTRY: [0]
---------------------------------------
.........Reported Inline:..............[0].
.........Out Of Cycle Flag:............[1].
.........Thread ID:....................[9740].
.........Last System Error Code:.......[0x57].
.........Error Path:...................[APPLICATION PATH].
.........Error Severity:...............[UN-RECOVERABLE].
.........Untranslated Error Code:......[680].
.........Error Code:...................[680: Unable To Open A Registry Key.].
.........Error Sample:.................[0].
.........Error Elapsed Time (in ms):...[0].
.........Error Time:...................[Sat Oct  8 14:31:45 2022].
.........Error File:...................[(...)\driver.c].
.........Error Line:...................[20580].
---------------------------------------
[     *** Error Stack Dump END ***    ]
---------------------------------------

========= Ende von CMD: =========

"C:\Users\lucap\AppData\Local\Temp\Server.exe" => nicht gefunden
"c:\Users\lucap\AppData\Roaming\Google Chrome.exe" => nicht gefunden
"C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe" => nicht gefunden
"C:\ProgramData\DP45977C.lfl" => ":677104FCAA" ADS nicht gefunden.
"C:\ProgramData\mntemp" => ":8EAD8B3507" ADS nicht gefunden.
"C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini" => ":B1DA6C571C" ADS nicht gefunden.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk" => ":A1B76439FE" ADS nicht gefunden.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk" => ":075A04AA92" ADS nicht gefunden.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk" => ":09A0A90EF3" ADS nicht gefunden.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk" => ":8BD81608B2" ADS nicht gefunden.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017.lnk" => ":7F26D44B90" ADS nicht gefunden.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk" => ":6569B2479D" ADS nicht gefunden.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk" => ":D689419597" ADS nicht gefunden.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk" => ":BE32D07BC5" ADS nicht gefunden.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk" => ":B96E9B8455" ADS nicht gefunden.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk" => ":CF2917E869" ADS nicht gefunden.
"C:\Users\lucap\Anwendungsdaten" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS nicht gefunden.
"C:\Users\lucap\Anwendungsdaten" => ":0b3c2611a8001a318a8f9e5790a4bd7d" ADS nicht gefunden.
"C:\Users\lucap\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS nicht gefunden.
"C:\Users\lucap\AppData\Roaming" => ":0b3c2611a8001a318a8f9e5790a4bd7d" ADS nicht gefunden.
"C:\Users\Public\Shared Files" => ":VersionCache" ADS nicht gefunden.

========= Powershell: =========


========= Ende von Powershell: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh advfirewall reset =========

OK.


========= Ende von CMD: =========


========= netsh advfirewall set allprofiles state ON =========

OK.


========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========

C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
================== Zip: ===================
C:\FRST\Quarantine -> erfolgreich kopiert zu C:\Users\lucap\OneDrive\Desktop\09.10.2022_22.36.20.zip
=========== Zip: Ende ===========

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========== EmptyTemp: ==========

FlushDNS => abgeschlossen
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18321520 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc *.cache => 871258744 B
Windows/system/drivers => 26409823 B
Edge => 6574951 B
Chrome => 85610895 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 105644 B
LocalService => 170270 B
NetworkService => 1480492 B
lucap => 3425106069 B

RecycleBin => 212077443 B
EmptyTemp: => 4.3 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 22:38:24 ====

