| |
| |||||||
Log-Analyse und Auswertung: WINDOWS 10: .SCR Malware BefallWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
| |
15.11.2022, 14:48
| #1 |
| |  WINDOWS 10: .SCR Malware Befall Ich habe eine unseriöse Mail erhalten in der ein Dropbox-Link verlinkt war. Ich war dumm genug die zip Datei in dieser Dropbox runter zu laden und die darin enthaltenden .SCR Dateien auszuführen. Nachdem ich die Datei nicht öffnen konnte, habe ich ein wenig recherchiert und bin auf den ".SCR Malware Hack" gestoßen, von welchem ich höchst wahrscheinlich Befallen wurde. Die Mail, inklusive des Dropbox-Links und die zip Datei ist noch vorhanden, falls ich diese noch nachreichen sollte. Inwiefern muss ich mir nach der Bereinigung meines PC's Gedanken machen, was von meinen Daten preisgegeben wurde und wie genau sollte ich danach agieren? Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2022
durchgeführt von Anwender (Administrator) auf MEAN-MACHINE (Micro-Star International Co., Ltd. MS-7B79) (15-11-2022 14:22:56)
Gestartet von C:\Users\Anwender\AppData\Local\Temp\scoped_dir14736_1598031958
Geladene Profile: Anwender
Plattform: Microsoft Windows 10 Home Version 22H2 19045.2251 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(A-Volute SAS -> A-Volute) C:\Users\Anwender\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <3>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.8067\Agent.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\Anwender\AppData\Roaming\Elgato\StreamDeck\Plugins\com.barraider.battery.sdPlugin\com.barraider.battery.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\Anwender\AppData\Roaming\Elgato\StreamDeck\Plugins\com.barraider.spotify.sdPlugin\com.barraider.spotify.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\Anwender\AppData\Roaming\Elgato\StreamDeck\Plugins\com.elgato.cpu.sdPlugin\cpu.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\Anwender\AppData\Roaming\Elgato\StreamDeck\Plugins\com.streamelements.obslive.sdPlugin\obslive-sdplugin.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\Anwender\AppData\Roaming\Elgato\StreamDeck\Plugins\tv.twitch.studio.sdPlugin\twitchstudiostreamdeck.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (BarRaider) [Datei ist nicht signiert] C:\Users\Anwender\AppData\Roaming\Elgato\StreamDeck\Plugins\com.barraider.twitchtools.sdPlugin\com.barraider.twitchtools.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (com.barraider.obstools) [Datei ist nicht signiert] C:\Users\Anwender\AppData\Roaming\Elgato\StreamDeck\Plugins\com.barraider.obstools.sdPlugin\com.barraider.obstools.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Frederick Emmott -> ) C:\Users\Anwender\AppData\Roaming\Elgato\StreamDeck\Plugins\com.fredemmott.micmutetoggle.sdPlugin\sdmicmute.exe
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (The Qt Company Oy -> The Qt Company Ltd.) C:\Program Files\Elgato\StreamDeck\QtWebEngineProcess.exe <6>
(C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Voicemod Sociedad Limitada -> ) C:\Users\Anwender\AppData\Roaming\Elgato\StreamDeck\Plugins\net.voicemod.windowsdesktop.sdPlugin\voicemodplugin.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(C:\Users\Anwender\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Anwender\AppData\Local\Programs\Opera GX\91.0.4516.106\opera_crashreporter.exe
(Discord Inc. -> Discord Inc.) C:\Users\Anwender\AppData\Local\Discord\app-1.0.9007\Discord.exe <6>
(explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(explorer.exe ->) (Nota Inc. -> Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(explorer.exe ->) (Opera Software AS -> Opera Software) C:\Users\Anwender\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Vincent Burel -> VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Anwender\AppData\Local\Programs\Opera GX\opera.exe <27>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951968 2019-07-09] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3089288 2022-10-25] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [Stream Deck] => C:\Program Files\Elgato\StreamDeck\StreamDeck.exe [11144232 2022-09-29] (Corsair Memory, Inc. -> Corsair Memory, Inc)
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Run: [Discord] => C:\Users\Anwender\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234088 2022-10-19] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Run: [Spotify] => C:\Users\Anwender\AppData\Roaming\Spotify\Spotify.exe [20232568 2022-11-12] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [915848 2020-03-30] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14433864 2020-07-31] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-10-25] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Anwender\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-11-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32616416 2022-05-11] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Run: [Opera GX Browser Assistant] => C:\Users\Anwender\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Anwender\Desktop\photopea\_PHOTO~1\PHOTOP~2.SCR
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-10] (Google LLC -> Google LLC)
Startup: C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter (VB-Audio).LNK [2021-10-24]
ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe (Vincent Burel -> VB-AUDIO Software)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {015C246E-40A7-4FAD-B631-B297A4E853EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8576000 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {0EFA1366-CECB-425F-84B2-ABC5DD261F5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1739B963-06B8-4DD9-9FA2-ABAB1D91EBB5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1E161918-E87E-4995-B4EF-0BC6AAA585B4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {409A0E3F-320D-43B2-97DD-909698D9E08D} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {41C4A322-598A-44D9-994E-081E93B4F82A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5BF59928-A479-47AA-937F-E73AF125FA58} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {75A1424E-8CE6-452C-875B-AB21166BAB38} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {92AE3312-DD00-43B8-B253-0AFDD6E26F12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8576000 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BAC744A-E459-408C-A92C-4FC1F1604481} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-02] (Google Inc -> Google LLC)
Task: {A2947668-9BBB-4858-A8CB-F53185FC88F2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144312 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {A55EF7FA-BB7C-4BA1-B404-95DF300F1706} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A9FA51FA-473D-4376-9A78-7634C4F9FE44} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [66936 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {CBF6DB5E-6F02-4CDD-8213-0815F9EC8697} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {D2E71353-4AFB-4FE7-9D8C-0BC58B510878} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-02] (Google Inc -> Google LLC)
Task: {D39B5433-58F1-46C5-81D4-C093EF681D77} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D69BE544-84E1-45BC-8391-DB8F74EEC3AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DFBA51AB-3FAF-43C7-96CF-F29242902FEF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154960 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E96CDAB2-BF6E-4D21-BF99-56337114838D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EB6B7195-55F8-42D6-B897-35F0AF58DADC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144312 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC873EBF-40C0-4FC3-823C-B77BE3514B1F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F29CB073-D387-4AA8-A3E5-AFE35FE4A978} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154960 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2DA71F2-D693-4E60-B31E-0CD88A6EE3FC} - System32\Tasks\Opera GX scheduled Autoupdate 1643148445 => C:\Users\Anwender\AppData\Local\Programs\Opera GX\launcher.exe [2471880 2022-10-28] (Opera Norway AS -> Opera Software)
