| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Malwarebyte blockiert Winnet exe wegen TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.03.2023, 18:58
| #1 |
| |  Malwarebyte blockiert Winnet exe wegen Trojaner Hatte seit einigen Wochen scheinbar einen Crypto Mining Trojaner auf meinem Pc, der meine Cpu auf 80%, im Idle Zustand, gebracht hat. Konnte den nur durch den Ressourcenmonitor erkennen, weil er sich sobald ich den Taskmanager geöffnet hatte, sich nur für 0,5 Sekunden als "Systemunterbrechung" gezeigt hat. Und solange ich meinen Taskmanager offen hatte, lief mein PC auch wie immer. Das Program Iexplore hat folgende Prozesse deaktiviert: "winsvc.exe", "windefupd.exe" und "winnet.exe" anschliessend habe ich bei Malwarebyte einen Scan durchgeführt und einige Sachen gefunden und gelöscht. Seitdem habe ich auch keine Probleme. Allerdings bekomme ich alle 3-4 Minuten 4-5 Benachrichtigungen, das Malwarebyte, Websiten blockiert, obwohl ich nicht einmal im Browser bin. Riskware, Schadsoftware, kompromittiert und Trojaner werden mir im Wechsel angezeigt. Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Datum des Schutzereignisses: 24.03.23
Uhrzeit des Schutzereignisses: 18:37
Protokolldatei: 8d3b9f32-ca6a-11ed-8644-2cf05dda0056.json
-Softwaredaten-
Version: 4.5.25.256
Komponentenversion: 1.0.1957
Version des Aktualisierungspakets: 1.0.67087
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.2728)
CPU: x64
Dateisystem: NTFS
Benutzer: System
-Einzelheiten zu blockierten Websites-
Bösartige Website: 1
, C:\Windows\System32\winnet.exe, Blockiert, -1, -1, 0.0.0, ,
-Website-Daten-
Kategorie: Trojaner
Domäne:
IP-Adresse: 94.140.114.254
Port: 21910
Typ: Ausgehend
Datei: C:\Windows\System32\winnet.exe
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-03-2023
durchgeführt von Jermaine PC (Administrator) auf JERMAINE-PC (Micro-Star International Co., Ltd. MS-7C56) (24-03-2023 18:31:37)
Gestartet von C:\Users\Jermaine PC\Desktop
Geladene Profile: Jermaine PC
Plattform: Microsoft Windows 10 Home Version 22H2 19045.2728 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <29>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) S:\Steam\steam.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(S:\Steam\steam.exe ->) (Valve Corp. -> ) S:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(S:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) S:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <10>
(S:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) S:\Steam\GameOverlayUI.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) [Datei ist nicht signiert] C:\Windows\System32\winsvc.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_059948e396d205d5\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(winsvc.exe ->) () [Datei ist nicht signiert] C:\Windows\System32\winnet.exe
(winsvc.exe ->) (Microsoft Corporation) [Datei ist nicht signiert] C:\Windows\System32\wincfg.exe
(winsvc.exe ->) (Microsoft Corporation) [Datei ist nicht signiert] C:\Windows\System32\windefupd.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [CL-25-78C80621-47EF-42ED-A4CF-69BA96980097] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-25-78C80621-47EF-42ED-A4CF-69BA96980097\setuplauncher.exe" /run:Installer.exe /args:"/setup-folder:"CL-25-78C80621-47EF-42ED-A4CF-69BA969 (Der Dateneintrag hat 7 mehr Zeichen). (Keine Datei)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618320 2022-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\Run: [com.blitz.app] => "C:\Users\Jermaine PC\AppData\Local\Programs\Blitz\Blitz.exe" --autostart (Keine Datei)
HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\111.0.5563.111\Installer\chrmstp.exe [2023-03-24] (Google LLC -> Google LLC)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {115A8EF9-5D5C-4345-98F2-67631ED120A1} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {2A9BBBB5-BD46-461E-A4C8-3B3636D8E774} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3140E5CD-C2F4-49C3-BA27-EB9DCBF93DC1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26296808 2023-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D752BF8-B225-4348-927B-6644930B676C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F7B1AE7-59DD-4B9B-8CAD-EFD7BFE50147} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1775440 2021-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {46338272-413F-47FB-8DCA-3F0389BBED9B} - System32\Tasks\ROCCAT DEVICE SERVICE => C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_dev_service.exe (Keine Datei)
Task: {4E0EB6FC-1278-49B4-A41E-004B7205D5D3} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {54593A42-381D-4583-AB84-8795ACB2AA6F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144232 2023-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {5FA759E2-CF72-40D1-8415-E4DB269CEE25} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-10] (Google Inc -> Google Inc.)
Task: {6288B17D-2117-49CF-9685-F384E295E72D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {636E378F-D031-4487-AFE6-A31B792EC8B1} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168840 2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {67453431-BBA6-44E7-85DA-CD932E0DBFC8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6979F3B7-1405-448A-AB96-6B5779087C43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-10] (Google Inc -> Google Inc.)
Task: {6AADBF25-DFDF-453A-875A-6EA77800D72D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {80863403-8B1C-4BD8-AAC9-4CBC3BC4E14C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8147E3AF-0C1F-415C-89AD-B2E531997934} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {92398BB8-CBF3-434E-87E5-F85B0B18BBC5} - System32\Tasks\MSI Task Host - MSI.True Color => C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe [47416 2021-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {9BAA411A-2247-42A9-936E-39343C4C31B4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26296808 2023-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D9C92EF-2B28-4579-98A1-11F9DB5C2182} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {9DEB1A25-BDE0-4E46-888C-F18D989EE0F2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {9F2FA3D4-6358-4BCD-8D11-4B9564DF4DD5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A4458FC6-32B6-4C0D-9E39-F027CA81F696} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A847D8C9-983F-4F3B-8C57-E6B1617A531B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144232 2023-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF810BE5-256F-4821-BEED-52D7126CB754} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {EE27871D-5376-42EC-B704-3E325F26C272} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB0248A6-7FF5-4443-8383-8320D8CF8266} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804312 2022-11-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3c924660-3b70-46b2-b007-727575306657}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b6ee4341-403c-4f01-857e-8565ba4f4d21}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{b6ee4341-403c-4f01-857e-8565ba4f4d21}: [DhcpNameServer] 192.168.178.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\Jermaine PC\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-24]
Edge DownloadDir: Default -> D:\Google Chrome Downloads
Edge HomePage: Default -> edge://newtab/
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2023-01-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2023-01-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jermaine PC\AppData\Local\Google\Chrome\User Data\Default [2023-03-24]
CHR DownloadDir: D:\Google Chrome Downloads
CHR Extension: (Dunkles Theme für Google Chrome) - C:\Users\Jermaine PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2023-03-24]
CHR Extension: (Social Blade) - C:\Users\Jermaine PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2022-09-04] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ACHTUNG
CHR Extension: (FrankerFaceZ) - C:\Users\Jermaine PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2021-03-25]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Jermaine PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jermaine PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Profile: C:\Users\Jermaine PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-03-24]
CHR Profile: C:\Users\Jermaine PC\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-03-24]
CHR Extension: (Google Docs Offline) - C:\Users\Jermaine PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jermaine PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-28]
CHR Profile: C:\Users\Jermaine PC\AppData\Local\Google\Chrome\User Data\System Profile [2023-03-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2688544 2022-07-27] (PUBG CORPORATION -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512768 2023-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-03-20] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-11-10] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-06-28] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [24739320 2022-06-12] (FACE IT LIMITED -> )
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9094440 2023-03-23] (Malwarebytes Inc. -> Malwarebytes)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe [35824 2021-01-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; S:\Launcher\RockstarService.exe [2016208 2022-06-28] (Rockstar Games, Inc. -> Rockstar Games)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35192 2023-03-14] (SteelSeries ApS -> )
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2021-12-30] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11060856 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [368248 2021-03-16] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 winsvc; C:\WINDOWS\system32\winsvc.exe [33306624 2019-11-20] (Microsoft Corporation) [Datei ist nicht signiert]
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [9959072 2022-08-10] (PUBG CORPORATION -> KRAFTON, Inc)
S3 EpicOnlineServices; "C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_059948e396d205d5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_059948e396d205d5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 OVRLibraryService; "C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe" [X]
S2 OVRService; "C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe" [X]
S2 SecurityService; "C:\Program Files (x86)\TotalAV\SecurityService.exe" [X] <==== ACHTUNG
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [2178912 2022-08-21] (PUBG CORPORATION -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\WINDOWS\system32\drivers\ACE-GAME.sys [914760 2022-08-21] (PUBG CORPORATION -> ANTICHEATEXPERT.COM)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 atvi-randgrid; C:\ProgramData\Battle.net_components\randgridauks\randgrid.sys [2513192 2022-11-15] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29224 2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-13] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-13] (Disc Soft Ltd -> Disc Soft Ltd)
R3 ElgatoVAD; C:\WINDOWS\System32\drivers\ElgatoVAD.sys [39208 2020-11-08] (Elgato Systems LLC -> Elgato Systems GmbH)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [15958536 2022-06-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [42000 2023-03-24] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [26168 2021-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-03-19] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2018-03-19] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2018-03-19] (Logitech -> Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\System32\drivers\LGSUsbFilt.Sys [41752 2018-03-19] (Logitech -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-03-23] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198584 2023-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-03-24] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [75280 2022-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 OCULUSVRHEADSET; C:\WINDOWS\System32\drivers\OCULUS119B.sys [1887232 2019-01-04] (C-MEDIA ELECTRONICS INC. -> OCULUS)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2019-01-04] (Oculus VR, LLC -> Facebook Inc.)