legendevent · 09.10.2022, 22:02

Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-10-2022 01
durchgeführt von lucap (09-10-2022 22:53:47)
Gestartet von C:\Users\lucap\OneDrive\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.2006 (X64) (2021-03-04 20:53:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-3740623257-3560467387-1776860099-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3740623257-3560467387-1776860099-503 - Limited - Disabled)
Gast (S-1-5-21-3740623257-3560467387-1776860099-501 - Limited - Disabled)
lucap (S-1-5-21-3740623257-3560467387-1776860099-1001 - Administrator - Enabled) => C:\Users\lucap
WDAGUtilityAccount (S-1-5-21-3740623257-3560467387-1776860099-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3DMark 11 (HKLM\...\{07B785F0-6B14-432A-AFC9-6CB6B964625F}) (Version: 1.0.179.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{62d249f0-7380-49a0-bca0-3a38aa527c42}) (Version: 1.0.179.0 - Futuremark)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Ableton Live 11 Lite (HKLM\...\{7C9CCB77-62D3-45E0-AA5B-3067E488657D}) (Version: 11.0.0.0 - Ableton) Hidden
Ableton Live 11 Lite (HKLM-x32\...\{052f0620-aee0-4494-a75e-fddf2a701d06}) (Version: 11.0.0.0 - Ableton)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AHK to Background (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\52f4ab0ef26fc704) (Version: 1.0.0.11 - AHK to Background)
Akai Professional MPX File Conversion Utility (HKLM-x32\...\MPXFileConversionUtility) (Version:  - )
Amazon Games (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.3.8336.1 - Amazon.com Services, Inc.)
Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
Autodesk Fusion 360 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.14337 - Autodesk, Inc.)
AutoHotkey 1.1.33.09 (HKLM\...\AutoHotkey) (Version: 1.1.33.09 - Lexikos)
AutoIt v3.3.14.5 (HKLM-x32\...\AutoItv3) (Version: 3.3.14.5 - AutoIt Team)
Badlion Client (HKLM\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 3.5.2 - Badlion)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blitz (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.16.2 - Blitz, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{5A260D5A-95D3-4956-8E0A-E182CC4144ED}) (Version: 4.8.04162 - Microsoft Corporation) Hidden
CPUID ASUS CPU-Z 2.01 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 2.01 - CPUID, Inc.)
Daedalus Mainnet (HKLM-x32\...\Daedalus Mainnet) (Version: 4.3.1 - IOHK)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DTS Audio (HKLM-x32\...\{D5137AAA-45D7-4136-9506-BD1A623688AD}) (Version: 1.00.7300 - DTS, Inc.)
DynZen NosTale version 1.0.1 (HKLM-x32\...\{AB0348A4-2411-4EA6-8DA5-D1995E1D68D3}_is1) (Version: 1.0.1 - DynZen)
Eastmile Client version 2.0 (HKLM-x32\...\{EE145DD9-4884-4531-8A3C-775A6FF005E7}_is1) (Version: 2.0 - Eastmile)
Entity Framework 6.2.0 Tools  for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2019 (HKLM-x32\...\{F878746A-C5F7-420A-A672-4DFEF74ADC3A}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Entity Framework 6.2.0 Tools  for Visual Studio 2022 (HKLM-x32\...\{BA73F2EE-EEB4-4A9C-BAF4-AC3599983E8B}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{E0419FB0-0C46-4F07-9D5B-2FD78A8C45ED}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
FiveM (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\CitizenFX_FiveM) (Version:  - Cfx.re)
Focusrite Audio Drivers 4.102.4.735 (HKLM\...\Focusrite Audio Drivers_is1) (Version: 4.102.4.735 - Focusrite Audio Engineering, Ltd.)
Focusrite Control 3.11.0.1983 (HKLM\...\Focusrite Control_is1) (Version: 3.11.0.1983 - Focusrite Audio Engineering Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{63C33A87-484C-4D23-BAA4-5658DD908D8E}) (Version: 5.45.1044.0 - Futuremark)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.11.2.0 - miHoYo Co.,Ltd)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Git (HKLM\...\Git_is1) (Version: 2.35.1.2 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\GitHubDesktop) (Version: 2.9.6 - GitHub, Inc.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 105.0.5195.127 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2699.0 - Rockstar Games)
GrandRP Launcher 1.0 version 1.0 (HKLM-x32\...\{D0A3CE4B-226D-159F-2A2C-D4BE0BA4228D}_is1) (Version: 1.0 - Grand RolePlay)
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.550 - Huawei Technologies Co., Ltd.)
icecap_collection_neutral (HKLM-x32\...\{04C533D3-8445-4E47-A351-A66B1DA1B631}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collection_neutral (HKLM-x32\...\{1036893D-9917-4E70-B96C-8D72A2B224BC}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{289873DF-80D0-4D7D-8068-D25D342A26FA}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{4CDCF412-13D2-48AD-B98C-3AB4A771A127}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{13AC1F0D-2185-48E9-8274-884BD9E53C7F}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{4B691388-E031-4268-A096-95173D1E6E0F}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{87A0DCD8-E774-4484-8676-B5214CCB8B5A}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{5A86972C-9DB5-40AA-B4EB-0ACE96AFDF88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{D072CF88-3B90-4367-85BC-A8516986690F}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{F9CE4297-DD31-437B-91AC-DC90574288A2}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{028D4B22-B70B-447E-9B80-8E3E98CB2667}) (Version: 10.0.06027 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - ) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{9B7D5CA0-5521-458D-88D9-AF7D9A06E753}) (Version: 11.1.072 - Intel Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{D17293BC-1678-4281-B94E-DBCF66AE7611}) (Version: 2.4.08919 - Intel Corporation)
Intel(R) Memory and Storage Tool (HKLM\...\{D9F2D22C-A2FB-45D1-B84D-FFBE8950459D}) (Version: 1.11.165 - Intel)
Intel(R) NVME Miniport and Filter Device Management (HKLM\...\{D44F19E2-5189-4415-AEF8-BF6D258B474A}) (Version: 5.3.0.1005 - Intel Corporation) Hidden
Intel(R) NVME Miniport and Filter Device Management (HKLM-x32\...\{12d24f04-f633-49f9-9006-53fa577aa7e7}) (Version: 5.3.0.1005 - )
Intel® Driver & Support Assistant (HKLM-x32\...\{8e97d87d-065f-48c1-bd2b-f7bff04dcfc1}) (Version: 21.6.39.7 - Intel)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IP Camera Adapter (HKLM-x32\...\{02C8886B-FB8F-4666-960B-36DFB37786B1}) (Version: 4.0.0.0 - Pavel Khlebovich) Hidden
Java 8 Update 341 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Java(TM) SE Development Kit 17.0.1 (64-bit) (HKLM\...\{7ECAAC8F-FBBE-5265-BBF4-0AC48139FB26}) (Version: 17.0.1.0 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KeePass Password Safe 2.49 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.49 - Dominik Reichl)
Kits Configuration Installer (HKLM-x32\...\{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 - Microsoft) Hidden
Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{E1F68FC9-F23C-4F44-8092-CAC55E43A80B}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legacy Games Launcher 1.4.3 (HKLM\...\da414c81-a9fd-5732-bd5e-8acced116298) (Version: 1.4.3 - Legacy Games)
Logi Firmware Update Tool for Tap (HKLM-x32\...\FWUpdateTap) (Version: 1.6.23.0 - Logitech Europe S.A.)
loopMIDI (HKLM-x32\...\{6b220f45-42ca-435c-95fd-1764cb849122}) (Version: 1.0.16.27 - Tobias Erichsen)
loopMIDI (HKLM-x32\...\{DF96DB4C-DB0F-4CCF-9769-464BC9EA859F}) (Version: 1.0.16.27 - Tobias Erichsen) Hidden
loopMIDIBlockLegacy (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
LOSTARK (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\LOSTARK) (Version: 1.104 - MY.GAMES)
Malwarebytes version 4.5.14.210 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.14.210 - Malwarebytes)
Microsoft .NET 6.0 Templates 6.0.200 (x64) (HKLM\...\{55A933C9-61E4-4958-A086-83CE936D88B2}) (Version: 24.4.48461 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 5.0.14 (x64) (HKLM\...\{B6D217CB-F393-40DD-AC17-9989D8E8A714}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 5.0.14 (x64_arm) (HKLM\...\{400881A4-1434-42D1-BB9F-9F3B996E64F4}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 5.0.14 (x64_arm64) (HKLM\...\{4B983237-0EE4-48AF-BB67-0607E8DEE562}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 5.0.14 (x64_x86) (HKLM\...\{1D25A8A0-2D84-41B4-B0F0-32EF1151F625}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.2 (x64) (HKLM\...\{E880145C-89F2-44EE-973D-03DF3026FF75}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.2 (x64_arm) (HKLM\...\{DCAE22BC-0045-4E1D-8E55-45CD6A0B9DA7}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.2 (x64_arm64) (HKLM\...\{BC04A133-2C27-4C19-A1D8-48FCC9C7D94F}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.2 (x64_x86) (HKLM\...\{94079648-6999-4938-B069-6C59E43A3BB0}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Core 3.1 Templates 5.0.405 (x64) (HKLM\...\{D20D560E-2176-4ECF-A344-7B43EB17377F}) (Version: 12.21.61060 - Microsoft Corporation) Hidden
Microsoft .NET Core 5.0 Templates 5.0.405 (x64) (HKLM\...\{9372651C-BB0D-4D01-AFAC-1D91929393EC}) (Version: 20.7.44676 - Microsoft Corporation) Hidden
Microsoft .NET Core AppHost Pack - 3.1.22 (x64) (HKLM\...\{23B200E6-5E51-403D-A3F5-62CD42B23D7D}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core AppHost Pack - 3.1.22 (x64_arm) (HKLM\...\{A8D05936-3B6A-4F1A-8B31-C47A1CF55DF7}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core AppHost Pack - 3.1.22 (x64_arm64) (HKLM\...\{C883FEA0-0193-4C6B-BAF3-DA9FA7B6510E}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core AppHost Pack - 3.1.22 (x64_x86) (HKLM\...\{3AB1D96B-C73E-4C77-BED9-85591FC3BF14}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core Host - 2.1.30 (x64) (HKLM\...\{8FD66631-B964-4E12-92E1-A8A4CAD5D14C}) (Version: 16.120.30411 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 2.1.30 (x64) (HKLM\...\{EB291DFA-DEDE-4355-98D9-17F95E91C437}) (Version: 16.120.30411 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 2.1.30 (x64) (HKLM\...\{92A0517D-D5F9-4D8F-87F9-83ABC04240C2}) (Version: 16.120.30411 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.22 (x64) (HKLM\...\{44D628C6-14F5-48F2-89F9-6C0A5FF2B9F0}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.22 (x86) (HKLM-x32\...\{54C416DE-9495-4FFC-B2A7-E7AF82DEA8A4}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft .NET Core SDK 2.1.526 (x64) (HKLM\...\{77DCC379-7B83-4D9A-8D77-1FB5A5175135}) (Version: 8.147.42380 - Microsoft Corporation) Hidden
Microsoft .NET Core SDK 2.1.526 (x64) (HKLM-x32\...\{a61ab325-4d4c-416b-a9c0-bfd07d8890ae}) (Version: 2.1.526 - Microsoft Corporation)
Microsoft .NET Core Targeting Pack - 3.1.0 (x64) (HKLM\...\{31EDE1E7-C855-4633-9D73-56F566136567}) (Version: 24.64.28315 - Microsoft Corporation) Hidden
Microsoft .NET CoreRuntime For CoreCon (HKLM-x32\...\{48A8F171-52F2-372B-8414-EA50617708BE}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft .NET CoreRuntime SDK (HKLM-x32\...\{12702494-9E6A-3F5E-9441-2B7D258A639B}) (Version: 1.1.27004.0 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 Targeting Pack (deu) (HKLM-x32\...\{96E8FAD6-EC2D-40F2-A230-7F81CD52FB43}) (Version: 3.5.27729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.1 Targeting Pack (HKLM-x32\...\{5686C5E9-A3B3-451E-A2EA-4C246CDE5CC9}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (Deutsch) (HKLM-x32\...\{5F62E29E-C154-44CB-81D6-696FB3474844}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.16 (x64) (HKLM\...\{DAA471F4-54A9-4820-A1C5-266B5153C144}) (Version: 40.64.31117 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.2 (x64) (HKLM\...\{FCA58978-1518-4AA5-9B43-D9D3CDE9C314}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.14 (x64) (HKLM\...\{8D88F0E2-CE9B-4A6D-8309-FDC562195F5B}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.14 (x86) (HKLM-x32\...\{64E80A14-A4CE-4209-9E96-E3B33957FE7C}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.16 (x64) (HKLM\...\{29CBA832-8D09-42D0-82F4-3583EE247A5E}) (Version: 40.64.31117 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.0 (x64) (HKLM\...\{740DEBEB-4049-4179-AF82-673DE9E7F52E}) (Version: 48.3.31210 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.2 (x64) (HKLM\...\{400912BD-8880-45D6-B657-CC52E9297295}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.2 (x86) (HKLM-x32\...\{D2704ECD-6F5F-4B2E-B895-848B1403ACE7}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Native SDK (HKLM-x32\...\{A527D13C-CB86-3604-BFDC-68F585895663}) (Version: 15.0.24211.06 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.14 (x64) (HKLM\...\{B810ACDF-1C0C-4108-9B92-12F1674FA444}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.14 (x86) (HKLM-x32\...\{B53264E4-665F-4F04-BF0C-7F9C9B7A5640}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.16 (x64) (HKLM\...\{16E242C4-24A9-4381-8023-0F246750CA47}) (Version: 40.64.31117 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.16 (x64) (HKLM-x32\...\{68696b91-f423-4e8e-a58f-631366d0f77a}) (Version: 5.0.16.31117 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.0 (x64) (HKLM\...\{0875A1B4-8C93-48C7-BEC9-4E549B550B1B}) (Version: 48.3.31210 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.2 (x64) (HKLM\...\{09BE57EC-66FA-4C4D-ABED-EBCB6A6BF6EA}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.2 (x86) (HKLM-x32\...\{A54C9C13-9F3E-4E95-8BE0-7A36A1F80245}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET SDK 5.0.405 (x64) from Visual Studio (HKLM\...\{316B05A5-52B6-436C-9C79-2049DD149D96}) (Version: 5.4.522.6820 - Microsoft Corporation)
Microsoft .NET SDK 6.0.200 (x64) from Visual Studio (HKLM\...\{00D9D07C-9962-4CBB-9AA2-9EF1383B5B2D}) (Version: 6.2.22.10605 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 5.0.0 (x64) (HKLM\...\{34761DB2-89B9-4981-8122-5B1FAE3B7069}) (Version: 40.0.29419 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.2 (x64) (HKLM\...\{27C5AAF6-5B72-44B0-924C-4BB0C170216C}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 5.0.405 (x64) (HKLM\...\{BEA7472D-97F2-464B-814D-CC0F473FC337}) (Version: 20.5.61060 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 6.0.200 (x64) (HKLM\...\{D66C8045-2D1E-4346-AAFA-76A34758E10C}) (Version: 24.4.48461 - Microsoft Corporation) Hidden
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.15629.20156 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM\...\{90140000-00D1-0407-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Access database engine 2016 (English) (HKLM-x32\...\{90160000-00D1-0409-0000-0000000FF1CE}) (Version: 16.0.5044.1000 - Microsoft Corporation)
Microsoft ASP.NET Core 2.1.30 Shared Framework (x64) (HKLM\...\{3F0FA3FE-95FA-3B48-ABD1-46FB4DA4021E}) (Version: 2.1.30.60071 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 3.1.10 Targeting Pack (x64) (HKLM\...\{FEA48357-CE2F-3ED0-B2A0-8548BEC6F111}) (Version: 3.1.10.20520 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 3.1.22 Shared Framework (x64) (HKLM\...\{6AFBB1FC-92B4-38D1-8125-A5F297FDA27D}) (Version: 3.1.22.21579 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 3.1.22 Shared Framework (x86) (HKLM-x32\...\{7BD85F66-ABB6-3590-B637-22311F25619B}) (Version: 3.1.22.21579 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 5.0.0 Targeting Pack (x64) (HKLM\...\{7E0C04EC-9D6F-36CD-A821-DC8493EE407F}) (Version: 5.0.0.20526 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 5.0.14 Shared Framework (x64) (HKLM\...\{1DDE3A7E-9E64-38C4-A76B-EEC6CE0EC9C6}) (Version: 5.0.14.22063 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 5.0.14 Shared Framework (x86) (HKLM-x32\...\{E2E8FB3E-9513-31E4-9C66-B2DC0B9FC02C}) (Version: 5.0.14.22063 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.2 Shared Framework (x64) (HKLM\...\{941F2C43-D8FE-3DD0-8D2C-FE8169AD45A0}) (Version: 6.0.2.22064 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.2 Shared Framework (x86) (HKLM-x32\...\{E3B72D89-87A4-3961-B980-9DCC0487D6B2}) (Version: 6.0.2.22064 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.2 Targeting Pack (x64) (HKLM\...\{3220319F-4406-39D1-982A-3A678EA8D24A}) (Version: 6.0.2.22064 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core Module for IIS Express (HKLM\...\{FAFEE5E3-E00A-4CE8-B495-8F66A5FAB236}) (Version: 12.2.18292.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core Module V2 for IIS Express (HKLM\...\{F6EADEFA-482E-483C-B3D6-8B3567EE8FDB}) (Version: 16.0.21269.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Diagnostic Pack for Visual Studio (HKLM-x32\...\{CC2EFF16-2D75-3AFA-801F-90E59F7D7331}) (Version: 17.1.358.51495 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Tools Packages 15.0 - DEU (HKLM-x32\...\{FDB3AB25-DEE7-3438-9E2A-571F9F23F26E}) (Version: 1.0.30615.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Tools Packages 15.0 - ENU (HKLM-x32\...\{B3CA5EDB-F084-325C-AA50-247A3A476496}) (Version: 1.0.30615.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Tools Packages 17.0 - DEU (HKLM-x32\...\{313B1F5D-40A5-3190-9474-AD4CEDE068C2}) (Version: 17.0.10526.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Tools Packages 17.0 - ENU (HKLM-x32\...\{6332F84D-AEE5-3162-BCF4-329EE17B9662}) (Version: 17.0.10526.0 - Microsoft Corporation) Hidden
Microsoft Azure Authoring Tools - v2.9.7 (HKLM\...\{90462BD2-DF5B-449C-A401-FCC1DC264E4E}) (Version: 2.9.8999.45 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.9.7 (HKLM\...\{04CA054C-2F40-44B0-8610-8D51EC9444FE}) (Version: 2.9.8999.43 - Microsoft Corporation) Hidden
Microsoft Azure Compute Emulator - v2.9.7 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.7) (Version: 2.9.8999.43 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Azure Storage Emulator - v5.10 (HKLM-x32\...\{41AC2282-F083-4495-8306-2D6ABC7D5CA2}) (Version: 5.10.19227.2113 - Microsoft Corporation) Hidden
Microsoft Azure Storage Emulator - v5.10 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.10) (Version: 5.10.19227.2113 - Microsoft Corporation)
Microsoft Command Line Utilities 15 for SQL Server (HKLM\...\{41C0DB18-1790-465E-B0DD-D9CAA35CACBE}) (Version: 15.0.1300.359 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.37 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.37 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Version: 10.1.22621.1011 - Microsoft Corporation)
Microsoft NetStandard SDK (HKLM-x32\...\{737FDDA7-B944-4CB5-92D9-3D56373BD301}) (Version: 15.0.51105 - Microsoft Corporation) Hidden
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{97FA5676-7F15-4C39-BFA1-CE67BA1833C2}) (Version: 17.7.2.1 - Microsoft Corporation)
Microsoft Office Professional 2016 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 16.0.15629.20156 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Portable Library Multi-Targeting Pack (HKLM-x32\...\{812F31DC-FAA6-3979-B3D6-5D6BAAF2945D}) (Version: 15.0.26621.02 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (HKLM-x32\...\{D3A63893-9B6A-3DC2-BD7B-31BD85665988}) (Version: 15.0.26621.02 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9198AD57-6396-4DF8-8D0C-20EA764F7986}) (Version: 11.3.6020.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Native Client  (HKLM\...\{E9AD0F97-5DF2-4F5B-BC5B-F524D21BF165}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{33B8D051-4DF5-4103-8FDB-8663E468A204}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server 2019 LocalDB  (HKLM\...\{36E492B8-CB83-4DA5-A5D2-D99A8E8228A1}) (Version: 15.0.4153.1 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Teams) (Version: 1.5.00.9163 - Microsoft Corporation)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}) (Version: 17.0.0.5175695 - Microsoft) Hidden
Microsoft UniversalWindowsPlatform SDK (HKLM-x32\...\{1DFB90F4-6C58-4AE6-BA4E-E0AE3C9062C7}) (Version: 15.9.10 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1a63c099-febd-4eaf-83ad-a82ea4fdac49}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30708 (HKLM-x32\...\{ee198d9f-cfe1-4f8a-bf5f-7b1be355b63d}) (Version: 14.30.30708.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 X64 Debug Runtime - 14.16.27033 (HKLM\...\{FBB6370A-2B31-4E7F-9046-FEC401A98F12}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X86 Debug Runtime - 14.16.27033 (HKLM-x32\...\{54E71599-88E8-4A50-8435-BE40755DB005}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30708 (HKLM\...\{12A2980B-E47B-491B-92F5-0BC703841ED4}) (Version: 14.30.30708 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30708 (HKLM\...\{AE043016-3897-41D4-870B-1DAEE62CF152}) (Version: 14.30.30708 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2017 Tools for Unity (HKLM-x32\...\{1AD79405-0A2D-43D6-82AE-8CB8B212D906}) (Version: 3.9.0.3 - Microsoft Corporation) Hidden
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.1.2196.8931 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{6501DB5B-B58A-4021-8F3C-25A6CF01BC72}) (Version: 3.1.1126.51066 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{EA62D3A4-587F-43C9-8C56-FEF454BE720A}) (Version: 3.1.1126.51066 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2017 Update 9 Office Integration (x64) (HKLM\...\{4F62310B-5C05-3A89-A182-713AB10514E7}) (Version: 15.129.31804 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2017 Update 9 Office Integration Language Pack (x64) - ENU (HKLM\...\{67E00724-8C7F-3830-9FBA-2F87F11C12C9}) (Version: 15.129.31804 - Microsoft Corporation) Hidden