Task: {F4C6A0C8-CFD2-45AB-B1A2-0A5A056AB148} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {F561B9AE-7FCF-4130-8613-DFE1FA880D08} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F7ECD032-CE1E-432D-98F2-E06F4A4B1FD8} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1644846457 => C:\Users\Anwender\AppData\Local\Programs\Opera GX\launcher.exe [2471880 2022-10-28] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Anwender\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {F94A1AEF-769F-4572-97FD-2A99693793E8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FD5B10C9-3331-4BC7-B61E-CFC05AC3249A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{26a2f333-5b78-4917-a043-c3e576c811a7}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-21]
Edge DefaultSearchURL: Default -> hxxps://manageyoursearch.com/?q={searchTerms}
Edge DefaultSuggestURL: Default -> hxxps://manageyoursearch.com/suggest?q={searchTerms}
Edge Extension: (Outlook) - C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-16]
Edge Extension: (Word) - C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-16]
Edge Extension: (Excel) - C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-16]
Edge Extension: (Search Manager) - C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\meckckfjnfnimlomkemnhcoonjfpbcoh [2020-06-26]
Edge Extension: (PowerPoint) - C:\Users\Anwender\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-16]
Edge HKLM\...\Edge\Extension: [meckckfjnfnimlomkemnhcoonjfpbcoh]
Edge HKU\S-1-5-21-1577740540-671938675-3438131953-1000\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [meckckfjnfnimlomkemnhcoonjfpbcoh]
Edge HKLM-x32\...\Edge\Extension: [meckckfjnfnimlomkemnhcoonjfpbcoh]
FireFox:
========
FF DefaultProfile: jpluq1gd.default
FF ProfilePath: C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\jpluq1gd.default [2020-04-08]
FF ProfilePath: C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\la25466s.default-release [2022-09-05]
FF Extension: (BetterTTV) - C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\la25466s.default-release\Extensions\firefox@betterttv.net.xpi [2022-02-27]
FF Extension: (Search Manager) - C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\la25466s.default-release\Extensions\{24436206-088d-4a1a-8d0e-cf93ca7a2d23}.xpi [2020-04-08] [UpdateUrl:hxxps://qupotomu.com/update?x=restype=ffjson]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default [2022-11-05]
CHR Extension: (BetterTTV) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2022-10-02]
CHR Extension: (7TV) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2022-09-06]
CHR Extension: (Screencap) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\aniaallgmlgdlefladlfhadglocahllm [2021-02-21]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-09-06]
CHR Extension: (Watch2Gether) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2022-10-12]
CHR Extension: (Dark Reader) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2022-10-07]
CHR Extension: (Google Docs Offline) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-06]
CHR Extension: (Coupert DE - Coupon Finder & Cashback) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2022-10-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2022-10-12]
CHR Profile: C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-11-02]
CHR Profile: C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-10-07]
CHR Extension: (Dark Reader) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2022-10-07]
CHR Extension: (Google Docs Offline) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-07]
CHR Profile: C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-02]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-1577740540-671938675-3438131953-1000) Opera GXStable - "C:\Users\Anwender\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-12-11] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12516280 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [785408 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2022-09-28] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-09-28] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-19] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1677384 2020-07-31] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-05-06] (GOG Sp. z o.o. -> GOG.com)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10097408 2022-10-25] (Logitech Inc -> Logitech, Inc.)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-05-18] (Logitech Inc -> Logitech)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13261608 2021-05-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10426128 2022-10-25] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-28] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-28] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-28] (Logitech Inc -> Logitech)
R3 MpKsl14e34f16; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{13FE8EE2-DE73-475D-A182-54C3A1262AC5}\MpKslDrv.sys [214280 2022-11-15] (Microsoft Windows -> Microsoft Corporation)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-13] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 VBAudioVACAMME; C:\WINDOWS\System32\drivers\vbaudio_cablea64_win7.sys [41144 2015-10-19] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 VBAudioVACBMME; C:\WINDOWS\System32\drivers\vbaudio_cableb64_win7.sys [41144 2015-10-19] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2021-10-24] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2021-10-24] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8738816 2022-10-25] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-11-15 14:22 - 2022-11-15 14:23 - 000000000 ____D C:\FRST
2022-11-15 10:53 - 2022-11-15 10:53 - 002512923 _____ C:\Users\Anwender\Downloads\[Photopea] Promotional Materials.zip
2022-11-14 16:00 - 2022-11-14 16:00 - 000000000 ___HD C:\$WinREAgent
2022-11-12 23:32 - 2022-11-12 23:32 - 014638290 _____ C:\Users\Anwender\Downloads\streamladder-gliding.mp4
2022-11-11 17:45 - 2022-11-11 17:45 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-11 17:45 - 2022-11-11 17:45 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-11 17:45 - 2022-11-11 17:45 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-11 17:44 - 2022-11-11 17:44 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-11 15:46 - 2022-11-11 15:46 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Brotato
2022-11-11 13:27 - 2022-11-11 13:27 - 000000223 _____ C:\Users\Anwender\Desktop\Brotato.url
2022-11-10 23:17 - 2022-11-10 23:17 - 008454082 _____ C:\Users\Anwender\Downloads\streamladder-look.mp4
2022-11-10 23:14 - 2022-11-10 23:14 - 013029222 _____ C:\Users\Anwender\Downloads\streamladder-riot fart.mp4
2022-11-10 23:14 - 2022-11-10 23:14 - 006073065 _____ C:\Users\Anwender\Downloads\AT-cm_fq8K0dgoHLq5txen-lOqyw (1).mp4
