| |
| |||||||
Log-Analyse und Auswertung: Trojan:Script/Woreflint.A!cl in file: C:\Users\name\AppData\Local\Temp\SCFA2EB.tmpWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.05.2023, 13:05
| #2 |
| |  Trojan:Script/Woreflint.A!cl in file: C:\Users\name\AppData\Local\Temp\SCFA2EB.tmp Hier die weiteren Logs (Diese waren zu lang für eine Nachricht):
__________________Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-05-2023
durchgeführt von savio (24-05-2023 13:30:03)
Gestartet von C:\Users\savio\Desktop
Microsoft Windows 11 Pro Insider Preview Version 22H2 23451.1000 (X64) (2023-05-05 06:45:11)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-3636290956-4184935153-3330214957-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3636290956-4184935153-3330214957-503 - Limited - Disabled)
Gast (S-1-5-21-3636290956-4184935153-3330214957-501 - Limited - Disabled)
savio (S-1-5-21-3636290956-4184935153-3330214957-1001 - Administrator - Enabled) => C:\Users\savio
WDAGUtilityAccount (S-1-5-21-3636290956-4184935153-3330214957-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1Password (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\1Password) (Version: 8.10.6 - AgileBits Inc.)
4K Video Downloader (HKLM\...\{4B33CF4E-63BE-4753-BECA-E03D18450CB3}) (Version: 4.20.1.4780 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{1b24a593-14ce-4a3a-8928-73b68b7ae5da}) (Version: 4.20.1.4780 - Open Media LLC)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.9.1 - Advanced Micro Devices, Inc.)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.14 - AnyDesk Software GmbH)
Apple Application Support (32-Bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
AtlasVPN (HKLM\...\{3BA2BD5B-4C65-421F-9DFB-4422749F7809}) (Version: 2.5.3.0 - peakstar technologies Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
Character Creator 3 Pipeline Extension v3.44 (HKLM-x32\...\{B6A66CD9-37B1-4C26-A768-0A370DCCC254}) (Version: 3.44.4709.1 - Reallusion Inc.)
Character Creator v3.44 (HKLM-x32\...\{B554C896-2F28-4B35-B8F6-3202F725330B}) (Version: 3.44.4709.1 - Reallusion Inc.)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{5A260D5A-95D3-4956-8E0A-E182CC4144ED}) (Version: 4.8.04162 - Microsoft Corporation) Hidden
ClickUp 3.2.8 (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\c74c0073-61c4-5f5c-aa1c-6722d538bc46) (Version: 3.2.8 - ClickUp)
Codice Software Plastic SCM (HKLM\...\Codice Software Plastic SCM 10.0.16.6538) (Version: 10.0.16.6538 - Codice Software S.L.)
CPUID CPU-Z 1.99 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.99 - CPUID, Inc.)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.76.0.5333 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{816fce18-a75a-44a3-a828-cd870157ed95}) (Version: 12.76.0.5333 - Electronic Arts)
Entity Framework 6.2.0 Tools for Visual Studio 2022 (HKLM-x32\...\{BA73F2EE-EEB4-4A9C-BAF4-AC3599983E8B}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{5F15891E-8342-47CD-AFFF-89211CFC04D0}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
Figma (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Figma) (Version: 116.9.5 - Figma, Inc.)
Figma Agent (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\FigmaAgent) (Version: 116.8.4 - Figma, Inc.)
GitHub Desktop (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\GitHubDesktop) (Version: 2.9.12 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.127 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 75.0.2.0 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Gravit Designer 3.5.73 (HKLM\...\73ce129c-e9ab-5027-8f0d-8b378da1411c) (Version: 3.5.73 - Gravit GmbH)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
icecap_collection_neutral (HKLM-x32\...\{04C533D3-8445-4E47-A351-A66B1DA1B631}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{4CDCF412-13D2-48AD-B98C-3AB4A771A127}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{13AC1F0D-2185-48E9-8274-884BD9E53C7F}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{D072CF88-3B90-4367-85BC-A8516986690F}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3E1C36F0-C3A2-4137-9DA4-8580CF6191E1}) (Version: 19.0.324 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{FA2E7FDC-13E8-4FBD-B5F7-2FFAE7C6E6D9}) (Version: 12.6.3.6 - Apple Inc.)
Java(TM) SE Development Kit 17.0.2 (64-bit) (HKLM\...\{65BA81E7-0238-5B54-9069-A59610247B0B}) (Version: 17.0.2.0 - Oracle Corporation)
Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{E1F68FC9-F23C-4F44-8092-CAC55E43A80B}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.3.396302 - Logitech)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v14.0.4) (Version: - Red Giant LLC)
Malwarebytes version 4.5.29.268 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.29.268 - Malwarebytes)
Microsoft .NET 6.0 Templates 6.0.202 (x64) (HKLM\...\{0E447544-DA72-4018-8EE7-A265919A5A69}) (Version: 24.5.55063 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.4 (x64) (HKLM\...\{576E6391-0E54-47C4-BD97-ED9E7492F7C7}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.4 (x64_arm) (HKLM\...\{E0448676-2245-4C30-B6F6-A09BF7F5AC8B}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.4 (x64_arm64) (HKLM\...\{CA519E52-D325-421C-A7E6-8FCAAB1A086B}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.4 (x64_x86) (HKLM\...\{691585CF-4952-4078-BC23-8E6D7E40824B}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.1 Targeting Pack (HKLM-x32\...\{5686C5E9-A3B3-451E-A2EA-4C246CDE5CC9}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (Deutsch) (HKLM-x32\...\{5F62E29E-C154-44CB-81D6-696FB3474844}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.4 (x64) (HKLM\...\{B04CA1A8-3390-4D3A-BAD9-1B4CC5D23274}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.4 (x64) (HKLM\...\{6C1E1983-8DF2-4863-A392-DCA0A81E4324}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.4 (x64) (HKLM\...\{07348557-54BF-40C3-B8F5-44B045C3E730}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.4 (x86) (HKLM-x32\...