S3 OCUSBVID; C:\WINDOWS\System32\drivers\ocusbvid111.sys [69176 2019-01-04] (Oculus VR, LLC -> Oculus VR, LLC)
S0 ProtectedELAM; C:\WINDOWS\System32\drivers\protected_elam.sys [18912 2023-02-17] (Microsoft Windows Early Launch Anti-Malware Publisher -> TODO: <Company name>)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48848 2020-09-25] (SteelSeries ApS -> SteelSeries ApS)
R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [44456 2023-03-13] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_c554088ddc1b935b\SteelSeries-Sonar-VAD.sys [94904 2023-03-03] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22292248 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
R3 VirtualHID; C:\WINDOWS\System32\drivers\VirtualHID.sys [26768 2020-02-05] (Voyetra Turtle Beach, Inc. -> TurtleBeach)
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2022-03-08] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [96264 2023-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== ACHTUNG
R3 WinRing0_1_2_0; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MODAPI.sys [14544 2023-03-24] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2522256 2021-12-30] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 CrucialSMBusScan; \??\C:\Users\JERMAI~1\AppData\Local\Temp\CrucialSMBusScan_V64.sys [X] <==== ACHTUNG
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-03-24 18:31 - 2023-03-24 18:31 - 000032988 _____ C:\Users\Jermaine PC\Desktop\FRST.txt
2023-03-24 18:31 - 2023-03-24 18:31 - 000000000 ____D C:\FRST
2023-03-24 18:30 - 2023-03-24 18:30 - 002379264 _____ (Farbar) C:\Users\Jermaine PC\Desktop\FRST64.exe
2023-03-24 17:09 - 2023-03-24 17:09 - 000000000 ____D C:\WINDOWS\system32\data
2023-03-24 17:08 - 2023-03-24 17:08 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-03-24 16:49 - 2023-03-24 16:49 - 000001984 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-03-24 16:23 - 2023-03-24 16:23 - 000000000 ____D C:\Users\Jermaine PC\Documents\TotalAV
2023-03-24 16:22 - 2023-03-24 17:08 - 000000000 ____D C:\Program Files (x86)\TotalAV
2023-03-24 16:22 - 2023-03-24 16:22 - 057278304 _____ C:\Users\Jermaine PC\Desktop\TotalAV_Setup.exe
2023-03-24 16:22 - 2023-03-24 16:22 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\GUI
2023-03-24 16:22 - 2023-03-24 16:22 - 000000000 ____D C:\ProgramData\TotalAV
2023-03-24 16:22 - 2023-03-24 16:22 - 000000000 ____D C:\ProgramData\SecuritySuite
2023-03-24 15:37 - 2023-03-24 15:38 - 000001387 _____ C:\Users\Jermaine PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-03-24 15:37 - 2023-03-24 15:37 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\ESET
2023-03-24 15:34 - 2023-03-24 15:36 - 000000000 ____D C:\AdwCleaner
2023-03-24 15:31 - 2023-03-24 15:31 - 000000298 _____ C:\WINDOWS\system32\.crusader
2023-03-24 15:28 - 2023-03-24 15:31 - 000000000 ____D C:\ProgramData\HitmanPro
2023-03-24 15:24 - 2023-03-24 15:24 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Jermaine PC\Desktop\iExplore.exe
2023-03-24 14:49 - 2020-03-13 07:52 - 006907392 _____ C:\WINDOWS\system32\winnet.exe
2023-03-23 22:20 - 2023-03-23 22:20 - 000000000 ____D C:\Users\Jermaine PC\Documents\League of Legends
2023-03-23 21:08 - 2023-03-24 16:49 - 000001996 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-03-23 21:07 - 2023-03-24 16:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-03-23 21:07 - 2023-03-24 16:48 - 000000000 ____D C:\Program Files\Malwarebytes
2023-03-23 21:07 - 2023-03-23 21:07 - 002649088 _____ (Malwarebytes) C:\Users\Jermaine PC\Documents\MBSetup.exe
2023-03-23 20:54 - 2023-03-23 20:54 - 000000000 ____D C:\Users\Jermaine PC\Documents\The Witcher 3
2023-03-23 20:49 - 2023-03-23 20:49 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2023-03-23 20:49 - 2023-03-23 20:49 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2023-03-23 20:11 - 2023-03-24 17:08 - 000003146 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2023-03-23 19:44 - 2023-03-23 19:44 - 000000000 ____D C:\WINDOWS\pss
2023-03-23 18:39 - 2023-03-23 18:41 - 000001064 _____ C:\Users\Jermaine PC\Desktop\MSI Kombustor 4 x64.lnk
2023-03-23 18:39 - 2023-03-23 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2023-03-23 18:39 - 2023-03-23 18:39 - 000000000 ____D C:\Program Files\Geeks3D
2023-03-23 18:00 - 2023-03-23 18:00 - 000001158 _____ C:\Users\Jermaine PC\Desktop\MSI Afterburner.lnk
2023-03-23 18:00 - 2023-03-23 18:00 - 000000000 ____D C:\Users\Jermaine PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2023-03-23 18:00 - 2023-03-23 18:00 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2023-03-23 17:59 - 2023-03-23 17:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-03-22 20:58 - 2023-03-24 00:32 - 000007624 _____ C:\Users\Jermaine PC\AppData\Local\Resmon.ResmonCfg
2023-03-22 20:54 - 2023-03-22 20:54 - 000000000 ____D C:\Program Files\Google
2023-03-22 19:40 - 2023-03-22 19:40 - 000000915 _____ C:\Users\Public\Desktop\Stream Deck.lnk
2023-03-22 19:40 - 2023-03-22 19:40 - 000000000 ____D C:\ProgramData\obs-studio
2023-03-22 19:40 - 2023-03-22 19:40 - 000000000 ____D C:\Elgato Stream Deck
2023-03-22 19:08 - 2023-03-09 08:57 - 002172512 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-03-22 19:08 - 2023-03-09 08:57 - 002172512 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-03-22 19:08 - 2023-03-09 08:57 - 001607776 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-03-22 19:08 - 2023-03-09 08:57 - 001607776 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-03-22 19:08 - 2023-03-09 08:57 - 001479264 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-03-22 19:08 - 2023-03-09 08:57 - 001479264 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-03-22 19:08 - 2023-03-09 08:57 - 001226736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-03-22 19:08 - 2023-03-09 08:57 - 001211488 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-03-22 19:08 - 2023-03-09 08:57 - 001211488 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-03-22 19:08 - 2023-03-09 08:54 - 000671744 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-03-22 19:08 - 2023-03-09 08:54 - 000506344 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-03-22 19:08 - 2023-03-09 08:53 - 001534448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-03-22 19:08 - 2023-03-09 08:53 - 001192960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-03-22 19:08 - 2023-03-09 08:53 - 000851432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-03-22 19:08 - 2023-03-09 08:53 - 000741360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-03-22 19:08 - 2023-03-09 08:52 - 002163736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-03-22 19:08 - 2023-03-09 08:52 - 001620016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-03-22 19:08 - 2023-03-09 08:52 - 000977944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-03-22 19:08 - 2023-03-09 08:52 - 000758272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-03-22 19:08 - 2023-03-09 08:51 - 013765632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-03-22 19:08 - 2023-03-09 08:51 - 011645952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-03-22 19:08 - 2023-03-09 08:51 - 000457752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-03-22 19:08 - 2023-03-09 08:50 - 006084136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-03-22 19:08 - 2023-03-09 08:50 - 005911600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-03-22 19:08 - 2023-03-09 08:50 - 005835312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-03-22 19:08 - 2023-03-09 08:50 - 000852976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-03-22 19:08 - 2023-03-08 12:17 - 000104256 _____ C:\WINDOWS\system32\nvinfo.pb
2023-03-22 18:08 - 2023-03-22 18:09 - 019852088 _____ C:\Users\Jermaine PC\Desktop\IMG_8250.DNG
2023-03-22 18:08 - 2023-03-22 16:57 - 019085228 _____ C:\Users\Jermaine PC\Desktop\IMG_8251.DNG
2023-03-20 20:31 - 2023-03-20 20:31 - 000000000 ____D C:\Users\Jermaine PC\AppData\LocalLow\gzke
2023-03-20 19:43 - 2023-03-20 19:43 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\testdis
2023-03-20 19:30 - 2023-03-20 19:30 - 000000000 ____D C:\Users\Jermaine PC\AppData\LocalLow\Smuck
2023-03-20 16:21 - 2023-03-20 16:21 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-03-15 20:32 - 2023-03-15 20:32 - 000000000 ___HD C:\$WinREAgent