2022-11-10 20:22 - 2022-11-09 11:03 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-10 20:22 - 2022-11-09 11:03 - 002236992 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-10 20:22 - 2022-11-09 11:03 - 001642592 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-10 20:22 - 2022-11-09 11:03 - 001642592 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-10 20:22 - 2022-11-09 11:03 - 001487912 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-10 20:22 - 2022-11-09 11:03 - 001444416 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-10 20:22 - 2022-11-09 11:03 - 001444416 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-10 20:22 - 2022-11-09 11:03 - 001227304 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-10 20:22 - 2022-11-09 11:03 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-10 20:22 - 2022-11-09 11:03 - 001168960 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-10 20:22 - 2022-11-09 10:59 - 000865272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-10 20:22 - 2022-11-09 10:59 - 000672232 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-10 20:22 - 2022-11-09 10:59 - 000507432 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-10 20:22 - 2022-11-09 10:58 - 002162176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-10 20:22 - 2022-11-09 10:58 - 001618408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-10 20:22 - 2022-11-09 10:58 - 001531400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-10 20:22 - 2022-11-09 10:58 - 001190392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-10 20:22 - 2022-11-09 10:58 - 000950280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-10 20:22 - 2022-11-09 10:58 - 000746536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-10 20:22 - 2022-11-09 10:58 - 000734184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-10 20:22 - 2022-11-09 10:57 - 012452360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-10 20:22 - 2022-11-09 10:57 - 010218488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-10 20:22 - 2022-11-09 10:57 - 005891072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-10 20:22 - 2022-11-09 10:57 - 005856744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2022-11-10 20:22 - 2022-11-09 10:57 - 003334136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-10 20:22 - 2022-11-09 10:57 - 000457752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-10 20:22 - 2022-11-09 10:56 - 005816312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-10 20:22 - 2022-11-09 10:56 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-10 20:22 - 2022-11-08 23:40 - 000100589 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-09 15:27 - 2022-11-09 15:27 - 006073065 _____ C:\Users\Anwender\Downloads\AT-cm_fq8K0dgoHLq5txen-lOqyw.mp4
2022-11-06 21:17 - 2022-11-06 21:17 - 000000061 _____ C:\Users\Anwender\Desktop\Betriebsausgaben.txt
2022-11-06 20:04 - 2022-11-06 20:04 - 023253183 _____ C:\Users\Anwender\Downloads\streamladder-god damn.mp4
2022-11-05 12:27 - 2022-11-08 13:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-11-03 23:01 - 2022-11-03 23:01 - 001450503 _____ C:\Users\Anwender\Downloads\Snaptik.app_7111311398293998854.mp4
2022-10-31 23:35 - 2022-10-31 23:35 - 014925164 _____ C:\Users\Anwender\Downloads\streamladder-NERF GRAVES .mp4
2022-10-31 00:49 - 2022-10-31 00:49 - 017649305 _____ C:\Users\Anwender\Downloads\streamladder-SCRIPTING SEJUANI _XD.mp4
2022-10-30 21:37 - 2022-10-30 21:37 - 000000223 _____ C:\Users\Anwender\Desktop\Love, Sam.url
2022-10-27 22:55 - 2022-10-27 22:55 - 017142084 _____ C:\Users\Anwender\Downloads\streamladder-lesgoo (1).mp4
2022-10-27 20:16 - 2022-10-26 01:15 - 000041984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-10-26 22:00 - 2022-10-26 22:00 - 027429986 _____ C:\Users\Anwender\Downloads\streamladder-lesgoo.mp4
2022-10-26 12:54 - 2022-10-26 12:54 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2022-10-26 12:54 - 2022-10-26 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-10-23 20:06 - 2022-07-14 00:32 - 000060112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2022-10-21 18:32 - 2022-10-21 18:32 - 000056548 _____ C:\Users\Anwender\Downloads\Lebenslauf_von_Nick_Haberkorn.pdf
2022-10-21 15:00 - 2022-10-21 15:00 - 002819410 _____ C:\Users\Anwender\Downloads\flying-elbow-drop-onto-microwave-wwe-cm-punk-style-ytshorts.savetube.me.mp4
2022-10-21 14:14 - 2022-10-21 14:14 - 030015081 _____ C:\Users\Anwender\Downloads\streamladder-AT-cm_8JJr1bAV6CjTyTtsOOUOvg.mp4
2022-10-20 18:57 - 2022-10-20 18:57 - 011776794 _____ C:\Users\Anwender\Downloads\AT-cm_8JJr1bAV6CjTyTtsOOUOvg.mp4
2022-10-18 16:43 - 2022-10-18 16:43 - 026718839 _____ C:\Users\Anwender\Downloads\streamladder-wat.mp4
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-11-15 14:23 - 2019-11-02 21:26 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Discord
2022-11-15 14:22 - 2020-04-15 20:49 - 000000000 ____D C:\Users\Anwender\AppData\Local\Battle.net
2022-11-15 14:22 - 2019-12-11 15:36 - 000000000 ____D C:\Users\Anwender\Desktop\Rengar related
2022-11-15 14:21 - 2019-11-02 20:35 - 000000000 ____D C:\Users\Anwender\AppData\Local\D3DSCache
2022-11-15 14:16 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-15 14:09 - 2019-11-02 22:14 - 000000000 ____D C:\Program Files (x86)\Steam
2022-11-15 14:09 - 2019-11-02 21:02 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-15 14:02 - 2019-11-02 21:26 - 000000000 ____D C:\Users\Anwender\AppData\Local\Discord
2022-11-15 13:49 - 2020-11-04 13:19 - 000000000 ____D C:\Users\Anwender\AppData\Local\LGHUB
2022-11-15 12:43 - 2019-10-31 13:36 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-15 11:39 - 2021-01-24 14:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-15 11:37 - 2020-09-02 13:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-15 11:08 - 2020-09-02 13:53 - 001722788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-15 11:08 - 2019-12-07 15:50 - 000743708 _____ C:\WINDOWS\system32\perfh007.dat
2022-11-15 11:08 - 2019-12-07 15:50 - 000150130 _____ C:\WINDOWS\system32\perfc007.dat
2022-11-15 11:08 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-15 11:05 - 2020-11-27 12:14 - 000000000 ____D C:\Users\Anwender\AppData\Local\CrashDumps
2022-11-15 11:04 - 2020-04-07 19:38 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-11-15 11:02 - 2020-11-04 13:19 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\LGHUB
2022-11-15 11:01 - 2020-09-02 13:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-15 11:01 - 2020-09-02 13:44 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-15 11:01 - 2020-03-20 12:15 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-11-15 11:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-15 11:00 - 2021-10-24 12:29 - 000037958 _____ C:\Users\Anwender\AppData\Roaming\VoiceMeeterBananaDefault.xml
2022-11-15 11:00 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-15 10:38 - 2020-04-06 22:23 - 000000000 ____D C:\Users\Anwender\AppData\LocalLow\Mozilla
2022-11-14 22:36 - 2019-11-03 10:05 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\obs-studio
2022-11-14 22:18 - 2019-11-16 22:36 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Spotify
2022-11-14 21:54 - 2019-11-02 21:05 - 000000000 ____D C:\ProgramData\Riot Games
2022-11-14 20:42 - 2019-11-16 22:36 - 000000000 ____D C:\Users\Anwender\AppData\Local\Spotify
2022-11-14 18:34 - 2020-06-26 08:52 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-14 18:34 - 2020-06-26 08:52 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-14 18:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-14 18:34 - 2019-11-02 21:02 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-14 18:34 - 2019-11-02 21:02 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-14 16:02 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-13 18:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-12 15:42 - 2020-09-02 13:48 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 15:42 - 2020-09-02 13:48 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 19:11 - 2020-09-02 13:44 - 000444672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-11 19:10 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-11 19:10 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-11 19:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-11 19:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-11 19:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-11 19:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-11 19:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-11 17:44 - 2020-09-02 13:48 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-11 17:39 - 2019-11-02 19:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-11 17:37 - 2019-11-02 19:35 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-11 13:18 - 2019-10-31 13:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-10 20:26 - 2022-04-22 20:26 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-11-10 15:25 - 2022-02-07 18:21 - 000000000 ____D C:\Users\Anwender\AppData\Roaming\Vampire_Survivors
