|
Plagegeister aller Art und deren Bekämpfung: Trojaner Trojan.Multi.BroSubsc.genWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
02.08.2023, 00:33 | #1 |
| Trojaner Trojan.Multi.BroSubsc.gen Hey habe gerade eben von Kaspersky ne benachritigung bekommen habe dann umgehend auf desinfizieren gedrückt bin mir aber nicht sicher ob der jetzt weg ist habe dann noch einen scan mit dem windows defender offline gemacht aber in der Ereignesanzeige steht nur das hier Code:
ATTFilter Protokollname: Microsoft-Windows-Windows Defender/Operational Quelle: Microsoft-Windows-Windows Defender Datum: 02.08.2023 01:05:24 Ereignis-ID: 2010 Aufgabenkategorie:Keine Ebene: Informationen Schlüsselwörter: Benutzer: SYSTEM Computer: DESKTOP-OCHEK1J Beschreibung: Microsoft Defender Antivirus ûŝέđ ¢ŀõμδ ρřőţęсŧϊøπ тθ ģėτ ãδďїŧїοйâŀ ѕĕċύяĩŧý ϊñтéĺłìĝëл¢ę.%ñ %ŧСцřŗëпť šèсüѓіŧу ΐʼnţęℓĺĭģëņċ℮ Vėґşìоη:%в1.393.2020.0%ή %τŞē¢úґϊтý іńţεļļĩģèиćė Ţýρε:%ь%ŋ %ťŮѕęř:%ь\%ñ %ťĊųŕřëпŧ Ёπĝįⁿé Věŕśϊőŋ:%в1.1.23060.1005%ņ %ŧСľόύđ φŗōτęčţіоñ ϊʼnтєļłĭĝëʼnčέ Τўρе:%ъUpdate der Sicherheitsinformationen%η %ţРέѓŝіŝŧэή¢έ Ρǻťĥ:%вC:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\1d24899a5a7a9504bafe52c5e969d1130ca816d0%ņ %тĈľόũď ρŕоτěčţϊǿη ϊñťëľĺįġёñςε Vёŕŝίσʼn:%ъ0.0.0.0%η %ţĈŀõµď φѓòťĕćτįθп ϊʼnţєłŀΐğėŋçё Ċθmρìļäŧīõл Ţîmёşτąмφ:%в01.08.2023 23:05:28%ñ %тРεřѕįŝţєлçē £ímΐť Ŧÿρз:%ьDauer%ń %ţРёřşιѕтèńċé Ĺϊmįт:%в3000000 Ereignis-XML: <Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Windows Defender" Guid="{11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78}" /> <EventID>2010</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x8000000000000000</Keywords> <TimeCreated SystemTime="2023-08-01T23:05:24.1680062Z" /> <EventRecordID>32</EventRecordID> <Correlation /> <Execution ProcessID="5220" ThreadID="10564" /> <Channel>Microsoft-Windows-Windows Defender/Operational</Channel> <Computer>DESKTOP-OCHEK1J</Computer> <Security UserID="S-1-5-18" /> </System> <EventData> <Data Name="Product Name">Microsoft Defender Antivirus</Data> <Data Name="Product Version">4.18.2303.8</Data> <Data Name="Current security intelligence Version">1.393.2020.0</Data> <Data Name="Unused"> </Data> <Data Name="Unused2"> </Data> <Data Name="Unused3"> </Data> <Data Name="Unused4"> </Data> <Data Name="Domain"> </Data> <Data Name="User"> </Data> <Data Name="SID"> </Data> <Data Name="Security intelligence Type Index">0</Data> <Data Name="Security intelligence Type"> </Data> <Data Name="Unused5"> </Data> <Data Name="Unused6"> </Data> <Data Name="Current Engine Version">1.1.23060.1005</Data> <Data Name="Unused7"> </Data> <Data Name="Unused8"> </Data> <Data Name="Unused9"> </Data> <Data Name="Unused10"> </Data> <Data Name="Unused11"> </Data> <Data Name="Unused12"> </Data> <Data Name="Cloud protection intelligence Type Index">1</Data> <Data Name="Cloud protection intelligence Type">Update der Sicherheitsinformationen</Data> <Data Name="Persistence Path">C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\1d24899a5a7a9504bafe52c5e969d1130ca816d0</Data> <Data Name="Cloud protection intelligence Version">0.0.0.0</Data> <Data Name="Cloud protection intelligence Compilation Timestamp">01.08.2023 23:05:28</Data> <Data Name="Persistence Limit Type Index">2</Data> <Data Name="Persistence Limit Type">Dauer</Data> <Data Name="Persistence Limit Value">3000000</Data> </EventData> </Event> Geändert von cosinus (02.08.2023 um 08:06 Uhr) Grund: code tags |
02.08.2023, 08:07 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Trojan.Multi.BroSubsc.gen Dann auch bitte sinnigerweise das Log von Kaspersky dazu posten und nicht das vom Windows-Defender. Sp weiß doch niemand was Kaspersky da hatte.
__________________Außerdem fehlen alle weiteren wichtigen Logs -> Hinweise für Hilfesuchende lesen und umsetzen!
__________________ |
02.08.2023, 12:19 | #3 |
| Trojaner Trojan.Multi.BroSubsc.gen Hey sorry tut mir leid war gestern Nacht volll im schock Hoffe das ist richtig
__________________Ereignis: Objekt nicht verarbeitet Benutzer: DESKTOP-OCHEK1J\zigle Benutzertyp: Aktiver Benutzer Komponente: Untersuchung auf Viren Ergebnis: Nicht bearbeitet Ergebnisbeschreibung: Nicht bearbeitet Typ: Trojaner Name: Trojan.Multi.BroSubsc.gen Genauigkeit: Genau Bedrohungsstufe: Hoch Objekttyp: Datei Objektname: System Memory Grund: Übersprungen Ereignis: Das Objekt wurde desinfiziert. Benutzer: DESKTOP-OCHEK1J\zigle Benutzertyp: Aktiver Benutzer Komponente: Untersuchung auf Viren Ergebnis: Desinfiziert Ergebnisbeschreibung: Desinfiziert Typ: Trojaner Name: Trojan.Multi.BroSubsc.gen Genauigkeit: Genau Bedrohungsstufe: Hoch Objekttyp: Datei Objektname: System Memory Ereignis: Objekt nicht verarbeitet Benutzer: DESKTOP-OCHEK1J\zigle Benutzertyp: Aktiver Benutzer Komponente: Untersuchung auf Viren Ergebnis: Nicht bearbeitet Ergebnisbeschreibung: Nicht bearbeitet Objekttyp: Datei Objektpfad: C:\Users\zigle\Documents\Eigene Bilder Grund: Der Zugriff wurde verweigert. |
02.08.2023, 12:23 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Trojan.Multi.BroSubsc.gen Die Hinweise bitte richtig lesen. Logs gehören nicht in den Anhang, sondern direkt gepostet in CODE-Tags.
__________________ Logfiles bitte immer in CODE-Tags posten |
02.08.2023, 12:28 | #5 |
| Trojaner Trojan.Multi.BroSubsc.genCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-08-2023 durchgeführt von zigle (02-08-2023 13:12:45) Gestartet von C:\Users\zigle\Downloads Microsoft Windows 11 Home Version 22H2 22621.1992 (X64) (2023-05-07 12:09:38) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-568267705-2125286131-1783018927-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-568267705-2125286131-1783018927-503 - Limited - Disabled) Gast (S-1-5-21-568267705-2125286131-1783018927-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-568267705-2125286131-1783018927-504 - Limited - Disabled) zigle (S-1-5-21-568267705-2125286131-1783018927-1001 - Administrator - Enabled) => C:\Users\zigle ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} FW: Kaspersky (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.8.0.1937 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.8.0.1937 - Advanced Micro Devices, Inc.) Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.) Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version: - Ubisoft) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts) Battlefield™ 2042 (HKLM-x32\...\{45e281f3-1414-47ea-bb64-4f50d50121f3}) (Version: 1.0.76.60710 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Breitbandmessung 3.3.0 (HKLM\...\14607473-30db-509f-94f0-bb7c085c619e) (Version: 3.3.0 - zafaco GmbH) Core Temp 1.18 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.18 - ALCPU) CORSAIR iCUE 4 Software (HKLM\...\{444A58EF-FD29-4558-BD8B-F4839576463C}) (Version: 4.33.138 - Corsair) CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.) CrystalDiskInfo 8.17.14 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.14 - Crystal Dew World) Diablo IV (HKLM-x32\...\Diablo IV) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Discord) (Version: 1.0.9013 - Discord Inc.) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.239.0.5496 - Electronic Arts) Hidden EA app (HKLM-x32\...\{2da5c03a-a437-48b6-85b8-7fafff95de5e}) (Version: 12.239.0.5496 - Electronic Arts) Elgato Stream Deck (HKLM\...\{E6DCB5EF-F35C-4F2D-BA2A-16091CDE111C}) (Version: 6.3.0.18948 - Corsair Memory, Inc.) Elgato Wave Link (HKLM\...\{3FA4D626-F5DC-43A9-B131-D9A0984B4984}) (Version: 1.8.1.476 - Corsair Memory, Inc.) ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_DRAM_RGB_AIO (HKLM\...\{40514BA6-1FC2-4BBD-84A2-504634A97196}) (Version: 1.0.4.16 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{ca38f41e-a37c-41b2-82e3-28b215743448}) (Version: 1.0.4.16 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.10.4 - ENE Tech) Hidden ENE_External_Device_HAL (HKLM-x32\...\{38581c7d-8a6c-4129-9046-8f5df621478b}) (Version: 1.0.10.4 - ENE Tech) Hidden ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM-x32\...\{ec10ac91-2e61-460a-b493-33f794a07682}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden Epic Games Launcher (HKLM-x32\...\{8ADEA716-6C06-4092-A62B-794F8BF8336A}) (Version: 1.3.51.0 - Epic Games, Inc.) Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) Futuremark SystemInfo (HKLM-x32\...\{6037E2E3-C7A4-4F37-AE61-0174E1A919BE}) (Version: 5.46.1056.0 - Futuremark) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.62.26 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.110 - Google LLC) HWiNFO64 Version 7.20 (HKLM\...\HWiNFO64_is1) (Version: 7.20 - Martin Malik - REALiX) Java 8 Update 361 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180361F0}) (Version: 8.0.3610.9 - Oracle Corporation) Kaspersky (HKLM-x32\...\{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky) Hidden Kaspersky (HKLM-x32\...\InstallWIX_{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky) Kaspersky Password Manager (HKLM-x32\...\{CFA625D9-0245-477C-8F27-198B1D804B44}) (Version: 23.0.0.1051 - Kaspersky) Hidden Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{CFA625D9-0245-477C-8F27-198B1D804B44}) (Version: 23.0.0.1051 - Kaspersky) Kaspersky VPN (HKLM-x32\...\{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky) Hidden Kaspersky VPN (HKLM-x32\...\InstallWIX_{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky) Logitech Capture (HKLM\...\Capture) (Version: 2.06.12 - Logitech) Microsoft .NET Host - 5.0.0 (x64) (HKLM\...\{1D88C674-5064-4E7F-BB8C-1E6F8374C35D}) (Version: 40.0.29419 - Microsoft Corporation) Hidden Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.10 (x86) (HKLM-x32\...\{3B28977C-9163-48A5-A08C-C01327E18AE2}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.0 (x64) (HKLM\...\{0DA2670C-83CF-4F3A-929C-19FB3C26B094}) (Version: 40.0.29419 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.10 (x86) (HKLM-x32\...\{EBD44C5E-F1AF-4955-AEDF-F15D06384A9C}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.0 (x64) (HKLM\...\{FE6FF6ED-93DE-42E3-991D-346F0C1FC187}) (Version: 40.0.29419 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation) Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.10 (x86) (HKLM-x32\...\{98CA5A6B-4ECC-4E6D-BF18-6B20CBB6E5F4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\OneDriveSetup.exe) (Version: 23.147.0716.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{6a3b46d3-fbf1-4b22-8b42-48b675de6b81}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 (HKLM-x32\...\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}) (Version: 14.34.31938.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 (HKLM-x32\...\{080D8397-60F4-44B3-BB95-FBB950CB0B4E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 (HKLM-x32\...\{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.0 (x64) (HKLM\...\{B4FC1E81-3264-49A2-80C7-24C296546D67}) (Version: 40.0.29420 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.0 (x64) (HKLM-x32\...\{b1b6fa8e-9e9e-4fc2-9a62-6cfdcc8f0878}) (Version: 5.0.0.29420 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{0F3E4057-E2BB-4114-A646-F143DB5CE4C9}) (Version: 48.43.48870 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{9dd24b73-88e0-4f0f-882a-500e00d2bdef}) (Version: 6.0.10.31726 - Microsoft Corporation) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 114.0.2 (x64 de)) (Version: 114.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.1 - Mozilla) Nefarius Software Solutions e.U. HidHide (x64) (HKLM\...\{B62A2DE2-E6A8-438B-B05B-6E9287A0191D}) (Version: 1.0.30.0 - Nefarius Software Solutions e.U.) Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.) NVIDIA Audio Effects SDK (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_AudioEffects) (Version: 1.3.0.21 - NVIDIA Corporation) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation) NVIDIA Grafiktreiber 536.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.67 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NZXT CAM 4.53.2 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.53.2 - NZXT, Inc.) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.0.0 - OBS Project) Opera GX Stable 100.0.4815.82 (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Opera GX 100.0.4815.82) (Version: 100.0.4815.82 - Opera Software) Opera GX Stable 86.0.4363.64 (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Opera GX 86.0.4363.64) (Version: 86.0.4363.64 - Opera Software) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.228.0.20 - Overwolf Ltd.) Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.1 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{07236f40-ec25-4646-8cb6-b6aaf1597324}) (Version: 1.1.0.1 - Patriot Memory) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.8.0630.062814 - Razer Inc.) RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.22.1221.1 - Gigabyte) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) RivaTuner Statistics Server 7.3.3 (HKLM-x32\...\RTSS) (Version: 7.3.3 - Unwinder) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.70.1389 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.7 - Rockstar Games) Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts) Spotify (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Spotify) (Version: 1.2.16.947.gcfbaa410 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries GG 43.0.0 (HKLM\...\SteelSeries GG) (Version: 43.0.0 - SteelSeries ApS) TeamSpeak 3 Client (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH) TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.53.0 - TechPowerUp) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 140.0.10857 - Ubisoft) UNO (HKLM-x32\...\Uplay Install 3352) (Version: - Ubisoft) UVK - Ultra Virus Killer (HKLM\...\UVK - Ultra virus killer) (Version: 11.10.8.0 - Carifred) VALORANT (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) Valorant Tracker (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Overwolf_ipmlnnogholfmdmenfijjifldcpjoecappfccceh) (Version: 1.11.1 - Overwolf app) WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden WeMod (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\WeMod) (Version: 8.10.3 - WeMod) Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation) Wolfenstein: The New Order (HKLM-x32\...