2023-03-13 18:29 - 2023-03-13 18:30 - 000000055 _____ C:\Users\Jermaine PC\Desktop\.txt
2023-03-08 19:04 - 2023-03-08 19:04 - 000000000 ____D C:\Users\Jermaine PC\AppData\Roaming\MMFApplications
2023-03-08 17:05 - 2023-03-24 17:07 - 110886912 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-03-08 16:27 - 2023-03-08 16:27 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\You_Must
2023-03-05 19:23 - 2023-03-05 19:23 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\Find_Yourself
2023-03-02 19:53 - 2023-03-02 19:53 - 000000000 ____D C:\Users\Jermaine PC\AppData\LocalLow\N4bA X SeeM
2023-03-02 19:10 - 2023-03-02 19:10 - 000000000 ____D C:\Users\Jermaine PC\AppData\LocalLow\GemezlGames
2023-03-02 17:58 - 2023-03-02 17:58 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\sex
2023-03-01 22:43 - 2023-03-09 08:57 - 001487336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-03-01 22:36 - 2023-03-01 22:36 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\Microsoft.4297127D64EC6
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-03-24 18:31 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-24 18:27 - 2018-09-10 04:10 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-24 17:11 - 2020-04-23 20:06 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2023-03-24 17:08 - 2020-08-18 02:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-24 17:08 - 2020-08-18 02:36 - 000607984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-24 17:08 - 2020-08-18 02:36 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-24 17:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-03-24 17:08 - 2018-09-10 03:59 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-24 17:07 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-03-24 16:51 - 2021-05-13 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2023-03-24 16:51 - 2020-11-02 15:58 - 000000000 ____D C:\Program Files\VEGAS
2023-03-24 16:51 - 2019-01-14 17:37 - 000000000 ____D C:\ProgramData\VEGAS Pro
2023-03-24 16:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-24 16:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-24 16:34 - 2018-09-10 04:04 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\Packages
2023-03-24 16:31 - 2021-07-27 20:56 - 000000000 ____D C:\Users\Jermaine PC\Desktop\Dörnberg
2023-03-24 16:26 - 2021-03-25 17:33 - 000000000 ____D C:\WINDOWS\Minidump
2023-03-24 16:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-24 16:26 - 2018-09-12 19:54 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\CrashDumps
2023-03-24 16:22 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-03-24 16:05 - 2020-08-18 02:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-24 15:45 - 2018-09-10 04:31 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\D3DSCache
2023-03-24 15:01 - 2022-01-17 03:21 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\authy
2023-03-24 15:01 - 2020-11-10 14:28 - 000000000 ____D C:\Users\Jermaine PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twilio Inc
2023-03-24 00:35 - 2019-07-03 16:06 - 000000000 ____D C:\Users\Jermaine PC\AppData\Roaming\Discord
2023-03-24 00:00 - 2019-07-03 16:06 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\Discord
2023-03-23 23:28 - 2018-09-10 04:40 - 000000000 ____D C:\ProgramData\Riot Games
2023-03-23 21:42 - 2018-10-31 17:46 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\ElevatedDiagnostics
2023-03-23 21:11 - 2018-10-31 18:26 - 000000000 ____D C:\ProgramData\KMSAutoS
2023-03-23 20:48 - 2023-01-07 18:17 - 002786768 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-03-23 20:48 - 2023-01-07 18:17 - 000476624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-03-23 20:48 - 2023-01-07 18:17 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2023-03-23 20:48 - 2023-01-07 18:17 - 000202192 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-03-23 20:48 - 2023-01-07 18:17 - 000165328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-03-23 20:48 - 2023-01-07 18:17 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-03-23 20:48 - 2023-01-07 18:17 - 000079352 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-03-23 20:48 - 2023-01-07 18:17 - 000062928 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-03-23 20:46 - 2019-12-14 17:51 - 000000000 ____D C:\Users\Jermaine PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio
2023-03-23 20:46 - 2019-12-14 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio
2023-03-23 20:46 - 2019-12-14 17:51 - 000000000 ____D C:\Program Files\VB
2023-03-23 18:18 - 2021-01-31 14:04 - 000000000 ____D C:\AMD
2023-03-23 18:16 - 2020-05-02 22:41 - 000000000 ____D C:\Program Files\Logitech
2023-03-23 18:16 - 2018-12-28 10:51 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\Logitech
2023-03-23 17:59 - 2022-04-29 17:05 - 000000000 ____D C:\Users\Jermaine PC\AppData\Roaming\DropboxElectron
2023-03-23 17:59 - 2020-04-26 16:51 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\Dropbox
2023-03-23 17:59 - 2020-04-26 16:51 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-03-23 17:58 - 2020-06-25 21:46 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-23 17:56 - 2022-02-22 23:26 - 000000000 ____D C:\WINDOWS\system32\SteelSeries
2023-03-22 19:40 - 2021-03-25 17:32 - 000000000 ____D C:\Program Files\Elgato
2023-03-22 19:40 - 2020-05-15 21:09 - 000000000 ____D C:\Users\Jermaine PC\AppData\Roaming\Elgato
2023-03-22 18:08 - 2022-02-07 02:19 - 000000000 ___RD C:\Users\Jermaine PC\Dropbox
2023-03-22 16:49 - 2020-08-18 02:41 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-22 16:49 - 2020-08-18 02:41 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-20 20:00 - 2022-10-06 19:04 - 000000000 ____D C:\Users\Jermaine PC\AppData\LocalLow\N4bA
2023-03-20 18:29 - 2023-02-15 21:01 - 000000000 ____D C:\Users\Jermaine PC\AppData\LocalLow\Rayll
2023-03-19 18:40 - 2018-10-31 18:15 - 000000000 ____D C:\Program Files\Microsoft Office
2023-03-16 18:11 - 2020-08-18 21:36 - 001722788 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-16 18:11 - 2019-12-07 15:50 - 000743708 _____ C:\WINDOWS\system32\perfh007.dat
2023-03-16 18:11 - 2019-12-07 15:50 - 000150130 _____ C:\WINDOWS\system32\perfc007.dat
2023-03-15 22:56 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-15 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-15 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-15 22:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-15 22:54 - 2018-09-13 18:45 - 000000000 ____D C:\Users\Jermaine PC\AppData\Roaming\Spotify
2023-03-15 22:00 - 2018-09-13 18:45 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\Spotify
2023-03-15 20:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-15 20:38 - 2020-08-18 02:41 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-03-15 20:38 - 2016-07-16 13:58 - 000416048 __RSH C:\bootmgr
2023-03-15 19:37 - 2018-09-10 12:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-15 17:51 - 2018-09-10 12:26 - 153620824 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-03-13 16:40 - 2019-12-23 17:49 - 000044456 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys
2023-03-09 08:51 - 2023-01-29 18:16 - 003430400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-03-09 08:49 - 2020-06-28 18:55 - 007924696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-03-09 08:48 - 2020-12-20 00:16 - 006788432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-03-08 17:04 - 2020-12-05 18:39 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-03-08 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-03-08 16:36 - 2023-01-04 15:49 - 000000000 ____D C:\Users\Jermaine PC\AppData\Local\Battlestate Games
2023-03-05 19:11 - 2021-08-11 20:00 - 000000000 ____D C:\Users\Jermaine PC\AppData\Roaming\obs-studio
2023-03-02 18:08 - 2020-04-26 16:51 - 000001248 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2023-03-02 18:08 - 2020-04-26 16:51 - 000001244 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2023-03-01 22:39 - 2021-03-28 17:17 - 000000000 ____D C:\Users\Jermaine PC\AppData\Roaming\.minecraft
2023-03-01 20:16 - 2020-08-18 02:41 - 000004308 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2023-03-01 20:16 - 2020-08-18 02:41 - 000004076 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2023-02-26 04:39 - 2023-01-07 18:17 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInputRedist.dll