2022-11-09 17:16 - 2020-04-15 20:49 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-11-09 10:55 - 2022-09-05 14:34 - 007642816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-11-09 10:55 - 2022-09-05 14:34 - 006512336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-11-08 18:46 - 2020-09-02 13:48 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1577740540-671938675-3438131953-1000
2022-11-08 18:46 - 2020-09-02 13:38 - 000002404 _____ C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-08 13:24 - 2020-04-06 22:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-05 19:27 - 2021-10-12 15:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-05 19:27 - 2020-04-06 22:23 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-05 19:05 - 2019-10-31 13:38 - 000000000 ____D C:\Users\Anwender\AppData\Local\Packages
2022-11-03 16:24 - 2021-12-12 19:42 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1577740540-671938675-3438131953-1000
2022-11-03 15:18 - 2019-11-18 15:49 - 000000000 ____D C:\Program Files\Microsoft Office
2022-11-02 14:55 - 2022-01-25 23:07 - 000004246 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1643148445
2022-11-02 14:55 - 2022-01-25 23:07 - 000001443 _____ C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2022-10-26 12:54 - 2020-11-04 13:19 - 000000000 ____D C:\Program Files\LGHUB
2022-10-26 01:15 - 2022-09-05 14:34 - 000129000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-10-25 19:53 - 2022-10-14 21:49 - 000000000 ____D C:\Program Files (x86)\Overwatch
2022-10-23 20:06 - 2022-05-31 22:33 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-23 20:06 - 2022-05-31 22:33 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-23 20:06 - 2022-05-31 22:33 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-23 20:06 - 2022-05-31 22:33 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-23 20:06 - 2022-05-31 22:33 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-23 20:06 - 2022-05-31 22:33 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-23 20:06 - 2022-05-31 22:33 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-23 20:06 - 2022-05-31 22:33 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-23 20:06 - 2022-05-31 22:33 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-23 20:06 - 2022-05-31 22:33 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-10-23 20:06 - 2019-10-31 13:36 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-23 20:06 - 2019-10-31 13:36 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-23 20:06 - 2019-10-31 13:36 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-10-22 22:12 - 2022-09-13 21:01 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-10-22 14:52 - 2019-11-02 21:26 - 000002242 _____ C:\Users\Anwender\Desktop\Discord.lnk
2022-10-17 21:49 - 2022-09-15 21:54 - 000000675 _____ C:\Users\Anwender\Desktop\24hstream.txt
2022-10-17 07:25 - 2022-05-31 22:33 - 002890296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2022-10-17 07:25 - 2022-05-31 22:33 - 002224696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2022-10-17 07:25 - 2022-05-31 22:33 - 001297464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2020-01-24 20:25 - 2020-01-24 20:25 - 000000000 _____ () C:\Users\Anwender\AppData\Roaming\nexus2.txt
2021-09-17 16:56 - 2022-10-12 17:31 - 000000016 _____ () C:\Users\Anwender\AppData\Roaming\obs-virtualcam.txt
2021-10-24 12:29 - 2022-11-15 11:00 - 000037958 _____ () C:\Users\Anwender\AppData\Roaming\VoiceMeeterBananaDefault.xml
2021-10-24 11:14 - 2021-10-24 11:16 - 000006095 _____ () C:\Users\Anwender\AppData\Roaming\VoiceMeeterDefault.xml
2021-04-08 10:19 - 2021-04-08 10:19 - 000000024 _____ () C:\Users\Anwender\AppData\Roaming\Microsoft\{8ADA9B80-E373-E18E-DB02-F11B969F143C}
2022-01-22 13:39 - 2022-06-10 00:11 - 001097870 _____ () C:\Users\Anwender\AppData\Local\PlariumPlay.log
2022-08-29 17:39 - 2022-08-29 17:39 - 000007605 _____ () C:\Users\Anwender\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-11-2022
durchgeführt von Anwender (15-11-2022 14:23:44)
Gestartet von C:\Users\Anwender\AppData\Local\Temp\scoped_dir14736_1598031958
Microsoft Windows 10 Home Version 22H2 19045.2251 (X64) (2020-09-02 12:48:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1577740540-671938675-3438131953-500 - Administrator - Disabled)
Anwender (S-1-5-21-1577740540-671938675-3438131953-1000 - Administrator - Enabled) => C:\Users\Anwender
DefaultAccount (S-1-5-21-1577740540-671938675-3438131953-503 - Limited - Disabled)
Gast (S-1-5-21-1577740540-671938675-3438131953-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1577740540-671938675-3438131953-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blackmagic RAW Common Components (HKLM\...\{28612306-CE2C-429F-8288-D707C9A84838}) (Version: 1.8.1 - Blackmagic Design)
Chatterino7 version 7.3.5 (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\{F5FE6614-04D4-4D32-8600-0ABA0AC113A4}_is1) (Version: 7.3.5 - 7TV)
DaVinci Resolve (HKLM\...\{8CD009CC-08AB-4873-BA5C-DC4AEA8BACEB}) (Version: 16.2.7010 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Discord (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
Elgato Stream Deck (HKLM\...\{D2A26B85-6DA9-40F7-8717-CB8F78E3AFEA}) (Version: 5.3.3.15214 - Elgato Systems GmbH)
Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{B3DE52F7-D9AA-49EF-873F-506F76CD45B8}) (Version: 2.0.35.0 - Epic Games, Inc.)
Excel (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.107 - Google LLC)
Gyazo 4.1.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
League of Legends PBE (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Riot Game league_of_legends.pbe) (Version: - Riot Games, Inc)
Logitech Capture (HKLM\...\Capture) (Version: 2.02.155 - Logitech)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.10.326382 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.15726.20174 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\OneDriveSetup.exe) (Version: 22.217.1016.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 106.0.5 (x64 de)) (Version: 106.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0.1 - Mozilla)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Grafiktreiber 526.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 526.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.15726.20096 - Microsoft Corporation) Hidden
Opera GX Stable 91.0.4516.106 (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Opera GX 91.0.4516.106) (Version: 91.0.4516.106 - Opera Software)
Outlook (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PowerPoint (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Snaz version 1.12.6.0 (HKLM-x32\...\{70A76031-FDC6-4F9B-BB5C-33776703F45A}_is1) (Version: 1.12.6.0 - JimsApps)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Spotify) (Version: 1.1.98.691.gf759311c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements SE.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 22.9.8.69 - StreamElements)
StreamLabels 0.3.4 (only current user) (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\8000d50a-fcb7-5b38-8a3b-a02a0ec79daa) (Version: 0.3.4 - Streamlabs)
StreamLabels 0.4.1 (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\{8000d50a-fcb7-5b38-8a3b-a02a0ec79daa}) (Version: 0.4.1 - Streamlabs)
Streamlabs Desktop 1.11.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.11.1 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.18.5 - TeamViewer)
VALORANT (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.91.2.0_x64__kgqvnymyfvs32 [2022-11-03] (king.com)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-12-10] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-04] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-21] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-11-10] (NVIDIA Corp.)