\{E0D36D19-D4DB-444A-AE68-B88DCA25B6E9}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.4 (x64) (HKLM\...\{6E34B759-680E-4C25-B289-47199AD8B49A}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.4 (x64) (HKLM\...\{0C4148E7-9623-42B5-84C8-1EF47AA84282}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.4 (x86) (HKLM-x32\...\{36AB9C75-DB9B-4B50-8AF4-93AFF8424EB3}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.4 (x64) (HKLM\...\{7AF0827F-6735-4FB1-B209-5E984F899D1B}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET SDK 6.0.202 (x64) from Visual Studio (HKLM\...\{7D932616-6CDE-4A21-AF51-2434E6428FF0}) (Version: 6.2.222.17207 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.4 (x64) (HKLM\...\{8B984BAC-557A-4330-B81C-2A557FE307DA}) (Version: 48.19.39076 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 6.0.202 (x64) (HKLM\...\{927EC1A9-C3A2-4E15-990A-5005C64D1CDA}) (Version: 24.4.55063 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.4 Shared Framework (x64) (HKLM\...\{A832CFC9-1DE7-342A-9189-4B1387B7A784}) (Version: 6.0.4.22172 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.4 Shared Framework (x86) (HKLM-x32\...\{07F565B3-B4AB-3912-BD14-61D32EF20FD1}) (Version: 6.0.4.22172 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.4 Targeting Pack (x64) (HKLM\...\{929B72A6-5EDA-3194-B105-A93E7D299715}) (Version: 6.0.4.22172 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\OneDriveSetup.exe) (Version: 23.101.0514.0001 - Microsoft Corporation)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}) (Version: 17.0.0.5175695 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{4812E2CC-BAA9-49AE-B310-DA845882322B}) (Version: 4.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.1.2202.21079 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{F082120C-1245-4A49-A083-65CA57333B3B}) (Version: 3.1.2200.53929 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{0B7789FF-C1CE-4811-9712-51190BB6AA6C}) (Version: 3.1.2200.53929 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.4 (x64) (HKLM\...\{AECCC227-CE77-45CB-B1A2-F874E62A03D5}) (Version: 48.19.39090 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.4 (x86) (HKLM-x32\...\{5F630408-64BC-45D4-AE04-0E5A8C0CC58A}) (Version: 48.19.39090 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.4 (x64) (HKLM\...\{5EEC39AC-9491-4339-BA44-14AC375AA779}) (Version: 56.19.56739 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.4 (x64) (HKLM-x32\...\{2ee0e4e2-f7aa-4697-9077-75f15774a376}) (Version: 7.0.4.32218 - Microsoft Corporation)
Microsoft Windows Desktop Targeting Pack - 6.0.4 (x64) (HKLM\...\{C893F933-414F-4C2D-B153-37543D787713}) (Version: 48.19.39090 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-6.0.200 (HKLM\...\{FCB866C3-1C7F-48F1-82AA-27CDF5EDBF07}) (Version: 124.50.2 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-6.0.200 (HKLM\...\{2685B6AE-7BBA-4305-A0C6-D85E95E6DFE3}) (Version: 60.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-6.0.200 (HKLM\...\{D9C7F250-1F44-4F17-9114-892FE9B9392E}) (Version: 60.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-6.0.200 (HKLM\...\{5023AA6C-3434-4651-97F4-A99E519A46BA}) (Version: 48.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-6.0.200 (HKLM\...\{E654192D-D623-4F63-81B5-7B01FD812D47}) (Version: 24.50.2441 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-6.0.200 (HKLM\...\{ABB96929-74DA-4C9E-A79F-5482C80E2651}) (Version: 60.50.4 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Manifest (HKLM\...\{C9D91007-2287-4E7D-9E61-2DFB22026B9D}) (Version: 48.27.39026 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Manifest (HKLM\...\{DB9CEF46-644B-4C6F-B87F-BAB0B431CC88}) (Version: 48.3.39076 - Microsoft Corporation) Hidden
Microsoft-System-CLR-Typen für SQL Server 2019 (HKLM\...\{A2494B75-7366-47C0-A58F-C41BEE9317E6}) (Version: 15.0.2000.5 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.3.3 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 102.4.1 (x64 de)) (Version: 102.4.1 - Mozilla)
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 7.58.0 - LG Electronics Inc)
OpenSSL 3.0.1 Light (64-bit) (HKLM\...\OpenSSL Light (64-bit)_is1) (Version: - OpenSSL Win64 Installer Team)
Opera GX Stable 98.0.4759.74 (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Opera GX 98.0.4759.74) (Version: 98.0.4759.74 - Opera Software)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
paint.net (HKLM\...\{DBC43589-CC32-4502-BBEC-5B931AF4BD2E}) (Version: 5.0.2 - dotPDN LLC)
Paket zur Festlegung von "Doc Redirected"-Zielversionen von Microsoft .NET Framework 4.7.1 (Deutsch) (HKLM-x32\...\{5B970BE4-A2F2-41BD-8B91-FEA8DAA1DB9B}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.7.2 (Deutsch) (HKLM-x32\...\{98FE7C2A-22A4-401A-B45B-2AA107C06DD7}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.8 (Deutsch) (HKLM-x32\...\{9E68042B-8597-4DE3-BA10-D1198BA9316B}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Pitch (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\55f04b34-3901-5cbe-846f-abfc9688486e) (Version: 1.120.2-stable.1 - Pitch Software GmbH)
Reallusion Hub (HKLM-x32\...\{CFF2760B-B727-4717-8635-5D668A0C9C4F}) (Version: 4.09.5513.1 - Reallusion Inc. )
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
RyzenMasterSDK (HKLM\...\{AC75B02E-350D-40E6-9017-2CFED3B7D3DD}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
SanDisk SSD Toolkit 1.0.0.1 (HKLM-x32\...\{26326B5B-3D62-4C12-8841-6B55A19B552D}_is1) (Version: 1.0.0.1 - SanDisk Corporation)
sevDesk (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\a8870c51abdbea34c31e54d74c144441) (Version: 1.0 - Google\Chrome)
Slack (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\slack) (Version: 4.32.122 - Slack Technologies Inc.)
Smart Gallery Plug-in v1.31 for Character Creator (HKLM-x32\...\{F33C21BF-AB8E-4196-BAD3-A5FC1BF40632}) (Version: 1.31.2226.1 - Reallusion Inc.)