\1943729964_is1) (Version: 1.0.0.2 hotfix - GOG.com) WOW 8.15.0.0 (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\com.bskyb.wowtv_is1) (Version: 8.15.0.0 - WOW) Packages: ========= BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.29.0_x64__ffd303wmbhcjt [2023-05-22] (BreeZip) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa [2023-05-25] (Apple Inc.) [Startup Task] Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-02-25] (Microsoft Corporation) Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-05-08] (Microsoft Corp.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-07-18] (NVIDIA Corp.) PowerWash Simulator -> C:\Program Files\WindowsApps\39C668CD.PowerWashSimulator_12.2304.280.0_x64__r7bfsmp40f67j [2023-06-29] (Square Enix Ltd.) Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.145.0_x64__pwbj9vvecjh7j [2023-07-14] (Amazon Development Centre (London) Ltd) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2023-05-07] (Realtek Semiconductor Corp) ShellEx Package -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64 [2023-05-07] (ShellEx Package) Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.419.2201.879_neutral__8wekyb3d8bbwe [2023-04-19] (Microsoft Corporation) Zip Extractor Pro -> C:\Program Files\WindowsApps\38526MediaLife.ZipPlus_2.0.4.0_x86__1crh1k73ty8mg [2022-12-22] (Media Life) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-568267705-2125286131-1783018927-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => Keine Datei ContextMenuHandlers1: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-04-23] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-04-23] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers4: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-04-23] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_14c40086f8e718c9\nvshext.dll [2023-07-14] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-04-23] (Kaspersky Lab JSC -> AO Kaspersky Lab) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2023-03-02 08:55 - 2023-02-27 22:39 - 001393152 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll 2023-07-27 16:15 - 2023-07-26 23:06 - 001569280 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\CTITSDKDeviceTool.dll 2022-04-01 15:48 - 2022-04-01 15:48 - 000045056 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIntelI2C.dll 2023-07-27 16:15 - 2023-07-26 23:06 - 002882560 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\ffmpeg.dll 2023-07-27 16:15 - 2023-07-26 23:06 - 000480768 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\libegl.dll 2023-07-27 16:15 - 2023-07-26 23:06 - 007625728 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\libglesv2.dll 2023-04-29 19:26 - 2023-07-26 23:06 - 005334528 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\vk_swiftshader.dll 2022-08-24 11:45 - 2022-08-24 11:45 - 000242176 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccv3.dll 2022-04-02 14:02 - 2022-04-02 14:02 - 000524800 _____ (GIGABYTE Technology Co.,Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll 2020-11-05 14:16 - 2020-11-05 14:16 - 000268800 _____ (GIGABYTE Technology Co.,Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll 2022-05-25 11:20 - 2022-05-25 11:20 - 001992704 _____ (GIGABYTE) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACPCIeSSD_Lib.dll 2021-02-22 20:38 - 2021-02-22 20:38 - 000990720 _____ (JMicron Technology Co.) [Datei ist nicht signiert] C:\Program Files\ENE\Aac_ENE_X-JMI_HAL\JMFWUpdateDll.dll 2023-07-27 16:15 - 2023-07-26 23:06 - 000083456 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] \\?\C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\nzxt-device\SiUSBXp64.dll 2023-01-17 13:13 - 2023-01-17 13:13 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files\Corsair\CORSAIR iCUE 4 Software\SiUSBXp.dll 2023-05-23 11:02 - 2019-05-28 22:36 - 003407360 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\cz.danol.discordmixer.sdPlugin\bin\libcrypto-1_1-x64.dll 2023-05-23 11:02 - 2019-05-28 22:36 - 000681472 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\cz.danol.discordmixer.sdPlugin\bin\libssl-1_1-x64.dll 2017-10-05 15:26 - 2017-10-05 15:26 - 002247168 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll 2018-12-08 08:22 - 2018-12-08 08:22 - 002059264 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll 2022-10-03 10:00 - 2022-10-03 10:00 - 000516096 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll 2022-10-13 16:38 - 2022-10-13 16:38 - 002046464 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\WINDOWS\system32\9EarsSurroundSound.dll:72B1DE377E [3442] AlternateDataStreams: C:\WINDOWS\system32\9EarsSurroundSound.dll:97D88723C8 [4306] AlternateDataStreams: C:\ProgramData\AMDAutoUpdate.log:5AFFBDE7FB [4306] AlternateDataStreams: C:\ProgramData\AMDAutoUpdate.log:B5D3D35FA8 [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk:B026C77744 [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Breitbandmessung.lnk:405F340306 [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk:83A68E50E4 [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCUE.lnk:35C8A47BAF [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCUE.lnk:97831153DE [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NZXT CAM.lnk:AB04221C49 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_361\bin\ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_361\bin\jp2ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\dotnet\;;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-568267705-2125286131-1783018927-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\zigle\Downloads\ultra-instinct-goku-dragon-ball-blue-power.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\Run: => "CORSAIR iCUE 4 Software" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "Opera GX Stable" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "GogGalaxy" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4AF148971660ED09CC41DC556DFB6C6E" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_24B02A7A179033EAE02E8246A105555E" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{A0252331-049C-4046-A453-86EA48B01750}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland S.A. -> Techland) FirewallRules: [{058A71BA-B1EF-4D54-B8CB-F6AEA495C9EB}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland S.A. -> Techland) FirewallRules: [{A52A9088-634C-4F93-8E8F-B0DBAD07E02D}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe (Techland S.A. -> Techland) FirewallRules: [{D1A8BF7A-49F6-44CE-9E44-31A2C793F3B3}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe (Techland S.A. -> Techland) FirewallRules: [{32F9BB18-B67B-4BCA-B5DA-CF19C303456F}] => (Allow) E:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert] FirewallRules: [{2A930A1B-E22C-46C5-AA71-1156527632F1}] => (Allow) E:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{9D851819-3D54-4031-ABF2-1E20FC466970}D:\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) D:\wolfenstein the new order\wolfneworder_x64.exe (MachineGames) [Datei ist nicht signiert] FirewallRules: [TCP Query User{9C75F34E-091C-41A1-BB49-9F53869F4B21}D:\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) D:\wolfenstein the new order\wolfneworder_x64.exe (MachineGames) [Datei ist nicht signiert] FirewallRules: [{50000AE6-04D2-4F84-9033-B91392086E93}] => (Allow) LPort=8088 FirewallRules: [{7E067420-8A0C-46A3-8A7C-DC1526E1A225}] => (Allow) LPort=8088 FirewallRules: [UDP Query User{AB3CE73C-89CF-4164-A874-B9836EA9304A}C:\users\zigle\riot games\riot client\riotclientservices.exe] => (Allow) C:\users\zigle\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{9F2BA5D1-57F4-402D-B81E-8EEBB184D936}C:\users\zigle\riot games\riot client\riotclientservices.exe] => (Allow) C:\users\zigle\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{3A499CB5-F922-4C5D-824B-AA41DBFDEC5C}E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [TCP Query User{984D6D06-5E03-441C-9F7C-9A1086620BB1}E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [UDP Query User{C5EB8C7D-A04A-4A9A-8B69-4991093B4510}E:\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) E:\call of duty black ops cold war\blackopscoldwar.exe => Keine Datei FirewallRules: [TCP Query User{0CF63E07-5701-4815-ABE2-36581B75BD55}E:\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) E:\call of duty black ops cold war\blackopscoldwar.exe => Keine Datei FirewallRules: [UDP Query User{4A66AAF6-1288-493C-B2E9-F3A5CDBACF3B}E:\steamlibrary\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe] => (Allow) E:\steamlibrary\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe (Irrational Games) [Datei ist nicht signiert] FirewallRules: [TCP Query User{FEB489A8-FBAA-40FF-8DB9-1DDB74210945}E:\steamlibrary\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe] => (Allow) E:\steamlibrary\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe (Irrational Games) [Datei ist nicht signiert] FirewallRules: [{39535E1F-73E0-4C68-84D2-11FF2450D04A}] => (Allow) E:\SteamLibrary\steamapps\common\Sons Of The Forest\SonsOfTheForest.exe () [Datei ist nicht signiert] FirewallRules: [{D9F14177-964C-4227-B4E8-DF47FF36A41A}] => (Allow) E:\SteamLibrary\steamapps\common\Sons Of The Forest\SonsOfTheForest.exe () [Datei ist nicht signiert] FirewallRules: [{1DEAA6C6-32A5-4332-B2D1-B0166D2141AC}] => (Allow) E:\SteamLibrary\steamapps\common\BioShock Infinite\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [{665E91EC-DB13-4177-956A-D93E83A19967}] => (Allow) E:\SteamLibrary\steamapps\common\BioShock Infinite\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [UDP Query User{88BD51B3-9228-4CBA-8D84-C2A7704D0178}E:\steamlibrary\steamapps\common\theouterworlds\indiana\binaries\win64\indiana-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\theouterworlds\indiana\binaries\win64\indiana-win64-shipping.exe => Keine Datei FirewallRules: [TCP Query User{3A15C9C5-8DE7-49F3-A013-66990581E87B}E:\steamlibrary\steamapps\common\theouterworlds\indiana\binaries\win64\indiana-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\theouterworlds\indiana\binaries\win64\indiana-win64-shipping.exe => Keine Datei FirewallRules: [{71F54422-B384-498E-B243-306A9AE28E0C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{DD77B646-EAAD-44D5-8D1D-30154AA1916C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{D8AC9F06-E072-4BEB-AB21-655615DCE723}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{0594E1B8-2D45-4989-A1B2-2152DAA5A751}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{A71656F4-D855-4488-BB6A-23B9C855D0B3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{FE616C7D-255F-426E-9B33-78322C504E57}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => Keine Datei FirewallRules: [{1C829E08-F626-40A6-8C63-502DECDFF3D7}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 5\Launcher.exe () [Datei ist nicht signiert] FirewallRules: [{B049F560-FB6C-40F5-B562-0AC6308857E5}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 5\Launcher.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{92E20EF2-54E6-4D32-BBB0-8DF8AFFE4ECE}E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [TCP Query User{65F9C58A-C2AF-45A0-B39A-40C1AF7C9551}E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [{E148E9CB-8B2C-483E-A578-6971562A9A5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{B7EC9C6F-D669-4CCF-BF4E-D286EF230F4B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{826B9CC6-592F-4865-AA49-8D2AD66F4CB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{941D256C-72E4-4CB5-820E-74D1126E1566}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{62C7A6CF-A108-44ED-848B-AED96D8673F8}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe (CAPCOM CO., LTD. -> CAPCOM U.S.A, INC.) FirewallRules: [{AD6BAE75-CBB7-4997-BBC1-E244B9B0013C}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe (CAPCOM CO., LTD. -> CAPCOM U.S.A, INC.) FirewallRules: [{62334C84-A46A-495E-847A-5C0253C7EB9A}] => (Allow) E:\SteamLibrary\steamapps\common\Yu-Gi-Oh! Duel Links\dlpc.exe () [Datei ist nicht signiert] FirewallRules: [{6969C10E-C65B-4456-8CD4-2B4B44DE3CCF}] => (Allow) E:\SteamLibrary\steamapps\common\Yu-Gi-Oh! Duel Links\dlpc.exe () [Datei ist nicht signiert] FirewallRules: [{2777F7A0-135C-4879-81B8-F5FF64047A3C}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe (Underwriters Laboratories Inc. -> ) FirewallRules: [{0CF67890-E968-4B48-9FA3-2625E8E19E69}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe (Underwriters Laboratories Inc. -> ) FirewallRules: [{C2BF100B-AF0C-4397-A74B-62689A323F93}] => (Allow) LPort=32682 FirewallRules: [{86DA8F17-42B3-4CFB-BC2C-28F1EAF6074A}] => (Allow) LPort=26822 FirewallRules: [{9CD8139F-CC88-4904-B5A4-42EBAD5A2B19}] => (Allow) E:\SteamLibrary\steamapps\common\Ghost Watchers\Ghost Watchers.exe () [Datei ist nicht signiert] FirewallRules: [{CE0F9B7B-30EF-4483-B0DB-EED4ADBCD858}] => (Allow) E:\SteamLibrary\steamapps\common\Ghost Watchers\Ghost Watchers.