Microsoft Web Deploy 4.0 (HKLM\...\{DB7B43E1-BB6C-4417-9F20-2488FD8EECC8}) (Version: 10.0.5402 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.22 (x64) (HKLM\...\{D5C6F442-F51D-4D15-82C1-61E3435BA3C8}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.22 (x86) (HKLM-x32\...\{EDB662A8-AD69-44B1-B2FB-6E9BF86BA0B9}) (Version: 24.88.30721 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM\...\{4CD6FFC6-FA14-4016-A7A6-B7E3D6286331}) (Version: 40.56.30911 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x86) (HKLM-x32\...\{3F927D21-88CF-4113-87C4-7F5D90ACFD5C}) (Version: 40.56.30911 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.16 (x64) (HKLM\...\{90B8150E-08C5-4225-9F94-9BBB39D82601}) (Version: 40.64.31121 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.16 (x64) (HKLM-x32\...\{c34fb08d-bd27-4d0b-a7bc-f7d5359f9518}) (Version: 5.0.16.31121 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.0 (x64) (HKLM\...\{C3505345-F775-48A3-9657-F9F0B4C1932F}) (Version: 48.3.31217 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.0 (x64) (HKLM-x32\...\{04da1419-5002-4781-bd5d-829a8fb420e5}) (Version: 6.0.0.30623 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.2 (x64) (HKLM\...\{70D77D60-C620-4829-AF52-7AB767A8BB52}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.2 (x86) (HKLM-x32\...\{DE561533-408D-4E2C-BB6E-05960A801450}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 3.1.0 (x64) (HKLM\...\{7519423C-A977-4160-83A2-48633600A216}) (Version: 24.64.28315 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 5.0.0 (x64) (HKLM\...\{B7846BB6-4EDE-409B-9147-631286EF7FDD}) (Version: 40.0.29420 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.2 (x64) (HKLM\...\{54E0FF16-E612-459E-9EB1-1C3D84D4DB13}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-6.0.200 (HKLM\...\{FCB866C3-1C7F-48F1-82AA-27CDF5EDBF07}) (Version: 124.50.2 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-6.0.200 (HKLM\...\{2685B6AE-7BBA-4305-A0C6-D85E95E6DFE3}) (Version: 60.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-6.0.200 (HKLM\...\{D9C7F250-1F44-4F17-9114-892FE9B9392E}) (Version: 60.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-6.0.200 (HKLM\...\{5023AA6C-3434-4651-97F4-A99E519A46BA}) (Version: 48.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-6.0.200 (HKLM\...\{E654192D-D623-4F63-81B5-7B01FD812D47}) (Version: 24.50.2441 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-6.0.200 (HKLM\...\{ABB96929-74DA-4C9E-A79F-5482C80E2651}) (Version: 60.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Manifest (HKLM\...\{5A247A95-DDD4-4C69-9BA5-2C94E9157502}) (Version: 48.27.37284 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Manifest (HKLM\...\{C7BBAC8B-9DE6-4893-A317-D3894F819334}) (Version: 48.3.37295 - Microsoft Corporation) Hidden
Microsoft-System-CLR-Typen für SQL Server 2019 (HKLM\...\{A2494B75-7366-47C0-A58F-C41BEE9317E6}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2019 CTP2.2 (HKLM-x32\...\{BF16A1DB-06A6-4A8E-B7A8-61F1F9C9FBA3}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server vNext CTP1.6 (HKLM\...\{598EF772-9320-43B6-9D3C-A60A1F6A804E}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server vNext CTP1.6 (HKLM-x32\...\{2773DECE-0FE5-4CA9-96A8-621E0185388F}) (Version: 15.0.600.33 - Microsoft Corporation)
MIDI-OX (HKLM-x32\...\{A6457851-5EA9-45B0-AF1D-D2A0A4781CFB}) (Version: 7.02.372 - MIDIOX Computing)
Minecraft Launcher (HKLM-x32\...\{911FBC64-4C64-4B8F-A637-B34832638C86}) (Version: 1.0.0.0 - Mojang)
MINIONAPP (HKLM-x32\...\MINIONAPP) (Version:  - )
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
MSI Kombustor 4.1.15.0 (64-bit) (HKLM\...\{F3D3CC6B-9AD7-4F43-8C69-40D5902FDC5C}}_is1) (Version:  - MSI / Geeks3D)
MySQL Connector Net 8.0.28 (HKLM-x32\...\{DDA9C4B3-766C-41FC-9BA2-615524AAF36B}) (Version: 8.0.28 - Oracle)
MySQL for Visual Studio 1.2.10 (HKLM-x32\...\{FFB40224-64C0-4D82-ADC4-6B9434B90800}) (Version: 1.2.10 - Oracle)
MySQL Shell 8.0.28 (HKLM\...\{2112E2EB-B278-4C5A-AA73-D9AD0205BAAC}) (Version: 8.0.28 - Oracle and/or its affiliates)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.4 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.131 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.131 - NVIDIA Corporation)
NVIDIA Grafiktreiber 517.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.48 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.39.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
obs-midi version 0.3.0 (HKLM-x32\...\{117EE44F-48E1-49E5-A381-CC8D9195CF35}_is1) (Version: 0.3.0 - Christopher Yarger)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20342 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Paket zur Festlegung von "Doc Redirected"-Zielversionen von Microsoft .NET Framework 4.7.1 (Deutsch) (HKLM-x32\...\{5B970BE4-A2F2-41BD-8B91-FEA8DAA1DB9B}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.7.2 (Deutsch) (HKLM-x32\...\{98FE7C2A-22A4-401A-B45B-2AA107C06DD7}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.8 (Deutsch) (HKLM-x32\...\{9E68042B-8597-4DE3-BA10-D1198BA9316B}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
ProtonVPN (HKLM-x32\...\{5D8EB116-AEE3-4BA2-9431-E429F0924940}) (Version: 1.25.0 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.25.0) (Version: 1.25.0 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
ProtonVPNTun (HKLM-x32\...\{C953D354-0C14-4CB5-AB42-0A9E40F55857}) (Version: 0.13.0 - Proton Technologies AG)
PrusaSlicer 2.5.0 (HKLM\...\{F7A53CE7-528F-429F-AABB-E54ECE5FD63E}) (Version: 2.5.0 - Prusa Research) Hidden
PrusaSlicer 2.5.0 (HKLM\...\PrusaSlicer 2.5.0 2.5.0) (Version: 2.5.0 - Prusa Research)
PuTTY release 0.76 (64-bit) (HKLM\...\{1E0D5689-40F1-4E46-ABBB-EAAC68B5CD89}) (Version: 0.76.0.0 - Simon Tatham)
PyCharm Community Edition 2021.3.1 (HKLM-x32\...\PyCharm Community Edition 2021.3.1) (Version: 213.6461.77 - JetBrains s.r.o.)
Python 3.9.7 (64-bit) (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\{0f0bf1a5-3ec1-459b-ab7c-916db941f50d}) (Version: 3.9.7150.0 - Python Software Foundation)
Python 3.9.7 Core Interpreter (64-bit) (HKLM\...\{88D4EF59-607D-43AD-B7C7-F5A753740FD1}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Development Libraries (64-bit) (HKLM\...\{97496FC6-5044-4A2A-BACD-40A44F38D483}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Documentation (64-bit) (HKLM\...\{AA408E09-EBB3-470F-8D63-5AA0C46C2DA2}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Executables (64-bit) (HKLM\...\{870EC220-FEAE-481D-8B29-B4B0DF5402FA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 pip Bootstrap (64-bit) (HKLM\...\{F1280AA2-AAC3-41AB-9616-CCF00814E626}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Standard Library (64-bit) (HKLM\...\{05903EEF-72A2-4C1A-AD35-41AD6C7094A8}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Tcl/Tk Support (64-bit) (HKLM\...\{6E8EAD3C-6F0C-494C-9C12-E10C5B5EE7EA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Test Suite (64-bit) (HKLM\...\{67D79D6E-8497-4EE6-850B-834D3A27553F}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Utility Scripts (64-bit) (HKLM\...\{4110826A-903C-410C-9785-7848A51B9CC9}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{99719382-D7A9-4DC2-BF0C-C23B730A313D}) (Version: 3.9.7546.0 - Python Software Foundation)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.0831.083015 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8273 - Realtek Semiconductor Corp.)
Red 2 & Red 3 Plug-in Suite version 1.1 (HKLM\...\Red 2 & Red 3 Plug-in Suite_is1) (Version: 1.1 - Focusrite Audio Engineering Limited)
REDlauncher (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version:  - GOG.com)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Roblox Player for lucap (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for lucap (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\roblox-studio) (Version:  - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.63.962 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.5.1 - Rockstar Games)
rtpMIDIBlockLegacy (HKLM-x32\...\{FD937297-84C3-41A5-B5DF-1FAEEE669D68}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Snapmaker Luban 4.4.0 (HKLM\...\4c329381-cbe6-5eac-8b35-1ff73ff2e943) (Version: 4.4.0 - Snapmaker Dev Team)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.28779 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.34.4 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.43.0 - TechPowerUp)
Telegram Desktop version 4.1.1 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.1.1 - Telegram FZ-LLC)
Tesseract-OCR - open source OCR engine (HKLM\...\Tesseract-OCR) (Version: v5.0.1.20220118 - Tesseract-OCR community)
teVirtualMIDI64 (HKLM\...\{2F802731-3731-453E-B30B-4381BEED22AC}) (Version: 1.3.0.43 - Tobias Erichsen) Hidden
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Tools for .Net 3.5 - DEU Lang Pack (HKLM-x32\...\{13BD574A-7F41-420A-B486-7A2D4CEB7F3B}) (Version: 3.11.50727 - Microsoft Corporation) Hidden
Tools for .Net 3.5 (HKLM-x32\...\{1690CE56-2231-4E59-9006-A0876D949EA8}) (Version: 3.11.50727 - Microsoft Corporation) Hidden
Tower of Fantasy (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\tof_launcher) (Version:  - Hotta Studio)
TypeScript SDK (HKLM-x32\...\{6D0FC687-BA41-4DFD-80B4-3469E567AA0F}) (Version: 4.3.5.0 - Microsoft Corporation) Hidden
TypeScript SDK (HKLM-x32\...\{E6521CE7-0C2F-461D-8B83-CB40BC26F6A5}) (Version: 3.1.7.0 - Microsoft Corporation) Hidden
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 127.4.10629 - Ubisoft)
Ultimaker Cura 5.0.0 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Ultimaker Cura 5.0.0) (Version: 5.0.0.0 - Ultimaker B.V.)
Ultimaker Cura 5.1.0 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Ultimaker Cura 5.1.0) (Version: 5.1.0 - Ultimaker B.V.)
Unigine Superposition Benchmark 1.1 (HKLM\...\Superposition_is1) (Version: 1.1 - UNIGINE)
Unity (HKLM-x32\...\Unity) (Version: 2020.3.11f1 - Unity Technologies ApS)
Unity 2021.1.16f1 (HKLM-x32\...\Unity 2021.1.16f1) (Version: 2021.1.16f1 - Unity Technologies ApS)
Unity Hub 2.4.5 (HKLM\...\{Unity Technologies - Hub}) (Version: 2.4.5 - Unity Technologies Inc.)
Unity Hub 3.0.0-beta.2 (HKLM\...\Unity Technologies - Hub) (Version: 3.0.0-beta.2 - Unity Technologies Inc.)
Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VB-CABLE C+D Package (HKLM-x32\...\VB:VBCABLE_CD {C76D3BC2-E852-4d06}) (Version:  - VB-Audio Software)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
VBCABLE-A, The Virtual Audio Cable (HKLM\...\VB:VBCABLEA {87459874-1236-4469}) (Version:  - VB-Audio Software)
VBCABLE-B, The Virtual Audio Cable (HKLM\...\VB:VBCABLEB {87459874-1236-4469}) (Version:  - VB-Audio Software)
vcpp_crt.redist.clickonce (HKLM-x32\...\{86A64DD6-2619-4D30-B777-75568A3EE56D}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{DE76BFB9-CBA9-48EB-8AAB-31292E7F1D0A}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{83D25813-8527-4DA7-A514-969B674269BC}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Package (HKLM-x32\...\{9E49E95C-CF02-412D-AD53-FB1F37D8BDD8}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT Appx Resource Package (HKLM-x32\...\{66EEDDAB-DF4D-424D-8E15-2D9B41C90397}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM64 Appx Package (HKLM-x32\...\{CCAC309A-EC2D-4A5E-BA76-3638E6D651F4}) (Version: 14.16.27027 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM64 Appx Package (HKLM-x32\...\{D076C56D-9DDE-462F-A1E8-2C7DF2C0E7A6}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{41EF416D-AD5E-432D-9BFE-0E5BE62E2F1E}) (Version: 14.16.27027 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{C20A5080-9391-4126-A953-D362BD8B5240}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{EEAD071F-AC16-42DB-9EBA-FC8A466C9382}) (Version: 14.16.27023 - Microsoft Corporation) Hidden
Visual Studio Community 2019 (HKLM-x32\...\4429726e) (Version: 16.11.10 - Microsoft Corporation)
Visual Studio Enterprise 2017 (HKLM-x32\...\5cf6f237) (Version: 15.9.44 - Microsoft Corporation)
Visual Studio Enterprise 2022 (HKLM-x32\...\d4e2f3c5) (Version: 17.1.0 - Microsoft Corporation)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.34.2.0 - Voicemod S.L.)
VS Immersive Activate Helper (HKLM-x32\...\{C0ACF658-B4DC-4CBB-B8F2-9E667D69919A}) (Version: 17.0.114.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{43F73608-5C94-436F-A1E6-E09ACE680391}) (Version: 17.0.114.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{9EC852BD-33D2-457C-99BB-ED3099B8176F}) (Version: 17.0.114.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{2D12F791-263F-4ABA-B7A8-5485933CADCF}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{B8B0A861-C76A-4DBA-B8D5-8830511173A3}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{16946E6F-037E-4A92-A30C-80293603EEC9}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{15CE6C23-B92A-4B2B-8521-6FA81661068B}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_codecoveragemsi (HKLM-x32\...\{95913D6F-B6F3-440F-ACEA-8B0ABD5FA275}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_codeduitestframeworkmsi (HKLM-x32\...\{4379D9C7-B16D-486C-BC6D-43550A4C55EE}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{5C127D2C-BC0B-44B8-A1A5-34E9E7A116FC}) (Version: 16.11.31911 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{08693C65-8459-4C66-8AF3-15F091F28F87}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{7571C303-621A-4ACF-A392-BD6B9B3C67BF}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{EB7405ED-A99C-47D4-8516-C5C35704B07C}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{3AFF0601-10FB-491C-8F07-CBE9FA2BC180}) (Version: 17.1.32210 - Microsoft Corporation) Hidden
vs_cuitcommoncoremsi (HKLM-x32\...\{060D7518-16AC-41F1-9956-38CA636FCF7B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_cuitextensionmsi (HKLM-x32\...\{88484E59-774D-4947-AF0E-4524D6C3147D}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_cuitextensionmsi_x64 (HKLM-x32\...\{184D5702-3AD2-4F0D-95E6-11E1C75A9298}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvsharedmsi (HKLM-x32\...\{923446B9-70EB-4850-95D7-1A1AB5D111CD}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{5C99AE76-BEF9-4D4B-A77A-1B63238B86B0}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_enterprisemsi (HKLM-x32\...\{6E0FB913-0E76-44B5-B0D4-2B71A7984BD2}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{2C910925-05EE-403B-8295-D2593E11F751}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{46F71CD4-4841-4B77-A491-9933B98F8D0D}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{9DCCEEF7-CC00-4054-9879-7E0A12E5CF0A}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{B6BAC9A6-A70D-4E4D-B90A-7EE2B336E090}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{3161DA68-DD37-4798-82DB-B3A0BD6BA233}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{883D29E5-9A41-4C45-A192-C10B8078BF0C}) (Version: 16.10.31306 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{05A82EA9-8768-4E1B-B16C-FCCF299D331C}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{FB59095C-C7C6-4CA6-B300-852B50AB976D}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{53D1C36A-E35A-45B3-801B-F49BDD425293}) (Version: 16.11.31503 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{786313C8-40FA-4E06-A625-B1B30B66E872}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{FEFEDA38-9B6A-4374-8D43-7D5517152080}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{CC15CA94-9817-4914-A9ED-A694A2F27783}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_networkemulationmsi_x64 (HKLM-x32\...\{44FFB63E-E35B-41BE-8E9B-149B1AF65493}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_professionalmsi (HKLM-x32\...\{C135A30B-7258-4E11-8660-87C5642A4AAE}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{4EF9011A-8E81-4D6F-9CB9-DBF0B1B12809}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{874561BE-97AD-4865-8512-579D41009147}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
win-capture-audio version 2.2.3 (HKLM-x32\...\{406FD363-BC38-47EE-AF53-7F6FB4D56ECE}_is1) (Version: 2.2.3 - bozbez)
Windows App Certification Kit Native Components (HKLM\...\{398B9866-66DD-753F-761B-E74A270435CC}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{4FC3E9F0-8B10-DBFB-EA4B-FCA87274FC59}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{7718961C-5622-0714-906E-89E9751FA8F4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{EC74C9E5-A88F-D4DF-1DD0-FA42FFBB298D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{942262C5-DA88-830D-7140-C5BCC896DD60}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows IoT Extension SDK (HKLM-x32\...\{110B5402-97D4-DDA2-7B42-665D8325A44F}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{AC8F20B3-36BB-DE22-CA37-43BC967B3F47}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{B38CF8FF-C0D9-B11D-6484-B95A81C72DDC}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{6FF4EDB8-56EA-640C-47CA-54C845F7D273}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Phone SDK 8.0 Assemblies for Visual Studio 2017 (HKLM-x32\...\{7D80B045-3223-3481-AC8F-B0BBA3A25B6F}) (Version: 15.0.28302 - Microsoft Corporation) Hidden
Windows SDK (HKLM-x32\...\{ED060DBD-1A21-7554-F2E1-06A0EE45900D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{EA15DC17-4379-6850-16FA-D6527641A8DD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{BFC2CA21-326B-90D1-B0E5-F1327411D4A5}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{441FA049-A2AB-7E8D-375D-5C9720CD3325}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{492AAE4A-619E-64BF-6173-DB4E25D67533}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{C971A14A-F045-BD6A-C670-05C7B74A37FE}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{323350A8-D3DC-2F8C-2976-E59E2C132B74}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{51ACC3C5-D131-0916-3F0C-59455F32E6B0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{AE5CE40F-6C6D-C95F-FD37-D9EF7093CA99}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{D5B8B2F7-680B-B6D4-6353-377C73C0F8A8}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{9D5486B4-7458-1A53-E92F-8CFD4AF85D4B}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{8308EFA9-D647-6BF4-6525-349091FBD528}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{F770E8F3-139B-0373-8692-BF619445B8C2}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{90B0B603-7728-F869-3927-73232379BA5B}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{F84F82F2-4D6F-7EE7-A5EC-C57ECBAB3513}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{2DD06060-C61D-7C3A-AA55-6E3FD9493D61}) (Version: 10.1.17763.132 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{CA7A8A65-AB2E-43AA-4110-10C50115E211}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{1B278824-7541-EA8F-FFA1-8B73EC7146D5}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{36AA7E63-76E9-E591-C985-272415268810}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{929C5E30-584A-9E44-2C03-08AA27927317}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{785711EA-DD49-D232-BB29-D48350CC458F}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{DAED8629-A799-B67F-9751-F3A1C60EE335}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{A128C4CE-88C8-8BDF-FBE9-A517979E0BDD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{BA610F2C-C1FA-0A65-2B4D-8272223AC061}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{9A0DC6A1-E91D-EB94-FB4D-41DDDE8A225D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{FBA500B3-235D-41E5-D748-F9FFD2C881FD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{C1C8121A-6BDE-478E-3685-C09F9287D6F0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{70DB40AD-109B-C0CB-9DBF-8B1EDAEBFF61}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{58770E7F-37C0-70F9-6CBF-2B18503B0EE0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Simulator - ENU (HKLM-x32\...\{A4646537-CE71-480A-9A2B-AAFE03334996}) (Version: 15.0.27729 - Microsoft Corporation) Hidden
Windows Simulator (HKLM-x32\...\{F9F1A5B3-D8DE-4995-B14B-1ED4AFA7A003}) (Version: 15.0.27729 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{A8B548F5-D495-BB71-F673-2D48FD7E764C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{F57D8118-1428-ECB8-0729-A577A9A1DEA8}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
windows_toolscorepkg (HKLM-x32\...\{A0669C27-8927-49FE-A039-5C1792620DCE}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Razer Inc. (WinUSB) USB  (05/04/2016 6.2.9200.16385) (HKLM\...\874D6B1A2BD2AE8FF3594AB704F2A4A3F8342FB5) (Version: 05/04/2016 6.2.9200.16385 - Razer Inc.)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinSCP 5.19.5 (HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\winscp3_is1) (Version: 5.19.5 - Martin Prikryl)