Spark Desktop 3.3.1 (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\09e2d43b-2e9a-5a23-a54c-87838a95fcb3) (Version: 3.3.1 - Spark Mail Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surfshark (HKLM-x32\...\{27CD89D1-A50A-4BDD-B3AA-346B11084012}) (Version: 4.7.2999 - Surfshark) Hidden
Surfshark (HKLM-x32\...\Surfshark 4.7.2999) (Version: 4.7.2999 - Surfshark)
Surfshark TAP Driver Windows (HKLM-x32\...\{5B2D9FDF-9C17-4D36-B2BE-C7030183A9BD}) (Version: 1.0.1 - Surfshark)
Surfshark TAP Driver Windows (HKLM-x32\...\{FEC509A9-2CC6-4DF5-A189-DC121FBC23C0}) (Version: 1.0.1 - Surfshark)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.44.0 - TechPowerUp)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 137.0.10799 - Ubisoft)
Unity 2021.3.13f1 (HKLM-x32\...\Unity 2021.3.13f1) (Version: 2021.3.13f1 - Unity Technologies ApS)
Unity Hub 3.4.1 (HKLM\...\Unity Technologies - Hub) (Version: 3.4.1 - Unity Technologies Inc.)
VALORANT (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
vcpp_crt.redist.clickonce (HKLM-x32\...\{19C62CEE-08BD-4004-84DA-C0289E5865DB}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{DE76BFB9-CBA9-48EB-8AAB-31292E7F1D0A}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Visual Studio Community 2022 (HKLM-x32\...\0eaf190e) (Version: 17.1.4 - Microsoft Corporation)
VS Immersive Activate Helper (HKLM-x32\...\{C0ACF658-B4DC-4CBB-B8F2-9E667D69919A}) (Version: 17.0.114.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{43F73608-5C94-436F-A1E6-E09ACE680391}) (Version: 17.0.114.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{9EC852BD-33D2-457C-99BB-ED3099B8176F}) (Version: 17.0.114.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{2D12F791-263F-4ABA-B7A8-5485933CADCF}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{B8B0A861-C76A-4DBA-B8D5-8830511173A3}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{16946E6F-037E-4A92-A30C-80293603EEC9}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{15CE6C23-B92A-4B2B-8521-6FA81661068B}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{08693C65-8459-4C66-8AF3-15F091F28F87}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{7571C303-621A-4ACF-A392-BD6B9B3C67BF}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{EB7405ED-A99C-47D4-8516-C5C35704B07C}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{40783258-8C78-4602-B1A8-12B884C6107E}) (Version: 17.1.32406 - Microsoft Corporation) Hidden
vs_devenvsharedmsi (HKLM-x32\...\{923446B9-70EB-4850-95D7-1A1AB5D111CD}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{5C99AE76-BEF9-4D4B-A77A-1B63238B86B0}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{2C910925-05EE-403B-8295-D2593E11F751}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{46F71CD4-4841-4B77-A491-9933B98F8D0D}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{9DCCEEF7-CC00-4054-9879-7E0A12E5CF0A}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{05A82EA9-8768-4E1B-B16C-FCCF299D331C}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{FB59095C-C7C6-4CA6-B300-852B50AB976D}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{786313C8-40FA-4E06-A625-B1B30B66E872}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{FEFEDA38-9B6A-4374-8D43-7D5517152080}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{CC15CA94-9817-4914-A9ED-A694A2F27783}) (Version: 17.1.32113 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{4EF9011A-8E81-4D6F-9CB9-DBF0B1B12809}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{874561BE-97AD-4865-8512-579D41009147}) (Version: 17.1.32112 - Microsoft Corporation) Hidden
Windows IP Over USB (HKLM-x32\...\{8CBFAC58-3058-B2AD-10E2-9E2A859B554B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinRAR 6.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.10.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\ZoomUMX) (Version: 5.12.2 (9281) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2022-09-27] (0)
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.20008.0_x64__0a9344xs7nr4m [2023-05-11] (Advanced Micro Devices Inc.) [Startup Task]
Blender -> C:\Program Files\WindowsApps\BlenderFoundation.Blender_3.5.1.0_x64__ppwjx1n5r4v9t [2023-04-26] (Blender Foundation)
Coda Docs -> C:\Program Files\WindowsApps\coda.io-62E3E9EE_1.0.0.0_neutral__ctqsqdzw4qph8 [2023-05-15] (coda.io)
Crunchyroll -> C:\Program Files\WindowsApps\15EF7777.Crunchyroll_1.3.1.0_x64__mgdgtskya6f22 [2022-02-12] (Ellation, Inc.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.52.5.0_x64__6rarf9sa4v8jt [2023-05-24] (Disney)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.19.0_neutral__8xx8rvfyw5nnt [2023-05-24] (Instagram)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-05-07] (Microsoft Corporation)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.97.61391.0_x64__8wekyb3d8bbwe [2023-05-24] (Microsoft Corporation) [Startup Task]
ms-resource:ProductName -> C:\Program Files\WindowsApps\53887HaoCai.AirPlay-ScreenMirroring_1.6.4.0_x64__qrw73ppzkf79y [2023-05-24] (Hao Cai)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-03-02] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2023-05-05] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0 [2023-04-28] (Spotify AB) [Startup Task]
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.8.1.0_x64__t4vj0pshhgkwm [2023-04-27] (Telegram Messenger LLP) [Startup Task]
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2023-05-24] (Bytedance Pte. Ltd.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2317.9.0_x64__cv1g1gvanyjgm [2023-05-13] (WhatsApp Inc.) [Startup Task]
WinDbg Preview -> C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe [2022-10-06] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-05-05] (Microsoft Windows)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x64__8wekyb3d8bbwe [2022-09-17] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x86__8wekyb3d8bbwe [2022-09-17] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.820.152.0_x64__8wekyb3d8bbwe [2023-04-26] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x64__8wekyb3d8bbwe [2023-05-16] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x86__8wekyb3d8bbwe [2023-05-16] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2022-02-13] (0)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3636290956-4184935153-3330214957-1001_Classes\CLSID\{157A7F8D-CE70-4664-951F-D4867A941582}\localserver32 -> C:\Users\savio\AppData\Local\Programs\SparkDesktop\Spark Desktop.exe (Spark Mail Limited -> Spark Mail Limited)