Pixlr E -> C:\Program Files\WindowsApps\InmagineLabPteLtd.PixlrE_1.0.1.0_neutral__0fvarhdejbjpm [2022-03-19] (Inmagine Lab Pte Ltd)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2021-12-17] (Realtek Semiconductor Corp)
Word -> C:\Program Files\WindowsApps\word.office.com-CECA1A7F_1.0.0.0_neutral__jc2kecmnkxwqc [2022-07-10] (word.office.com)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-06-04] (New Work SE)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1577740540-671938675-3438131953-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Anwender\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1577740540-671938675-3438131953-1000_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\Anwender\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-1577740540-671938675-3438131953-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Anwender\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_bd530e4cbd42e0a3\nvshext.dll [2022-11-09] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Anwender\Desktop\Pusi - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2022-11-08 19:48 - 2022-11-08 19:48 - 104871424 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\libcef.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000112128 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\libegl.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 006227456 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\libglesv2.dll
2021-10-24 11:24 - 2021-10-24 11:24 - 000967168 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\VB\Voicemeeter\mp3lame\lame_enc.dll
2022-09-29 13:11 - 2022-09-29 13:11 - 000038400 _____ () [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\giflib5.dll
2022-09-29 13:11 - 2022-09-29 13:11 - 000098816 _____ () [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\QtZeroConf.dll
2022-09-29 13:11 - 2022-09-29 13:11 - 000720384 _____ () [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\turbojpeg.dll
2022-10-26 12:54 - 2022-10-25 23:00 - 000156160 _____ () [Datei ist nicht signiert] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node
2022-09-29 13:11 - 2022-09-29 13:11 - 001742848 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\sqlite3.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000810496 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\chrome_elf.dll
2022-03-04 13:26 - 2020-04-26 14:10 - 003000832 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Users\Anwender\AppData\Roaming\Elgato\StreamDeck\Plugins\net.voicemod.windowsdesktop.sdPlugin\libcrypto-1_1-x64.dll
2022-09-29 13:11 - 2022-09-29 13:11 - 002696704 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\libcrypto-1_1-x64.dll
2022-09-29 13:11 - 2022-09-29 13:11 - 000642560 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\libssl-1_1-x64.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000047104 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\audio\qtaudio_windows.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000026112 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\imageformats\qgif.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000027136 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\imageformats\qico.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000243712 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\imageformats\qjpeg.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000223744 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\imageformats\qmng.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000020992 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\imageformats\qsvg.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000332288 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\imageformats\qtiff.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 001140224 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\platforms\qwindows.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 004943360 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\Qt5Core.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 005022208 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\Qt5Gui.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000626176 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\Qt5Multimedia.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000877056 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\Qt5Network.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 002908672 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\Qt5Qml.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 003078656 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\Qt5Quick.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000259072 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\Qt5Svg.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 004718080 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\Qt5Widgets.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000439296 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\Qt5WinExtras.dll
2022-11-08 19:48 - 2022-11-08 19:48 - 000159232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.13835\Qt5Xml.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [2498]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [2498]
AlternateDataStreams: C:\Users\Anwender\Anwendungsdaten:5a7a7919109c97d615ad7581cd492710 [394]
AlternateDataStreams: C:\Users\Anwender\AppData\Roaming:5a7a7919109c97d615ad7581cd492710 [394]
AlternateDataStreams: C:\Users\Anwender\AppData\Local\Temp:{67AD6FA5-2A7D-47de-A0C4-F04C8F26F841} [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [3874]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dbnwss_20_15_ssg00¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0DzzyCtC0AtCyDyD0BtBzyyDyD0AtN0D0Tzu0StAtDtBtDtN1L2XzuyEtFyCtCtFtDtFtCzyzztN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyE0FyDtCtAtD0D0AtGyE0DyDyCtG0Bzyzy0DtGtDyB0DtBtG0F0F0A0ByDtDyDtA0A0EyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1QyEyDzz1SyDyDzytGtDyD1QtBtGyEtCyDtDtGzzyCzz1RtGyDyEzztAtC1P1P1PyByC1TtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutByCtAzzyDtN1Q2Z1B1P1RzutCyDzzyCtAyEtAtBzytB%26cr%3D1389621428%26a%3Dwsg_dbnwss_20_15_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
SearchScopes: HKU\S-1-5-21-1577740540-671938675-3438131953-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dbnwss_20_15_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0DzzyCtC0AtCyDyD0BtBzyyDyD0AtN0D0Tzu0StAtDtBtDtN1L2XzuyEtFyCtCtFtDtFtCzyzztN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyE0FyDtCtAtD0D0AtGyE0DyDyCtG0Bzyzy0DtGtDyB0DtBtG0F0F0A0ByDtDyDtA0A0EyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1QyEyDzz1SyDyDzytGtDyD1QtBtGyEtCyDtDtGzzyCzz1RtGyDyEzztAtC1P1P1PyByC1TtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutByCtAzzyDtN1Q2Z1B1P1RzutCyDzzyCtAyEtAtBzytB%26cr%3D1389621428%26a%3Dwsg_dbnwss_20_15_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1577740540-671938675-3438131953-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_dbnwss_20_15_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0DzzyCtC0AtCyDyD0BtBzyyDyD0AtN0D0Tzu0StAtDtBtDtN1L2XzuyEtFyCtCtFtDtFtCzyzztN1L1Czu1BtCtN1L1G1B1V1N2Y1L1Qzu2SyE0FyDtCtAtD0D0AtGyE0DyDyCtG0Bzyzy0DtGtDyB0DtBtG0F0F0A0ByDtDyDtA0A0EyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1QyEyDzz1SyDyDzytGtDyD1QtBtGyEtCyDtDtGzzyCzz1RtGyDyEzztAtC1P1P1PyByC1TtB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutByCtAzzyDtN1Q2Z1B1P1RzutCyDzzyCtAyEtAtBzytB%26cr%3D1389621428%26a%3Dwsg_dbnwss_20_15_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Anwender\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Profile-picture (1).jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1577740540-671938675-3438131953-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{5A738D64-A3E2-4526-A41A-6BD2FBA7CE1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{680E1FE7-B1D2-4F0B-B413-D3EF6223DF98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{C1F1F245-E658-456D-BAA5-625AD740059F}C:\users\anwender\desktop\rubinum\rubinum\rubinumlauncher.exe] => (Allow) C:\users\anwender\desktop\rubinum\rubinum\rubinumlauncher.exe => Keine Datei
FirewallRules: [TCP Query User{33E793B7-61A7-42B2-89CB-EFA5563A9816}C:\users\anwender\desktop\rubinum\rubinum\rubinumlauncher.exe] => (Allow) C:\users\anwender\desktop\rubinum\rubinum\rubinumlauncher.exe => Keine Datei