Packages:
=========
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-08-09] (INTEL CORP) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-17] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10801.429.0_x64__8wekyb3d8bbwe [2022-08-25] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-10-06] (NVIDIA Corp.)
Python 3.10 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.2032.0_x64__qbz5n2kfra8p0 [2022-09-06] (Python Software Foundation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0 [2022-10-06] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-04] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\lucap\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\lucap\AppData\Local\Autodesk\webdeploy\production\3f77c28c02b1b466e9d910ef562e48d42f47cc2b\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Proton Technologies AG -> )
CustomCLSID: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001_Classes\CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}\InprocServer32 -> C:\Users\lucap\AppData\Local\Programs\WinSCP\DragExt64.dll (Martin Prikryl -> Martin Prikryl)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-01-19] (Notepad++ -> )
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => G:\VMware\vmdkShellExt.dll [2022-02-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => G:\VMware\x64\vmdkShellExt64.dll [2022-02-18] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-09] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [Datei ist nicht signiert] [Datei wird verwendet]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\nvshext.dll [2022-09-22] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-09] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\lucap\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c2854863be7afae2\MetaMask.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=nkbihfbeogaeaoehlefnkodbefgpgknn --app-url --app-launch-source=4

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2022-08-12 10:14 - 2022-08-09 04:52 - 001427968 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2022-01-30 04:10 - 2019-05-03 11:41 - 001750016 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Voicemod Desktop\CefSharp.Core.dll
2022-01-30 04:10 - 2019-04-25 10:23 - 109914112 _____ () [Datei ist nicht signiert] C:\Program Files\Voicemod Desktop\libcef.dll
2019-07-15 11:20 - 2019-07-15 11:20 - 000126976 _____ (Intel Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2022-05-05 17:44 - 2022-05-05 17:44 - 002122240 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2022-01-30 04:10 - 2019-04-25 10:22 - 000799744 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files\Voicemod Desktop\chrome_elf.dll
2021-12-11 18:47 - 2021-12-11 18:47 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-12-11 18:47 - 2021-12-11 18:47 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2021-12-11 18:47 - 2021-12-11 18:47 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-10-02 19:16 - 2021-12-11 18:47 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_341\bin\ssv.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\sharepoint.com -> hxxps://wpdgroup-files.sharepoint.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-03-19 06:49 - 2022-10-09 22:36 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

2022-02-24 00:33 - 2022-04-01 23:38 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.27.96.1 DESKTOP-N6Q3QEM.mshome.net # 2027 3 3 31 21 38 18 281

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %C_EM64T_REDIST11%bin\Intel64;G:\VMware\bin\;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Intel\Intel(R) Memory and Storage Tool\;C:\Program Files\PuTTY\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Git\cmd;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lucap\AppData\Local\Microsoft\Windows\Themes\Nina+Luca\DesktopBackground\{ae246f3e-2323-47cd-acd2-ec2f649d66b2}.jpg
DNS Servers: 8.8.8.8 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 ist aktiviert.

Network Binding:
=============
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled) 
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled) 
ProtonVPN TUN: VMware Bridge Protocol -> vmware_bridge (enabled) 
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled) 
LAN-Verbindung: VMware Bridge Protocol -> vmware_bridge (enabled) 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "DTS Audio.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\StartupFolder: => "Voicemeeter (VB-Audio).LNK"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\StartupApproved\Run: => "GogGalaxy"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

08-10-2022 14:46:07 Removed DB Browser for SQLite

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (10/09/2022 10:44:06 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT-AUTORITÄT)
Description: Erfassung von Leistungsindikatordaten von „BITS“ deaktiviert Dienst, weil die Leistungsindikatorbibliothek für diesen Dienst einen oder mehrere Fehler generiert hat. Die Fehler, die diese Aktion erzwungen haben, wurden in das Anwendungsereignisprotokoll geschrieben. Korrigieren Sie die Fehler, bevor Sie die Leistungsindikatoren für diesen Dienst aktivieren.

Error: (10/09/2022 10:44:06 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1011) (User: NT-AUTORITÄT)
Description: Die Close-Prozedur in der DLL für erweiterbare Leistungsindikatoren "C:\Windows\System32\bitsperf.dll" für den Dienst "BITS" haben die Ausnahme 3221225477 unter der Adresse 0x7ffa2d3422ef generiert. Die von der Leistungsindikatoren-DLL zurückgegebenen Systemleistungsdaten werden im Perf Data Block nicht zurückgegeben.

Error: (10/09/2022 10:44:05 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (10/09/2022 10:36:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (10/09/2022 10:35:56 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {514e0135-cc39-407c-a15d-8c68fdd612db}

Error: (10/09/2022 10:34:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (10/09/2022 10:34:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {514e0135-cc39-407c-a15d-8c68fdd612db}

Error: (10/09/2022 10:33:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm FRST64.exe Version 7.10.2022.1 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3a54

Startzeit: 01d8dc19bd1800fc

Beendigungszeit: 4294967295

Anwendungspfad: C:\Users\lucap\OneDrive\Downloads\FRST64.exe

Bericht-ID: 487e1283-0298-47cb-9979-0d724d7dd6ee

Vollständiger Name des fehlerhaften Pakets: 

Relative Anwendungs-ID des fehlerhaften Pakets: 

Absturztyp: Top level window is idle


Systemfehler:
=============
Error: (10/09/2022 10:44:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/09/2022 10:36:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N6Q3QEM)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/09/2022 10:36:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N6Q3QEM)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/09/2022 10:36:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Focusrite Control Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/09/2022 10:36:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/09/2022 10:36:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/09/2022 10:36:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/09/2022 10:36:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TeamViewer" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.


Windows Defender:
================
Date: 2022-10-09 21:58:20
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.H!ml&threatid=2147814523&enterprise=0
Name: Trojan:Win32/Wacatac.H!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: containerfile:_C:\Users\lucap\OneDrive\Downloads\Nostale_Clients.rar; file:_C:\Users\lucap\OneDrive\Downloads\Nostale_Clients.rar->Nostale Clients.exe; webfile:_C:\Users\lucap\OneDrive\Downloads\Nostale_Clients.rar|https://cdn.discordapp.com/attachments/935844569843642368/1025684096464207942/Nostale_Clients.rar|pid:14984,ProcessStart:133098190985970137
Erkennungsursprung: Internet
Erkennungstype: FastPath
Erkennungsquelle: Downloads und Anlagen
Benutzer: DESKTOP-N6Q3QEM\lucap
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1792.0, AS: 1.375.1792.0, NIS: 1.375.1792.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-10-09 14:33:35
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1788.0, AS: 1.375.1788.0, NIS: 1.375.1788.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-10-09 14:33:19
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1788.0, AS: 1.375.1788.0, NIS: 1.375.1788.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-10-09 10:53:37
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1788.0, AS: 1.375.1788.0, NIS: 1.375.1788.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

Date: 2022-10-09 10:53:26
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1788.0, AS: 1.375.1788.0, NIS: 1.375.1788.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3

CodeIntegrity:
===============
Date: 2022-10-09 22:40:01
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-09 14:42:55
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 1302 03/15/2018
Hauptplatine: ASUSTeK COMPUTER INC. PRIME Z270-A
Prozessor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 32634.62 MB
Verfügbarer physikalischer RAM: 25558.53 MB
Summe virtueller Speicher: 37498.62 MB
Verfügbarer virtueller Speicher: 28092.11 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.34 GB) (Free:14.23 GB) (Model: WDC WDS250G1B0A-00H9H0) NTFS
Drive d: (NOS SCRIPTS ETC) (Fixed) (Total:232.87 GB) (Free:51.94 GB) (Model: WDC WDS250G2B0A-00SM50) NTFS
Drive e: (Spiele) (Fixed) (Total:111.77 GB) (Free:90.55 GB) (Model: Samsung SSD 850 EVO 120GB) NTFS
Drive f: (SPIELE) (Fixed) (Total:953.75 GB) (Free:429.95 GB) (Model: NVMe INTEL SSDPEKNW01) NTFS
Drive g: (Volume) (Fixed) (Total:3726.01 GB) (Free:3400.03 GB) (Model: Intel Raid 5 Volume) NTFS

\\?\Volume{fee8127b-0287-4419-ab72-623081b28278}\ () (Fixed) (Total:0.53 GB) (Free:0.07 GB) NTFS
\\?\Volume{81bd91a3-ae1c-46fa-b246-6053b52b7a21}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 10891089)

Partition: GPT.

==========================================================
Disk: 2 (Size: 111.8 GB) (Disk ID: 5E962306)

Partition: GPT.

==========================================================
Disk: 3 (Size: 953.9 GB) (Disk ID: 424CFB2F)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt =======================

legendevent · 09.10.2022, 22:03

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-10-2022 01
durchgeführt von lucap (Administrator) auf DESKTOP-N6Q3QEM (09-10-2022 22:52:52)
Gestartet von C:\Users\lucap\OneDrive\Downloads
Geladene Profile: lucap
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.2006 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxEM.exe
(explorer.exe ->) (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.) C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <15>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Tobias Erichsen -> Tobias Erichsen) C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe
(explorer.exe ->) (Voicemod Sociedad Limitada -> Voicemod) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Audio\dts_apo_service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert] C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_a9a8972288e9f3b5\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) G:\VMware\vmware-authd.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\lucap\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.22031.10091.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071192 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3190384 2021-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe [767552 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2022-08-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Discord] => C:\Users\lucap\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234088 2022-10-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3536912 2022-08-30] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-10-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [MicrosoftEdgeAutoLaunch_B6C3CFB90E847814C26F519221487FC3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852200 2022-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7395712 2022-07-15] (Voicemod Sociedad Limitada -> Voicemod)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [loopMIDI] => C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe [5516048 2019-12-14] (Tobias Erichsen -> Tobias Erichsen)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {240be0e0-4410-11ec-86c1-107b4449e208} - "H:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {7601382e-d761-11eb-86a5-107b4449e208} - "H:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {c16004ab-d64c-11eb-86a4-107b4449e208} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {c16004d9-d64c-11eb-86a4-107b4449e208} - "I:\HiSuiteDownLoader.exe" 
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3536912 2022-08-30] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DTS Audio.lnk [2022-08-26]
ShortcutTarget: DTS Audio.lnk -> C:\Program Files (x86)\DTS, Inc\DTS Audio\APO3GUI.exe (DTS, Inc. -> DTS, Inc.)
Startup: C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-08-25]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1C85745B-1881-4798-BC3F-4F3C6B878ECD} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Audio\dts_apo_task.exe [18872 2017-10-12] (DTS, Inc. -> )
Task: {311DDC7D-7673-402F-86C8-88A19A21F812} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-04] (Google LLC -> Google LLC)
Task: {36EF88C9-F743-4AC7-B31F-65BD4E2D2A86} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {68CFA4DA-810E-48FF-A650-499BBFCE5CD0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {698AD474-4843-4F2C-8198-6399FE7095C3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7203C8CE-0ACA-433B-99A1-4746CB58FC8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {765AD24E-41C0-4C9F-B7A9-38BA76E2DCD0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AE912EF-283C-438A-A0FE-05A61DBB6D35} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {816FD7A4-7A4A-4CF1-B822-5EA0E149D882} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {867E1E2D-2A4A-4EC4-A147-942B921F80BB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {93258BEB-042B-4725-8629-8D9E008577D6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9A4E5566-26EC-46E0-918E-800547AA7C1F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C89A927-106E-401A-801B-A4F33D531CDF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A2C56940-5125-4D38-B4D7-6452E189E235} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A3853235-82B5-4580-9B42-4A2FE3EE29FC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {A576DCD2-E365-4610-95C2-2821E34CF238} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA16FBE1-3E3F-4A01-AED7-9A909D1561F9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {AC920503-EBED-46A3-84ED-98FD216164C2} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [66472 2022-02-23] (Microsoft Corporation -> Microsoft)
Task: {AF4438FC-F219-45C7-AC13-68B99DB0ABC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {BDC6789C-60F1-4E6B-8905-EC208695834D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CED268C7-6920-4CB5-A868-5A9D010DB262} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {D023164B-2C3C-40F7-A782-88FE00901BA2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E1A6ACE0-6CFE-4C42-AB35-FF61BBA682F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E97B96C3-427D-4D22-8923-45BC8E1C3940} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-04] (Google LLC -> Google LLC)
Task: {EE5C9847-8EA2-435B-8B27-8D23D8941A9F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8b5c4eb8-24db-4e98-b000-80fb2575bb5a}: [NameServer] 8.8.8.8,1.1.1.1
Tcpip\..\Interfaces\{8b5c4eb8-24db-4e98-b000-80fb2575bb5a}: [DhcpNameServer] 192.168.0.1