CustomCLSID: HKU\S-1-5-21-3636290956-4184935153-3330214957-1001_Classes\CLSID\{23B3E3D8-C162-4A8B-AB0C-0905DCB1DF19}\InprocServer32 -> C:\Users\savio\AppData\Local\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\TempState\RDP\DVCPlugin\x64\Microsoft.Flow.RPA.Desktop.UIAutomation.RDP.DVC.Plugin.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3636290956-4184935153-3330214957-1001_Classes\CLSID\{3e5dba08-7ec3-cc88-1f18-0cf79ce7ade4}\localserver32 -> C:\Program Files\AtlasVPN\Bin\AtlasVPN.exe (peakstar technologies Inc. -> AtlasVPN)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\75.0.2.0\drivefsext.dll [2023-05-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\75.0.2.0\drivefsext.dll [2023-05-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\75.0.2.0\drivefsext.dll [2023-05-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\75.0.2.0\drivefsext.dll [2023-05-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\75.0.2.0\drivefsext.dll [2023-05-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-05-24] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\75.0.2.0\drivefsext.dll [2023-05-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Keine Datei
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\75.0.2.0\drivefsext.dll [2023-05-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-05-24] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\savio\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__pmoklebamdambjiobdicfaficplchhen\Coda Docs.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=pmoklebamdambjiobdicfaficplchhen --app-url=hxxps://coda.io/workspaces/ws-4muofDnoXD/docs --app-launch-source=4
ShortcutWithArgument: C:\Users\savio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\sevDesk.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dohegnnfbjcgjnhbchlggbjnpcghlipp
ShortcutWithArgument: C:\Users\savio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Coda Docs.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=pmoklebamdambjiobdicfaficplchhen --app-url=hxxps://coda.io/workspaces/ws-4muofDnoXD/docs --app-launch-source=4
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2023-01-23 17:00 - 2023-01-23 17:00 - 000267264 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Surfshark\Resources\x64\Surfshark.Firewall.dll
2021-10-27 11:41 - 2021-10-27 11:41 - 001601536 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Surfshark\runtimes\win-x64\native\e_sqlite3.dll
2023-04-16 22:03 - 2023-04-16 08:47 - 000164864 _____ () [Datei ist nicht signiert] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node
2022-02-15 10:43 - 2020-03-02 12:29 - 000868352 _____ (Amazon.com, Inc) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PlasticSCM5\server\AWSSDK.Core.dll
2022-02-15 10:43 - 2020-03-02 12:33 - 000547328 _____ (Amazon.com, Inc) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PlasticSCM5\server\AWSSDK.S3.dll
2023-05-07 17:23 - 2023-05-07 17:23 - 000056832 _____ (Codice Software, S.L.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\logwrapper\af366ab707013485c97b8d53986ec14d\logwrapper.ni.dll
2022-02-15 10:42 - 2019-11-05 16:57 - 000112128 _____ (Google Inc.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PlasticSCM5\server\Google.Apis.Auth.dll
2022-02-15 10:42 - 2019-11-05 16:57 - 000067584 _____ (Google Inc.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PlasticSCM5\server\Google.Apis.Core.dll
2022-02-15 10:42 - 2019-11-05 16:57 - 000076800 _____ (Google Inc.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PlasticSCM5\server\Google.Apis.dll
2022-02-15 10:42 - 2019-11-05 17:08 - 000132096 _____ (Google Inc.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PlasticSCM5\server\Google.Apis.Storage.v1.dll
2022-02-15 10:42 - 2020-01-06 13:03 - 000104448 _____ (Google Inc.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PlasticSCM5\server\Google.Cloud.Storage.V1.dll
2017-09-28 19:41 - 2017-09-28 19:41 - 000266240 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2022-02-15 10:43 - 2022-02-06 10:51 - 010307584 _____ (plasticd) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PlasticSCM5\server\plasticd.dll
2022-02-15 10:42 - 2017-03-08 20:26 - 000221184 _____ (The Apache Software Foundation) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\PlasticSCM5\server\log4net.dll
2023-05-07 17:23 - 2023-05-07 17:23 - 000949248 _____ (The Apache Software Foundation) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\log4net\3e6bf30daf8e851e5ecab43681725ea5\log4net.ni.dll
2022-03-02 10:20 - 2020-01-07 16:02 - 004679168 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\Reallusion\RLHostService\Qt5Core.dll
2022-03-02 10:20 - 2020-01-07 16:02 - 000855040 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\Reallusion\RLHostService\Qt5Network.dll
2022-03-02 10:20 - 2017-03-01 17:07 - 000109056 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Common Files\Reallusion\RLHostService\Qt5WebSockets.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\AtlasVPN.lnk:5A652A68CD [2154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [2154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk:CCF539F03F [2154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk:B026C77744 [2154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk:D689419597 [7754]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [2154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [7754]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk:C629424870 [2154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk:718E15FDE8 [2154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk:4D17D28237 [5162]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk:B4F139D4B9 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity Hub.lnk:830092544A [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2022.lnk:F94DB65675 [3434]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [4438]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;C:\Program Files\PlasticSCM5\server;C:\Program Files\PlasticSCM5\client;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Java\jdk-17.0.2\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\savio\Pictures\macOS-Monterey-wallpaper-Dark.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\StartupFolder: => "StartRLCMS.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "OnScreen Control"
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\StartupApproved\StartupFolder: => "Reallusion Hub.lnk"
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\StartupApproved\StartupFolder: => "iTunes.lnk"
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\StartupApproved\Run: => "Surfshark"
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\StartupApproved\Run: => "Figma Agent"