2023-02-26 03:11 - 2023-01-07 18:17 - 000242168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInputRedist.dll
2023-02-25 03:00 - 2020-06-28 18:55 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2023-02-24 21:14 - 2020-08-18 02:41 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-01-06 19:39 - 2023-01-06 19:39 - 000039869 _____ () C:\Program Files\unins000.dat
2023-01-06 19:39 - 2023-01-06 19:37 - 003076376 _____ (Xaymars Technology Workshop ) C:\Program Files\unins000.exe
2023-01-06 19:39 - 2023-01-06 19:39 - 000024097 _____ () C:\Program Files\unins000.msg
2022-01-04 16:11 - 2023-02-02 19:59 - 000000032 _____ () C:\Users\Jermaine PC\AppData\Roaming\.machineId
2019-01-04 20:58 - 2019-01-04 21:55 - 000022571 _____ () C:\Users\Jermaine PC\AppData\Local\.starboard.aHR0cHM6Ly93d3cueW91dHViZS5jb20vdHY=.storage
2019-01-04 20:58 - 2019-01-04 20:58 - 000000000 _____ () C:\Users\Jermaine PC\AppData\Local\.starboard.storage
2021-03-22 23:44 - 2021-03-22 23:44 - 000000821 _____ () C:\Users\Jermaine PC\AppData\Local\lgd11960.html
2021-03-22 23:53 - 2021-03-22 23:53 - 000000821 _____ () C:\Users\Jermaine PC\AppData\Local\lgd12628.html
2021-03-22 23:56 - 2021-03-22 23:56 - 000000821 _____ () C:\Users\Jermaine PC\AppData\Local\lgd12844.html
2021-03-23 01:40 - 2021-03-23 01:40 - 000000820 _____ () C:\Users\Jermaine PC\AppData\Local\lgd4792.html
2021-03-22 23:38 - 2021-03-22 23:38 - 000000820 _____ () C:\Users\Jermaine PC\AppData\Local\lgd6260.html
2021-03-22 23:44 - 2021-03-22 23:44 - 000000818 _____ () C:\Users\Jermaine PC\AppData\Local\lgw11960.html
2021-03-22 23:53 - 2021-03-22 23:53 - 000000818 _____ () C:\Users\Jermaine PC\AppData\Local\lgw12628.html
2021-03-22 23:56 - 2021-03-22 23:56 - 000000818 _____ () C:\Users\Jermaine PC\AppData\Local\lgw12844.html
2021-03-23 01:40 - 2021-03-23 01:40 - 000000817 _____ () C:\Users\Jermaine PC\AppData\Local\lgw4792.html
2021-03-22 23:38 - 2021-03-22 23:38 - 000000817 _____ () C:\Users\Jermaine PC\AppData\Local\lgw6260.html
2021-06-23 00:13 - 2021-10-28 14:30 - 000033714 _____ () C:\Users\Jermaine PC\AppData\Local\PlariumPlay.log
2023-03-22 20:58 - 2023-03-24 00:32 - 000007624 _____ () C:\Users\Jermaine PC\AppData\Local\Resmon.ResmonCfg
2021-03-22 23:44 - 2021-03-22 23:44 - 000044305 _____ () C:\Users\Jermaine PC\AppData\Local\wdp11960.js
2021-03-22 23:53 - 2021-03-22 23:53 - 000044305 _____ () C:\Users\Jermaine PC\AppData\Local\wdp12628.js
2021-03-22 23:56 - 2021-03-22 23:56 - 000044305 _____ () C:\Users\Jermaine PC\AppData\Local\wdp12844.js
2021-03-23 01:40 - 2021-03-23 01:40 - 000044305 _____ () C:\Users\Jermaine PC\AppData\Local\wdp4792.js
2021-03-22 23:38 - 2021-03-22 23:38 - 000044305 _____ () C:\Users\Jermaine PC\AppData\Local\wdp6260.js
2021-03-22 23:44 - 2021-03-22 23:44 - 000044367 _____ () C:\Users\Jermaine PC\AppData\Local\wdpdyn11960.js
2021-03-22 23:53 - 2021-03-22 23:53 - 000044367 _____ () C:\Users\Jermaine PC\AppData\Local\wdpdyn12628.js
2021-03-22 23:56 - 2021-03-22 23:56 - 000044367 _____ () C:\Users\Jermaine PC\AppData\Local\wdpdyn12844.js
2021-03-23 01:40 - 2021-03-23 01:40 - 000044367 _____ () C:\Users\Jermaine PC\AppData\Local\wdpdyn4792.js
2021-03-22 23:38 - 2021-03-22 23:38 - 000044367 _____ () C:\Users\Jermaine PC\AppData\Local\wdpdyn6260.js
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
24.03.2023, 18:58
| #2 |
| | Malwarebyte blockiert Winnet exe wegen TrojanerCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-03-2023
durchgeführt von Jermaine PC (24-03-2023 18:32:11)
Gestartet von C:\Users\Jermaine PC\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2728 (X64) (2020-08-18 01:41:46)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-155395719-1804907069-938482460-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-155395719-1804907069-938482460-503 - Limited - Disabled)
Gast (S-1-5-21-155395719-1804907069-938482460-501 - Limited - Disabled)
Jermaine PC (S-1-5-21-155395719-1804907069-938482460-1001 - Administrator - Enabled) => C:\Users\Jermaine PC
WDAGUtilityAccount (S-1-5-21-155395719-1804907069-938482460-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Total AV (Disabled - Up to date) {0567E33F-93C9-11B5-891D-90A37AEB2766}
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.10.26.336 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.81 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 4.13.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 6.0.0.7 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver Alpha (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{b7b5b85e-6364-4ab4-ab0f-3a89b0de0fe2}) (Version: 2.10.26.336 - Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Call of Duty (HKLM-x32\...\Call of Duty) (Version: - Blizzard Entertainment)
Call of Duty Black Ops Cold War (HKLM-x32\...\Call of Duty Black Ops Cold War) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 170.4.5895 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.733.1 - Dropbox, Inc.) Hidden
Elgato Game Capture HD (HKLM\...\{D85B8C0A-5A15-4C9C-8AA7-6C1645D988B5}) (Version: 3.70.51.3051 - Elgato Systems GmbH)
Elgato Stream Deck (HKLM\...\{B8216E9B-D176-4565-8D72-58099B57A6C2}) (Version: 6.1.0.18521 - Corsair Memory, Inc.)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{bee27b2f-e41b-4dd1-9c1d-fddb3c155727}) (Version: 1.0.3.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d6c7bfc9-8ecb-45a5-967b-f1c3c04cc972}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{5F15891E-8342-47CD-AFFF-89211CFC04D0}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
FACEIT (HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\FACEITApp) (Version: 1.31.7 - FACEIT Ltd.)
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD)
FiveM (HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.111 - Google LLC)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Java 8 Update 351 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 4.5.25.256 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.25.256 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.51 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.51 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.16130.20306 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{CFF44AE9-2908-4D7D-B48B-1CB5139015C7}) (Version: 1.0.0.0 - Mojang)
MSI Afterburner 4.6.5 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.5 Beta 4 - MSI Co., LTD)
MSI Kombustor 4.1.19.0 (64-bit) (HKLM\...\{F3D3CC6B-9AD7-4F43-8C69-40D5902FDC5C}}_is1) (Version: - MSI / Geeks3D)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
MSVCRT Redists (HKLM\...\{01618030-58D8-11EC-81EE-00155DE88B8F}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{039A7B61-A5A7-11EC-BD0F-00155DBAAA47}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{2D01BE5E-1A10-11EB-98E0-309C23D6865A}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{52116C70-79F9-11E6-9541-BB95F5A309BD}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{652AD021-AC5E-11EB-8317-00155DECA0C0}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{69B88661-7CCE-11EB-BBE0-00155D5A7247}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{A0627840-EC41-11EC-980E-00155DE5B332}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{E83D6FA1-B27C-11E9-B0DB-A5146957F833}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{F0C4CF40-1812-11EB-B007-00155D5F975B}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM-x32\...\{45FAAD61-1A0F-11EB-9D8D-309C23D6865A}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.5 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Grafiktreiber 531.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.29 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.0.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9084.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.42.526.2020 - Realtek)
REDlauncher (HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
ROCCAT Swarm (HKLM-x32\...\{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.93.990 - ROCCAT GmbH) Hidden
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.60.868 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.3.7 - Rockstar Games)
SanDisk Security (HKLM-x32\...\{5d4b1e22-ee0a-42be-85e3-fdedcb0a16da}) (Version: 1.0.0.22 - Western Digital Technologies, Inc.)