FirewallRules: [UDP Query User{6E425FEF-5D37-44A8-93DD-8387522F96CC}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [TCP Query User{67C6FB00-3472-46A1-BC8E-565458D0D0F6}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [{4F480644-0BF7-481C-A0D6-DF03F4396E89}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{41C32BCF-7636-4455-B115-D9C707CBCD17}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{621E427F-CF5D-4FD6-9203-5190C0BC356E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{E9C34B3A-46F7-4C9B-876E-B7E3BC8273D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [UDP Query User{4A54C2F1-906E-4AE1-BE0D-8C6592A42057}C:\users\anwender\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\anwender\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{75ABD60A-4570-46D9-B58A-C06279AFC0B5}C:\users\anwender\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\anwender\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{10ED9C89-56BE-4956-9B8A-BA5E8AC9852F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D79DA858-255B-4D7F-8709-B6BF514BA744}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1FD9B8E1-3EA4-48A7-8BDF-BB60102F1F1A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{BE23767B-A96D-41A6-91CD-F05A54F191CE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{38A5FDE0-647B-4F50-B758-89C5B28C9ED3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FCDFB609-7888-4A9F-A9F4-527927EDC5F1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{F3CC4A70-65B7-4E2A-864E-B6C4CD84470C}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{2148071A-C68C-425D-9812-2870371E18DD}C:\riot games\league of legends\game\league of legends.exe] => (Allow) C:\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{4A94FEFF-22C9-4308-A8EE-07C42E0D96C4}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{342EE7B6-E7A4-4981-9D08-5E38CB6FB39D}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{DB313B61-8B75-4898-AF3B-31C51E59DABF}] => (Allow) C:\Users\Anwender\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{94CD629C-78F1-42F6-87E5-13F1AE18EE10}] => (Allow) C:\Users\Anwender\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7D66C12B-8C46-4712-A8D9-F6C76F23EDDB}] => (Allow) C:\Users\Anwender\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{73FA8351-FD2B-4044-A783-983117961839}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{1323C0C0-1FE1-4291-B744-2A48AFF77688}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{787F477C-0E8B-4EBE-B054-AF1493F020B3}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{09FDD2A2-52CB-4B39-8874-4E4E5254169E}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [{BF71AE1C-3D1A-445C-8429-F9F92B550EDF}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{2A87046F-E07F-46EC-8312-336454E5CE45}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{5EA99C0F-0DE2-4481-B5AC-BA3F2E23A8F9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{56ED28F4-51DC-462E-A7A5-B8F82D6D01F3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{15C100F4-3BFB-4F49-825E-5F606436A228}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{50371283-8B94-4ED1-9D17-9BA70E3B56DA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{F51370DB-B21B-49BE-B1FB-7BCAA5C5394A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => Keine Datei
FirewallRules: [{42CDE875-88DB-43E4-B5E2-D39D9C630510}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => Keine Datei
FirewallRules: [{74E8C166-BD5C-46DD-AD7E-C333DABD3231}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{960911BB-346E-4F0C-A5FC-7C3046A6089A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => Keine Datei
FirewallRules: [TCP Query User{A38156CA-42E0-422A-B7A3-1723722B51C3}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{E0882415-039B-442F-9E3F-920C89F18944}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{90ACFFB6-87EA-4D7F-86AC-A0A086F637C8}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{C1CDB643-6B2E-4CDF-B227-4AD0EEF1BE57}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{D6AF6869-9FFA-4FBD-BE15-A9A2410E5387}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{02D98A24-D79E-4571-88F2-D991664CB89B}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{5A58EADB-E845-42AD-BA3D-BCF8289C9F04}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{209CF30B-BD90-4438-B99F-A5B84577670F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6B972250-1339-40DB-8B15-D32D5795C977}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{212D0A56-47DA-4F0E-99EE-2CCDC124327B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{131180DE-CA4F-44D2-B6B3-8DE8E5E8783B}C:\users\anwender\appdata\local\programs\crewlink\crewlink.exe] => (Allow) C:\users\anwender\appdata\local\programs\crewlink\crewlink.exe => Keine Datei
FirewallRules: [UDP Query User{73477402-CB21-48DE-BE1B-9C447E6078E2}C:\users\anwender\appdata\local\programs\crewlink\crewlink.exe] => (Allow) C:\users\anwender\appdata\local\programs\crewlink\crewlink.exe => Keine Datei
FirewallRules: [TCP Query User{5B96F2EC-0E8E-452C-AA9A-1380537F5157}C:\users\anwender\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\anwender\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{AD92FF7D-51D7-4DCB-86BC-D61674B30A01}C:\users\anwender\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\anwender\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{B8F988B0-4770-4EA5-8956-EBCE1CD5FB68}C:\users\anwender\appdata\local\programs\crewlink\crewlink.exe] => (Allow) C:\users\anwender\appdata\local\programs\crewlink\crewlink.exe => Keine Datei
FirewallRules: [UDP Query User{5F2BD7E1-5256-4B70-844B-DAD2DC3CE06B}C:\users\anwender\appdata\local\programs\crewlink\crewlink.exe] => (Allow) C:\users\anwender\appdata\local\programs\crewlink\crewlink.exe => Keine Datei
FirewallRules: [TCP Query User{6E31B405-B366-423F-BB7A-C4E815A0F562}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{732A5536-BA88-4AD1-8793-FD20DEBA3CCD}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{EE1CFFF5-F70C-4EC4-986A-C39B72377B85}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{C961051F-424E-47F2-B131-DA26422E710A}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{2CD976A5-29A1-4DDC-BF5F-9AB8C4BBBEA8}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [UDP Query User{D11D6C1B-D276-4772-9296-AB476CE9CE39}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [{93DC0AE8-27E8-4613-AC25-F5E67D1F61C1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E849E3F4-0EAA-46B7-97D9-CD4149EBBFD0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9CB106D-2F7B-4387-97C0-CB608BC6642B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1C927929-503B-41A0-A00D-3FDEA92A6E9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F97602ED-5C44-4669-9A2B-0692BDC53DF6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BB8ECEF6-C07C-4FB4-8857-015843E3823B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{EB21281D-0210-4A8C-8AA7-F1A33F06D0CF}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{6F9DD8B7-4D32-43B7-A585-0A4B695AC571}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{DA83A8F6-2577-4F46-B84F-29962F5FEEDB}C:\program files (x86)\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe => Keine Datei
FirewallRules: [UDP Query User{AE945FC4-ED24-410B-8868-D4FCAC3CEDB3}C:\program files (x86)\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\naraka bladepoint\narakabladepoint.exe => Keine Datei
FirewallRules: [TCP Query User{38442072-D52E-41B4-8484-79C26E2142EA}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe => Keine Datei
FirewallRules: [UDP Query User{1BAE4DBC-4B62-49A2-ADBB-0C9418561568}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe => Keine Datei
FirewallRules: [{9D2F7DC4-D7CA-45CB-AEDE-7CAFC4928CE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{BD41562F-95B3-41C7-ABAA-7CFE70271935}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{955C28FD-730D-4E4C-9DD9-324AF96609E5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E3EB58E-D4E7-4991-A13E-EFB36DA61E9D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A65EBC58-60B7-42EB-9187-933BDF031976}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2C9C703B-04D4-4C2F-99E2-4031D56F77A3}C:\users\anwender\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\anwender\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{7C093299-9F6A-4B5F-BA03-1D02910E6930}C:\users\anwender\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\anwender\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{36BAB71A-8F82-4BDA-8455-BAEEF96324B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vampire Survivors\VampireSurvivors.exe (Luca Galante) [Datei ist nicht signiert]