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-3636290956-4184935153-3330214957-1001\...\StartupApproved\Run: => "electron.app.Loom"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{A91AAA5C-1ECB-4251-81CC-4981670FF85A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{52B603F8-EC0B-442A-80B9-90EF1D3B7A8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{88487C6B-4DB7-4F46-B497-6E3FD40C6B6E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7E0A86C3-A7E7-4349-BC44-1474AD8AC87C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{254F69ED-9E31-44CD-9E59-7B2E2AEB0BF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{01F27648-CD78-43E2-AE79-F7328A8DEAAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3F3E9C38-C515-4B49-B81C-3D91A257A824}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{55DB19FC-3C7D-4032-9D86-0A030D97477F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7F9FB23B-1D46-4C06-9173-E8A72A20DF8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{199B1A62-DC58-4262-B6AF-89AC019DBA38}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{489567D2-CB20-49AE-A4FB-38056B9F4300}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CC211CF4-59FA-4091-B917-8641CC1F4184}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C1DBED54-D213-4309-B5C1-91E77D0B4928}C:\users\savio\appdata\local\discord\app-1.0.9012\discord.exe] => (Allow) C:\users\savio\appdata\local\discord\app-1.0.9012\discord.exe => Keine Datei
FirewallRules: [TCP Query User{70E46CAC-95BE-42D3-AEA0-34F65B6FE1B5}C:\users\savio\appdata\local\discord\app-1.0.9012\discord.exe] => (Allow) C:\users\savio\appdata\local\discord\app-1.0.9012\discord.exe => Keine Datei
FirewallRules: [{0514C163-7DA1-4BFB-ABCF-391A75B0DA0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe (Unity Technologies ApS) [Datei ist nicht signiert]
FirewallRules: [{08F87EE8-DAA5-45F6-BD39-CDFC714D21FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe (Unity Technologies ApS) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{EE5131D0-6E12-4E20-9D38-3E3AB46131B0}C:\program files (x86)\steam\steamapps\common\tribes of midgard\tom\binaries\win64\tom-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes of midgard\tom\binaries\win64\tom-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{772B12F4-3D29-4581-8C80-4D0A517596C7}C:\program files (x86)\steam\steamapps\common\tribes of midgard\tom\binaries\win64\tom-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tribes of midgard\tom\binaries\win64\tom-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{26828596-4FE0-49AA-8399-28A0EEB17CFD}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{0A36FAD6-7B46-429A-9505-B14B43F52181}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{D7632E39-B434-458A-9E3F-775959C089F2}C:\program files\microsoft visual studio\2022\community\common7\ide\devenv.exe] => (Allow) C:\program files\microsoft visual studio\2022\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{94AD5ACB-CE22-42C1-8FDC-09187F70E51B}C:\program files\microsoft visual studio\2022\community\common7\ide\devenv.exe] => (Allow) C:\program files\microsoft visual studio\2022\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DAACCD5C-6946-4CA9-8AA1-F71DCB8D6E0A}] => (Allow) C:\Users\savio\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2C45F189-8A12-47FC-9740-33E7F76F35F6}] => (Allow) C:\Users\savio\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{5E510194-A8EB-4791-987E-0087657C29D6}] => (Allow) C:\Users\savio\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2DCC8213-3320-4ABF-895E-4B04143B0994}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D1FA65B1-2310-49D6-AD56-56A9B789C095}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4D262D20-244B-493E-9D10-05E33E24567A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B9F8D90C-8F1E-4740-BB65-B0B367797DD2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{1BEC37B3-25F3-4C7F-94D2-8596E33748EC}C:\users\savio\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\savio\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{8C942DDD-115C-4D0C-B847-B92DADD2B516}C:\users\savio\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\savio\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{4457AD7C-9650-45DE-BBC9-426DC4C7C60D}C:\work\cinema4d\cinema\cinema 4d.exe] => (Allow) C:\work\cinema4d\cinema\cinema 4d.exe => Keine Datei
FirewallRules: [UDP Query User{89C4FBA5-CA03-4141-8BA4-79C09CD612AD}C:\work\cinema4d\cinema\cinema 4d.exe] => (Allow) C:\work\cinema4d\cinema\cinema 4d.exe => Keine Datei
FirewallRules: [TCP Query User{C72111F6-E2DE-4518-B147-4F8CC180E340}C:\work\cinema 4d\cinema 4d.exe] => (Block) C:\work\cinema 4d\cinema 4d.exe => Keine Datei
FirewallRules: [UDP Query User{C669762C-2B9A-4D65-9926-AB842DE9E6C3}C:\work\cinema 4d\cinema 4d.exe] => (Block) C:\work\cinema 4d\cinema 4d.exe => Keine Datei
FirewallRules: [TCP Query User{5B1C30FC-3764-4717-BC61-FF6627EB4CE6}C:\work\maxon\maxon\cinema 4d.exe] => (Allow) C:\work\maxon\maxon\cinema 4d.exe => Keine Datei
FirewallRules: [UDP Query User{30A24BBA-0C71-42F5-9653-C97B523D0C13}C:\work\maxon\maxon\cinema 4d.exe] => (Allow) C:\work\maxon\maxon\cinema 4d.exe => Keine Datei
FirewallRules: [TCP Query User{8CB73D06-39FD-4E7F-BA2C-C242B0A505F8}C:\work\maxon\cinema 4d.exe] => (Allow) C:\work\maxon\cinema 4d.exe => Keine Datei
FirewallRules: [UDP Query User{37FDB498-24FA-47D4-A63F-3C113248E4E0}C:\work\maxon\cinema 4d.exe] => (Allow) C:\work\maxon\cinema 4d.exe => Keine Datei
FirewallRules: [{440F290B-3AC7-4978-A1F9-1D563462B677}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [Datei ist nicht signiert]
FirewallRules: [{55636311-FFAF-49A7-86CE-031CF83F6D71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe () [Datei ist nicht signiert]
FirewallRules: [{D8CE7B5E-1F4F-4618-BEBB-0B51EF000309}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{FA391FBA-26F9-4623-A946-CAEB241BE258}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{5BE11D13-D01F-4116-8C53-F21664352146}C:\program files (x86)\microsoft visual studio\2019\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2019\community\common7\ide\devenv.exe => Keine Datei
FirewallRules: [UDP Query User{1A4E30C3-61C0-4DF0-A646-14A389341153}C:\program files (x86)\microsoft visual studio\2019\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2019\community\common7\ide\devenv.exe => Keine Datei
FirewallRules: [TCP Query User{FCA2A307-FC58-4C49-9D2A-6C7BB3062D4C}C:\users\savio\appdata\local\android\sdk\platform-tools\adb.exe] => (Allow) C:\users\savio\appdata\local\android\sdk\platform-tools\adb.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{17A2EF7C-61AC-4D91-884D-A9A877EF9A20}C:\users\savio\appdata\local\android\sdk\platform-tools\adb.exe] => (Allow) C:\users\savio\appdata\local\android\sdk\platform-tools\adb.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{2FA1F79B-23E7-4A9C-96A9-A607C3EE2394}C:\users\savio\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\savio\appdata\local\discord\app-1.0.9004\discord.exe => Keine Datei