SanDisk Security (HKLM-x32\...\{FBCE2D4B-506A-4CD7-B577-FC80E87785BA}) (Version: 1.0.0.22 - Western Digital Technologies, Inc.) Hidden
Spotify (HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\Spotify) (Version: 1.2.6.863.ge7902f05 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 34.0.0 (HKLM\...\SteelSeries GG) (Version: 34.0.0 - SteelSeries ApS)
StreamElements SE.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 22.3.5.805 - StreamElements)
StreamFX (for OBS Studio) version 0.11.1.0 (HKLM\...\{DE56A03A-C8A4-474B-83B0-CFD270262D38}}_is1) (Version: 0.11.1.0 - Xaymars Technology Workshop)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TotalAV (HKLM-x32\...\TotalAV) (Version: 5.22.37 - TotalAV) <==== ACHTUNG
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 118.0.10358 - Ubisoft)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.29.1.0 - Voicemod S.L.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows-PC-Integritätsprüfung (HKLM\...\{63EFBDB5-01B0-4614-BE9F-7F1908E42275}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Packages:
=========
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2021-12-10] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.7102.0_x64__8wekyb3d8bbwe [2023-03-20] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.2.4.0_x64__8wekyb3d8bbwe [2023-03-21] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2021-12-18] (Realtek Semiconductor Corp)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-27] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-27] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-155395719-1804907069-938482460-1001_Classes\CLSID\{1bb9c643-919e-78ed-d494-b480b2621ba4}\localserver32 -> "G:\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-155395719-1804907069-938482460-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
CustomCLSID: HKU\S-1-5-21-155395719-1804907069-938482460-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Jermaine PC\Dropbox [2022-02-07 02:19]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-03-22] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-23] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2cec8fd58a80e6ea\igfxDTCM.dll -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_059948e396d205d5\nvshext.dll [2023-03-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-23] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2022-11-17 17:14 - 2022-11-07 11:18 - 000407040 _____ () [Datei ist nicht signiert] S:\Steam\bin\cef\cef.win7x64\swiftshader\libegl.dll
2022-11-17 17:14 - 2022-11-07 11:18 - 002691072 _____ () [Datei ist nicht signiert] S:\Steam\bin\cef\cef.win7x64\swiftshader\libglesv2.dll
2021-01-31 13:58 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2021-01-31 13:58 - 2018-08-31 07:26 - 000053760 _____ (MS) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2021-04-11 17:43 - 2021-04-11 17:43 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-04-11 17:43 - 2021-04-11 17:43 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2021-04-11 17:43 - 2021-04-11 17:43 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-08-13 14:14 - 2021-04-11 17:43 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-08-13 14:14 - 2021-04-11 17:43 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-08-13 14:14 - 2021-04-11 17:43 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-08-13 14:14 - 2021-04-11 17:43 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-08-13 14:14 - 2021-04-11 17:43 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-08-13 14:14 - 2021-04-11 17:43 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
2021-01-31 14:07 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\temp:err [1418]
AlternateDataStreams: C:\WINDOWS\system32\9EarsSurroundSound.dll:97D88723C8 [2498]
AlternateDataStreams: C:\ProgramData\agent.1626455176.bdinstall.v2.bin:80EEE1FD5B [2498]
AlternateDataStreams: C:\ProgramData\agent.update.1650891886.bdinstall.v2.bin:BDAA651837 [2594]
AlternateDataStreams: C:\ProgramData\cl.1626455268.bdinstall.v2.bin:5361E16849 [2594]
AlternateDataStreams: C:\ProgramData\cl.kit.1626455268.bdinstall.v2.bin:1A7CA16364 [2498]
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [2498]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [2594]
AlternateDataStreams: C:\ProgramData\vpn.1644511803.bdinstall.v2.bin:45ECDBF5B6 [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5 Multi-Instance Manager.lnk:35C0D57199 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5.lnk:088221F38A [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk:FE00AE19CB [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk:6BCDFBBA1F [2594]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk:550995E265 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Oculus.lnk:3E1FCB1CF0 [2594]
AlternateDataStreams: C:\Users\Jermaine PC\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Jermaine PC\Desktop\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\Jermaine PC\Desktop\IMG_8250.DNG:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Jermaine PC\Desktop\IMG_8251.DNG:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Jermaine PC\Desktop\IMG_8255.JPG:com.dropbox.attrs [52]
AlternateDataStreams: C:\Users\Jermaine PC\Desktop\IMG_8267.JPG:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Jermaine PC\Desktop\IMG_8273.JPG:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Jermaine PC\Desktop\jimxstarlet.HEIC:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Jermaine PC\Desktop\TotalAV_Setup.exe:MBAM.Zone.Identifier [142]
AlternateDataStreams: C:\Users\Jermaine PC\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_351\bin\ssv.dll [2023-01-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_351\bin\jp2ssv.dll [2023-01-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2018-09-10 02:09 - 2022-04-25 13:59 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-10-12 23:38 - 2021-10-12 23:38 - 000000374 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\
HKU\S-1-5-21-155395719-1804907069-938482460-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jermaine PC\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\1124786.jpg
DNS Servers: 8.8.4.4 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "ROCCAT Swarm Monitor.lnk"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Elgato Sound Capture"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\StartupApproved\Run: => "Voicemod"
HKU\S-1-5-21-155395719-1804907069-938482460-1001\...\StartupApproved\Run: => "com.blitz.app"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{5A9CAF8F-DEBA-45D7-B088-A282A2CE8E5D}C:\users\jermaine pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jermaine pc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{8E25FC91-1ED6-4255-8634-DA4ACFA7747A}C:\users\jermaine pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jermaine pc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{A3C26CA3-6D0B-46F6-B72A-206A571A651B}C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{16AAE9A9-93C4-4E73-9A92-43BD824B1754}C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{549BAB57-217B-4CF4-94E7-4284FC6E6DC6}C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{29C1A3DF-FF1F-4E3D-AE0D-B42C53BEDB08}C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{E8629373-56CC-40AA-8C24-E8462DB4E4BC}] => (Allow) S:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DDC42FA1-0F99-4E9E-AEE2-9429DD87292F}] => (Allow) S:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0D259C74-E24E-41C7-B1A5-BE670212CBD0}] => (Allow) S:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{471DB062-3799-4B08-AB61-BDA67D58F0CD}] => (Allow) S:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B34BF8E7-5BA9-4DFC-AF91-9ACDFD10991E}] => (Allow) S:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{A83C0D7F-4B19-46A5-B8F0-0B5E995DDB99}] => (Allow) S:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{BAD26CC2-0CD1-41CC-AB4E-D16E7C665C6E}C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => Keine Datei
FirewallRules: [UDP Query User{5CD9D5A2-6F93-4D6E-9A86-340F6F12011F}C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe => Keine Datei
FirewallRules: [{4650E43B-0B9E-42AF-9FC8-D85D315C96C9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9969D474-23BA-47D6-853C-E482CBB3FFB7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CE0ADF9D-F1F9-46F1-80E8-E2287AC74782}S:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) S:\steam\steamapps\common\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [UDP Query User{4E9A0B0D-07BB-4C7C-8704-0F8ABAFF2082}S:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) S:\steam\steamapps\common\grand theft auto v\gta5.exe => Keine Datei