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{39A353AD-4FA2-4DD2-A5A5-16194EFD6CDC}E:\rocketleague\binaries\win64\rocketleague.exe] => (Allow) E:\rocketleague\binaries\win64\rocketleague.exe => Keine Datei FirewallRules: [TCP Query User{EF5F82F7-8796-40D4-B0AC-5263F0C5F0C9}E:\rocketleague\binaries\win64\rocketleague.exe] => (Allow) E:\rocketleague\binaries\win64\rocketleague.exe => Keine Datei FirewallRules: [UDP Query User{7706974C-CE74-4B32-BC0D-10E8CE31ECE5}E:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{B7BA334B-EDC9-46FD-8E67-A653AA38D763}E:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{9057B859-1CFC-459B-B2C1-B07CA95120F3}] => (Allow) E:\SteamLibrary\steamapps\common\Grim Dawn\x64\Grim Dawn.exe => Keine Datei FirewallRules: [{1E9233E2-7A4C-4FD0-9E2C-84DD30C48C4F}] => (Allow) E:\SteamLibrary\steamapps\common\Grim Dawn\x64\Grim Dawn.exe => Keine Datei FirewallRules: [UDP Query User{093DD0F2-C46B-4D70-8587-30376F5AB04C}C:\users\zigle\riot games\riot client\riotclientservices.exe] => (Allow) C:\users\zigle\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{533C5F20-6916-43AC-85C7-C632F4BF4E4E}C:\users\zigle\riot games\riot client\riotclientservices.exe] => (Allow) C:\users\zigle\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{4AF7DA4D-62CD-4358-8AB5-E73D61A25BBE}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{864794A2-7DA4-427D-9F78-6B72E27C9122}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{4A422D2A-8B74-4CA8-A54A-AD8622EAB5F4}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe => Keine Datei FirewallRules: [{34F62E3F-1AE6-46F6-882C-FDB59FC6EC4C}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe => Keine Datei FirewallRules: [{8A37F9F5-6702-4E9B-AC16-22B9350D5760}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => Keine Datei FirewallRules: [{B113BCDA-811C-48E7-941E-30DF6D9982BB}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => Keine Datei FirewallRules: [{78D3214B-E897-4A56-9626-1ED3F19FCAA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{EDD2C76B-E820-40E7-8333-E4ABB450EDDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{62EB2112-7555-413B-9381-E6038416CB79}] => (Allow) E:\Grand Theft Auto V\GTA5.exe => Keine Datei FirewallRules: [{A0823BF9-109A-4414-891E-D902F16CCD39}] => (Allow) E:\Grand Theft Auto V\GTA5.exe => Keine Datei FirewallRules: [{D5BC0469-4083-4F9E-B92E-EF4E03A764F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7451BABB-3271-45DE-9520-70CEC6E41501}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{872A2BD9-7D33-4B07-9C4C-142FA83A50EE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{19B44D00-56ED-4825-B801-23A4D9D3BB0F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5C4C91CD-5D4B-42CE-B160-FDC316684B5D}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark) FirewallRules: [{ABB1B0B5-F9CD-4431-89B8-D1C57DE6E3D9}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark) FirewallRules: [UDP Query User{B19573B7-61D6-4A96-8547-5A724CAAE790}E:\steamlibrary\steamapps\common\haunt chaser\hauntchaser\binaries\win64\hauntchaser-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\haunt chaser\hauntchaser\binaries\win64\hauntchaser-win64-shipping.exe (Clock Wizard Games) [Datei ist nicht signiert] FirewallRules: [TCP Query User{68737115-28BA-4E60-B982-3671EA3828F8}E:\steamlibrary\steamapps\common\haunt chaser\hauntchaser\binaries\win64\hauntchaser-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\haunt chaser\hauntchaser\binaries\win64\hauntchaser-win64-shipping.exe (Clock Wizard Games) [Datei ist nicht signiert] FirewallRules: [{5E46C099-771A-40C6-977A-844E860ABA55}] => (Allow) E:\SteamLibrary\steamapps\common\Haunt Chaser\HauntChaser.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{ECD16E63-4685-44ED-835F-F2A9B8A4C909}] => (Allow) E:\SteamLibrary\steamapps\common\Haunt Chaser\HauntChaser.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{2526E9C9-5943-4D7F-BFB8-2039895F7328}E:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei FirewallRules: [TCP Query User{39539895-B7CC-4BAC-B2B1-7B31489BD23D}E:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei FirewallRules: [UDP Query User{86E03B64-E7E9-4D49-A750-928020AA717C}E:\xbox games\back 4 blood\content\gobi\binaries\wingdk\back4blood.exe] => (Allow) E:\xbox games\back 4 blood\content\gobi\binaries\wingdk\back4blood.exe => Keine Datei FirewallRules: [TCP Query User{8BF11126-3DAF-4FCC-8476-B43159F642CB}E:\xbox games\back 4 blood\content\gobi\binaries\wingdk\back4blood.exe] => (Allow) E:\xbox games\back 4 blood\content\gobi\binaries\wingdk\back4blood.exe => Keine Datei FirewallRules: [UDP Query User{6DC0BC89-9CFF-4606-BD69-2D8870DA8FDE}C:\users\zigle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\zigle\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{010CD4F8-6107-454B-9234-DD10C7E20BC6}C:\users\zigle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\zigle\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{20B97474-1C3F-4B46-B1DB-34D68E4A63B5}] => (Allow) E:\SteamLibrary\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{E01FB0E9-19F1-43FD-8E63-58A3112D282D}] => (Allow) E:\SteamLibrary\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{DFD43AC9-C9A5-4B12-9ACA-85692CA7D6EA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{BAA2EEF3-05F7-4EEF-BDE6-624CE1D9941E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B8AC8512-3D0B-439D-A0F0-84732FE4A0FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{8463CDAA-F646-48BE-AC8B-832C783C249F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [UDP Query User{46E240E8-87CC-4A0E-9174-2CE5C7446679}E:\origin\diablo iii\x64\diablo iii64.exe] => (Allow) E:\origin\diablo iii\x64\diablo iii64.exe => Keine Datei FirewallRules: [TCP Query User{EF3614D1-ECE2-4B9C-8D34-1A8178C4CCFA}E:\origin\diablo iii\x64\diablo iii64.exe] => (Allow) E:\origin\diablo iii\x64\diablo iii64.exe => Keine Datei FirewallRules: [UDP Query User{7498C4D0-16D8-43BD-AA36-67397DF395A6}C:\users\zigle\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\zigle\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{F15886A4-F11F-405E-9A07-ECF3F0972B3E}C:\users\zigle\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\zigle\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{3582F424-2A91-437C-AC49-3DFA8ACA4526}C:\users\zigle\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\zigle\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{2063AEA9-BBA6-49A8-8688-F39687CC139D}C:\users\zigle\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\zigle\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{FB09B9B5-AAE7-4719-AEE5-45BE5D93EDAB}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => Keine Datei FirewallRules: [{454B9E8E-9F5B-463F-A1B6-86A90AADECD1}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => Keine Datei FirewallRules: [{A41C34CB-9169-4109-8B29-A96F70783410}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe (CAPCOM CO., LTD. -> CAPCOM U.S.A, INC.) FirewallRules: [{74618B2B-C768-412C-87AF-C89A6FDDE25A}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe (CAPCOM CO., LTD. -> CAPCOM U.S.A, INC.) FirewallRules: [{979CE043-D4BF-4B5B-AC4F-D9E9DE89748D}] => (Allow) E:\Assassin's Creed Valhalla\ACValhalla_Plus.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{E606F292-ED30-457B-B359-097A0CAFD20A}] => (Allow) E:\SteamLibrary\steamapps\common\Oblivity\Oblivity.exe () [Datei ist nicht signiert] FirewallRules: [{B0694B4A-4DFD-43D2-9D7C-F4C456F7B7B6}] => (Allow) E:\SteamLibrary\steamapps\common\Oblivity\Oblivity.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{2242EFF7-E320-4E00-B13E-DFCE367A4E42}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{3C041DFB-6BF3-423B-8D58-6A1C98DB71E2}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{587ADC20-B194-47D0-8125-EF0D4A53DA41}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{8E854FF1-26FA-4067-BC83-0CDAD4989794}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D458249D-133C-400B-BA46-A8A9B2F7366A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{641CA09A-8CEA-4D47-89CE-51021D7411BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{F3BF5401-5BFF-44A9-951B-0EEAC9B88BB4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{385E6705-33F4-4DEF-85BB-0212615D1F1E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{7324D3BD-77D7-4A1A-8EBA-77D65FA3E22F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{93436195-B697-4F7B-8BBE-9F55E8E2898B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{7ED3CB6E-1120-4DB2-BEFC-68C8513C7EB8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{3A3E056D-7C85-4155-BB77-D61FD11E4D05}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{9CF28299-9B82-41A6-AE00-CE19238D75FF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{4A5A920A-FCC1-4A3B-B74D-EEB2C1BCDF43}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{BF63A4B9-F92B-4E37-9106-6C1BFBF92135}] => (Allow) D:\SteamLibrary\steamapps\common\RESIDENT EVIL 4 BIOHAZARD RE4\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{B4F092F9-288B-4EFA-AC69-D6E519C8CC66}] => (Allow) D:\SteamLibrary\steamapps\common\RESIDENT EVIL 4 BIOHAZARD RE4\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{0251A5DD-1475-460C-9AE4-68661EBFEE37}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => Keine Datei FirewallRules: [{355F360A-3EF2-4FB5-BBC0-E6A95C8508D1}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => Keine Datei FirewallRules: [{441B0259-1CCC-4247-8AAC-CBF99E5EDDA8}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => Keine Datei FirewallRules: [{49ED6B38-FFD8-40C1-8DA0-C98B177EF9F1}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => Keine Datei FirewallRules: [{C6D55EDD-8D59-4A19-804F-AA62EABB8711}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{0DC94396-88EF-4B98-B5D1-2FFBB01247D1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{DF9D5A43-305C-4E39-94AA-029B7E036590}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{A3B7F1B4-0F68-48EB-A3F5-5205DBE80313}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{016E1649-82D7-4C54-B66E-2340DE844323}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{A9559138-F229-4952-B3EB-D73F7F6F0425}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{F2E19475-0613-40D9-963C-9BDB5EF08D17}] => (Allow) E:\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{6521B1F7-A811-444C-84CD-C60FC1A1F94E}] => (Allow) E:\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{22C436F5-D68A-4111-ABD0-23238F2608E4}] => (Allow) E:\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{E67FD927-A5BC-49FA-B538-D8A951DD8721}] => (Allow) E:\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{55BEFDB1-625D-4DF1-A08D-E05B698FD895}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{12FEFDAD-53FD-46BA-9576-1AF581178244}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{9EF9AB87-C771-4846-820A-A3CEE6DE5BEB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{01FF7B22-A057-4927-A6F4-5458D859A907}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{3A936116-8FE8-47C5-8F63-9710306A58BD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{F8A83C85-E3A2-4B51-9028-28070AB9F221}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{18BCDD5F-20D1-49CE-95A6-1086B54B0880}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{DB16D338-F965-4F55-B144-E6417334F0A9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{12343107-387E-433C-A7F7-9BDE3C3FA349}] => (Allow) C:\Program Files\EA Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{8D9F5DBF-9585-4549-94D3-AC28D6AD9CCB}] => (Allow) C:\Program Files\EA Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{307F2A44-F2E7-4213-8368-46A077F9A54A}] => (Allow) E:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Datei ist nicht signiert] FirewallRules: [{33A21831-7622-4EB1-AE03-FBFF0C0C3359}] => (Allow) E:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Datei ist nicht signiert] FirewallRules: [{CD3E6DC6-1C71-4147-96FF-4E5BC2D6E778}] => (Allow) C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServer.exe (Corsair Memory, Inc. -> ) FirewallRules: [{45CE4F1F-64A9-4B37-A46B-B60828E1D587}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS) FirewallRules: [{88961722-D383-460A-B510-C4319F44FC3A}] => (Allow) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) FirewallRules: [{774DDC58-7F25-472F-AAA5-F1F5D18FE848}] => (Allow) C:\Program Files\Elgato\WaveLink\WaveLink.exe (Corsair Memory, Inc. -> Corsair Memory, Inc) FirewallRules: [{09D0F5FE-091F-4FBA-ADDC-ED75FC34BA15}] => (Allow) E:\Battlefield 2042\BF2042_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{62DD3B4B-CA7A-4877-8336-FDDE6D41B90A}] => (Allow) E:\Battlefield 2042\BF2042_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{46D24B9B-5A2B-413D-9223-E79993BDB019}] => (Allow) E:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert] FirewallRules: [{1EF846D0-2FB3-47A6-8C7A-20499F4EAC12}] => (Allow) E:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert] FirewallRules: [{71BD6EC9-779D-4A09-ABAA-326C9E7948DD}] => (Allow) E:\SteamLibrary\steamapps\common\Ben and Ed - Blood Party\BaEBloodParty.exe () [Datei ist nicht signiert] FirewallRules: [{4944B0DB-3997-49C4-91E1-999DBBBAD006}] => (Allow) E:\SteamLibrary\steamapps\common\Ben and Ed - Blood Party\BaEBloodParty.exe () [Datei ist nicht signiert] FirewallRules: [{C85901DC-7D08-49B5-B1B7-F39EAD29C111}] => (Allow) E:\SteamLibrary\steamapps\common\Metro Exodus\MetroExodus.exe (4A Games) [Datei ist nicht signiert] FirewallRules: [{035C974D-16DC-427E-9B53-539F30082F3E}] => (Allow) E:\SteamLibrary\steamapps\common\Metro Exodus\MetroExodus.exe (4A Games) [Datei ist nicht signiert] FirewallRules: [{3FCC6D55-2710-4218-BE3E-230B8E87340E}] => (Allow) C:\Users\zigle\AppData\Local\Programs\Opera GX\100.0.4815.44\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{08D78649-4403-4CDB-94DB-01D0CEFB835E}] => (Allow) C:\Program Files (x86)\Overwolf\0.226.1.3\OverwolfBrowser.exe => Keine Datei FirewallRules: [{59DF131C-9E8B-4CCD-B171-FA1CF2D1F099}] => (Allow) C:\Program Files (x86)\Overwolf\0.226.1.3\OverwolfBrowser.exe => Keine Datei FirewallRules: [{9EA17089-1861-4D15-BB6C-34947D353C8F}] => (Block) C:\Program Files (x86)\Overwolf\0.226.1.3\OverwolfBrowser.exe => Keine Datei FirewallRules: [{AC5335C2-D817-4837-9934-57E5A8838380}] => (Block) C:\Program Files (x86)\Overwolf\0.226.1.3\OverwolfBrowser.exe => Keine Datei FirewallRules: [{3703FDA3-8BA7-4A14-88E6-A743E565B715}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.33\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{80487684-9616-428C-BAD7-84428CF52F84}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.33\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{EDEEF0AF-FEE6-43DC-BDEB-1DFF27E4F7E3}] => (Block) C:\Program Files (x86)\Overwolf\0.223.0.33\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{E27B2815-93F3-4850-B218-3CF86EF88665}] => (Block) C:\Program Files (x86)\Overwolf\0.223.0.33\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{C92516EF-5C47-420C-B753-65AFF63C0951}] => (Allow) C:\Program Files (x86)\Overwolf\0.228.0.20\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{B47A5ADF-9A3E-474D-A194-93FA6D74584F}] => (Allow) C:\Program Files (x86)\Overwolf\0.228.0.20\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{DCA04AD8-FF57-481A-B665-F8BB50EF6FE1}] => (Allow) E:\SteamLibrary\steamapps\common\DRAGON BALL Z KAKAROT\AT.