FirewallRules: [UDP Query User{25A23B05-E608-4EF5-9B43-9A2B5DF56E90}C:\users\savio\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\savio\appdata\local\discord\app-1.0.9004\discord.exe => Keine Datei
FirewallRules: [{17707E6A-20B1-4830-9FC4-9CCDCDD051B0}] => (Block) C:\users\savio\appdata\local\discord\app-1.0.9004\discord.exe => Keine Datei
FirewallRules: [{E6856124-D54D-44D6-9BF7-91027655163E}] => (Block) C:\users\savio\appdata\local\discord\app-1.0.9004\discord.exe => Keine Datei
FirewallRules: [TCP Query User{07C57A35-5F38-4893-8A1D-9AECC7C6D8A3}C:\own\work\programs\cinema-4d-old\maxon\cinema 4d.exe] => (Allow) C:\own\work\programs\cinema-4d-old\maxon\cinema 4d.exe => Keine Datei
FirewallRules: [UDP Query User{FD1A71BC-CF2C-4EFC-BE3B-094788BA6476}C:\own\work\programs\cinema-4d-old\maxon\cinema 4d.exe] => (Allow) C:\own\work\programs\cinema-4d-old\maxon\cinema 4d.exe => Keine Datei
FirewallRules: [TCP Query User{E253E2FD-DB57-435E-A169-7964634122B8}C:\xboxgames\surgeon simulator 2\content\surgeon simulator 2.exe] => (Allow) C:\xboxgames\surgeon simulator 2\content\surgeon simulator 2.exe => Keine Datei
FirewallRules: [UDP Query User{6716E3C4-ABE9-4CD5-8E52-9741F4AA3D67}C:\xboxgames\surgeon simulator 2\content\surgeon simulator 2.exe] => (Allow) C:\xboxgames\surgeon simulator 2\content\surgeon simulator 2.exe => Keine Datei
FirewallRules: [TCP Query User{0F440CF7-5C57-40DE-A422-2878F4103B01}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{6130A530-1FBE-41F3-8828-E1F1A92C7BF0}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{7D1B87EA-62C6-41EE-81E5-044EA108CEA3}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4EE3D547-757F-4D7D-8DDF-00ACF3273424}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{35072A1E-EE1B-47C0-8B38-7017B66E0DF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{8E7BDFA9-E6D8-4CBB-9419-2414E4F9ABA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{208AAD30-A09F-4E27-BDAE-C450063F94E5}C:\program files (x86)\steam\steamapps\common\propnight\propnight\binaries\win64\propnight.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\propnight\propnight\binaries\win64\propnight.exe => Keine Datei
FirewallRules: [UDP Query User{6F4F78AA-301E-4C6B-8A2B-D2F2FD02662E}C:\program files (x86)\steam\steamapps\common\propnight\propnight\binaries\win64\propnight.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\propnight\propnight\binaries\win64\propnight.exe => Keine Datei
FirewallRules: [TCP Query User{E97B20A1-DF6A-4E6A-9486-6C4CF8750AE0}C:\users\savio\appdata\local\programs\pitch\pitch.exe] => (Allow) C:\users\savio\appdata\local\programs\pitch\pitch.exe (Pitch Software GmbH -> Pitch Software GmbH)
FirewallRules: [UDP Query User{C1BFEF3E-6752-4CD9-9767-8A35B7B5B4FD}C:\users\savio\appdata\local\programs\pitch\pitch.exe] => (Allow) C:\users\savio\appdata\local\programs\pitch\pitch.exe (Pitch Software GmbH -> Pitch Software GmbH)
FirewallRules: [TCP Query User{D31B3816-AB32-4FBB-8AD2-6B345207B74D}C:\users\savio\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\savio\appdata\local\programs\blitz\blitz.exe => Keine Datei
FirewallRules: [UDP Query User{9A93C6C9-A359-4631-89D1-8B208CE1AD29}C:\users\savio\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\savio\appdata\local\programs\blitz\blitz.exe => Keine Datei
FirewallRules: [TCP Query User{AB85EB0B-3240-4681-A164-C0F187608881}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{5B1D5298-9534-44F6-8A6C-E6D03B034CC9}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{77B24179-1146-44E9-80BE-A05BAD9C6537}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9E0D34B-7A92-46A9-8B51-D234D16480DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99998E3B-A434-4E55-AAF2-BF94B8E29A1A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\amd64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D26F9EB9-7DAD-4B4A-B8D7-B2E58C730B5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\amd64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EFEBC417-A825-486B-8F47-8ECCF7AD9D53}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\woa\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{82FDAA72-74D7-4BAB-A348-6B5426363927}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\woa\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EA6253AC-46E1-4C06-8733-C1B2330BEA13}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\arm64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D210DAEB-CC0A-4899-803D-530C41490B0C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\arm64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BFD9F95-465A-4E94-9AE6-A46B76DD44FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5033A585-6555-4CCE-94C8-49242CEEA9E6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{514AE06C-A4A6-4C9D-97B5-5B6DF5497529}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{37F83D55-4ECC-470D-ADC7-23E14316A476}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ACE09974-2BCA-4CDC-8D9F-9A0C2D5B8C78}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{EBD7B3D4-CB39-445F-9785-53C37D31E930}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe => Keine Datei
FirewallRules: [UDP Query User{5119F6D4-A902-44B8-8A96-7B7B327F2342}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe => Keine Datei
FirewallRules: [TCP Query User{56417759-BBF1-4768-8C68-F0219753B59F}C:\program files (x86)\dearmob\5kplayer\airplay.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\airplay.exe => Keine Datei
FirewallRules: [UDP Query User{C189DFF1-6407-482A-8D01-5FEC4AC37289}C:\program files (x86)\dearmob\5kplayer\airplay.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\airplay.exe => Keine Datei
FirewallRules: [TCP Query User{7510C752-9A0B-45C3-BDEE-CB06648E3299}C:\program files\maxon cinema 4d r25\cinema 4d.exe] => (Block) C:\program files\maxon cinema 4d r25\cinema 4d.exe => Keine Datei
FirewallRules: [UDP Query User{D9A8F896-46F6-49AB-8DAF-7E33A98D4417}C:\program files\maxon cinema 4d r25\cinema 4d.exe] => (Block) C:\program files\maxon cinema 4d r25\cinema 4d.exe => Keine Datei
FirewallRules: [TCP Query User{7AC7AC7E-95FE-486B-99EB-3C3E1DF4892C}C:\users\savio\appdata\local\discord\app-1.0.9007\discord.exe] => (Allow) C:\users\savio\appdata\local\discord\app-1.0.9007\discord.exe => Keine Datei
FirewallRules: [UDP Query User{6767AFD0-5E7E-433E-8DD9-500C76448884}C:\users\savio\appdata\local\discord\app-1.0.9007\discord.exe] => (Allow) C:\users\savio\appdata\local\discord\app-1.0.9007\discord.exe => Keine Datei
FirewallRules: [{8B53C9D7-92E9-4725-B7EF-396A64C1789C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Escape Simulator\Escape Simulator.exe () [Datei ist nicht signiert]
FirewallRules: [{A5A33D58-D7AE-46F0-845A-A16819AA0073}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Escape Simulator\Escape Simulator.exe () [Datei ist nicht signiert]