FirewallRules: [TCP Query User{B77E3EB9-F08E-4D42-B02F-C5CECAEB2832}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{C4433DA2-FE13-49C9-A963-CBDF179E9B2C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{92F790F1-8E36-4C38-9F83-FFC04CC6DCC0}S:\league of legends\riot games\riot client\riotclientservices.exe] => (Allow) S:\league of legends\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{C53B7789-4303-4D4E-A9FA-A4FD46FA328A}S:\league of legends\riot games\riot client\riotclientservices.exe] => (Allow) S:\league of legends\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{7F1F5B8E-1898-4C13-8736-881759238AF4}C:\users\jermaine pc\appdata\local\fivem\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\data\cache\subprocess\fivem_b2189_gtaprocess.exe => Keine Datei
FirewallRules: [UDP Query User{FC9C35DB-39A7-4B45-A3E4-5CA3E6AD34A1}C:\users\jermaine pc\appdata\local\fivem\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\data\cache\subprocess\fivem_b2189_gtaprocess.exe => Keine Datei
FirewallRules: [TCP Query User{70DB66D5-4152-4A9D-AF0B-9FCECFB7D0A9}C:\users\jermaine pc\appdata\local\fivem\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\data\cache\subprocess\fivem_gtaprocess.exe => Keine Datei
FirewallRules: [UDP Query User{E3A4A2B4-CC7B-46FB-87A6-8568195E38ED}C:\users\jermaine pc\appdata\local\fivem\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\data\cache\subprocess\fivem_gtaprocess.exe => Keine Datei
FirewallRules: [TCP Query User{207127F1-D310-43A1-A736-9CC2D21502F0}S:\steam\steamapps\common\new world\bin64\newworld.exe] => (Allow) S:\steam\steamapps\common\new world\bin64\newworld.exe => Keine Datei
FirewallRules: [UDP Query User{E08BD408-5D05-4A7F-AFEA-DFBE6ADA39D5}S:\steam\steamapps\common\new world\bin64\newworld.exe] => (Allow) S:\steam\steamapps\common\new world\bin64\newworld.exe => Keine Datei
FirewallRules: [{7FD52225-B55E-4029-8267-1125969296E5}] => (Allow) G:\Steam\steamapps\common\AtDeadOfNight\AtDeadOfNight.exe => Keine Datei
FirewallRules: [{4CA7CAE4-8D92-4E58-AA9E-E52A6E4A9ABB}] => (Allow) G:\Steam\steamapps\common\AtDeadOfNight\AtDeadOfNight.exe => Keine Datei
FirewallRules: [TCP Query User{051C2913-117B-45C6-B714-7380110824C2}C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{DBCA11B7-2328-4C5B-9C51-DBDAB5877DA2}C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{F338963A-28DA-438E-891A-A523EDC4DA09}C:\users\jermaine pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jermaine pc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{DF967DAB-CEC4-46EB-8622-08ED64C199A8}C:\users\jermaine pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jermaine pc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{F3F9BD7E-70DF-4195-8F9F-C4D2F6A6B800}S:\steam\steamapps\common\new world\bin64\newworld.exe] => (Allow) S:\steam\steamapps\common\new world\bin64\newworld.exe => Keine Datei
FirewallRules: [UDP Query User{0CA8917A-8D03-42A8-A417-BBB0E95DBD60}S:\steam\steamapps\common\new world\bin64\newworld.exe] => (Allow) S:\steam\steamapps\common\new world\bin64\newworld.exe => Keine Datei
FirewallRules: [TCP Query User{2035C52E-5A5C-49B7-8C97-B1C7A3D200E2}S:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) S:\steam\steamapps\common\battlefield 2042\bf2042.exe => Keine Datei
FirewallRules: [UDP Query User{1A4768ED-7FD8-4D48-94AC-61E29E5C23DF}S:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) S:\steam\steamapps\common\battlefield 2042\bf2042.exe => Keine Datei
FirewallRules: [TCP Query User{F10E917F-C8B2-4688-86DA-9D8AC6AF936B}S:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) S:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [UDP Query User{51CD4FA4-E2A3-4E0B-B4DB-9CE680AEE289}S:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) S:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [TCP Query User{E7F40708-DA4B-42F8-8A8F-FF3CAEC2DD9F}S:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) S:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [UDP Query User{4E6E563D-9A5F-4556-AB99-CA964A887FA3}S:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) S:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [TCP Query User{32628852-8FB6-42C2-8F6F-AAA2DDCFD097}C:\users\jermaine pc\appdata\local\programs\blitz\blitz.exe] => (Block) C:\users\jermaine pc\appdata\local\programs\blitz\blitz.exe => Keine Datei
FirewallRules: [UDP Query User{C2D031A8-0E50-4279-87F3-35FAAF647706}C:\users\jermaine pc\appdata\local\programs\blitz\blitz.exe] => (Block) C:\users\jermaine pc\appdata\local\programs\blitz\blitz.exe => Keine Datei
FirewallRules: [{AA717D1C-4B27-4C2B-81EF-E08E8C877E78}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A81B7D7-A7DA-444C-8AE0-08AD11713C3F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A286409B-F395-4428-978D-58BBEE46B4D2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9A27AD76-C502-416C-8188-9BC29ABDC7C2}] => (Allow) S:\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => Keine Datei
FirewallRules: [{C1AAFD81-9720-4AB2-838B-F6C0BA2BCE6F}] => (Allow) S:\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe => Keine Datei
FirewallRules: [{1B64CBCA-EA1E-4DF6-A8C5-B19ED8DB899F}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe => Keine Datei
FirewallRules: [{6682C477-0387-4B1A-B7CF-0410A8132102}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe => Keine Datei
FirewallRules: [{36357157-6EE0-48AD-B9EE-ACFEBDC15775}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe => Keine Datei
FirewallRules: [{3C7920B2-D76C-4A97-BC37-AFC7CF3ED63E}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe => Keine Datei
FirewallRules: [{6C314B10-E2FA-4286-9BEE-B0123A783E58}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe => Keine Datei
FirewallRules: [{47666D09-1535-4D69-ADB8-9001F6E3AFA1}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe => Keine Datei
FirewallRules: [{B857FB94-7776-4AA6-A34D-B7138877FC5E}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe => Keine Datei
FirewallRules: [{BC3ED112-196D-404F-8A2F-2E13142AE7E5}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe => Keine Datei
FirewallRules: [{C6144534-EA25-4CBB-B4EB-E9B169540B9E}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe => Keine Datei
FirewallRules: [{6AF925A9-CEB5-42F4-9DCA-1850A0666BDA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe => Keine Datei
FirewallRules: [{EFC147B9-7FBE-4AF0-BCDD-92C54305674D}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe => Keine Datei
FirewallRules: [{852E0A88-12AB-4C99-9F34-CE51FBFD9FBE}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe => Keine Datei
FirewallRules: [{D2B4EC8F-6051-4E51-9FB8-B950DB98014E}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe => Keine Datei
FirewallRules: [{C0E75959-C31C-409D-BAD3-8CD70933657D}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe => Keine Datei
FirewallRules: [{F3A2F9C5-5C0C-4752-8B5F-F60EC8305872}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe => Keine Datei
FirewallRules: [{E29313C6-25E2-4B58-A547-1BC5C945CB6C}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe => Keine Datei
FirewallRules: [{DB953907-9C85-4F5D-9CE3-5BCB76E52409}] => (Allow) S:\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DEE8C7FD-D5A8-424F-B652-9802E7D25E57}] => (Allow) S:\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{B439E5B0-121C-484E-B553-7E6C81D3249E}S:\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) S:\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [UDP Query User{0DB91B56-FE70-468F-95DF-79A99953B042}S:\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) S:\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [TCP Query User{0EDD0E23-025A-4812-9116-8DE1312FCFAB}S:\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) S:\steam\steamapps\common\outlast\binaries\win64\olgame.exe => Keine Datei
FirewallRules: [UDP Query User{D04B6F7D-C71E-49C5-8391-8626C3EC2BC4}S:\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) S:\steam\steamapps\common\outlast\binaries\win64\olgame.exe => Keine Datei
FirewallRules: [{836EFE73-B07A-466A-80A1-CBCA63D89848}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D4609D4A-FBCD-43AE-BE12-FB5405286FDE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{8B198FE6-79D4-4220-AE43-CD57288676A4}G:\call of duty modern warfare\modernwarfare.exe] => (Allow) G:\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [UDP Query User{7A3D5A9B-3A51-4444-87E5-2B05F16DD38B}G:\call of duty modern warfare\modernwarfare.exe] => (Allow) G:\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [TCP Query User{BC7DB01E-8642-41A3-B2AC-D6F49458FAA4}C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{B45DF42E-4683-4412-99D2-A46407FF2EC5}C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{72FEB38F-760C-4B36-B264-5830C77606CE}] => (Allow) G:\Voicemod Desktop\VoicemodDesktop.exe => Keine Datei
FirewallRules: [{A7346449-4A58-4E56-9B67-E5AE6B7E76E1}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{3EA98A1F-8190-417E-8C9D-08DF5F6AECC7}G:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) G:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{84D30411-621E-4159-9AA4-AFB99F9A6D0D}G:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) G:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6E741A03-1881-464C-B914-75D5FE4B9ED0}C:\users\jermaine pc\appdata\local\faceitapp\app-1.31.5\faceit.exe] => (Allow) C:\users\jermaine pc\appdata\local\faceitapp\app-1.31.5\faceit.exe (FACE IT LIMITED -> FACEIT Ltd.)