Edge: 
=======
DownloadDir: C:\Users\lucap\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-09]
Edge Extension: (Honey: Automatische Coupons & Prämien) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2022-08-17]
Edge Extension: (WooCommerce AliExpress Dropshipping Extension) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\egamhjcccjiflajhhinondgonlldjgba [2022-10-06]
Edge Extension: (Binance Wallet) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2022-09-02]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-08-29]
Edge Extension: (BetterTTV) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2022-10-01]
Edge Extension: (Netflix Party is now Teleparty) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\igbncjcgfkfnfgbaieiimpfkobabmkce [2022-10-03]
Edge Extension: (Twitch Adblock) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljhnljhabgjcihjoihakgdiicdjncpkd [2022-09-13]
Edge Extension: (MetaMask) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-10-03]
Edge Profile: C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-08-17]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-07-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default [2022-10-09]
CHR Extension: (MEGA) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2022-08-26]
CHR Extension: (Social Blade) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2022-06-02] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ACHTUNG
CHR Extension: (uBlock Origin) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-08-26]
CHR Extension: (Trusted Shops-Erweiterung für Google Chrome) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcpnemckonbbmnoakbjgjkgokkbaeo [2021-03-31]
CHR Extension: (Google Docs Offline) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-30]
CHR Extension: (UltraWide Video) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\lngfncacljheahfpahadgipefkbagpdl [2021-10-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-04]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-08-05] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477392 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Audio\dts_apo_service.exe [26560 2017-10-12] (DTS, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-10-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-07-07] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-08-21] (Epic Games Inc. -> Epic Games, Inc.)
R2 Focusrite Control Server; C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [1449472 2022-05-26] (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2021-12-09] (FUTUREMARK INC -> Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2128360 2022-09-05] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-09-05] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-10-09] (Malwarebytes Inc. -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [116840 2021-12-20] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-12-20] (Proton Technologies AG -> )
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2021-12-20] (Proton Technologies AG -> )
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2032048 2022-08-16] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [480176 2022-08-16] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354232 2022-06-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300560 2022-08-29] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; D:\Rockstar\RockstarService.exe [2579840 2022-09-06] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-08-12] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14802240 2022-09-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [6020336 2022-05-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10420944 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VMAuthdService; G:\VMware\vmware-authd.exe [83224 2022-02-18] (VMware, Inc. -> VMware, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [9280816 2022-05-11] (PUBG CORPORATION -> KRAFTON, Inc)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 CEDRIVER60; G:\CheatEngine\dbk64.sys [111800 2020-09-05] (Cheat Engine -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [105192 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsb; C:\WINDOWS\System32\drivers\FocusriteUsb.sys [197280 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbAudio; C:\WINDOWS\System32\drivers\FocusriteUsbAudio.sys [97952 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteusbSwRoot; C:\WINDOWS\System32\drivers\FocusriteusbSwRoot.sys [110864 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
S3 Focusriteusb_AUDIO; C:\WINDOWS\system32\drivers\FocusriteusbAudio.sys [97952 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-13] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-10-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193488 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [75216 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-10-09] (Malwarebytes Inc. -> Malwarebytes)
S3 MpKsl10600fd0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{727F338F-8EC6-4024-9249-352339F9561D}\MpKslDrv.sys [228600 2022-09-20] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl1a3e5c53; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D2203E7-D469-4F14-BC4E-145A3E4FA34A}\MpKslDrv.sys [228600 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl33c2747f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{727F338F-8EC6-4024-9249-352339F9561D}\MpKslDrv.sys [228600 2022-09-20] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl56a2ee45; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9E68D640-E16F-43CE-AC7C-3E603598ECB0}\MpKslDrv.sys [228600 2022-10-07] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl691e1757; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF5C65BD-5A4A-41FD-8654-4F2CF32F0910}\MpKslDrv.sys [228600 2022-09-10] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl843bb538; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BF9914C-43C2-4F11-97F5-536185762338}\MpKslDrv.sys [228600 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsld211921d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BF9914C-43C2-4F11-97F5-536185762338}\MpKslDrv.sys [228600 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsldf989437; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C21986D5-1A4F-441E-816D-C0B37322DF85}\MpKslDrv.sys [228600 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [55128 2021-06-10] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0085; C:\WINDOWS\System32\drivers\RzDev_0085.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0221; C:\WINDOWS\System32\drivers\RzDev_0221.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 teVirtualMIDI64; C:\WINDOWS\System32\drivers\teVirtualMIDI64.sys [53120 2019-12-07] (Tobias Erichsen -> Tobias Erichsen)
R3 VBAudio101WDMCableCMME; C:\WINDOWS\System32\drivers\vbaudio_cablec64_win10.sys [69832 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudio102WDMCableDMME; C:\WINDOWS\System32\drivers\vbaudio_cabled64_win10.sys [69616 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACAMME; C:\WINDOWS\System32\drivers\vbaudio_cablea64_win7.sys [41144 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACBMME; C:\WINDOWS\System32\drivers\vbaudio_cableb64_win7.sys [41144 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2022-08-20] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2022-08-20] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2022-08-20] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8736232 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [60344 2022-01-12] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2022-02-18] (VMware, Inc. -> VMware, Inc.)
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2022-07-04] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2021-08-16] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [1431256 2022-05-28] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-10-09 22:40 - 2022-10-09 22:40 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-10-09 22:40 - 2022-10-09 22:40 - 000193488 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-10-09 22:40 - 2022-10-09 22:40 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-10-09 22:40 - 2022-10-09 22:40 - 000075216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-10-09 22:40 - 2022-10-09 22:40 - 000000000 ____D C:\temp
2022-10-09 22:39 - 2022-10-09 22:39 - 000000008 __RSH C:\ProgramData\ntuser.pol
2022-10-09 15:23 - 2022-10-09 15:23 - 000000263 _____ C:\ProgramData\PhoenixBotLogin.ini
2022-10-09 13:34 - 2022-10-09 22:40 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-09 13:34 - 2022-10-09 22:40 - 000000000 ____D C:\Users\lucap\AppData\LocalLow\IGDump
2022-10-09 13:34 - 2022-10-09 13:34 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-09 13:34 - 2022-10-09 13:34 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-10-09 13:34 - 2022-10-09 13:34 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2022-10-09 13:34 - 2022-10-09 13:34 - 000000000 ____D C:\Users\lucap\AppData\Local\mbam
2022-10-09 13:33 - 2022-10-09 13:36 - 000000000 ____D C:\AdwCleaner
2022-10-09 13:33 - 2022-10-09 13:33 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-10-09 13:33 - 2022-10-09 13:33 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-10-09 13:33 - 2022-10-09 13:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-09 13:33 - 2022-10-09 13:33 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-09 10:45 - 2022-10-09 10:45 - 000000243 _____ C:\ProgramData\PhoenixBotLoaderSettings.ini
2022-10-08 16:25 - 2022-10-09 22:53 - 000000000 ____D C:\FRST
2022-10-08 14:32 - 2022-10-09 22:39 - 000000000 ____D C:\Intel
2022-10-08 14:32 - 2022-10-08 14:32 - 000000000 ____D C:\WINDOWS\Panther
2022-10-08 14:31 - 2022-10-08 14:31 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000045-000000.txt
2022-10-06 01:00 - 2022-10-06 01:01 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-10-06 00:58 - 2022-09-22 17:12 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001472000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001432328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001432328 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 001536504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 001182712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 000865784 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 000771584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-10-06 00:58 - 2022-09-22 17:08 - 000687616 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 002127864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 001607672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 001059320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 000845304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 000456184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-10-06 00:58 - 2022-09-22 17:06 - 010270208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 008803832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 005751288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 005362680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 003066872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-10-06 00:58 - 2022-09-22 17:05 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-10-06 00:58 - 2022-09-22 17:04 - 006367384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-10-06 00:58 - 2022-09-22 02:35 - 000093312 _____ C:\WINDOWS\system32\nvinfo.pb
2022-10-06 00:58 - 2022-09-22 02:35 - 000042536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-10-05 20:56 - 2022-10-05 20:57 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2022-10-05 20:56 - 2022-10-05 20:56 - 000001211 _____ C:\Users\Public\Desktop\GOG GALAXY.lnk
2022-10-05 20:56 - 2022-10-05 20:56 - 000001211 _____ C:\ProgramData\Desktop\GOG GALAXY.lnk
2022-10-05 20:56 - 2022-10-05 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2022-10-05 20:56 - 2022-10-05 20:56 - 000000000 ____D C:\ProgramData\GOG.com
2022-10-03 13:18 - 2022-10-03 13:18 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000044-000000.txt
2022-10-02 19:17 - 2022-10-02 19:18 - 000000000 ____D C:\Users\lucap\OneDrive\Dokumente\Need for Speed Heat
2022-09-30 21:06 - 2022-09-30 21:06 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000043-000000.txt
2022-09-27 21:51 - 2022-09-27 21:51 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000042-000000.txt
2022-09-24 17:16 - 2022-09-24 17:16 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000041-000000.txt
2022-09-20 20:01 - 2022-09-20 20:01 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000040-000000.txt
2022-09-18 18:00 - 2022-09-18 18:00 - 000001434 _____ C:\WINDOWS\system32\default_error_stack-000039-000000.txt
2022-09-17 14:03 - 2022-09-17 14:03 - 000000848 _____ C:\Users\Public\Desktop\PrusaSlicer 2.5.0.lnk
2022-09-17 14:03 - 2022-09-17 14:03 - 000000848 _____ C:\ProgramData\Desktop\PrusaSlicer 2.5.0.lnk
2022-09-17 14:03 - 2022-09-17 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2022-09-17 14:03 - 2022-09-17 14:03 - 000000000 ____D C:\Program Files\Prusa3D
2022-09-14 09:05 - 2022-09-14 09:05 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-14 09:02 - 2022-09-14 09:02 - 000000000 ___HD C:\$WinREAgent
2022-09-10 14:17 - 2022-09-10 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura
2022-09-10 14:16 - 2022-09-10 14:17 - 000000000 ____D C:\Program Files\Ultimaker Cura 5.1.0