FirewallRules: [{05BF89D0-6FE4-490F-9DC3-3D0651673103}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vampire Survivors\VampireSurvivors.exe (Luca Galante) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F8E6E88E-0F8E-46FE-895A-80D5EDE134B8}C:\program files (x86)\steam\steamapps\common\hentai vs furries\avf2\binaries\win64\avf2-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hentai vs furries\avf2\binaries\win64\avf2-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{B27F79C4-E47C-4669-9992-43AACD76F2ED}C:\program files (x86)\steam\steamapps\common\hentai vs furries\avf2\binaries\win64\avf2-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hentai vs furries\avf2\binaries\win64\avf2-win64-shipping.exe => Keine Datei
FirewallRules: [{789D288F-115E-48FC-B288-04289DE59240}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{82C717DB-296A-49F2-A971-04F4B81B728A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{651E3F42-0DCA-4FEE-A0C3-263351636B91}C:\users\anwender\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\anwender\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{8CC66DE9-4E6A-4786-9E2D-86F39820B5FD}C:\users\anwender\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\anwender\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{D42BA5B8-9325-47A4-81B8-0983D5179B21}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{D456E666-4713-4E77-928D-B75E3509A7ED}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{478BE521-9C88-4B72-86D3-55C697B05B32}C:\program files\obs-studio\obs-plugins\64bit\obs-browser-page.exe] => (Allow) C:\program files\obs-studio\obs-plugins\64bit\obs-browser-page.exe (Hugh Bailey -> )
FirewallRules: [UDP Query User{DE56C980-7BF9-4668-9C89-9BCFA774BC00}C:\program files\obs-studio\obs-plugins\64bit\obs-browser-page.exe] => (Allow) C:\program files\obs-studio\obs-plugins\64bit\obs-browser-page.exe (Hugh Bailey -> )
FirewallRules: [{B1DCFDD4-7B46-4239-B36C-927636B21782}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{C69B17A4-49B6-4B5E-A0DC-7476E71A6D1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{555C81C2-8DD5-4E9D-A5A4-ED76C4EB02BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{B6647367-7071-48A4-BA86-013A465276B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{4C785523-B021-4184-828B-0174BD45C58D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{A885AAF6-BF49-4B4E-BF3D-0AC0D77A1B29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{7BA6433F-7800-45C5-BA43-CF2C1CFA193B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{D04671B9-B17E-4A9C-ADC1-C8B264AB02EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{3423C594-B5F7-416F-AFC7-D5DF3170BB7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Fishing\UltimateFishing.exe () [Datei ist nicht signiert]
FirewallRules: [{69119BE8-FC2E-4D2B-8344-192535C26BBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ultimate Fishing\UltimateFishing.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{FE74C9AA-97AB-4B1B-B66C-3AF5B52E0EC6}C:\program files\obs-studio\obs-plugins\64bit\obs-browser-page.exe] => (Block) C:\program files\obs-studio\obs-plugins\64bit\obs-browser-page.exe (Hugh Bailey -> )
FirewallRules: [UDP Query User{13228A1E-11FF-4962-8A8E-108865782C52}C:\program files\obs-studio\obs-plugins\64bit\obs-browser-page.exe] => (Block) C:\program files\obs-studio\obs-plugins\64bit\obs-browser-page.exe (Hugh Bailey -> )
FirewallRules: [{237DF28B-23F0-4B4C-8BAC-779020E463BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [Datei ist nicht signiert]
FirewallRules: [{D864EB98-CF65-46D6-9F9C-C4959ABC5B38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [Datei ist nicht signiert]
FirewallRules: [{BBDD51F8-B411-4C15-9951-8C9161D57B1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GodOfWar\GoW.exe (Santa Monica Studio) [Datei ist nicht signiert]
FirewallRules: [{B96835AA-26F7-49BF-9750-92363A4BCB42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GodOfWar\GoW.exe (Santa Monica Studio) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{9641C647-7307-4020-8214-D0653842BF8D}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{83BB3909-6AF2-40D9-AD94-39A3E4F3E7FE}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [{75BA7CFD-A8C2-4EAA-9A82-B756F7F4B668}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MultiVersus\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{CDA23D69-CBFC-4239-B9A8-7395813D3C12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MultiVersus\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{E9CEF5A0-AC25-41E9-AA81-A5D863AA49A8}] => (Allow) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc. -> Corsair Memory, Inc)
FirewallRules: [{CD7A31D1-65D1-460F-89EC-BE9AF864886E}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{F9F53961-9BF9-4268-9600-ED131D019585}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{77E3D8E1-9E6C-44EB-855B-0F33FDFA44FB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F3EF2049-D938-415D-BD9D-74B8D689A5BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{54D200BF-36ED-4FB0-9B1A-CE6E79136EFB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{D0C54AFE-B480-480A-BB88-26DEE62B0E4D}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{1CC56062-EA88-4DAD-A8F2-530D40CCD516}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{8C603AC3-F864-417B-AB17-8B23ECAA5578}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{DE1C4CF2-7B69-4337-9484-AE93C35959D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{E68D881D-5F95-423E-8D71-89761E1C1233}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DB288C91-7723-4693-A17E-138913C3DC58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4AF25F10-1FFE-47D5-A4AA-3A685903F265}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{ADFBF7BE-253B-4AED-B5B0-B3DBFD27728B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{6CC3D275-BA85-4D98-920A-E0C868780EDF}C:\program files (x86)\steam\steamapps\common\love, sam\lovesamrewrite\binaries\win64\lovesamrewrite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\love, sam\lovesamrewrite\binaries\win64\lovesamrewrite.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{6A9C7096-6B0C-4351-B867-FB68805EE9AA}C:\program files (x86)\steam\steamapps\common\love, sam\lovesamrewrite\binaries\win64\lovesamrewrite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\love, sam\lovesamrewrite\binaries\win64\lovesamrewrite.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{A26A9E7D-5418-4B07-A140-DC1C0B830A85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{72A0EC89-8357-45A3-8961-5A7D57000192}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SlayTheSpire\jre\bin\javaw.exe
FirewallRules: [{D4193298-C198-46E7-A640-65B1C1F86534}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A2CDBEFE-0016-4ABF-B05C-E5233C403D2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brotato\Brotato.exe (Thomas Gervraud) [Datei ist nicht signiert]
FirewallRules: [{014D20B8-DA66-4874-BC45-2340E9B74764}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brotato\Brotato.exe (Thomas Gervraud) [Datei ist nicht signiert]
FirewallRules: [{A35E6640-DFAC-4172-A82B-160010C91C54}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
11-11-2022 19:31:30 Geplanter Prüfpunkt
14-11-2022 16:02:14 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (11/15/2022 11:05:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Photopea video for voiceover.scr, Version: 1.0.14.255, Zeitstempel: 0x636e5713
Name des fehlerhaften Moduls: clr.dll, Version: 4.8.4515.0, Zeitstempel: 0x624cf48c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001b46bd
ID des fehlerhaften Prozesses: 0x147c
Startzeit der fehlerhaften Anwendung: 0x01d8f8d9c3205bf7
Pfad der fehlerhaften Anwendung: C:\Users\Anwender\Desktop\photopea\[Photopea] Promotional Materials\Photopea video for voiceover.scr
Pfad des fehlerhaften Moduls: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Berichtskennung: 29ddbbaa-1833-43a7-a24f-8be18f8ef4a4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/15/2022 11:05:20 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Anwendung: Photopea video for voiceover.scr
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines internen Fehlers in der .NET-Laufzeit beendet. bei IP 70E546BD (70CA0000) mit Exitcode 80131506.