FirewallRules: [UDP Query User{E21CDFE4-68CD-4162-8DC4-D45F69F04FAF}C:\users\jermaine pc\appdata\local\faceitapp\app-1.31.5\faceit.exe] => (Allow) C:\users\jermaine pc\appdata\local\faceitapp\app-1.31.5\faceit.exe (FACE IT LIMITED -> FACEIT Ltd.)
FirewallRules: [{F3894B59-D07D-4C90-AE49-DEBB82BCD380}] => (Allow) G:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD Projekt Red)
FirewallRules: [{D93C1A11-2C69-400C-9212-91EADB68E332}] => (Allow) G:\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD Projekt Red)
FirewallRules: [TCP Query User{F92735D5-162E-48D0-8614-2F9EEDEE4F8B}G:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [UDP Query User{ADB2B92A-4775-4BFE-84DC-245A0288A536}G:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) G:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei
FirewallRules: [TCP Query User{1FD5292F-F4CF-4480-8EC1-DE0FAA00B5B6}G:\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) G:\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{F4476EE8-941B-49A5-93E0-4971600086BF}G:\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) G:\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{548D0BB8-921B-4225-9884-E431BCEE47A5}C:\program files (x86)\tiktok live studio\tiktok live studio.exe] => (Allow) C:\program files (x86)\tiktok live studio\tiktok live studio.exe => Keine Datei
FirewallRules: [UDP Query User{9D3310E9-5C9F-41AE-9120-5DC8F76F42D1}C:\program files (x86)\tiktok live studio\tiktok live studio.exe] => (Allow) C:\program files (x86)\tiktok live studio\tiktok live studio.exe => Keine Datei
FirewallRules: [TCP Query User{DA563476-B763-453F-BB00-E7E657910076}C:\program files\obs-studio\obs-plugins\64bit\obs-browser-page.exe] => (Allow) C:\program files\obs-studio\obs-plugins\64bit\obs-browser-page.exe (Hugh Bailey -> )
FirewallRules: [UDP Query User{E8419167-70E9-49E9-ACB0-F6D38BFEF421}C:\program files\obs-studio\obs-plugins\64bit\obs-browser-page.exe] => (Allow) C:\program files\obs-studio\obs-plugins\64bit\obs-browser-page.exe (Hugh Bailey -> )
FirewallRules: [TCP Query User{74A9CA9C-1A3C-47FF-8265-EC1A8D4AA5A0}G:\call of duty\_retail_\cod.exe] => (Allow) G:\call of duty\_retail_\cod.exe => Keine Datei
FirewallRules: [UDP Query User{4B81462F-2C45-4919-A657-8EB6E781AED4}G:\call of duty\_retail_\cod.exe] => (Allow) G:\call of duty\_retail_\cod.exe => Keine Datei
FirewallRules: [TCP Query User{851379A8-4110-46BA-B046-AFA16BF3F4D5}C:\users\jermaine pc\desktop\chimpychippasthegame\chimpychippasthegame\windowsnoeditor\chimpychippasthegame\binaries\win64\chimpychippasthegame.exe] => (Allow) C:\users\jermaine pc\desktop\chimpychippasthegame\chimpychippasthegame\windowsnoeditor\chimpychippasthegame\binaries\win64\chimpychippasthegame.exe => Keine Datei
FirewallRules: [UDP Query User{0C3A91A8-54E6-47B4-A48F-B3688F0D4770}C:\users\jermaine pc\desktop\chimpychippasthegame\chimpychippasthegame\windowsnoeditor\chimpychippasthegame\binaries\win64\chimpychippasthegame.exe] => (Allow) C:\users\jermaine pc\desktop\chimpychippasthegame\chimpychippasthegame\windowsnoeditor\chimpychippasthegame\binaries\win64\chimpychippasthegame.exe => Keine Datei
FirewallRules: [TCP Query User{FD7B4889-DDF6-4BE0-BC8B-3D18D2345D44}C:\users\jermaine pc\desktop\stowaway\windowsnoeditor\stowaway\binaries\win64\stowaway.exe] => (Allow) C:\users\jermaine pc\desktop\stowaway\windowsnoeditor\stowaway\binaries\win64\stowaway.exe => Keine Datei
FirewallRules: [UDP Query User{2A42501F-CB41-4747-BC60-AC488EFC161B}C:\users\jermaine pc\desktop\stowaway\windowsnoeditor\stowaway\binaries\win64\stowaway.exe] => (Allow) C:\users\jermaine pc\desktop\stowaway\windowsnoeditor\stowaway\binaries\win64\stowaway.exe => Keine Datei
FirewallRules: [{0C31EF4D-14A3-4181-9E5E-3E219F5F338E}] => (Allow) G:\UDK\Within Deep Sorrows\Binaries\Win32\UDK.exe => Keine Datei
FirewallRules: [{72537E85-D685-4204-8C96-8F4695E12CB6}] => (Allow) G:\UDK\Within Deep Sorrows\Binaries\Win32\UDK.exe => Keine Datei
FirewallRules: [{AB3F6E1B-1A3E-42E9-BC84-F00115A4E917}] => (Allow) G:\UDK\Within Deep Sorrows\Binaries\Win64\UDK.exe => Keine Datei
FirewallRules: [{7BDBE470-6BD4-449A-A71E-6FF1DA7FFFD3}] => (Allow) G:\UDK\Within Deep Sorrows\Binaries\Win64\UDK.exe => Keine Datei
FirewallRules: [{A044B6D6-39F1-4776-9772-8C4B99722F49}] => (Allow) G:\Steam\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{FDAC95A9-A8AF-43A0-ADF8-FF6E49FADC30}] => (Allow) G:\Steam\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{180E2B77-DE77-403D-873B-43DEE9C53F4E}] => (Allow) S:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{7BA052CE-793F-4A93-9021-6091486F508D}] => (Allow) S:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{AD87E553-3DA4-4444-953D-66E1ACBA913A}] => (Allow) S:\Steam\steamapps\common\ELDEN RING\AdvGuide\ELDEN RING Adventure Guide.exe () [Datei ist nicht signiert]
FirewallRules: [{0A08ECDA-4E88-4647-93FA-448978B224B2}] => (Allow) S:\Steam\steamapps\common\ELDEN RING\AdvGuide\ELDEN RING Adventure Guide.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{443731FB-3511-4DEC-9C98-556B4656D697}C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{35CFBBD0-C580-4D8D-AC73-7AE75D9CA60F}C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\jermaine pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [{185678A7-25AB-4FC1-A81A-8FEBD637AD03}] => (Allow) G:\Steam\steamapps\common\Poppy Playtime\PlaytimeLauncher\PlaytimeLauncher.exe => Keine Datei
FirewallRules: [{8E9D4AAB-7ADA-49F7-9CC7-8DCD489EFFCA}] => (Allow) G:\Steam\steamapps\common\Poppy Playtime\PlaytimeLauncher\PlaytimeLauncher.exe => Keine Datei
FirewallRules: [TCP Query User{18519F4C-5833-425B-8EF2-86EB9B389BEE}C:\users\jermaine pc\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\jermaine pc\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{08192392-B990-46E3-9C6A-802E570FB806}C:\users\jermaine pc\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\jermaine pc\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{09750642-9B2A-47DB-AD14-5C8E7775A769}G:\steam\steamapps\common\luto demo - the choice\luto\binaries\win64\luto-win64-shipping.exe] => (Allow) G:\steam\steamapps\common\luto demo - the choice\luto\binaries\win64\luto-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{C3B7ABBF-E6C7-440C-974D-BC53946F1CB9}G:\steam\steamapps\common\luto demo - the choice\luto\binaries\win64\luto-win64-shipping.exe] => (Allow) G:\steam\steamapps\common\luto demo - the choice\luto\binaries\win64\luto-win64-shipping.exe => Keine Datei
FirewallRules: [{07E982B0-62E9-4456-BDEA-87DFF0D3C9BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DCC199B1-0412-42E5-90EE-F00FE98373F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{57AE0E53-032C-4BEE-9011-391A3E7B1140}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{00648E17-7B47-4BA2-8C1B-5E91DD0F59B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C1C01CCD-EF86-4723-8C96-0C62C84751D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{946E7E0E-9D34-4D51-8B14-7A61A349499F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF1E61A2-4401-4035-9F6A-C7EA415FCB1B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B2F3B55-D3B8-457A-9DA1-B3716F34D431}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3409.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5DADA007-E9FB-49A5-A71A-A0B01018756F}] => (Allow) C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServer.exe (Corsair Memory, Inc. -> )
FirewallRules: [{A9460169-66F3-4430-A794-0EE034887B61}] => (Allow) C:\Elgato Stream Deck\StreamDeck\StreamDeck.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.)