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2022-10-09 22:44 - 2021-07-12 16:58 - 000797528 _____ C:\WINDOWS\system32\perfh019.dat
2022-10-09 22:44 - 2021-07-12 16:58 - 000168274 _____ C:\WINDOWS\system32\perfc019.dat
2022-10-09 22:44 - 2021-03-04 22:58 - 002803070 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-09 22:44 - 2019-12-07 16:51 - 000785380 _____ C:\WINDOWS\system32\perfh007.dat
2022-10-09 22:44 - 2019-12-07 16:51 - 000168438 _____ C:\WINDOWS\system32\perfc007.dat
2022-10-09 22:44 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-09 22:42 - 2021-03-04 14:41 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-09 22:40 - 2022-08-09 20:31 - 000000000 __SHD C:\Users\lucap\IntelGraphicsProfiles
2022-10-09 22:40 - 2022-01-30 04:10 - 000000000 ____D C:\ProgramData\Voicemod
2022-10-09 22:40 - 2021-03-28 21:22 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-09 22:40 - 2021-03-03 01:47 - 000000000 ___RD C:\Users\lucap\OneDrive
2022-10-09 22:39 - 2021-07-18 10:52 - 000000000 ____D C:\ProgramData\VMware
2022-10-09 22:39 - 2021-03-04 22:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-09 22:39 - 2021-03-04 22:48 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-09 22:39 - 2021-03-04 22:08 - 000000000 ____D C:\Users\lucap
2022-10-09 22:39 - 2021-03-03 09:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-10-09 22:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-09 22:39 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-09 22:39 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-09 22:36 - 2021-03-09 23:49 - 000000000 ____D C:\Users\lucap\AppData\LocalLow\Temp
2022-10-09 22:16 - 2021-03-04 22:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-09 22:16 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-10-09 22:00 - 2022-06-04 13:32 - 000000000 ____D C:\Users\lucap\AppData\Roaming\snapmaker-luban
2022-10-09 22:00 - 2021-03-20 03:20 - 000000000 ____D C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2022-10-09 22:00 - 2021-03-03 21:24 - 000000000 ____D C:\Users\lucap\AppData\Roaming\discord
2022-10-09 22:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-10-09 22:00 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-10-09 21:22 - 2021-03-03 21:24 - 000000000 ____D C:\Users\lucap\AppData\Local\Discord
2022-10-09 15:48 - 2022-06-04 13:32 - 000002833 _____ C:\Users\lucap\.snapmaker-luban.json
2022-10-09 13:33 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-10-09 10:45 - 2022-08-20 15:17 - 000043138 _____ C:\Users\lucap\AppData\Roaming\VoiceMeeterBananaDefault.xml
2022-10-08 23:34 - 2021-03-10 00:48 - 000000000 ____D C:\Users\lucap\AppData\Local\CrashDumps
2022-10-08 19:53 - 2021-06-08 20:43 - 000000000 ____D C:\Users\lucap\AppData\Local\.IdentityService
2022-10-08 16:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-08 15:41 - 2021-03-03 02:05 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-08 15:41 - 2021-03-03 01:46 - 000000000 ____D C:\Users\lucap\AppData\Local\Packages
2022-10-08 15:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-08 15:40 - 2022-08-26 12:28 - 000000000 ____D C:\Program Files\Common Files\VST3
2022-10-08 15:40 - 2022-06-26 18:11 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-10-08 14:59 - 2022-08-09 20:03 - 000000000 ____D C:\ProgramData\Logitech
2022-10-08 14:46 - 2022-08-09 20:03 - 000000000 ____D C:\Program Files (x86)\Logitech
2022-10-08 14:05 - 2021-03-03 02:04 - 000000000 ____D C:\Users\lucap\AppData\Local\D3DSCache
2022-10-08 13:49 - 2021-03-04 14:02 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-08 13:49 - 2021-03-04 14:02 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-08 13:49 - 2021-03-04 14:02 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2022-10-08 02:09 - 2022-01-26 22:06 - 000000000 _____ C:\WINDOWS\ftoken.txt
2022-10-07 23:01 - 2021-03-05 00:05 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-07 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-07 04:44 - 2021-03-09 22:08 - 000000000 ____D C:\Program Files (x86)\Steam
2022-10-07 01:29 - 2022-01-30 04:10 - 000000000 ____D C:\Users\lucap\AppData\Local\Voicemod
2022-10-06 16:48 - 2022-07-07 23:33 - 000000000 ____D C:\Users\lucap\AppData\Roaming\EasyAntiCheat
2022-10-06 15:08 - 2021-11-20 21:32 - 000153064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 002835944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000447976 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000067048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-10-06 15:05 - 2021-04-04 22:06 - 000000000 ____D C:\Users\lucap\AppData\Local\NVIDIA
2022-10-06 15:02 - 2021-03-04 22:48 - 000465432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-06 15:01 - 2021-06-13 22:58 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-10-06 02:50 - 2022-07-09 12:37 - 000000000 ____D C:\Users\lucap\AppData\Roaming\legacy-games-launcher
2022-10-06 00:57 - 2021-03-28 21:22 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-10-06 00:57 - 2021-03-28 21:22 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2022-10-06 00:57 - 2021-03-03 01:57 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-10-06 00:57 - 2021-03-03 01:46 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-06 00:57 - 2021-03-03 01:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-06 00:53 - 2022-08-26 18:10 - 000000000 ____D C:\Users\lucap\AppData\Roaming\obs-studio
2022-10-05 21:16 - 2022-06-29 22:15 - 000000000 ____D C:\Users\lucap\AppData\Local\DigitalEntitlements
2022-10-05 21:16 - 2022-06-29 22:14 - 000000000 ____D C:\Users\lucap\AppData\Local\FiveM
2022-10-05 14:32 - 2022-01-26 15:22 - 000000000 ____D C:\Users\lucap\AppData\Roaming\GitHub Desktop
2022-10-05 13:15 - 2022-08-26 09:08 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2022-10-05 13:15 - 2022-08-08 19:38 - 000000865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2022-10-05 13:15 - 2022-02-24 05:02 - 000001800 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk
2022-10-05 13:15 - 2022-02-24 00:17 - 000001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk
2022-10-05 13:15 - 2021-06-28 17:31 - 000000016 _____ C:\ProgramData\mntemp
2022-10-05 13:15 - 2021-03-20 05:14 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-10-05 13:15 - 2021-03-04 16:23 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2022-10-05 13:14 - 2021-05-22 21:37 - 000000000 ____D C:\ProgramData\Riot Games
2022-10-05 13:11 - 2021-06-13 22:51 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-10-05 02:00 - 2021-12-11 18:46 - 000000000 ____D C:\Users\lucap\AppData\Roaming\Origin
2022-10-05 02:00 - 2021-12-11 18:46 - 000000000 ____D C:\ProgramData\Origin
2022-10-05 01:52 - 2021-12-11 18:46 - 000000000 ____D C:\Users\lucap\AppData\Local\Origin
2022-10-03 22:47 - 2021-12-11 00:38 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3740623257-3560467387-1776860099-1001
2022-10-03 22:47 - 2021-03-04 22:53 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3740623257-3560467387-1776860099-1001
2022-10-03 22:47 - 2021-03-04 22:08 - 000002399 _____ C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-02 19:16 - 2021-12-11 18:47 - 000000000 ____D C:\Program Files (x86)\Origin
2022-10-02 05:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-01 22:15 - 2022-06-04 14:21 - 000000000 ____D C:\Users\lucap\AppData\Local\Autodesk
2022-10-01 00:02 - 2021-03-20 05:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-09-30 21:12 - 2021-03-04 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-09-30 21:12 - 2021-03-04 16:20 - 000000000 ____D C:\Program Files\Microsoft Office
2022-09-25 21:16 - 2022-08-31 01:46 - 000043136 _____ C:\Users\lucap\OneDrive\Dokumente\voicemeeter_v3_streaming_midi_control_2022-08-31.xml
2022-09-22 20:46 - 2022-08-21 12:38 - 000000000 ____D C:\Users\lucap\AppData\Roaming\PrusaSlicer
2022-09-22 17:12 - 2022-07-02 22:58 - 001213416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-09-22 17:04 - 2021-12-30 00:09 - 007483880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-09-22 02:35 - 2021-03-03 01:56 - 000129576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-09-21 10:49 - 2022-06-04 13:25 - 000002068 _____ C:\Users\Public\Desktop\Snapmaker Luban.lnk
2022-09-21 10:49 - 2022-06-04 13:25 - 000002068 _____ C:\ProgramData\Desktop\Snapmaker Luban.lnk
2022-09-21 10:49 - 2022-06-04 13:25 - 000000000 ____D C:\Program Files\Snapmaker Luban
2022-09-17 12:03 - 2021-03-03 01:46 - 000000000 ___RD C:\Users\lucap\3D Objects
2022-09-16 15:10 - 2021-03-04 14:42 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-16 15:10 - 2021-03-04 14:42 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-16 15:10 - 2021-03-04 14:42 - 000002198 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2022-09-15 12:03 - 2021-03-09 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-09-15 12:02 - 2021-03-09 18:47 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2022-09-15 00:27 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-09-15 00:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-15 00:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-14 09:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-14 09:05 - 2021-03-04 22:51 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-14 09:02 - 2021-03-03 04:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-14 08:59 - 2021-03-03 04:09 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-14 00:45 - 2021-11-16 09:47 - 000000000 ____D C:\Users\lucap\AppData\Roaming\Telegram Desktop
2022-09-12 07:07 - 2021-03-28 21:22 - 002884648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2022-09-12 07:07 - 2021-03-28 21:22 - 002220072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2022-09-12 07:07 - 2021-03-28 21:22 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2022-09-11 14:13 - 2022-01-01 14:29 - 000000000 ____D C:\Users\lucap\AppData\Local\ElevatedDiagnostics
2022-09-10 14:17 - 2022-06-04 14:41 - 000000000 ____D C:\Users\lucap\AppData\Roaming\cura
2022-09-10 14:17 - 2022-06-04 14:41 - 000000000 ____D C:\Users\lucap\AppData\Local\cura

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-05-23 01:27 - 2021-11-17 19:52 - 000000032 _____ () C:\Users\lucap\AppData\Roaming\.machineId
2021-08-22 22:27 - 2021-08-26 08:27 - 000000203 _____ () C:\Users\lucap\AppData\Roaming\jjv5conf.json
2022-08-13 13:08 - 2022-08-13 13:08 - 000001004 _____ () C:\Users\lucap\AppData\Roaming\tof_launcher.reg
2022-08-20 15:17 - 2022-10-09 10:45 - 000043138 _____ () C:\Users\lucap\AppData\Roaming\VoiceMeeterBananaDefault.xml
2022-08-20 15:47 - 2022-08-28 23:07 - 000007444 _____ () C:\Users\lucap\AppData\Roaming\VoiceMeeterDefault.xml
2022-01-05 20:26 - 2022-02-24 05:30 - 000000128 _____ () C:\Users\lucap\AppData\Roaming\winscp.rnd
2022-01-14 01:50 - 2022-02-24 14:52 - 000000128 _____ () C:\Users\lucap\AppData\Local\PUTTY.RND
2021-03-21 00:11 - 2021-03-21 00:11 - 000000001 _____ () C:\Users\lucap\AppData\Local\RawCopy.1.10.agreement
2021-03-21 00:11 - 2021-03-21 01:37 - 000000057 _____ () C:\Users\lucap\AppData\Local\RawCopy.opendialog.dir
2021-03-21 00:11 - 2021-03-21 01:37 - 000000001 _____ () C:\Users\lucap\AppData\Local\RawCopy.opendialog.filterindex
2021-03-21 00:11 - 2021-03-21 01:37 - 000000090 _____ () C:\Users\lucap\AppData\Local\RawCopy.sourcedisk.filepath
2021-03-21 00:11 - 2021-03-21 01:37 - 000000001 _____ () C:\Users\lucap\AppData\Local\RawCopy.sourcedisk.index
2022-02-23 15:34 - 2022-02-23 15:34 - 000000869 _____ () C:\Users\lucap\AppData\Local\recently-used.xbel
2021-10-19 10:44 - 2021-10-19 11:28 - 000007610 _____ () C:\Users\lucap\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

M-K-D-B · 10.10.2022, 13:41

Die Empfehlungen bezüglich AV, etc. gibts am Ende. Vielen Dank für den Upload.

Ich bitte dich nun um einen weiteren Fix mit FRST (wird etwas dauern) sowie eine Kontrolle mit ESET.

Schritt 1
WARNUNG AN ALLE MITLESER !!!
Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System verwendet werden!

Speichere deine Arbeiten und schließe alle offenen Programme, damit keine Daten verloren gehen.

Kopiere den gesamten Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
startpowershell:
Set-Service -Name "BITS" -StartupType Manual -Verbose
Set-Service -Name "Dhcp" -StartupType Automatic -Verbose
Set-Service -Name "EventLog" -StartupType Automatic -Verbose
Set-Service -Name "EventSystem" -StartupType Automatic -Verbose
Set-Service -Name "nsi" -StartupType Automatic -Verbose
Set-Service -Name "RasMan" -StartupType Manual -Verbose
Set-Service -Name "SDRSVC" -StartupType Manual -Verbose
Set-Service -Name "SstpSvc" -StartupType Manual -Verbose
Set-Service -Name "TrustedInstaller" -StartupType Manual -Verbose
Set-Service -Name "VSS" -StartupType Manual -Verbose
Set-Service -Name "Winmgmt" -StartupType Automatic -Verbose
Set-Service -Name "wuauserv" -StartupType Manual -Verbose

Set-MpPreference -DisableAutoExclusions $true -Force
set-mppreference -mapsreporting basic -Force
set-mppreference -DisableRealtimeMonitoring $false -Force
set-mppreference -DisablePrivacyMode $true -Force
set-mppreference -DisableIOAVProtection $false -Force
set-mppreference -CheckForSignaturesBeforeRunningScan $true -Force
set-mppreference -PUAProtection enabled -Force
Set-MpPreference -DisableBehaviorMonitoring $false -Force
Set-MpPreference -SignatureScheduleDay Everyday -force
set-mppreference -RealTimeProtectionEnabled $true -force
set-mppreference -OnAccessProtectionEnabled $true -force
endpowershell:

CMD: WMIC SERVICE WHERE Name="dcomlaunch" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="nsi" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="dhcp" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="rpcss" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="rpceptmapper" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="winmgmt" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="sdrsvc" set startmode="manual"
CMD: WMIC SERVICE WHERE Name="vss" set startmode="manual"
CMD: WMIC SERVICE WHERE Name="eventlog" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="bfe" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="eventsystem" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="msiserver" set startmode="manual"
CMD: WMIC SERVICE WHERE Name="sstpsvc" set startmode="manual"
CMD: WMIC SERVICE WHERE Name="rasman" set startmode="manual"
CMD: WMIC SERVICE WHERE Name="trustedinstaller" set startmode="auto"
CMD: net start sdrsvc
CMD: net start vss
CMD: net start rpcss
CMD: net start eventsystem
CMD: net start winmgmt
CMD: net start msiserver
CMD: net start bfe
CMD: net start trustedinstaller
CMD: WMIC SERVICE WHERE Name="windefend" CALL ChangeStartMode "automatic"
CMD: WMIC SERVICE WHERE Name="windefend" CALL startservice
CMD: WMIC SERVICE WHERE Name="securityhealthservice" CALL ChangeStartMode "automatic"
CMD: WMIC SERVICE WHERE Name="securityhealthservice" CALL startservice
CMD: net start windefend
CMD: net start mpssvc
CMD: net start mpsdrv
CMD: Bitsadmin /Reset /Allusers
CMD: Winmgmt /salvagerepository 
CMD: Winmgmt /resetrepository 
CMD: winmgmt /resyncperf
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: dism /online /cleanup-image /restorehealth
CMD: sfc /scannow
End::

Starte nun FRST und klicke direkt auf den Button Reparieren.
Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!

Wichtig:
- Bitte gedulde dich, sobald du die Reparatur gestartet hast. Je nach Art und Umfang der notwendigen Reparaturen kann dies einige Minuten dauern.
  Eventuell erhältst du während der Reparatur auch die Information "keine Rückmeldung" von FRST. Das ist normal, du musst nichts weiter tun, nur warten.
- Mit diesem Fix werden alle temporären Dateien/Browserdaten sowie der Papierkorb gelöscht.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
Gegebenenfalls muss dein Rechner neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Führe ESET Online Scanner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.

Bitte poste mit deiner nächsten Antwort:

die Logdatei des FRST-Fix (fixlog.txt)
die Logdatei von ESET Online Scanner

M-K-D-B · 14.10.2022, 20:53

Auf Wunsch wurde das Thema wieder geöffnet.

legendevent · 16.10.2022, 12:43

Hallo,

vielen Dank für das wieder eröffnen meines Threads. Ich habe alle internen Laufwerke scannen lassen, welche sich bei mir knapp um 5,5TB handelt, deswegen dauert der Scan wahrscheinlich auch so lange. Ich habe ihn wie gewünscht abgebrochen. Beim Scan wurden keine schädlichen Dateien gefunden.
Hier der Log:

Code:

ATTFilter

16.10.2022 13:40:22
Geprüfte Dateien: 53566885
Erkannte Dateien: 0
Gesäuberte Dateien: 0
Prüfdauer gesamt: 54:32:16
Prüfstatus: Angehalten durch Benutzer

Hier der FRST Log:

Code:

ATTFilter

Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-10-2022
durchgeführt von lucap (14-10-2022 08:55:27) Run:4
Gestartet von C:\Users\lucap\OneDrive\Downloads
Geladene Profile: lucap
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Start::
CloseProcesses:
startpowershell:
Set-Service -Name "BITS" -StartupType Manual -Verbose
Set-Service -Name "Dhcp" -StartupType Automatic -Verbose
Set-Service -Name "EventLog" -StartupType Automatic -Verbose
Set-Service -Name "EventSystem" -StartupType Automatic -Verbose
Set-Service -Name "nsi" -StartupType Automatic -Verbose
Set-Service -Name "RasMan" -StartupType Manual -Verbose
Set-Service -Name "SDRSVC" -StartupType Manual -Verbose
Set-Service -Name "SstpSvc" -StartupType Manual -Verbose
Set-Service -Name "TrustedInstaller" -StartupType Manual -Verbose
Set-Service -Name "VSS" -StartupType Manual -Verbose
Set-Service -Name "Winmgmt" -StartupType Automatic -Verbose
Set-Service -Name "wuauserv" -StartupType Manual -Verbose

Set-MpPreference -DisableAutoExclusions $true -Force
set-mppreference -mapsreporting basic -Force
set-mppreference -DisableRealtimeMonitoring $false -Force
set-mppreference -DisablePrivacyMode $true -Force
set-mppreference -DisableIOAVProtection $false -Force
set-mppreference -CheckForSignaturesBeforeRunningScan $true -Force
set-mppreference -PUAProtection enabled -Force
Set-MpPreference -DisableBehaviorMonitoring $false -Force
Set-MpPreference -SignatureScheduleDay Everyday -force
set-mppreference -RealTimeProtectionEnabled $true -force
set-mppreference -OnAccessProtectionEnabled $true -force
endpowershell:

CMD: WMIC SERVICE WHERE Name="dcomlaunch" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="nsi" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="dhcp" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="rpcss" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="rpceptmapper" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="winmgmt" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="sdrsvc" set startmode="manual"
CMD: WMIC SERVICE WHERE Name="vss" set startmode="manual"
CMD: WMIC SERVICE WHERE Name="eventlog" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="bfe" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="eventsystem" set startmode="auto"
CMD: WMIC SERVICE WHERE Name="msiserver" set startmode="manual"
CMD: WMIC SERVICE WHERE Name="sstpsvc" set startmode="manual"
CMD: WMIC SERVICE WHERE Name="rasman" set startmode="manual"
CMD: WMIC SERVICE WHERE Name="trustedinstaller" set startmode="auto"
CMD: net start sdrsvc
CMD: net start vss
CMD: net start rpcss
CMD: net start eventsystem
CMD: net start winmgmt
CMD: net start msiserver
CMD: net start bfe
CMD: net start trustedinstaller
CMD: WMIC SERVICE WHERE Name="windefend" CALL ChangeStartMode "automatic"
CMD: WMIC SERVICE WHERE Name="windefend" CALL startservice
CMD: WMIC SERVICE WHERE Name="securityhealthservice" CALL ChangeStartMode "automatic"
CMD: WMIC SERVICE WHERE Name="securityhealthservice" CALL startservice
CMD: net start windefend
CMD: net start mpssvc
CMD: net start mpsdrv
CMD: Bitsadmin /Reset /Allusers
CMD: Winmgmt /salvagerepository 
CMD: Winmgmt /resetrepository 
CMD: winmgmt /resyncperf
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: dism /online /cleanup-image /restorehealth
CMD: sfc /scannow
End::
*****************

Prozesse erfolgreich geschlossen.