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{EA4B1ECE-7039-4D2C-B441-D894734C9F38}] => (Allow) E:\SteamLibrary\steamapps\common\DRAGON BALL Z KAKAROT\AT.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{E3B49D5B-5C61-4A7C-B039-7430B2E39E27}] => (Allow) C:\Users\zigle\AppData\Local\Programs\Opera GX\100.0.4815.82\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{A9B421A3-A89E-40B0-BB43-4BF695699DB4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\UNO\uno.exe (Chengdu Ubisoft Software Co., Ltd. -> ) FirewallRules: [{9528608C-61BB-434C-B1D8-82E850A53D0A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\UNO\uno.exe (Chengdu Ubisoft Software Co., Ltd. -> ) FirewallRules: [{2FF3C705-EF27-41D0-9B5E-18E2EF5B736C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{A4E4A288-E695-4518-97B5-CFE22356E322}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{29540877-D493-4026-A995-B8A9110B03A5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23195.1506.2253.6778_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{39310446-BC0A-453E-946A-07B7CEA943AD}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23195.1506.2253.6778_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B7263FD7-934D-4DB0-9EE5-1A8897DF4FD7}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe (DOS SANTOS DA SILVA ALFREDO -> Carifred.com) FirewallRules: [{588AB9F0-E4A1-4783-AD64-969EC3819EB6}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe (DOS SANTOS DA SILVA ALFREDO -> Carifred.com) FirewallRules: [{4BF643BE-4DEA-4A8D-93E7-205AAC76EC02}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe (DOS SANTOS DA SILVA ALFREDO -> Carifred.com) ==================== Wiederherstellungspunkte ========================= 31-07-2023 16:42:26 Windows Update ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: Sonic Studio Virtual Mixer Description: Sonic Studio Virtual Mixer Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Nahimic Service: AVoluteSS3Vad Problem: : Windows cannot initialize the device driver for this hardware. (Code 37) Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (08/02/2023 01:06:17 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-OCHEK1J$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Wed, 02 Aug 2023 11:06:21 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: a3c04517-d393-43d8-9cf7-07d5297b0861 Methode: GET(171ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (08/02/2023 01:06:17 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Wed, 02 Aug 2023 11:06:20 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: e0eee93a-cfe4-4180-b3d8-add9267cfe25 Methode: GET(453ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (08/02/2023 06:53:12 AM) (Source: Application Error) (EventID: 1000) (User: NT-AUTORITÄT) Description: Name der fehlerhaften Anwendung: Razer Synapse Service.exe, Version: 1.0.0.0, Zeitstempel: 0x649bd367 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.22621.1992, Zeitstempel: 0xc2f771eb Ausnahmecode: 0xc0020001 Fehleroffset: 0x001484f2 ID des fehlerhaften Prozesses: 0x0x1b04 Startzeit der fehlerhaften Anwendung: 0x0x1d9c4cc74c95794 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll Berichtskennung: c614cb6b-ed0c-4c84-9cad-ba3f0d43bb85 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (08/02/2023 06:53:02 AM) (Source: CAM Service) (EventID: 1) (User: ) Description: request thread encountered an error: Failed to send result: io error: Die Pipe wird gerade geschlossen. (os error 232) Error: (08/02/2023 01:20:03 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-OCHEK1J) Description: Name der fehlerhaften Anwendung: kpm.exe, Version: 23.0.0.1051, Zeitstempel: 0x643d7727 Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.22621.1928, Zeitstempel: 0x4028fadc Ausnahmecode: 0xc0000005 Fehleroffset: 0x00043d75 ID des fehlerhaften Prozesses: 0x0x66ac Startzeit der fehlerhaften Anwendung: 0x0x1d9c4ceb0126fc9 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.0\kpm.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll Berichtskennung: c66fb3ef-3979-4492-97b5-034821399db9 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (08/02/2023 01:04:10 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-OCHEK1J$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Tue, 01 Aug 2023 23:04:14 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: c2a0fa11-02fb-4c7c-93df-4cc6fa94d5e1 Methode: GET(156ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (08/02/2023 01:04:10 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Tue, 01 Aug 2023 23:04:14 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 972b3e4b-fc65-4310-9074-70bf0919b4f6 Methode: GET(1016ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (08/02/2023 12:59:34 AM) (Source: Application Error) (EventID: 1000) (User: NT-AUTORITÄT) Description: Name der fehlerhaften Anwendung: Razer Synapse Service.exe, Version: 1.0.0.0, Zeitstempel: 0x649bd367 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.22621.1992, Zeitstempel: 0xc2f771eb Ausnahmecode: 0xc0020001 Fehleroffset: 0x001484f2 ID des fehlerhaften Prozesses: 0x0x1f70 Startzeit der fehlerhaften Anwendung: 0x0x1d9c4c7c102851d Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll Berichtskennung: 8386f13d-ba28-4096-a618-53960a7e1f1b Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (08/02/2023 01:08:48 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OCHEK1J) Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/02/2023 01:07:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (08/02/2023 01:07:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (08/02/2023 01:05:58 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT-AUTORITÄT) Description: Der Ereignisprotokollierungsdienst hat einen Fehler beim Initialisieren der Veröffentlichung von Ressourcen für Kanal "Nefarius-Drivers-HidHideClient/Diagnostic" erkannt. Falls ein direkter Kanal festgelegt ist, kann dies ein Hinweis darauf sein, dass auch das Protokollieren der Ressourcen nicht initialisiert werden konnte. Error: (08/02/2023 01:05:58 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT-AUTORITÄT) Description: Der Ereignisprotokollierungsdienst hat einen Fehler beim Initialisieren der Veröffentlichung von Ressourcen für Kanal "Nefarius-Drivers-HidHide/Diagnostic" erkannt. Falls ein direkter Kanal festgelegt ist, kann dies ein Hinweis darauf sein, dass auch das Protokollieren der Ressourcen nicht initialisiert werden konnte. Error: (08/02/2023 01:07:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OCHEK1J) Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (08/02/2023 01:03:53 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT-AUTORITÄT) Description: Der Ereignisprotokollierungsdienst hat einen Fehler beim Initialisieren der Veröffentlichung von Ressourcen für Kanal "Nefarius-Drivers-HidHideClient/Diagnostic" erkannt. Falls ein direkter Kanal festgelegt ist, kann dies ein Hinweis darauf sein, dass auch das Protokollieren der Ressourcen nicht initialisiert werden konnte. Error: (08/02/2023 01:03:53 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT-AUTORITÄT) Description: Der Ereignisprotokollierungsdienst hat einen Fehler beim Initialisieren der Veröffentlichung von Ressourcen für Kanal "Nefarius-Drivers-HidHide/Diagnostic" erkannt. Falls ein direkter Kanal festgelegt ist, kann dies ein Hinweis darauf sein, dass auch das Protokollieren der Ressourcen nicht initialisiert werden konnte. Windows Defender: ================ Date: 2023-08-02 01:48:40 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {AF4A550D-B587-48F0-B572-700023574E4B} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Event[0] Date: 2023-08-02 01:54:36 Description: Microsoft Defender Antivirus Ressourcenmonitor: Der Arbeitsspeicherverbrauch hat das Limit überschritten. Trefferanzahl: 50 Aktueller Schwellenwert: 3145780 Date: 2023-08-02 01:54:36 Description: Microsoft Defender Antivirus Ressourcenmonitor: Der Arbeitsspeicherverbrauch hat das Limit überschritten. Trefferanzahl: 49 Aktueller Schwellenwert: 3145780 Date: 2023-08-02 00:59:28 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.387.1965.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.20200.4 Fehlercode: 0x80072f8f Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten. Date: 2023-08-02 00:59:28 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.387.1965.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiSpyware Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.20200.4 Fehlercode: 0x80072f8f Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten. Date: 2023-08-02 00:59:28 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.387.1965.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.20200.4 Fehlercode: 0x80072f8f Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten. CodeIntegrity: =============== Date: 2023-08-02 13:09:47 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\com_antivirus.dll that did not meet the Windows signing level requirements. Date: 2023-08-02 13:08:35 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\com_antivirus.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 2423 08/10/2021 Hauptplatine: ASUSTeK COMPUTER INC. ROG STRIX B550-F GAMING Prozessor: AMD Ryzen 7 5800X 8-Core Processor Prozentuale Nutzung des RAM: 30% Installierter physikalischer RAM: 32682.69 MB Verfügbarer physikalischer RAM: 22552.89 MB Summe virtueller Speicher: 37546.69 MB Verfügbarer virtueller Speicher: 24404.05 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:221.58 GB) (Free:33.56 GB) (Model: KINGSTON SA400M8240G) NTFS Drive d: () (Fixed) (Total:929.87 GB) (Free:814.32 GB) (Model: Microsoft Storage Space Device) NTFS Drive e: (Volume) (Fixed) (Total:931.5 GB) (Free:73.18 GB) (Model: WD_BLACK SN850 1TB) NTFS \\?\Volume{7431e8b2-f7ba-481b-9eca-c95141dcc22d}\ (Windows RE tools) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS \\?\Volume{1487ec54-7e38-4cf1-a652-f2be4145d632}\ () (Fixed) (Total:0.64 GB) (Free:0.08 GB) NTFS \\?\Volume{fa1d6e09-fd90-480a-88b1-53b44e1d8096}\ () (Fixed) (Total:0.67 GB) (Free:0.21 GB) NTFS \\?\Volume{addba845-9620-47db-a7a6-09e3f0c0eae4}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. ==================== Ende von Addition.txt ======================= |
02.08.2023, 12:28 | #6 |
| Trojaner Trojan.Multi.BroSubsc.genCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-08-2023 durchgeführt von zigle (Administrator) auf DESKTOP-OCHEK1J (ASUS System Product Name) (02-08-2023 13:11:33) Gestartet von C:\Users\zigle\Downloads\FRST64 (1).exe Geladene Profile: zigle Plattform: Microsoft Windows 11 Home Version 22H2 22621.1992 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avpui.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.0\kpm_service.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.0\kpm.exe (C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5> (C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe (C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe (C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\CefSharp.BrowserSubprocess.exe <2> (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6> (C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe (C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.barraider.spotify.sdPlugin\com.barraider.spotify.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.barraider.wintools.sdPlugin\com.barraider.wintools.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.elgato.cpu.sdPlugin\cpu.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.exension.hwinfo.sdPlugin\hwinfo.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\tv.twitch.studio.sdPlugin\twitchstudiostreamdeck.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\StreamDeck\crashpad_handler.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.elgato.discord.sdPlugin\ESDDiscord.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Daniel Čejchan -> ) C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\cz.danol.discordmixer.sdPlugin\bin\streamdeck-discordmixer.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (The Qt Company Oy -> The Qt Company Ltd.) C:\Program Files\Elgato\StreamDeck\QtWebEngineProcess.exe <9> (C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServer.exe (C:\Program Files\Elgato\WaveLink\WaveLink.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\WaveLink\crashpad_handler.exe (C:\Program Files\Elgato\WaveLink\WaveLink.exe ->) (Corsair Memory, Inc. -> Elgato Systems) C:\Program Files\Elgato\WaveLink\AudioRoutingHelper.exe (C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Program Files\NZXT CAM\NZXT CAM.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\cam_helper.exe <3> (C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe (C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe (C:\Program Files\WindowsApps\MicrosoftTeams_23195.1506.2253.6778_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe <12> (C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.exension.hwinfo.sdPlugin\hwinfo.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.exension.hwinfo.sdPlugin\hwinfo-plugin.exe (C:\Users\zigle\Riot Games\Riot Client\RiotClientServices.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\Riot Games\Riot Client\RiotClientCrashHandler.exe (cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\plugins_nms.exe (cmd.exe ->) (Kaspersky Lab JSC -> Kaspersky Lab AO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.0\plugin-nm-server-v2.exe (Discord Inc. -> Discord Inc.) C:\Users\zigle\AppData\Local\Discord\app-1.0.9015\Discord.exe <6> (explorer.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe (explorer.