FirewallRules: [{55DBC44A-8A7F-40EF-B405-F3BA3D1F6CE1}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{0FA97689-926F-4584-982A-A60BD642BEF1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{AA5749C7-8044-4DE7-B22A-845D0A5393BD}G:\binaries\win32\udk.exe] => (Allow) G:\binaries\win32\udk.exe => Keine Datei
FirewallRules: [UDP Query User{3244A904-E29B-4B96-BAB0-BD1CB866565A}G:\binaries\win32\udk.exe] => (Allow) G:\binaries\win32\udk.exe => Keine Datei
FirewallRules: [TCP Query User{48BD8017-00EE-429B-BC69-AF7DF8BA0098}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{A6D4AD5F-0C3E-4E73-A88E-35C8933ACBEB}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1ACCBD68-6C07-4BE1-A190-01557DD0418C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{37F0F53E-ACE1-4444-83D9-EF55CBF58716}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.51\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E06C2A5C-2E0A-464D-A466-E7835BC13350}] => (Allow) LPort=32682
FirewallRules: [{99fa330e-533b-4eaa-9f53-3a8cb0dccbba}] => (Allow) C:\WINDOWS\system32\winnet.exe () [Datei ist nicht signiert]
==================== Wiederherstellungspunkte =========================
22-03-2023 19:39:57 Installed Elgato Stream Deck
24-03-2023 15:30:48 Prüfpunkt von HitmanPro
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Hochpräzisionsereigniszeitgeber
Description: Hochpräzisionsereigniszeitgeber
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardsystemgeräte)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (03/24/2023 03:31:53 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Der Zugriff auf Leistungsdaten wurde für den Benutzer "SYSTEM" (Wert von getbenutzername() für den ausgeführten Thread) verweigert, da er vom Modul "C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe" (Wert von GetModuleFileName() für die Binärdatei, die die Abfrage ausgegeben hat) versucht wurde.
Error: (03/24/2023 03:30:48 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {0c144f49-0555-42c2-b5f3-3ab6cd2b0db7}
Error: (03/24/2023 12:21:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm MSI-Kombustor-x64.exe Version 4.1.19.0 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 4530
Startzeit: 01d95dddd59de29d
Beendigungszeit: 3
Anwendungspfad: C:\Program Files\Geeks3D\MSI Kombustor 4 x64\MSI-Kombustor-x64.exe
Bericht-ID: 52d4c3b3-ab71-4e87-9d5a-00e12075ffd5
Vollständiger Name des fehlerhaften Pakets:
Relative Anwendungs-ID des fehlerhaften Pakets:
Absturztyp: Cross-thread
Error: (03/24/2023 12:18:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MSI-Kombustor-x64.exe, Version: 4.1.19.0, Zeitstempel: 0x6391b9da
Name des fehlerhaften Moduls: nvoglv64.dll, Version: 31.0.15.3129, Zeitstempel: 0x64081d03
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000191f4d5
ID des fehlerhaften Prozesses: 0x433c
Startzeit der fehlerhaften Anwendung: 0x01d95dddbc49a983
Pfad der fehlerhaften Anwendung: C:\Program Files\Geeks3D\MSI Kombustor 4 x64\MSI-Kombustor-x64.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_059948e396d205d5\nvoglv64.dll
Berichtskennung: 1dcea887-5e3b-419a-9d86-ce768e0ce49c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/24/2023 12:18:40 AM) (Source: NVIDIA OpenGL Driver) (EventID: 1) (User: )
Description: A TDR has been detected.
The application must close.
Error code: 7
(pid=17212 tid=5344 msi-kombustor-x64.exe 64bit)
Visit hxxp://nvidia.custhelp.com/app/answers/detail/a_id/3633 for more information.
Error: (03/23/2023 10:14:02 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Der Zugriff auf Leistungsdaten wurde für den Benutzer "SYSTEM" (Wert von getbenutzername() für den ausgeführten Thread) verweigert, da er vom Modul "C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe" (Wert von GetModuleFileName() für die Binärdatei, die die Abfrage ausgegeben hat) versucht wurde.
Error: (03/23/2023 08:53:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (03/23/2023 08:53:38 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Systemfehler:
=============
Error: (03/24/2023 05:08:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) TPM Provisioning Service erreicht.
Error: (03/24/2023 05:08:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecurityService" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (03/24/2023 05:08:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "OVRService" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (03/24/2023 04:51:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows System Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/24/2023 04:11:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) TPM Provisioning Service erreicht.
Error: (03/24/2023 04:11:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "OVRService" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (03/24/2023 03:39:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/24/2023 03:39:43 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\JERMAI~1\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2023-03-04 20:33:26
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5E0FDC2E-869A-412E-BE90-8871D4539588}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-03-04 19:39:40
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {A477401E-9196-4C4C-AF2D-ACA2C6E737E0}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-01-29 21:37:35
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {62EC383F-E887-4C79-A374-6F4C3D6312CD}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-01-29 20:03:03
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {8C4FF401-30A7-4529-BD1B-BE183BF68B26}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-01-10 21:13:50
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {B91E3E71-CE56-4363-A9DE-B82D55EE1FF8}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
CodeIntegrity:
===============
Date: 2023-03-24 18:30:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends International, LLC. 1.50 01/14/2021
Hauptplatine: Micro-Star International Co., Ltd. MPG B550 GAMING PLUS (MS-7C56)
Prozessor: AMD Ryzen 5 5600X 6-Core Processor
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 32694.21 MB
Verfügbarer physikalischer RAM: 23025.11 MB
Summe virtueller Speicher: 34742.21 MB
Verfügbarer virtueller Speicher: 22723.54 MB
==================== Laufwerke ================================
Drive c: (SSD) (Fixed) (Total:223.05 GB) (Free:73.53 GB) (Model: KINGSTON SUV400S37240G) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive g: (SSD GAMES) (Fixed) (Total:931.51 GB) (Free:710.42 GB) (Model: CT1000MX500SSD1) NTFS
Drive s: (SSD SAMSUNG) (Fixed) (Total:465.75 GB) (Free:341.64 GB) (Model: Samsung SSD 860 EVO 500GB) NTFS
\\?\Volume{b31fa5c7-0000-0000-0000-10c337000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3C99CF6C)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D85F7930)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: B31FA5C7)
Partition 1: (Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=533 MB) - (Type=27)
==================== Ende von Addition.txt =======================
|
|
24.03.2023, 19:30
| #3 | |
| /// TB-Ausbilder   | Malwarebyte blockiert Winnet exe wegen Trojaner Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Systems helfen. Wir helfen gerne, aber nicht bei illegaler Software: Zitat:
Cracks, Keygens und andere illegale Software |
|
24.03.2023, 20:14
| #4 | |
| | Malwarebyte blockiert Winnet exe wegen TrojanerZitat:
|
|
24.03.2023, 21:48
| #5 | |
| /// TB-Ausbilder | Malwarebyte blockiert Winnet exe wegen TrojanerZitat:
 Anleitung: Neuaufsetzen des Systems mit Windows 10 (UEFI) Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
|
| Themen zu Malwarebyte blockiert Winnet exe wegen Trojaner |
| about, benachrichtigungen, blockiert, browser, code, cpu, cpu auslastung hoch, defender, desktop, digital, exe, file, folge, home, iexplore, link, malwarebyte auswertung, microsoft, monitor, prozesse, registry, scan, sekunden, services, system32, taskmanager, trojaner, win |
Linear-Darstellung