FirewallRules: [{37375F88-085E-4D6D-933B-897464803A01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe => Keine Datei
FirewallRules: [{1EFB582D-11D5-4A0D-B23F-41CAB32537E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe => Keine Datei
FirewallRules: [{9C6DD415-A8B1-4224-AF8D-665984A91AD0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B66B8E5B-04CA-44F1-A18D-1649608C3511}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5A02545A-0DA5-4D06-B90D-C8C281098043}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{1898F222-6C6E-4FA3-A991-E37A32BA562A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7946B993-DA72-47FD-BFDA-67D203F183F2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{91B152DF-A375-46E6-931E-7922797D48F4}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{2B5073B8-BF6A-48EA-A719-142D9D41A122}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{5816CCC5-BAD5-477A-BB78-3A6763FE5DDA}] => (Allow) C:\Program Files\Unity 2021.3.13f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{FA762794-E465-48FC-9417-FF7BB407F1D4}] => (Block) C:\Program Files\Unity 2021.3.13f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{D1706FF0-0ABC-4EB1-B9D7-DC80B039C4D4}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{25960D2C-18B2-4449-AA6A-46DBCD8513BA}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{157AA6E3-9229-481C-9DB5-0529BA06D638}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{902B9ABF-9579-4E1B-A7F2-BB4983AB52D6}] => (Allow) C:\Program Files\Unity\Hub\Editor\2021.3.13f1\Editor\Unity.exe (Unity Technologies ApS -> Unity Technologies ApS)
FirewallRules: [{BCD36902-B0C2-458D-ACA7-84FEC2BA7955}] => (Block) C:\Program Files\Unity\Hub\Editor\2021.3.13f1\Editor\Unity.exe (Unity Technologies ApS -> Unity Technologies ApS)
FirewallRules: [{B7CE2C1D-FF8C-42C3-BFF7-6F121BA677A9}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Keine Datei
FirewallRules: [{10EEE82A-97BB-477E-AE8C-0E2B9D13AEF6}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Keine Datei
FirewallRules: [{3A57A778-BD50-4525-86E1-7965A9D8ADC5}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Keine Datei
FirewallRules: [{1C0A65F9-1ECF-4FD7-8001-2815FC4C2A46}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => Keine Datei
FirewallRules: [{987EF262-E066-427A-9FA8-CCF1FC7F3666}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unrailed\UnrailedGame.exe (Indoor Astronaut GmbH -> )
FirewallRules: [{C8F9A101-D5EC-44CF-9BFB-C0282C50B9F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unrailed\UnrailedGame.exe (Indoor Astronaut GmbH -> )
FirewallRules: [{FE017492-EE00-4EB0-B73F-F26220BF042A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PHOGS!\PHOGS.exe () [Datei ist nicht signiert]
FirewallRules: [{015F860A-FC9E-4954-B2F3-DCB4233D07EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PHOGS!\PHOGS.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{1E77A163-AFF2-41AC-AC9F-87CEFB2E2CB2}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [UDP Query User{52F86A7C-B635-41C0-935A-1C07FADF733B}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [TCP Query User{F51FDE09-BFEC-4C63-868D-FCF85571340C}C:\users\savio\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\savio\appdata\local\discord\app-1.0.9011\discord.exe => Keine Datei
FirewallRules: [UDP Query User{3B77A601-1867-484E-927C-7A979563188B}C:\users\savio\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\savio\appdata\local\discord\app-1.0.9011\discord.exe => Keine Datei
FirewallRules: [{5E97860B-140B-4996-97E0-924F58D3E41A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{62B67AC3-D73F-4705-B9C3-5090BEC517DD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C64F81AA-1F66-4762-A649-2DE35F0B95C5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC44DD04-F1DE-498B-8CC5-CE4500A1C255}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B7872FDF-4C4C-4160-AE08-B2D7E8C2C5DE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{0596175E-72C2-4008-9448-22574EBE3031}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{C496CDC6-A7EC-4294-A903-ADF601385C59}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{5237D104-B452-45B3-B3E2-CD0B2AC54820}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{5AB424DD-7058-4EA6-9973-6316A1D40CF4}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{AFC3A449-B541-44FB-BF8E-0298F87F2009}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{713E6FAA-086B-4C94-954D-A45023BEC496}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{79D2C9ED-3A93-487E-915A-AB6EBEF3385D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C3BDA550-0C66-41C2-9869-BD101A5811FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F89D760C-BEDE-4FAE-9A8B-3A3678462C8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6F51A71B-E056-4B7D-AF7B-1067691D1470}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{87D64683-82A1-4DC5-9BC5-4B4B3AB1CE27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F4892CAF-51B8-45DF-8420-6983650DA6DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F8EBBC8C-9565-43F4-9205-4B9F4C964090}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{00ECBA73-D4AB-435F-B50B-285EEEF610CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AFDEB648-ED12-4DBA-BCC6-EE96962EEE6E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.211.916.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{73989D32-9C61-45A3-BFD9-3A67ABA4712E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A41B1C5-6AAF-4171-9381-EA8D96F22E7C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Wiederherstellungspunkte =========================
16-05-2023 08:26:45 Windows Update
16-05-2023 08:26:46 Windows Update
16-05-2023 08:26:46 Windows Update
24-05-2023 08:00:58 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (05/24/2023 09:16:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname PC-Savio.local already in use; will try PC-Savio-2.local instead
Error: (05/24/2023 09:16:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 PC-Savio.local. Addr 192.168.2.111
Error: (05/24/2023 09:16:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.111:5353 16 PC-Savio.local. AAAA 2003:00DF:8720:0809:F363:AF37:A333:1645
Error: (05/24/2023 09:16:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 PC-Savio.local. AAAA FE80:0000:0000:0000:A8DC:F7F9:4F9F:2A90
Error: (05/24/2023 09:16:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.111:5353 16 PC-Savio.local. AAAA 2003:00DF:8720:0809:F363:AF37:A333:1645
Error: (05/24/2023 09:16:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 PC-Savio.local. AAAA 2003:00DF:8720:0825:2593:E165:66AD:7E2A
Error: (05/24/2023 09:16:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.111:5353 16 PC-Savio.local. AAAA 2003:00DF:8720:0809:F363:AF37:A333:1645