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\WaveLink\WaveLinkSE.exe (explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc) C:\Program Files\Elgato\WaveLink\WaveLink.exe (explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18> (explorer.exe ->) (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe <5> (explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Users\zigle\Riot Games\Riot Client\RiotClientServices.exe (explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe (services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe (services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe <2> (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.0\kpm_service.exe (services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_14c40086f8e718c9\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe <2> (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21514.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21514.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe [1219312 2020-12-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3088744 2023-06-19] (Riot Games, Inc. -> Riot Games, Inc.) HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [185384 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13810512 2023-07-24] (SteelSeries ApS -> SteelSeries ApS) HKLM\...\Run: [Stream Deck] => C:\Program Files\Elgato\StreamDeck\StreamDeck.exe [18904136 2023-06-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [96280344 2023-04-19] (Discord Inc. -> Discord Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Opera GX Stable] => C:\Users\zigle\AppData\Local\Programs\Opera GX\launcher.exe [2658712 2023-07-19] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2672744 2023-07-23] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [162104256 2023-07-26] (NZXT, Inc. -> NZXT, Inc.) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13880288 2023-04-15] (GOG sp. z o.o -> GOG.com) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Spotify] => C:\Users\zigle\AppData\Roaming\Spotify\Spotify.exe [28257144 2023-07-22] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2023-07-16] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [EpicGamesLauncher] => E:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37134288 2023-06-03] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [MicrosoftEdgeAutoLaunch_24B02A7A179033EAE02E8246A105555E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-27] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3562248 2023-06-28] (Razer USA Ltd. -> Razer Inc.) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\zigle\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [4883864 2023-04-12] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4374376 2023-07-28] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Discord] => C:\Users\zigle\AppData\Local\Discord\Update.exe [1525016 2023-04-26] (Discord Inc. -> GitHub) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [RiotClient] => C:\Users\zigle\Riot Games\Riot Client\RiotClientServices.exe [70738344 2023-07-29] (Riot Games, Inc. -> Riot Games, Inc.) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Volume Controller SD plugin] => C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe [108072 2023-04-27] (Corsair Memory, Inc. -> ) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [WaveLinkSE] => C:\Program Files\Elgato\WaveLink\WaveLinkSE.exe [281128 2023-06-22] (Corsair Memory, Inc. -> ) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [GoogleChromeAutoLaunch_4AF148971660ED09CC41DC556DFB6C6E] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3217176 2023-07-25] (Google LLC -> Google LLC) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Wave Link] => C:\Program Files\Elgato\WaveLink\WaveLink.exe [12747304 2023-06-22] (Corsair Memory, Inc. -> Corsair Memory, Inc) HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3562248 2023-06-28] (Razer USA Ltd. -> Razer Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.110\Installer\chrmstp.exe [2023-07-27] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {D3CF8FAE-CF44-4D64-9E78-7678F02CE070} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [667832 2021-07-16] (Advanced Micro Devices INC. -> ) Task: {1EB13CEA-2872-4631-BEFA-E6B5CC5D20DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.) Task: {EE006EA2-09E0-42DD-B639-540A72F674CE} - System32\Tasks\GoogleUpdateTaskMachineCore{7C385CBA-F48D-49C4-B9D5-AEF18E0112C3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-24] (Google LLC -> Google LLC) Task: {B3202025-6BB8-46EF-A93D-8E48DB9D37AC} - System32\Tasks\GoogleUpdateTaskMachineUA{BE7438EE-75A2-40FB-AA82-DBA9C7D47D8F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-24] (Google LLC -> Google LLC) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Keine Datei) Task: {4266D1BA-2CEA-47AC-BB39-633553CD7713} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (Keine Datei) Task: {DAEC54AF-31A7-40B0-9177-BFF07FF35EA7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (Keine Datei) Task: {86B7AF3F-0CC5-4955-8C9C-28A7010F3256} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Keine Datei) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei) Task: {92673193-9309-4E67-9B61-A044F351DD7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {088C5423-69B0-4775-A557-0B9040363204} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {256654A2-EA97-4ECB-9C6B-93398BF4E87D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B0B05452-EE3B-4C46-8A23-3A0E0E48DD99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {58B3F0F3-E0CA-442B-A3FC-94F1FEE11FA3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [680352 2023-07-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {8B5E3F70-DFD1-4F50-9175-985D081C9D8C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-07-20] (Mozilla Corporation -> Mozilla Foundation) Task: {2CA32EC7-C1BC-407E-AB4A-1E4E953622F5} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe -minimized (Keine Datei) Task: {BC862C11-CEA0-49BF-9665-B49027C6C6FF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {899D1890-3000-4126-9B02-491C8EDA2095} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {1AF76F97-CBE7-4167-9E63-587753FE0752} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {88015FA6-DE22-47C4-BB86-32900BD74D36} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {03A7FF7B-8624-4C35-B334-F0D686A9CBA6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2CD0C0E7-C9F3-44A6-ABC2-D7EFBEAE4C78} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9225A746-9BCF-4585-AAAC-DBE530EB0B3C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {95135AAB-FEB1-4078-9EA4-0229CE00ED29} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DA3CF54B-EB70-4AFC-90F0-5F926413D6B4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0D3B71E4-CA7C-47CA-ACED-A8D887E0A0D1} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1652363055 => C:\Users\zigle\AppData\Local\Programs\Opera GX\launcher.exe [2658712 2023-07-19] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\zigle\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {C5C46718-4F9E-41AE-904D-B07F3F8B64A4} - System32\Tasks\Opera GX scheduled Autoupdate 1651537158 => C:\Users\zigle\AppData\Local\Programs\Opera GX\launcher.exe [2658712 2023-07-19] (Opera Norway AS -> Opera Software) Task: {60C7FF46-54C6-4D52-BEF1-94D84867356A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641416 2023-07-16] (Overwolf Ltd -> Overwolf LTD) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{742362d5-c3d6-47d3-83ff-6220211b168e}: [NameServer] 198.51.100.1,198.51.100.2 Tcpip\..\Interfaces\{817fd5d5-0c3a-4e30-8218-48898ab1503d}: [DhcpNameServer] 192.168.178.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\zigle\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-21] Edge Extension: (Google Docs Offline) - C:\Users\zigle\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-21] Edge Extension: (Netflix Party is now Teleparty) - C:\Users\zigle\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\igbncjcgfkfnfgbaieiimpfkobabmkce [2023-07-21] Edge Extension: (Edge relevant text changes) - C:\Users\zigle\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-07] FireFox: ======== FF DefaultProfile: k3pd7ate.default FF ProfilePath: C:\Users\zigle\AppData\Roaming\Mozilla\Firefox\Profiles\k3pd7ate.default [2023-04-23] FF ProfilePath: C:\Users\zigle\AppData\Roaming\Mozilla\Firefox\Profiles\wphyptpm.default-release [2023-07-20] FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\zigle\AppData\Roaming\Mozilla\Firefox\Profiles\wphyptpm.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-07-20] FF Extension: (Metastream Remote) - C:\Users\zigle\AppData\Roaming\Mozilla\Firefox\Profiles\wphyptpm.default-release\Extensions\{da2b93f0-35d5-461e-9bc7-6ba10aef1af4}.xpi [2022-04-13] FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-04-24] <==== ACHTUNG (Zeigt auf eine *.cfg Datei) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-04-24] <==== ACHTUNG Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default [2023-08-02] CHR Notifications: Default -> hxxps://csgo500.com; hxxps://key-drop.com; hxxps://www.auto-motor-und-sport.de; hxxps://www.film.at; hxxps://www.g2a.com; hxxps://www.giga.de; hxxps://www.instagram.com; hxxps://www.netflix.com; hxxps://www.sport.de; hxxps://www.youtube.com CHR HomePage: Default -> hxxps://www.youtube.com/ CHR StartupUrls: Default -> "hxxp://www.awesomehp.com/?type=hp&ts=1393083159&from=vtt&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41A733318533185","hxxp://www.awesomehp.com/?type=hp&ts=1393788474&from=adks&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41A733318533185" CHR Extension: (Kaspersky Protection) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-06-11] CHR Extension: (BetterTTV) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-07-26] CHR Extension: (Honey: Automatische Coupons & Prämien) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-07-03] CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-07-25] CHR Extension: (Watch2Gether) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2023-06-16] CHR Extension: (Steam Inventory Helper) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2023-07-31] CHR Extension: (Kaspersky Password Manager) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2023-07-26] CHR Extension: (Metastream Remote) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakegmdomhmegokfomgmkbopjibonfcp [2022-07-23] CHR Extension: (Prime Party Extended) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcngjpblanflfmbkdkheajgobilapkfa [2023-04-29] CHR Extension: (Google Docs Offline) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-20] CHR Extension: (CSGOFloat Market Checker) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjicbefpemnphinccgikpdaagjebbnhg [2023-07-03] CHR Extension: (Instant Gaming) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbnoedlobifdhbpjkcfhcbdcjhampmne [2023-07-27] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-24] CHR Extension: (Netflix Party is now Teleparty) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2023-07-28] CHR Profile: C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-12-26] CHR Profile: C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-12-26] CHR Extension: (Google Docs Offline) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-25] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-02] CHR Profile: C:\Users\zigle\AppData\Local\Google\Chrome\User Data\System Profile [2022-12-26] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-568267705-2125286131-1783018927-1001) Opera GXStable - "C:\Users\zigle\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe [457544 2022-10-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2022-10-05] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1134480 2023-08-02] (ASUSTeK Computer Inc. -> ) R2 AVP21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 brlapi; C:\WINDOWS\brltty\bin\brltty.exe [1016846 2023-05-07] (Microsoft Windows -> ) R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe [652736 2023-07-26] (NZXT, Inc. -> ) R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [614432 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [238632 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [84008 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) S2 CorsairUniwillService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueUniwillService.exe [108072 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [215352 2020-08-14] (DTS, Inc. -> DTS Inc.) S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11511912 2023-07-23] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-06-07] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-12-09] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-05-13] (Epic Games Inc. -> Epic Games, Inc.) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [343808 2022-05-12] (FUTUREMARK INC -> Futuremark) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348000 2023-04-15] (GOG sp. z o.o -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-04-15] (GOG sp. z o.o -> GOG.com) S3 iCUEDevicePluginHost; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe [462888 2023-01-20] (Corsair Memory, Inc. -> Corsair) S3 klvssbridge64_21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\vssbridge64.exe [501008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 kpm_service_23.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 23.0\kpm_service.exe [515856 2023-04-17] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 KSDE5.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-04-08] (Logitech Inc -> Logitech) R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1920152 2021-11-01] (A-Volute SAS -> Nahimic) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641416 2023-07-16] (Overwolf Ltd -> Overwolf LTD) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2023-05-21] (Even Balance, Inc. -> ) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2001320 2023-06-14] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [510896 2023-06-14] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc) R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [297736 2023-06-28] (Razer USA Ltd. -> Razer Inc.) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2196464 2023-03-04] (Rockstar Games, Inc. -> Rockstar Games) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2023-04-19] (Razer USA Ltd. -> Razer Inc.) S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [37712 2023-07-24] (SteelSeries ApS -> ) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11047944 2023-06-19] (Riot Games, Inc. -> Riot Games, Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_14c40086f8e718c9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_14c40086f8e718c9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-10-05] (ASUSTeK Computer Inc. -> ) R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43160 2022-10-05] (ASUSTeK Computer Inc. -> ) S3 AVoluteSS3Vad; C:\WINDOWS\System32\drivers\AVoluteSS3Vad.sys [93672 2021-10-14] (A-Volute -> Windows (R) Win 7 DDK provider) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2023-05-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-05-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert] R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [240264 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63008 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [47032 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22968 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) R3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43568 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [32296 2023-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.) R3 e2fexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2f.inf_amd64_2d5cb0c750512550\e2f.sys [536168 2022-07-18] (Intel Corporation -> Intel Corporation) R3 ElgatoUsbAudio; C:\WINDOWS\System32\drivers\ElgatoUsbAudio.sys [428584 2023-06-21] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 ElgatoUsbAudioks; C:\WINDOWS\System32\drivers\ElgatoUsbAudioks.sys [55336 2023-06-21] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 ElgatoUsbAudio_mixer; C:\WINDOWS\System32\drivers\ElgatoUsbAudio_mixer.sys [46632 2023-06-21] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 ElgatoVirtUsbAudioEmu; C:\WINDOWS\System32\drivers\ElgatoVirtUsbAudioEmu.sys [97352 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> ToriLogic GmbH & Co. KG) R3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [45248 2023-05-17] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R3 HidHide; C:\WINDOWS\System32\drivers\HidHide.sys [61408 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.) R1 klbackupdisk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klbackupdisk.sys [112936 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupflt.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klbackupflt.sys [234216 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kldisk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\kldisk.sys [125736 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [53576 2023-04-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> AO Kaspersky Lab) R1 klflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klflt.sys [548072 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klgse.sys [729136 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klhk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klhk.sys [1822784 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids.Kaspersky4Win-21-13; C:\ProgramData\Kaspersky Lab\AVP21.13\Bases\klids.sys [235704 2023-06-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klif.sys [1163544 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98552 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klkbdflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klkbdflt.sys [115960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klmouflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klmouflt.sys [113448 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klpd.sys [80672 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klpnpflt.sys [98040 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [86776 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_Kaspersky4Win-21-13_arkmon; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_arkmon.sys [369432 2023-07-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_Kaspersky4Win-21-13_klark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_klark.sys [351912 2023-07-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_Kaspersky4Win-21-13_klbg; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_klbg.sys [179816 2023-07-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_Kaspersky4Win-21-13_mark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_mark.sys [260512 2023-07-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwfp.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klwfp.sys [179960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtp.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klwtp.sys [415480 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\kneps.sys [340208 2023-06-07] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.) R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc) R3 RzDev_00b6; C:\WINDOWS\System32\drivers\RzDev_00b6.sys [63200 2022-06-08] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0257; C:\WINDOWS\System32\drivers\RzDev_0257.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [43472 2023-04-17] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS) R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation) R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider) R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [23403712 2023-06-19] (Riot Games, Inc. -> Riot Games, Inc.) R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2023-08-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-08-02] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-08-02] (Microsoft Windows -> Microsoft Corporation) R2 WinRing0x64; C:\WINDOWS\System32\Drivers\WinRing0x64.sys [14544 2023-05-17] (Noriyuki MIYAZAKI -> OpenLibSys.org) S3 HWiNFO_167; \??\C:\Users\zigle\AppData\Local\Temp\HWiNFO64A_167.SYS [X] <==== ACHTUNG S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-08-02 13:11 - 2023-08-02 13:12 - 000048543 _____ C:\Users\zigle\Downloads\FRST.txt 2023-08-02 13:11 - 2023-08-02 13:11 - 000000000 ____D C:\FRST 2023-08-02 13:10 - 2023-08-02 13:10 - 002700800 _____ (Farbar) C:\Users\zigle\Downloads\FRST64 (1).exe 2023-08-02 13:09 - 2023-08-02 13:09 - 002700800 _____ (Farbar) C:\Users\zigle\Downloads\Nicht bestätigt 294853.crdownload 2023-08-02 02:00 - 2023-08-02 02:00 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2023-08-02 01:16 - 2023-08-02 01:20 - 000000000 ____D C:\Program Files\UVK - Ultra Virus Killer 2023-08-02 01:16 - 2023-08-02 01:16 - 000001847 _____ C:\Users\Public\Desktop\UVK - Ultra Virus Killer.lnk 2023-08-02 01:16 - 2023-08-02 01:16 - 000000000 ____D C:\ProgramData\UVK 2023-08-02 01:16 - 2023-08-02 01:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer 2023-08-02 01:15 - 2023-08-02 01:15 - 005331520 _____ (CHIP Digital GmbH) C:\Users\zigle\Downloads\Ultra Virus Killer - CHIP Installer _wEEBx.exe 2023-08-02 01:10 - 2023-08-02 01:10 - 000758838 _____ C:\WINDOWS\system32\perfh007.dat 2023-08-02 01:10 - 2023-08-02 01:10 - 000157058 _____ C:\WINDOWS\system32\perfc007.dat 2023-08-02 00:34 - 2023-08-02 00:34 - 105470120 _____ (AO Kaspersky Lab) C:\Users\zigle\Downloads\kvrt (2).exe 2023-07-21 19:25 - 2023-07-21 19:25 - 000000000 ____D C:\Users\zigle\OneDrive\Dokumente\DyingLight 2023-07-20 23:40 - 2023-07-22 11:41 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-07-18 22:03 - 2023-07-14 09:13 - 000848952 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2023-07-18 22:03 - 2023-07-14 09:13 - 000848952 _____ C:\WINDOWS\system32\vulkaninfo.exe 2023-07-18 22:03 - 2023-07-14 09:13 - 000713776 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2023-07-18 22:03 - 2023-07-14 09:13 - 000713776 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2023-07-18 22:03 - 2023-07-14 09:12 - 001226776 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2023-07-18 22:03 - 2023-07-14 09:12 - 000653408 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2023-07-18 22:03 - 2023-07-14 09:12 - 000653408 _____ C:\WINDOWS\system32\vulkan-1.dll 2023-07-18 22:03 - 2023-07-14 09:12 - 000637024 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2023-07-18 22:03 - 2023-07-14 09:12 - 000637024 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2023-07-18 22:03 - 2023-07-14 09:08 - 000669184 _____ C:\WINDOWS\system32\nvofapi64.dll 2023-07-18 22:03 - 2023-07-14 09:08 - 000503832 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2023-07-18 22:03 - 2023-07-14 09:07 - 002167792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2023-07-18 22:03 - 2023-07-14 09:07 - 001622016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2023-07-18 22:03 - 2023-07-14 09:07 - 001538088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2023-07-18 22:03 - 2023-07-14 09:07 - 001194992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2023-07-18 22:03 - 2023-07-14 09:07 - 000992240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2023-07-18 22:03 - 2023-07-14 09:07 - 000776688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2023-07-18 22:03 - 2023-07-14 09:07 - 000769024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2023-07-18 22:03 - 2023-07-14 09:06 - 012066328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2023-07-18 22:03 - 2023-07-14 09:06 - 000459288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2023-07-18 22:03 - 2023-07-14 09:05 - 014520832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2023-07-18 22:03 - 2023-07-14 09:05 - 006190632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2023-07-18 22:03 - 2023-07-14 09:05 - 005844976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2023-07-18 22:03 - 2023-07-14 09:05 - 005550632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2023-07-18 22:03 - 2023-07-14 09:05 - 003482648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2023-07-18 22:03 - 2023-07-14 09:05 - 000852976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2023-07-18 22:03 - 2023-07-13 06:45 - 000108142 _____ C:\WINDOWS\system32\nvinfo.pb 2023-07-13 02:55 - 2023-07-13 02:57 - 000000000 ___HD C:\$WinREAgent ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-08-02 13:10 - 2022-10-22 15:41 - 000000000 ____D C:\ProgramData\NVIDIA 2023-08-02 13:08 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-08-02 13:08 - 2022-04-27 22:31 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2023-08-02 13:08 - 2022-02-24 18:42 - 000000000 ____D C:\Program Files (x86)\Google 2023-08-02 13:07 - 2023-06-15 16:34 - 000000000 ____D C:\Users\zigle\AppData\Local\Discord 2023-08-02 13:07 - 2022-02-24 19:08 - 000000000 ____D C:\Users\zigle\AppData\Roaming\discord 2023-08-02 13:07 - 2022-02-24 19:05 - 000000000 ____D C:\Program Files (x86)\Steam 2023-08-02 13:06 - 2023-04-23 21:58 - 004120032 _____ C:\WINDOWS\SysWOW64\AppRulesStorage-wal 2023-08-02 13:06 - 2023-04-23 21:58 - 000032768 _____ C:\WINDOWS\SysWOW64\DnsStorage-shm 2023-08-02 13:06 - 2023-04-23 21:58 - 000032768 _____ C:\WINDOWS\SysWOW64\AppRulesStorage-shm 2023-08-02 13:06 - 2022-06-25 18:28 - 000000000 ____D C:\Users\zigle\AppData\Roaming\NZXT CAM 2023-08-02 13:06 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-08-02 13:05 - 2023-05-07 14:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-08-02 13:05 - 2022-02-24 18:12 - 001173024 _____ C:\WINDOWS\system32\wpbbin.exe 2023-08-02 13:05 - 2022-02-24 18:12 - 001134480 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe 2023-08-02 13:05 - 2022-02-24 18:12 - 000012288 ___SH C:\DumpStack.log.tmp 2023-08-02 06:53 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-08-02 01:20 - 2022-02-24 19:04 - 000000000 ____D C:\Users\zigle\AppData\Local\CrashDumps 2023-08-02 01:14 - 2022-02-24 18:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-08-02 01:10 - 2023-05-07 14:11 - 001754660 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-08-02 01:10 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF 2023-08-02 00:59 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2023-08-02 00:59 - 2022-02-24 21:03 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2023-08-02 00:41 - 2022-10-22 15:44 - 000000000 ____D C:\Users\zigle\AppData\Local\D3DSCache 2023-08-02 00:34 - 2023-04-23 21:39 - 000000000 ____D C:\KVRT2020_Data 2023-08-02 00:29 - 2023-05-07 14:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-08-01 23:29 - 2023-05-07 14:09 - 000004002 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{BE7438EE-75A2-40FB-AA82-DBA9C7D47D8F} 2023-08-01 23:29 - 2023-05-07 14:09 - 000003878 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{7C385CBA-F48D-49C4-B9D5-AEF18E0112C3} 2023-08-01 18:19 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps 2023-08-01 18:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-08-01 17:54 - 2023-05-07 14:12 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-568267705-2125286131-1783018927-1001 2023-08-01 17:54 - 2023-05-07 14:12 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-568267705-2125286131-1783018927-1001 2023-08-01 17:54 - 2023-05-07 14:12 - 000002395 _____ C:\Users\zigle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-07-30 03:04 - 2023-05-01 21:27 - 000000000 ____D C:\Users\zigle\AppData\Roaming\steelseries-gg-client 2023-07-29 17:24 - 2022-02-24 18:13 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-07-29 17:24 - 2022-02-24 18:13 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-07-28 23:24 - 2022-09-09 18:45 - 000000000 ____D C:\Users\zigle\AppData\Local\Spotify 2023-07-28 23:23 - 2022-09-09 18:45 - 000000000 ____D C:\Users\zigle\AppData\Roaming\Spotify 2023-07-27 23:12 - 2023-05-07 14:04 - 000000000 ____D C:\Users\zigle 2023-07-27 21:28 - 2022-02-24 18:42 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-07-27 21:28 - 2022-02-24 18:42 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-07-27 21:05 - 2022-04-26 15:36 - 000000000 ____D C:\Users\zigle\AppData\Local\Ubisoft Game Launcher 2023-07-27 16:22 - 2023-05-18 11:55 - 000000000 ____D C:\WINDOWS\Minidump 2023-07-27 16:15 - 2022-06-25 18:28 - 000000000 ____D C:\Program Files\NZXT CAM 2023-07-26 21:50 - 2022-04-21 18:56 - 000000000 ____D C:\Users\zigle\AppData\Local\Battle.net 