========= Powershell: =========

Set-MpPreference : Fehler beim Vorgang: 0x800106ba. Vorgang: Set-MpPreference. Ziel: DisableAutoExclusions.
In C:\FRST\tmp000.ps1:13 Zeichen:1
+ Set-MpPreference -DisableAutoExclusions $true -Force
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],  
   CimException
    + FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
 
set-mppreference : Fehler beim Vorgang: 0x800106ba. Vorgang: Set-MpPreference. Ziel: MAPS_MAPSReporting.
In C:\FRST\tmp000.ps1:14 Zeichen:1
+ set-mppreference -mapsreporting basic -Force
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],  
   CimException
    + FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
 
set-mppreference : Fehler beim Vorgang: 0x800106ba. Vorgang: Set-MpPreference. Ziel: DisableRealtimeMonitoring.
In C:\FRST\tmp000.ps1:15 Zeichen:1
+ set-mppreference -DisableRealtimeMonitoring $false -Force
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],  
   CimException
    + FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
 
set-mppreference : Fehler beim Vorgang: 0x800106ba. Vorgang: Set-MpPreference. Ziel: DisablePrivacyMode.
In C:\FRST\tmp000.ps1:16 Zeichen:1
+ set-mppreference -DisablePrivacyMode $true -Force
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],  
   CimException
    + FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
 
set-mppreference : Fehler beim Vorgang: 0x800106ba. Vorgang: Set-MpPreference. Ziel: DisableIOAVProtection.
In C:\FRST\tmp000.ps1:17 Zeichen:1
+ set-mppreference -DisableIOAVProtection $false -Force
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],  
   CimException
    + FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
 
set-mppreference : Fehler beim Vorgang: 0x800106ba. Vorgang: Set-MpPreference. Ziel: 
Scan_CheckForSignaturesBeforeRunningScan.
In C:\FRST\tmp000.ps1:18 Zeichen:1
+ set-mppreference -CheckForSignaturesBeforeRunningScan $true -Force
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],  
   CimException
    + FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
 
set-mppreference : Fehler beim Vorgang: 0x800106ba. Vorgang: Set-MpPreference. Ziel: PUAProtection.
In C:\FRST\tmp000.ps1:19 Zeichen:1
+ set-mppreference -PUAProtection enabled -Force
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],  
   CimException
    + FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
 
Set-MpPreference : Fehler beim Vorgang: 0x800106ba. Vorgang: Set-MpPreference. Ziel: DisableBehaviorMonitoring.
In C:\FRST\tmp000.ps1:20 Zeichen:1
+ Set-MpPreference -DisableBehaviorMonitoring $false -Force
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],  
   CimException
    + FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
 
Set-MpPreference : Fehler beim Vorgang: 0x800106ba. Vorgang: Set-MpPreference. Ziel: Signature_ScheduleDay.
In C:\FRST\tmp000.ps1:21 Zeichen:1
+ Set-MpPreference -SignatureScheduleDay Everyday -force
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (MSFT_MpPreference:root\Microsoft\...FT_MpPreference) [Set-MpPreference],  
   CimException
    + FullyQualifiedErrorId : HRESULT 0x800106ba,Set-MpPreference
 
Set-MpPreference : Es wurde kein Parameter gefunden, der dem Parameternamen "RealTimeProtectionEnabled" entspricht.
In C:\FRST\tmp000.ps1:22 Zeichen:18
+ set-mppreference -RealTimeProtectionEnabled $true -force
+                  ~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Set-MpPreference], ParameterBindingException
    + FullyQualifiedErrorId : NamedParameterNotFound,Set-MpPreference
 
Set-MpPreference : Es wurde kein Parameter gefunden, der dem Parameternamen "OnAccessProtectionEnabled" entspricht.
In C:\FRST\tmp000.ps1:23 Zeichen:18
+ set-mppreference -OnAccessProtectionEnabled $true -force
+                  ~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Set-MpPreference], ParameterBindingException
    + FullyQualifiedErrorId : NamedParameterNotFound,Set-MpPreference
 

========= Ende von Powershell: =========


========= WMIC SERVICE WHERE Name="dcomlaunch" set startmode="auto" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="DcomLaunch"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="nsi" set startmode="auto" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="nsi"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="dhcp" set startmode="auto" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="Dhcp"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="rpcss" set startmode="auto" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="RpcSs"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="rpceptmapper" set startmode="auto" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="RpcEptMapper"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="winmgmt" set startmode="auto" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="Winmgmt"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="sdrsvc" set startmode="manual" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="SDRSVC"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="vss" set startmode="manual" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="VSS"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="eventlog" set startmode="auto" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="EventLog"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="bfe" set startmode="auto" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="BFE"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="eventsystem" set startmode="auto" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="EventSystem"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="msiserver" set startmode="manual" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="msiserver"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="sstpsvc" set startmode="manual" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="SstpSvc"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="rasman" set startmode="manual" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="RasMan"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="trustedinstaller" set startmode="auto" =========

Eigenschaften von "\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="TrustedInstaller"" werden aktualisiert

Eigenschaft(en) wurde(n) aktualisiert.


========= Ende von CMD: =========


========= net start sdrsvc =========

Windows-Sicherung wird gestartet.
Windows-Sicherung wurde erfolgreich gestartet.


========= Ende von CMD: =========


========= net start vss =========

Volumeschattenkopie wird gestartet.
Volumeschattenkopie wurde erfolgreich gestartet.


========= Ende von CMD: =========


========= net start rpcss =========

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


========= Ende von CMD: =========


========= net start eventsystem =========

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


========= Ende von CMD: =========


========= net start winmgmt =========

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


========= Ende von CMD: =========


========= net start msiserver =========

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


========= Ende von CMD: =========


========= net start bfe =========

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


========= Ende von CMD: =========


========= net start trustedinstaller =========

Windows Modules Installer wird gestartet.
Windows Modules Installer wurde erfolgreich gestartet.


========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="windefend" CALL ChangeStartMode "automatic" =========

(\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="WinDefend")->ChangeStartMode() wird ausgefhrt

Methode wurde ausgefhrt.

Ausgabeparameter:
instance of __PARAMETERS
{
	ReturnValue = 2;
};

========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="windefend" CALL startservice =========

(\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="WinDefend")->startservice() wird ausgefhrt

Methode wurde ausgefhrt.

Ausgabeparameter:
instance of __PARAMETERS
{
	ReturnValue = 0;
};

========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="securityhealthservice" CALL ChangeStartMode "automatic" =========

(\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="SecurityHealthService")->ChangeStartMode() wird ausgefhrt

Methode wurde ausgefhrt.

Ausgabeparameter:
instance of __PARAMETERS
{
	ReturnValue = 2;
};

========= Ende von CMD: =========


========= WMIC SERVICE WHERE Name="securityhealthservice" CALL startservice =========

(\\DESKTOP-N6Q3QEM\ROOT\CIMV2:Win32_Service.Name="SecurityHealthService")->startservice() wird ausgefhrt

Methode wurde ausgefhrt.

Ausgabeparameter:
instance of __PARAMETERS
{
	ReturnValue = 10;
};

========= Ende von CMD: =========


========= net start windefend =========

Microsoft Defender Antivirus-Dienst wird gestartet.

========= Ende von CMD: =========


========= net start mpssvc =========

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


========= Ende von CMD: =========


========= net start mpsdrv =========

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


========= Ende von CMD: =========


========= Bitsadmin /Reset /Allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= Ende von CMD: =========


========= Winmgmt /salvagerepository =========

Das WMI-Repository ist konsistent.

========= Ende von CMD: =========


========= Winmgmt /resetrepository =========

Fehler beim Zurcksetzen des WMI-Repositorys
Fehlercode:	0x8007041B
Einrichtung:	Win32
Beschreibung:	Ein Stoppzeichen wurde an einen Dienst gesendet, von dem andere Dienste abh„ngen.


========= Ende von CMD: =========


========= winmgmt /resyncperf =========

0
========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.
========= Ende von CMD: =========


========= dism /online /cleanup-image /restorehealth =========


Tool zur Imageverwaltung fr die Bereitstellung
Version: 10.0.19041.844

Abbildversion: 10.0.19044.2130


[==                         3.8%                           ] 

[==                         4.6%                           ] 

[===                        5.6%                           ] 

[===                        6.6%                           ] 

[====                       7.5%                           ] 

[====                       8.5%                           ] 

[=====                      9.5%                           ] 

[=====                      10.1%                          ] 

[======                     11.1%                          ] 

[=======                    12.1%                          ] 

[=======                    13.1%                          ] 

[========                   14.0%                          ] 

[========                   15.0%                          ] 

[=========                  16.0%                          ] 

[=========                  17.0%                          ] 

[==========                 18.0%                          ] 

[==========                 18.9%                          ] 

[===========                19.9%                          ] 

[============               20.9%                          ] 

[============               21.9%                          ] 

[=============              22.9%                          ] 

[=============              23.5%                          ] 

[==============             24.2%                          ] 

[==============             24.6%                          ] 

[==============             24.7%                          ] 

[==============             25.2%                          ] 

[===============            26.2%                          ] 

[===============            27.2%                          ] 

[================           28.2%                          ] 

[================           29.1%                          ] 

[=================          30.1%                          ] 

[==================         31.1%                          ] 

[==================         32.1%                          ] 

[==================         32.6%                          ] 

[===================        33.6%                          ] 

[===================        34.1%                          ] 

[====================       34.6%                          ] 

[====================       35.6%                          ] 

[====================       35.9%                          ] 

[=====================      36.5%                          ] 

[=====================      36.8%                          ] 

[=====================      37.4%                          ] 

[======================     38.0%                          ] 

[======================     38.2%                          ] 

[======================     38.6%                          ] 

[======================     38.8%                          ] 

[======================     38.9%                          ] 

[======================     39.4%                          ] 

[======================     39.6%                          ] 

[=======================    40.0%                          ] 

[=======================    40.5%                          ] 

[=======================    41.3%                          ] 

[========================   41.5%                          ] 

[========================   42.1%                          ] 

[========================   43.1%                          ] 

[=========================  44.0%                          ] 

[========================== 45.0%                          ] 

[========================== 46.0%                          ] 

[===========================46.9%                          ] 

[===========================47.9%                          ] 

[===========================48.8%                          ] 

[===========================49.8%                          ] 

[===========================50.6%                          ] 

[===========================51.5%                          ] 

[===========================52.5%                          ] 

[===========================52.9%                          ] 

[===========================53.1%                          ] 

[===========================53.1%                          ] 

[===========================53.1%                          ] 

[===========================53.3%                          ] 

[===========================53.3%                          ] 

[===========================53.4%                          ] 

[===========================53.4%                          ] 

[===========================53.4%                          ] 

[===========================53.4%                          ] 

[===========================53.5%                          ] 

[===========================53.6%                          ] 

[===========================53.7%                          ] 

[===========================53.7%                          ] 

[===========================53.8%                          ] 

[===========================53.8%                          ] 

[===========================54.0%                          ] 

[===========================54.0%                          ] 

[===========================54.2%                          ] 

[===========================54.2%                          ] 

[===========================54.3%                          ] 

[===========================54.3%                          ] 

[===========================54.4%                          ] 

[===========================54.4%                          ] 

[===========================54.5%                          ] 

[===========================54.6%                          ] 

[===========================54.6%                          ] 

[===========================54.6%                          ] 

[===========================54.6%                          ] 

[===========================54.7%                          ] 

[===========================54.7%                          ] 

[===========================54.8%                          ] 

[===========================54.8%                          ] 

[===========================54.9%                          ] 

[===========================55.0%                          ] 

[===========================55.1%                          ] 

[===========================55.4%                          ] 

[===========================55.6%                          ] 

[===========================55.6%                          ] 

[===========================55.8%                          ] 

[===========================55.8%                          ] 

[===========================55.9%                          ] 

[===========================55.9%                          ] 

[===========================56.0%                          ] 

[===========================56.7%                          ] 

[===========================57.6%=                         ] 

[===========================58.6%=                         ] 

[===========================59.5%==                        ] 

[===========================62.3%====                      ] 

[===========================84.9%=================         ] 

[==========================100.0%==========================] 
Der Wiederherstellungsvorgang wurde erfolgreich abgeschlossen.
Der Vorgang wurde erfolgreich beendet.

========= Ende von CMD: =========


========= sfc /scannow =========



Systemsuche wird gestartet. Dieser Vorgang kann einige Zeit dauern.



Überprüfungsphase der Systemsuche wird gestartet.