Error: (05/24/2023 09:16:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 PC-Savio.local. AAAA 2003:00DF:8720:0825:7E57:25C6:0335:9DDD
Systemfehler:
=============
Error: (05/24/2023 08:16:16 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop
Error: (05/24/2023 08:15:37 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic
Error: (05/24/2023 08:01:15 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NMPJ99VJBWV-Microsoft.YourPhone
Error: (05/24/2023 08:00:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "LGHUB Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/17/2023 08:03:05 AM) (Source: DCOM) (EventID: 10010) (User: PC-SAVIO)
Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/16/2023 10:53:57 PM) (Source: DCOM) (EventID: 10010) (User: PC-SAVIO)
Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/16/2023 10:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "LGHUB Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/16/2023 08:27:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NMPJ99VJBWV-Microsoft.YourPhone
Windows Defender:
================
Date: 2023-05-24 13:08:38
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Woreflint.A!cl&threatid=2147726230&enterprise=0
Name: Trojan:Script/Woreflint.A!cl
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\savio\AppData\Local\Temp\SCFA2EB.tmp; file:_C:\Users\savio\AppData\Local\Temp\SCFA30B.tmp; file:_C:\Users\savio\AppData\Local\Temp\SCFA31C.tmp
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: PC-Savio\savio
Prozessname: C:\Users\savio\AppData\Local\Programs\SparkDesktop\Spark Desktop.exe
Sicherheitsversion: AV: 1.389.2284.0, AS: 1.389.2284.0, NIS: 1.389.2284.0
Modulversion: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-24 13:08:38
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Woreflint.A!cl&threatid=2147726230&enterprise=0
Name: Trojan:Script/Woreflint.A!cl
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\savio\AppData\Local\Temp\SCFA2EB.tmp; file:_C:\Users\savio\AppData\Local\Temp\SCFA30B.tmp
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: PC-Savio\savio
Prozessname: C:\Users\savio\AppData\Local\Programs\SparkDesktop\Spark Desktop.exe
Sicherheitsversion: AV: 1.389.2284.0, AS: 1.389.2284.0, NIS: 1.389.2284.0
Modulversion: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-24 13:08:38
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Woreflint.A!cl&threatid=2147726230&enterprise=0
Name: Trojan:Script/Woreflint.A!cl
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\savio\AppData\Local\Temp\SCFA2EB.tmp
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: PC-Savio\savio
Prozessname: C:\Users\savio\AppData\Local\Programs\SparkDesktop\Spark Desktop.exe
Sicherheitsversion: AV: 1.389.2284.0, AS: 1.389.2284.0, NIS: 1.389.2284.0
Modulversion: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-24 12:32:08
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Woreflint.A!cl&threatid=2147726230&enterprise=0
Name: Trojan:Script/Woreflint.A!cl
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\savio\AppData\Local\Temp\SCF37ED.tmp; file:_C:\Users\savio\AppData\Local\Temp\SCF380D.tmp; file:_C:\Users\savio\AppData\Local\Temp\SCF383D.tmp
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: PC-Savio\savio
Prozessname: C:\Users\savio\AppData\Local\Programs\SparkDesktop\Spark Desktop.exe
Sicherheitsversion: AV: 1.389.2284.0, AS: 1.389.2284.0, NIS: 1.389.2284.0
Modulversion: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-24 12:32:08
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Woreflint.A!cl&threatid=2147726230&enterprise=0
Name: Trojan:Script/Woreflint.A!cl
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\savio\AppData\Local\Temp\SCF37ED.tmp; file:_C:\Users\savio\AppData\Local\Temp\SCF380D.tmp
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: PC-Savio\savio
Prozessname: C:\Users\savio\AppData\Local\Programs\SparkDesktop\Spark Desktop.exe
Sicherheitsversion: AV: 1.389.2284.0, AS: 1.389.2284.0, NIS: 1.389.2284.0
Modulversion: AM: 1.1.20300.3, NIS: 1.1.20300.3
CodeIntegrity:
===============
Date: 2023-05-24 12:20:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\75.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.
Date: 2023-05-24 07:59:59
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tap0901.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-05-13 21:15:04
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume2\Program Files\Google\Drive File Stream\74.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. P3.30 05/10/2019
Hauptplatine: ASRock B450M Pro4
Prozessor: AMD Ryzen 5 3600 6-Core Processor
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 16318.07 MB
Verfügbarer physikalischer RAM: 6263.51 MB
Summe virtueller Speicher: 20670.07 MB
Verfügbarer virtueller Speicher: 4771.12 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:476.27 GB) (Free:89.88 GB) (Model: INTEL SSDPEKNW512G8) NTFS
Drive d: (Volume) (Fixed) (Total:97.66 GB) (Free:97.44 GB) (Model: SanDisk SSD PLUS 240GB) NTFS
Drive e: (Volume) (Fixed) (Total:125.9 GB) (Free:125.8 GB) (Model: SanDisk SSD PLUS 240GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:476.27 GB) (Free:85.38 GB) (Model: SanDisk SSD PLUS 240GB) FAT32
\\?\Volume{e54ae342-4dfe-11ec-b102-a9eb46d5cc39}\ () (Fixed) (Total:0.57 GB) (Free:0.07 GB) NTFS
\\?\Volume{e54ae344-4dfe-11ec-b102-a9eb46d5cc39}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 9DD0A020)
Partition: GPT.
==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 1E54BEE9)
Partition: GPT.
==================== Ende von Addition.txt =======================
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 24.05.23
Scan-Zeit: 13:21
Protokolldatei: 1499ae58-fa25-11ed-b695-7085c2cf882f.json
-Softwaredaten-
Version: 4.5.29.268
Komponentenversion: 1.0.2022
Version des Aktualisierungspakets: 1.0.69925
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 11 (Build 23451.1000)
CPU: x64
Dateisystem: NTFS
Benutzer: PC-Savio\savio
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 354745
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 6 Min., 50 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-24-2023
# Duration: 00:00:06
# OS: Windows 11 (Build 23451.1000)
# Scanned: 32104
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1420 octets] - [24/05/2023 13:23:02]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
|
| Themen zu Trojan:Script/Woreflint.A!cl in file: C:\Users\name\AppData\Local\Temp\SCFA2EB.tmp |
| administrator, auswertung, bonjour, desktop, email, file, github, google, homepage, internet, maleware, malwarebytes, microsoft, openvpn, opera, ordner, prozesse, realtek, registry, scan, server, services.exe, svchost.exe, system, temp, treiber, trojan, trojaner, updates |
Baum-Darstellung