Error: (11/14/2022 06:33:47 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (11/14/2022 06:33:47 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (11/11/2022 07:22:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Volume (D:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)
Error: (11/10/2022 08:25:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wallpaper32.exe, Version: 2.2.0.18, Zeitstempel: 0x6352babb
Name des fehlerhaften Moduls: nvwgf2um.dll, Version: 31.0.15.2647, Zeitstempel: 0x6358346e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00238b47
ID des fehlerhaften Prozesses: 0x2ac4
Startzeit der fehlerhaften Anwendung: 0x01d8f4f4c1692116
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ade64cd54ec2f9ed\nvwgf2um.dll
Berichtskennung: 779c481f-bfea-42da-8030-60b93adc05b6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/05/2022 01:45:12 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: MEAN-MACHINE)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Error: (11/05/2022 01:45:12 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MEAN-MACHINE)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Systemfehler:
=============
Error: (11/14/2022 12:52:59 PM) (Source: DCOM) (EventID: 10010) (User: MEAN-MACHINE)
Description: Der Server "Windows.Media.Capture.Internal.AppCaptureShell" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/11/2022 07:27:15 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (11/11/2022 05:51:55 PM) (Source: DCOM) (EventID: 10010) (User: MEAN-MACHINE)
Description: Der Server "Windows.Media.Capture.Internal.AppCaptureShell" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/11/2022 04:37:41 PM) (Source: DCOM) (EventID: 10010) (User: MEAN-MACHINE)
Description: Der Server "Windows.Media.Capture.Internal.AppCaptureShell" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/10/2022 08:25:21 PM) (Source: DCOM) (EventID: 10005) (User: MEAN-MACHINE)
Description: Fehler "1053" in DCOM, als der Dienst "BcastDVRUserService_1024db3e" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (11/10/2022 08:25:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Benutzerdienst für GameDVR und Übertragungen_1024db3e" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/10/2022 08:25:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdienst für GameDVR und Übertragungen_1024db3e erreicht.
Error: (11/10/2022 08:24:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Windows Defender:
================
Date: 2022-11-15 14:23:39
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/InstallCore&threatid=311991&enterprise=0
Name: PUADlManager:Win32/InstallCore
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Anwender\Downloads\adobe_flash_player_1993324768.exe; file:_C:\Users\Anwender\Downloads\adobe_flash_player_2151221308.exe; file:_C:\Users\Anwender\Downloads\adobe_flash_player_3461104809.exe; file:_C:\Users\Anwender\Downloads\CR_Downloader_fuer_project64_2184029674.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: MEAN-MACHINE\Anwender
Prozessname: C:\Users\Anwender\AppData\Local\Temp\scoped_dir14736_1598031958\FRST64.exe
Sicherheitsversion: AV: 1.379.379.0, AS: 1.379.379.0, NIS: 1.379.379.0
Modulversion: AM: 1.1.19800.4, NIS: 1.1.19800.4
Date: 2022-11-15 12:56:20
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/InstallCore&threatid=311991&enterprise=0
Name: PUADlManager:Win32/InstallCore
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Anwender\Downloads\adobe_flash_player_1993324768.exe; file:_C:\Users\Anwender\Downloads\adobe_flash_player_2151221308.exe; file:_C:\Users\Anwender\Downloads\adobe_flash_player_3461104809.exe; file:_C:\Users\Anwender\Downloads\CR_Downloader_fuer_project64_2184029674.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: MEAN-MACHINE\Anwender
Prozessname: C:\Program Files (x86)\Overwatch\_retail_\Overwatch.exe
Sicherheitsversion: AV: 1.379.379.0, AS: 1.379.379.0, NIS: 1.379.379.0
Modulversion: AM: 1.1.19800.4, NIS: 1.1.19800.4
Date: 2022-11-15 12:56:20
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/InstallCore&threatid=311991&enterprise=0
Name: PUADlManager:Win32/InstallCore
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Anwender\Downloads\adobe_flash_player_1993324768.exe; file:_C:\Users\Anwender\Downloads\adobe_flash_player_2151221308.exe; file:_C:\Users\Anwender\Downloads\adobe_flash_player_3461104809.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: MEAN-MACHINE\Anwender
Prozessname: C:\Program Files (x86)\Overwatch\_retail_\Overwatch.exe
Sicherheitsversion: AV: 1.379.379.0, AS: 1.379.379.0, NIS: 1.379.379.0
Modulversion: AM: 1.1.19800.4, NIS: 1.1.19800.4
Date: 2022-11-15 12:56:18
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/InstallCore&threatid=311991&enterprise=0
Name: PUADlManager:Win32/InstallCore
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Anwender\Downloads\adobe_flash_player_1993324768.exe; file:_C:\Users\Anwender\Downloads\adobe_flash_player_2151221308.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: MEAN-MACHINE\Anwender
Prozessname: C:\Program Files (x86)\Overwatch\_retail_\Overwatch.exe
Sicherheitsversion: AV: 1.379.379.0, AS: 1.379.379.0, NIS: 1.379.379.0
Modulversion: AM: 1.1.19800.4, NIS: 1.1.19800.4
Date: 2022-11-15 12:56:17
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/InstallCore&threatid=311991&enterprise=0
Name: PUADlManager:Win32/InstallCore
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\Users\Anwender\Downloads\adobe_flash_player_2151221308.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: MEAN-MACHINE\Anwender
Prozessname: C:\Program Files (x86)\Overwatch\_retail_\Overwatch.exe
Sicherheitsversion: AV: 1.379.379.0, AS: 1.379.379.0, NIS: 1.379.379.0
Modulversion: AM: 1.1.19800.4, NIS: 1.1.19800.4
CodeIntegrity:
===============
Date: 2022-11-11 19:22:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-11-10 23:17:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-11-01 14:19:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-10-30 17:45:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-09-30 22:49:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-09-06 12:05:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. H.00 08/05/2019
Hauptplatine: Micro-Star International Co., Ltd. X470 GAMING PLUS MAX (MS-7B79)
Prozessor: AMD Ryzen 5 3600 6-Core Processor
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 32714.45 MB
Verfügbarer physikalischer RAM: 24640.34 MB
Summe virtueller Speicher: 37578.45 MB
Verfügbarer virtueller Speicher: 26203.33 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.19 GB) (Free:136.43 GB) (Model: KINGSTON SA2000M8500G) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:931.38 GB) (Model: TOSHIBA HDWD110) NTFS
\\?\Volume{2d28b987-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.57 GB) (Free:0.11 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4DDA2387)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 2D28B987)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
| Themen zu WINDOWS 10: .SCR Malware Befall |
| antivirus, computer, downloader, email scam, excel, firefox, google, home, internet, internet explorer, malware, monitor, mozilla, nvcontainer, performance, prozesse, realtek, registry, rundll, scan, scr malware, services.exe, software, svchost.exe, system, udp, updates, windows, windows 10 |
Baum-Darstellung