Überprüfung 0 % abgeschlossen.
Überprüfung 0 % abgeschlossen.
Überprüfung 1 % abgeschlossen.
Überprüfung 1 % abgeschlossen.
Überprüfung 2 % abgeschlossen.
Überprüfung 2 % abgeschlossen.
Überprüfung 3 % abgeschlossen.
Überprüfung 3 % abgeschlossen.
Überprüfung 4 % abgeschlossen.
Überprüfung 4 % abgeschlossen.
Überprüfung 5 % abgeschlossen.
Überprüfung 5 % abgeschlossen.
Überprüfung 6 % abgeschlossen.
Überprüfung 6 % abgeschlossen.
Überprüfung 7 % abgeschlossen.
Überprüfung 7 % abgeschlossen.
Überprüfung 8 % abgeschlossen.
Überprüfung 8 % abgeschlossen.
Überprüfung 9 % abgeschlossen.
Überprüfung 9 % abgeschlossen.
Überprüfung 10 % abgeschlossen.
Überprüfung 10 % abgeschlossen.
Überprüfung 11 % abgeschlossen.
Überprüfung 11 % abgeschlossen.
Überprüfung 12 % abgeschlossen.
Überprüfung 12 % abgeschlossen.
Überprüfung 13 % abgeschlossen.
Überprüfung 13 % abgeschlossen.
Überprüfung 14 % abgeschlossen.
Überprüfung 14 % abgeschlossen.
Überprüfung 15 % abgeschlossen.
Überprüfung 15 % abgeschlossen.
Überprüfung 16 % abgeschlossen.
Überprüfung 16 % abgeschlossen.
Überprüfung 17 % abgeschlossen.
Überprüfung 17 % abgeschlossen.
Überprüfung 18 % abgeschlossen.
Überprüfung 18 % abgeschlossen.
Überprüfung 19 % abgeschlossen.
Überprüfung 19 % abgeschlossen.
Überprüfung 20 % abgeschlossen.
Überprüfung 20 % abgeschlossen.
Überprüfung 21 % abgeschlossen.
Überprüfung 21 % abgeschlossen.
Überprüfung 22 % abgeschlossen.
Überprüfung 22 % abgeschlossen.
Überprüfung 23 % abgeschlossen.
Überprüfung 23 % abgeschlossen.
Überprüfung 24 % abgeschlossen.
Überprüfung 24 % abgeschlossen.
Überprüfung 25 % abgeschlossen.
Überprüfung 25 % abgeschlossen.
Überprüfung 26 % abgeschlossen.
Überprüfung 26 % abgeschlossen.
Überprüfung 27 % abgeschlossen.
Überprüfung 27 % abgeschlossen.
Überprüfung 28 % abgeschlossen.
Überprüfung 28 % abgeschlossen.
Überprüfung 29 % abgeschlossen.
Überprüfung 29 % abgeschlossen.
Überprüfung 30 % abgeschlossen.
Überprüfung 30 % abgeschlossen.
Überprüfung 31 % abgeschlossen.
Überprüfung 31 % abgeschlossen.
Überprüfung 32 % abgeschlossen.
Überprüfung 32 % abgeschlossen.
Überprüfung 33 % abgeschlossen.
Überprüfung 33 % abgeschlossen.
Überprüfung 34 % abgeschlossen.
Überprüfung 34 % abgeschlossen.
Überprüfung 35 % abgeschlossen.
Überprüfung 35 % abgeschlossen.
Überprüfung 36 % abgeschlossen.
Überprüfung 36 % abgeschlossen.
Überprüfung 37 % abgeschlossen.
Überprüfung 37 % abgeschlossen.
Überprüfung 38 % abgeschlossen.
Überprüfung 38 % abgeschlossen.
Überprüfung 39 % abgeschlossen.
Überprüfung 39 % abgeschlossen.
Überprüfung 40 % abgeschlossen.
Überprüfung 40 % abgeschlossen.
Überprüfung 41 % abgeschlossen.
Überprüfung 41 % abgeschlossen.
Überprüfung 42 % abgeschlossen.
Überprüfung 42 % abgeschlossen.
Überprüfung 43 % abgeschlossen.
Überprüfung 43 % abgeschlossen.
Überprüfung 44 % abgeschlossen.
Überprüfung 44 % abgeschlossen.
Überprüfung 45 % abgeschlossen.
Überprüfung 45 % abgeschlossen.
Überprüfung 46 % abgeschlossen.
Überprüfung 46 % abgeschlossen.
Überprüfung 47 % abgeschlossen.
Überprüfung 47 % abgeschlossen.
Überprüfung 48 % abgeschlossen.
Überprüfung 48 % abgeschlossen.
Überprüfung 49 % abgeschlossen.
Überprüfung 49 % abgeschlossen.
Überprüfung 50 % abgeschlossen.
Überprüfung 50 % abgeschlossen.
Überprüfung 51 % abgeschlossen.
Überprüfung 51 % abgeschlossen.
Überprüfung 52 % abgeschlossen.
Überprüfung 52 % abgeschlossen.
Überprüfung 53 % abgeschlossen.
Überprüfung 53 % abgeschlossen.
Überprüfung 54 % abgeschlossen.
Überprüfung 54 % abgeschlossen.
Überprüfung 55 % abgeschlossen.
Überprüfung 55 % abgeschlossen.
Überprüfung 56 % abgeschlossen.
Überprüfung 56 % abgeschlossen.
Überprüfung 57 % abgeschlossen.
Überprüfung 57 % abgeschlossen.
Überprüfung 58 % abgeschlossen.
Überprüfung 58 % abgeschlossen.
Überprüfung 59 % abgeschlossen.
Überprüfung 59 % abgeschlossen.
Überprüfung 60 % abgeschlossen.
Überprüfung 60 % abgeschlossen.
Überprüfung 61 % abgeschlossen.
Überprüfung 61 % abgeschlossen.
Überprüfung 62 % abgeschlossen.
Überprüfung 62 % abgeschlossen.
Überprüfung 63 % abgeschlossen.
Überprüfung 63 % abgeschlossen.
Überprüfung 64 % abgeschlossen.
Überprüfung 64 % abgeschlossen.
Überprüfung 65 % abgeschlossen.
Überprüfung 65 % abgeschlossen.
Überprüfung 66 % abgeschlossen.
Überprüfung 66 % abgeschlossen.
Überprüfung 67 % abgeschlossen.
Überprüfung 67 % abgeschlossen.
Überprüfung 68 % abgeschlossen.
Überprüfung 68 % abgeschlossen.
Überprüfung 69 % abgeschlossen.
Überprüfung 69 % abgeschlossen.
Überprüfung 70 % abgeschlossen.
Überprüfung 70 % abgeschlossen.
Überprüfung 71 % abgeschlossen.
Überprüfung 71 % abgeschlossen.
Überprüfung 72 % abgeschlossen.
Überprüfung 72 % abgeschlossen.
Überprüfung 73 % abgeschlossen.
Überprüfung 73 % abgeschlossen.
Überprüfung 74 % abgeschlossen.
Überprüfung 74 % abgeschlossen.
Überprüfung 75 % abgeschlossen.
Überprüfung 75 % abgeschlossen.
Überprüfung 76 % abgeschlossen.
Überprüfung 76 % abgeschlossen.
Überprüfung 77 % abgeschlossen.
Überprüfung 77 % abgeschlossen.
Überprüfung 78 % abgeschlossen.
Überprüfung 78 % abgeschlossen.
Überprüfung 79 % abgeschlossen.
Überprüfung 79 % abgeschlossen.
Überprüfung 80 % abgeschlossen.
Überprüfung 80 % abgeschlossen.
Überprüfung 81 % abgeschlossen.
Überprüfung 81 % abgeschlossen.
Überprüfung 82 % abgeschlossen.
Überprüfung 82 % abgeschlossen.
Überprüfung 83 % abgeschlossen.
Überprüfung 83 % abgeschlossen.
Überprüfung 84 % abgeschlossen.
Überprüfung 84 % abgeschlossen.
Überprüfung 85 % abgeschlossen.
Überprüfung 85 % abgeschlossen.
Überprüfung 86 % abgeschlossen.
Überprüfung 86 % abgeschlossen.
Überprüfung 87 % abgeschlossen.
Überprüfung 87 % abgeschlossen.
Überprüfung 88 % abgeschlossen.
Überprüfung 88 % abgeschlossen.
Überprüfung 89 % abgeschlossen.
Überprüfung 89 % abgeschlossen.
Überprüfung 90 % abgeschlossen.
Überprüfung 90 % abgeschlossen.
Überprüfung 90 % abgeschlossen.
Überprüfung 91 % abgeschlossen.
Überprüfung 91 % abgeschlossen.
Überprüfung 92 % abgeschlossen.
Überprüfung 92 % abgeschlossen.
Überprüfung 93 % abgeschlossen.
Überprüfung 93 % abgeschlossen.
Überprüfung 94 % abgeschlossen.
Überprüfung 94 % abgeschlossen.
Überprüfung 95 % abgeschlossen.
Überprüfung 95 % abgeschlossen.
Überprüfung 96 % abgeschlossen.
Überprüfung 96 % abgeschlossen.
Überprüfung 97 % abgeschlossen.
Überprüfung 97 % abgeschlossen.
Überprüfung 98 % abgeschlossen.
Überprüfung 98 % abgeschlossen.
Überprüfung 99 % abgeschlossen.
Überprüfung 99 % abgeschlossen.
Überprüfung 100 % abgeschlossen.


Der Windows-Ressourcenschutz hat beschädigte Dateien gefunden und erfolgreich repariert.

Bei Onlinereparaturen finden Sie Details in der CBS-Protokolldatei unter 

windir\Logs\CBS\CBS.log. Beispiel C:\Windows\Logs\CBS\CBS.log. Bei Offlinereparaturen

finden Sie Details in der durch das /OFFLOGFILE-Kennzeichen angegebenen Protokolldatei.


========= Ende von CMD: =========



Das System musste neu gestartet werden.

==== Ende von Fixlog 09:00:07 ====

M-K-D-B · 16.10.2022, 12:51

Wir führen noch einen Sicherheitscheck durch.

Schritt 1
Führe SecurityCheck gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.

legendevent · 16.10.2022, 13:52

Hier das Log vom Security Check:

Code:

ATTFilter

SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21]
WebSite: www.safezone.cc
DateLog: 16.10.2022 14:48:52
Path starting: C:\Users\lucap\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: lucap
VersionXML: 10.24is-16.10.2022
___________________________________________________________________________

Windows 10(6.3.19044) (x64) Professional Release: 2009 Lang: German(0407)
Installation date OS: 04.03.2021 20:53:19
LicenseStatus: Windows(R), Professional edition Volume activation will expire : 247754 minutes
LicenseStatus: Office 16, Office16ProPlusVL_KMS_Client edition Volume activation will expire : 247754 minutes
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
SystemDrive: C: FS: [NTFS] Capacity: [232.3 Gb] Used: [221.1 Gb] Free: [11.2 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.789.19041.0
User Account Control enabled (Level 3)
Sicherheitscenter (wscsvc) - The service is running
Remoteregistrierung (RemoteRegistry) - The service has stopped
SSDP-Suche (SSDPSRV) - The service is running
Remotedesktopdienste (TermService) - The service is running
Windows-Remoteverwaltung (WS-Verwaltung) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2010 x86 v.14.0.7015.1000
Microsoft Office 2010 x64 v.14.0.7015.1000
Microsoft Office 2016 x86 v.16.0.5044.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
Malwarebytes (enabled and up to date)
Windows Defender (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Defender Firewall (mpssvc) - The service is running
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Malwarebytes version 4.5.15.215 v.4.5.15.215
-------------------------- [ SecurityUtilities ] --------------------------
KeePass Password Safe 2.49 v.2.49 Warning! Download Update
--------------------------- [ OtherUtilities ] ----------------------------
Git v.2.35.1.2 Warning! Download Update
Notepad++ (64-bit x64) v.8.4.4 Warning! Download Update
Microsoft 365 Apps for Enterprise - de-de v.16.0.15629.20208
PuTTY release 0.76 (64-bit) v.0.76.0.0 Warning! Download Update
VMware Player v.16.2.3 Warning! Download Update
Microsoft SQL Server 2012 Command Line Utilities  v.11.3.6020.0 Warning! This software is no longer supported.
NVIDIA GeForce Experience 3.26.0.131 v.3.26.0.131
Microsoft SQL Server 2012 Native Client  v.11.3.6518.0 Warning! This software is no longer supported.
GitHub Desktop v.2.9.6 Warning! Download Update
WinSCP 5.19.5 v.5.19.5 Warning! Download Update
Python 3.9.7 (64-bit) v.3.9.7150.0 Warning! Download Update
Steam v.2.10.91.91
TeamViewer v.15.34.4
Intel® Driver & Support Assistant v.21.6.39.7 Warning! Download Update
Epic Games Launcher v.1.3.0.0
------------------------------- [ Backup ] --------------------------------
Microsoft OneDrive v.22.202.0925.0002 [+]
------------------------------ [ ArchAndFM ] ------------------------------
7-Zip 19.00 (x64) v.19.00 Warning! Download Update
Uninstall old version and install new one.
------------------------------- [ Imaging ] -------------------------------
GIMP 2.10.30 v.2.10.30 Warning! Download Update
-------------------------- [ IMAndCollaborate ] ---------------------------
Discord v.0.0.309 Warning! Download Update
Microsoft Teams v.1.5.00.9163 Warning! Download Update
Telegram Desktop version 4.1.1 v.4.1.1 Warning! Download Update
---------------------------- [ ProxyAndVPNs ] -----------------------------
ProtonVPN v.1.25.0 Warning! Download Update
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 341 (64-bit) v.8.0.3410.10
-------------------------------- [ Media ] --------------------------------
Audacity 3.1.3 v.3.1.3 Warning! Download Update
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Acrobat Reader DC - Deutsch v.21.007.20099 Warning! Download Update
^Please run Acrobat Reader DC and go Help - Check for updates...^
------------------------------- [ Browser ] -------------------------------
Google Chrome v.106.0.5249.119
Microsoft Edge v.106.0.1370.42 Warning! Download Update
------------------ [ AntivirusFirewallProcessServices ] -------------------
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.4.0.0.1355
Malwarebytes Service (MBAMService) - The service is running
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.2.0.1119
Microsoft Defender Antivirus-Dienst (WinDefend) - The service has stopped
Microsoft Defender Antivirus-Netzwerkinspektionsdienst (WdNisSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
JDownloader 2 v.2.0 Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
----------------------------- [ End of Log ] ------------------------------

cosinus · 16.10.2022, 17:03

Wieso wurde das gecrackte Microsoft Office nicht deinstalliert?

14.10.2022, 20:53	#11
M-K-D-B /// TB-Ausbilder	Windows 10 (21H2): Windowsdefender meldet: Trojan:MSIL/Bladabindi.OE!MTB Auf Wunsch wurde das Thema wieder geöffnet. Geändert von M-K-D-B (16.10.2022 um 08:05 Uhr)

16.10.2022, 12:51	#13
M-K-D-B /// TB-Ausbilder	Windows 10 (21H2): Windowsdefender meldet: Trojan:MSIL/Bladabindi.OE!MTB Wir führen noch einen Sicherheitscheck durch. Schritt 1 Führe SecurityCheck gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei.

16.10.2022, 17:03	#15
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 10 (21H2): Windowsdefender meldet: Trojan:MSIL/Bladabindi.OE!MTB Wieso wurde das gecrackte Microsoft Office nicht deinstalliert? __________________ Logfiles bitte immer in CODE-Tags posten

Windows 10 (21H2): Windowsdefender meldet: Trojan:MSIL/Bladabindi.OE!MTB

Log-Analyse und Auswertung: Windows 10 (21H2): Windowsdefender meldet: Trojan:MSIL/Bladabindi.OE!MTB