2023-07-25 21:22 - 2022-02-24 18:45 - 000000000 ____D C:\ProgramData\Package Cache 2023-07-24 15:49 - 2023-05-07 14:09 - 000004244 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1651537158 2023-07-24 15:49 - 2022-05-03 02:19 - 000001434 _____ C:\Users\zigle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk 2023-07-22 11:51 - 2022-04-21 18:55 - 000000000 ____D C:\Program Files (x86)\Battle.net 2023-07-22 11:41 - 2022-04-13 23:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-07-21 22:29 - 2022-02-24 19:09 - 000000000 ____D C:\Users\zigle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2023-07-21 20:03 - 2022-03-18 12:34 - 000000000 ____D C:\Users\zigle\AppData\Roaming\WeMod 2023-07-21 19:44 - 2022-03-18 12:34 - 000000000 ____D C:\Users\zigle\AppData\Local\WeMod 2023-07-21 19:44 - 2022-02-24 19:08 - 000000000 ____D C:\Users\zigle\AppData\Local\SquirrelTemp 2023-07-21 17:57 - 2023-04-19 23:20 - 000002034 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk 2023-07-21 17:57 - 2022-05-24 12:14 - 000002354 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Breitbandmessung.lnk 2023-07-21 17:57 - 2022-04-28 22:15 - 000000000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCUE.lnk 2023-07-21 17:57 - 2022-04-27 21:40 - 000000000 ____D C:\ProgramData\Riot Games 2023-07-21 14:15 - 2022-04-13 23:24 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-07-21 14:12 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-07-20 19:39 - 2023-01-15 03:39 - 000000000 ____D C:\Program Files (x86)\Overwolf 2023-07-18 22:07 - 2022-10-22 15:42 - 000000000 ____D C:\Users\zigle\AppData\Local\NVIDIA 2023-07-18 00:05 - 2023-04-23 21:58 - 000012288 _____ C:\WINDOWS\SysWOW64\AppRulesStorage 2023-07-14 09:12 - 2023-04-21 15:58 - 001487912 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2023-07-14 09:08 - 2023-06-05 18:23 - 000933912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2023-07-14 09:03 - 2023-04-21 15:58 - 007858064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2023-07-14 09:03 - 2023-04-21 15:58 - 006738032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2023-07-13 19:23 - 2022-02-26 21:05 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-07-13 19:21 - 2022-02-26 21:05 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-07-13 19:16 - 2023-05-07 14:02 - 000305136 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\DDFs 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-07-13 03:00 - 2023-05-07 14:05 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-07-12 14:58 - 2023-05-07 14:09 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-07-12 14:58 - 2023-05-07 14:09 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-07-10 16:47 - 2022-08-03 15:02 - 000000000 ____D C:\WINDOWS\system32\SteelSeries 2023-07-06 15:34 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2023-07-05 16:30 - 2022-05-17 17:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2023-07-05 16:29 - 2023-03-24 00:17 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2022-05-09 21:37 - 2022-09-05 15:32 - 000000032 _____ () C:\Users\zigle\AppData\Roaming\.machineId 2022-06-07 16:19 - 2022-06-07 16:19 - 000005219 _____ () C:\Users\zigle\AppData\Roaming\58870330-99e9-4363-a120-dc7ddf4fb758.tmp 2022-09-19 22:25 - 2022-09-19 22:25 - 000003918 _____ () C:\Users\zigle\AppData\Local\2360354350 2022-11-26 23:40 - 2022-11-26 23:40 - 000007605 _____ () C:\Users\zigle\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
02.08.2023, 12:33 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Trojan.Multi.BroSubsc.gen Deinstalliere Kaspersky. Dieser Krempel ist unnötig bis kontraproduktiv. Ich versteh nicht warum immer noch so viele Leute so einen Unsinn kaufen und installieren. Es muss doch langsam mal angekommen sein, dass in Windows schon seit über 10 Jahren der Windows Defender festeingebaut ist. Nach der Deinstallation bitte mit adwCleaner weitermachen: adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner bitte wiederholen falls es Funde gab.
__________________ Logfiles bitte immer in CODE-Tags posten |
02.08.2023, 13:05 | #8 |
| Trojaner Trojan.Multi.BroSubsc.gen Ok Danke mache ich sofort ja ganz ehrlich gab halt ein gutes angebot dachte ich mach das mal ist denn jetzt eigentlich mein PC von dem trojaner bereinigt ? Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2023-07-19.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 08-02-2023 # Duration: 00:00:01 # OS: Windows 11 (Build 22621.1992) # Cleaned: 10 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Lavasoft\Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKLM\Software\Wow6432Node\IOBIT\ASC Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** Deleted hxxp://www.awesomehp.com/?type=hp&ts=1393083159&from=vtt&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41A733318533185 Deleted hxxp://www.awesomehp.com/?type=hp&ts=1393788474&from=adks&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41A733318533185 ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [2327 octets] - [02/08/2023 14:01:40] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2023-07-19.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 08-02-2023 # Duration: 00:00:00 # OS: Windows 11 (Build 22621.1992) # Cleaned: 2 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** Deleted hxxp://www.awesomehp.com/?type=hp&ts=1393083159&from=vtt&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41A733318533185 Deleted hxxp://www.awesomehp.com/?type=hp&ts=1393788474&from=adks&uid=WDCXWD5000LPVX-22V0TT0_WD-WX41A733318533185 ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [2327 octets] - [02/08/2023 14:01:40] AdwCleaner[C00].txt - [2331 octets] - [02/08/2023 14:01:48] AdwCleaner[S01].txt - [1784 octets] - [02/08/2023 14:03:38] AdwCleaner[S02].txt - [1845 octets] - [02/08/2023 14:04:12] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ########## |
02.08.2023, 13:58 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Trojan.Multi.BroSubsc.gen Ist Kaspersky jetzt weg? Bitte adwCleaner nochmal wiederholen.
__________________ Logfiles bitte immer in CODE-Tags posten |
02.08.2023, 18:08 | #10 |
| Trojaner Trojan.Multi.BroSubsc.gen Ja Kaspersky ist weg. Also nach einem scan wird nichts mehr gefunden die sachen in der quarantäne kann ich löschen ? Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2023-07-19.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 08-02-2023 # Duration: 00:00:04 # OS: Windows 11 (Build 22621.1992) # Scanned: 32109 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. AdwCleaner[S00].txt - [2327 octets] - [02/08/2023 14:01:40] AdwCleaner[C00].txt - [2331 octets] - [02/08/2023 14:01:48] AdwCleaner[S01].txt - [1784 octets] - [02/08/2023 14:03:38] AdwCleaner[S02].txt - [1845 octets] - [02/08/2023 14:04:12] AdwCleaner[C02].txt - [1997 octets] - [02/08/2023 14:04:21] AdwCleaner[S03].txt - [1725 octets] - [02/08/2023 14:05:20] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ########## Geändert von qFLASCHp (02.08.2023 um 18:20 Uhr) |
03.08.2023, 07:50 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Trojan.Multi.BroSubsc.gen Dann bitte jetzt neue FRST-Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
03.08.2023, 15:40 | #12 |
| Trojaner Trojan.Multi.BroSubsc.genCode:
ATTFilter ntersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-08-2023 durchgeführt von zigle (Administrator) auf DESKTOP-OCHEK1J (ASUS System Product Name) (03-08-2023 16:32:43) Gestartet von C:\Users\zigle\Downloads\FRST64 (1).exe Geladene Profile: zigle Plattform: Microsoft Windows 11 Home Version 22H2 22621.1992 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe (C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5> (C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe (C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe (C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\CefSharp.BrowserSubprocess.exe <2> (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6> (C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe (C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.barraider.spotify.sdPlugin\com.barraider.spotify.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.barraider.wintools.sdPlugin\com.barraider.wintools.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.elgato.cpu.sdPlugin\cpu.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.exension.hwinfo.sdPlugin\hwinfo.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\tv.twitch.studio.sdPlugin\twitchstudiostreamdeck.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Elgato\StreamDeck\crashpad_handler.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.elgato.discord.sdPlugin\ESDDiscord.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (Daniel Čejchan -> ) C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\cz.danol.discordmixer.sdPlugin\bin\streamdeck-discordmixer.exe (C:\Program Files\Elgato\StreamDeck\StreamDeck.exe ->) (The Qt Company Oy -> The Qt Company Ltd.) C:\Program Files\Elgato\StreamDeck\QtWebEngineProcess.exe <9> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Program Files\NZXT CAM\NZXT CAM.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\cam_helper.exe <3> (C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe (C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe (C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.exension.hwinfo.sdPlugin\hwinfo.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\com.exension.hwinfo.sdPlugin\hwinfo-plugin.exe (C:\Users\zigle\Riot Games\Riot Client\RiotClientServices.exe ->) () [Datei ist nicht signiert] C:\Users\zigle\Riot Games\Riot Client\RiotClientCrashHandler.exe (Discord Inc. -> Discord Inc.) C:\Users\zigle\AppData\Local\Discord\app-1.0.9015\Discord.exe <7> (explorer.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13> (explorer.exe ->) (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe <5> (explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe (explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Riot Games, Inc. -> Riot Games, Inc.) C:\Users\zigle\Riot Games\Riot Client\RiotClientServices.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe (services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe (services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_14c40086f8e718c9\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe <2> (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SpaceAgent.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe (svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe [1219312 2020-12-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3088744 2023-06-19] (Riot Games, Inc. -> Riot Games, Inc.) HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [185384 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13810512 2023-07-24] (SteelSeries ApS -> SteelSeries ApS) HKLM\...\Run: [Stream Deck] => C:\Program Files\Elgato\StreamDeck\StreamDeck.exe [18904136 2023-06-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [96280344 2023-04-19] (Discord Inc. -> Discord Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Opera GX Stable] => C:\Users\zigle\AppData\Local\Programs\Opera GX\launcher.exe [2658712 2023-07-19] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2672744 2023-07-23] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [162104256 2023-07-26] (NZXT, Inc. -> NZXT, Inc.) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13880288 2023-04-15] (GOG sp. z o.o -> GOG.com) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Spotify] => C:\Users\zigle\AppData\Roaming\Spotify\Spotify.exe [28257144 2023-07-22] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2023-07-16] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [EpicGamesLauncher] => E:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37134288 2023-06-03] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [MicrosoftEdgeAutoLaunch_24B02A7A179033EAE02E8246A105555E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-27] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3562248 2023-06-28] (Razer USA Ltd. -> Razer Inc.) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\zigle\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [4883864 2023-04-12] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4374376 2023-07-28] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Discord] => C:\Users\zigle\AppData\Local\Discord\Update.exe [1525016 2023-04-26] (Discord Inc. -> GitHub) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [RiotClient] => C:\Users\zigle\Riot Games\Riot Client\RiotClientServices.exe [70738344 2023-08-03] (Riot Games, Inc. -> Riot Games, Inc.) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Volume Controller SD plugin] => C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServerWatcher.exe [108072 2023-04-27] (Corsair Memory, Inc. -> ) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [WaveLinkSE] => C:\Program Files\Elgato\WaveLink\WaveLinkSE.exe [281128 2023-06-22] (Corsair Memory, Inc. -> ) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [GoogleChromeAutoLaunch_4AF148971660ED09CC41DC556DFB6C6E] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [3217176 2023-07-25] (Google LLC -> Google LLC) HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Run: [Wave Link] => C:\Program Files\Elgato\WaveLink\WaveLink.exe [12747304 2023-06-22] (Corsair Memory, Inc. -> Corsair Memory, Inc) HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3562248 2023-06-28] (Razer USA Ltd. -> Razer Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.110\Installer\chrmstp.exe [2023-07-27] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {D3CF8FAE-CF44-4D64-9E78-7678F02CE070} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [667832 2021-07-16] (Advanced Micro Devices INC. -> ) Task: {1EB13CEA-2872-4631-BEFA-E6B5CC5D20DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.) Task: {EE006EA2-09E0-42DD-B639-540A72F674CE} - System32\Tasks\GoogleUpdateTaskMachineCore{7C385CBA-F48D-49C4-B9D5-AEF18E0112C3} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-24] (Google LLC -> Google LLC) Task: {B3202025-6BB8-46EF-A93D-8E48DB9D37AC} - System32\Tasks\GoogleUpdateTaskMachineUA{BE7438EE-75A2-40FB-AA82-DBA9C7D47D8F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-24] (Google LLC -> Google LLC) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Keine Datei) Task: {4266D1BA-2CEA-47AC-BB39-633553CD7713} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (Keine Datei) Task: {DAEC54AF-31A7-40B0-9177-BFF07FF35EA7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (Keine Datei) Task: {86B7AF3F-0CC5-4955-8C9C-28A7010F3256} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Keine Datei) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei) Task: {DE3199F0-DBE7-4118-8372-86620F55719D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5699FFBE-D319-4B74-8923-C48DBEB5781D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DC666EB9-A066-4EA8-AC9E-E497B17E5A26} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {966CFC38-04D7-4EDB-9D6D-C32546716668} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {58B3F0F3-E0CA-442B-A3FC-94F1FEE11FA3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [680352 2023-07-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {8B5E3F70-DFD1-4F50-9175-985D081C9D8C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-07-20] (Mozilla Corporation -> Mozilla Foundation) Task: {2CA32EC7-C1BC-407E-AB4A-1E4E953622F5} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe -minimized (Keine Datei) Task: {BC862C11-CEA0-49BF-9665-B49027C6C6FF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {899D1890-3000-4126-9B02-491C8EDA2095} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {1AF76F97-CBE7-4167-9E63-587753FE0752} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {88015FA6-DE22-47C4-BB86-32900BD74D36} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {03A7FF7B-8624-4C35-B334-F0D686A9CBA6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2CD0C0E7-C9F3-44A6-ABC2-D7EFBEAE4C78} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9225A746-9BCF-4585-AAAC-DBE530EB0B3C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {95135AAB-FEB1-4078-9EA4-0229CE00ED29} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DA3CF54B-EB70-4AFC-90F0-5F926413D6B4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0D3B71E4-CA7C-47CA-ACED-A8D887E0A0D1} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1652363055 => C:\Users\zigle\AppData\Local\Programs\Opera GX\launcher.exe [2658712 2023-07-19] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\zigle\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {C5C46718-4F9E-41AE-904D-B07F3F8B64A4} - System32\Tasks\Opera GX scheduled Autoupdate 1651537158 => C:\Users\zigle\AppData\Local\Programs\Opera GX\launcher.exe [2658712 2023-07-19] (Opera Norway AS -> Opera Software) Task: {60C7FF46-54C6-4D52-BEF1-94D84867356A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641416 2023-07-16] (Overwolf Ltd -> Overwolf LTD) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{742362d5-c3d6-47d3-83ff-6220211b168e}: [NameServer] 198.51.100.1,198.51.100.2 Tcpip\..\Interfaces\{817fd5d5-0c3a-4e30-8218-48898ab1503d}: [DhcpNameServer] 192.168.178.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\zigle\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-02] Edge Extension: (Google Docs Offline) - C:\Users\zigle\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-21] Edge Extension: (Netflix Party is now Teleparty) - C:\Users\zigle\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\igbncjcgfkfnfgbaieiimpfkobabmkce [2023-08-02] Edge Extension: (Edge relevant text changes) - C:\Users\zigle\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-02] FireFox: ======== FF DefaultProfile: k3pd7ate.default FF ProfilePath: C:\Users\zigle\AppData\Roaming\Mozilla\Firefox\Profiles\k3pd7ate.default [2023-04-23] FF ProfilePath: C:\Users\zigle\AppData\Roaming\Mozilla\Firefox\Profiles\wphyptpm.default-release [2023-07-20] FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\zigle\AppData\Roaming\Mozilla\Firefox\Profiles\wphyptpm.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-07-20] FF Extension: (Metastream Remote) - C:\Users\zigle\AppData\Roaming\Mozilla\Firefox\Profiles\wphyptpm.default-release\Extensions\{da2b93f0-35d5-461e-9bc7-6ba10aef1af4}.xpi [2022-04-13] FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default [2023-08-03] CHR Notifications: Default -> hxxps://csgo500.com; hxxps://key-drop.com; hxxps://www.auto-motor-und-sport.de; hxxps://www.film.at; hxxps://www.g2a.com; hxxps://www.giga.de; hxxps://www.instagram.com; hxxps://www.netflix.com; hxxps://www.sport.de; hxxps://www.youtube.com CHR HomePage: Default -> hxxps://www.youtube.com/ CHR Extension: (BetterTTV) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-07-26] CHR Extension: (Honey: Automatische Coupons & Prämien) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-07-03] CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-07-25] CHR Extension: (Watch2Gether) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2023-06-16] CHR Extension: (Steam Inventory Helper) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2023-07-31] CHR Extension: (Kaspersky Password Manager) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2023-07-26] CHR Extension: (Metastream Remote) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakegmdomhmegokfomgmkbopjibonfcp [2022-07-23] CHR Extension: (Prime Party Extended) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcngjpblanflfmbkdkheajgobilapkfa [2023-04-29] CHR Extension: (Google Docs Offline) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-20] CHR Extension: (CSFloat Market Checker) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjicbefpemnphinccgikpdaagjebbnhg [2023-08-03] CHR Extension: (Instant Gaming) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbnoedlobifdhbpjkcfhcbdcjhampmne [2023-08-02] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-24] CHR Extension: (Netflix Party is now Teleparty) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2023-07-28] CHR Profile: C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-12-26] CHR Profile: C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-12-26] CHR Extension: (Google Docs Offline) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-25] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\zigle\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-02] CHR Profile: C:\Users\zigle\AppData\Local\Google\Chrome\User Data\System Profile [2022-12-26] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-568267705-2125286131-1783018927-1001) Opera GXStable - "C:\Users\zigle\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe [457544 2022-10-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2022-10-05] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1134480 2023-08-03] (ASUSTeK Computer Inc. -> ) S3 brlapi; C:\WINDOWS\brltty\bin\brltty.exe [1016846 2023-05-07] (Microsoft Windows -> ) R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe [652736 2023-07-26] (NZXT, Inc. -> ) R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [614432 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [238632 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [84008 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) S2 CorsairUniwillService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueUniwillService.exe [108072 2023-01-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [215352 2020-08-14] (DTS, Inc. -> DTS Inc.) S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11511912 2023-07-23] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-06-07] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-12-09] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-05-13] (Epic Games Inc. -> Epic Games, Inc.) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [343808 2022-05-12] (FUTUREMARK INC -> Futuremark) S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348000 2023-04-15] (GOG sp. z o.o -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-04-15] (GOG sp. z o.o -> GOG.com) S3 iCUEDevicePluginHost; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe [462888 2023-01-20] (Corsair Memory, Inc. -> Corsair) S2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-04-08] (Logitech Inc -> Logitech) R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1920152 2021-11-01] (A-Volute SAS -> Nahimic) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641416 2023-07-16] (Overwolf Ltd -> Overwolf LTD) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2023-05-21] (Even Balance, Inc. -> ) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2001320 2023-06-14] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [510896 2023-06-14] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc) R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [297736 2023-06-28] (Razer USA Ltd. -> Razer Inc.) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2196464 2023-03-04] (Rockstar Games, Inc. -> Rockstar Games) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2023-04-19] (Razer USA Ltd. -> Razer Inc.) S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [37712 2023-07-24] (SteelSeries ApS -> ) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11047944 2023-06-19] (Riot Games, Inc. -> Riot Games, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_14c40086f8e718c9\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_14c40086f8e718c9\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-10-05] (ASUSTeK Computer Inc. -> ) R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43160 2022-10-05] (ASUSTeK Computer Inc. -> ) S3 AVoluteSS3Vad; C:\WINDOWS\System32\drivers\AVoluteSS3Vad.sys [93672 2021-10-14] (A-Volute -> Windows (R) Win 7 DDK provider) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2023-05-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-05-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63008 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [47032 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22968 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2023-08-03] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) R3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43568 2023-08-03] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [32296 2023-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.) R3 e2fexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e2f.inf_amd64_2d5cb0c750512550\e2f.sys [536168 2022-07-18] (Intel Corporation -> Intel Corporation) R3 ElgatoUsbAudio; C:\WINDOWS\System32\drivers\ElgatoUsbAudio.sys [428584 2023-06-21] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 ElgatoUsbAudioks; C:\WINDOWS\System32\drivers\ElgatoUsbAudioks.sys [55336 2023-06-21] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 ElgatoUsbAudio_mixer; C:\WINDOWS\System32\drivers\ElgatoUsbAudio_mixer.sys [46632 2023-06-21] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 ElgatoVirtUsbAudioEmu; C:\WINDOWS\System32\drivers\ElgatoVirtUsbAudioEmu.sys [97352 2023-04-26] (Microsoft Windows Hardware Compatibility Publisher -> ToriLogic GmbH & Co. KG) R3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [45248 2023-05-17] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R3 HidHide; C:\WINDOWS\System32\drivers\HidHide.sys [61408 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.) R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc) R3 RzDev_00b6; C:\WINDOWS\System32\drivers\RzDev_00b6.sys [63200 2022-06-08] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0257; C:\WINDOWS\System32\drivers\RzDev_0257.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [43472 2023-04-17] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS) R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation) R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider) R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [23403712 2023-06-19] (Riot Games, Inc. -> Riot Games, Inc.) R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2023-08-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-08-02] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-08-02] (Microsoft Windows -> Microsoft Corporation) R2 WinRing0x64; C:\WINDOWS\System32\Drivers\WinRing0x64.sys [14544 2023-05-17] (Noriyuki MIYAZAKI -> OpenLibSys.org) S3 HWiNFO_167; \??\C:\Users\zigle\AppData\Local\Temp\HWiNFO64A_167.SYS [X] <==== ACHTUNG S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-08-02 14:06 - 2023-08-02 14:06 - 000758838 _____ C:\WINDOWS\system32\perfh007.dat 2023-08-02 14:06 - 2023-08-02 14:06 - 000157058 _____ C:\WINDOWS\system32\perfc007.dat 2023-08-02 14:00 - 2023-08-02 14:01 - 000000000 ____D C:\AdwCleaner 2023-08-02 14:00 - 2023-08-02 14:00 - 008791352 _____ (Malwarebytes) C:\Users\zigle\Downloads\adwcleaner.exe 2023-08-02 13:12 - 2023-08-02 13:13 - 000080442 _____ C:\Users\zigle\Downloads\Addition.txt 2023-08-02 13:11 - 2023-08-03 16:33 - 000040454 _____ C:\Users\zigle\Downloads\FRST.txt 2023-08-02 13:11 - 2023-08-03 16:33 - 000000000 ____D C:\FRST 2023-08-02 13:10 - 2023-08-02 13:10 - 002700800 _____ (Farbar) C:\Users\zigle\Downloads\FRST64 (1).exe 2023-08-02 02:00 - 2023-08-02 02:00 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2023-08-02 01:16 - 2023-08-02 01:20 - 000000000 ____D C:\Program Files\UVK - Ultra Virus Killer 2023-08-02 01:16 - 2023-08-02 01:16 - 000001847 _____ C:\Users\Public\Desktop\UVK - Ultra Virus Killer.lnk 2023-08-02 01:16 - 2023-08-02 01:16 - 000000000 ____D C:\ProgramData\UVK 2023-08-02 01:16 - 2023-08-02 01:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer 2023-08-02 01:15 - 2023-08-02 01:15 - 005331520 _____ (CHIP Digital GmbH) C:\Users\zigle\Downloads\Ultra Virus Killer - CHIP Installer _wEEBx.exe 2023-08-02 00:34 - 2023-08-02 00:34 - 105470120 _____ (AO Kaspersky Lab) C:\Users\zigle\Downloads\kvrt (2).exe 2023-07-21 19:25 - 2023-07-21 19:25 - 000000000 ____D C:\Users\zigle\OneDrive\Dokumente\DyingLight 2023-07-20 23:40 - 2023-08-02 13:56 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-07-18 22:03 - 2023-07-14 09:13 - 000848952 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2023-07-18 22:03 - 2023-07-14 09:13 - 000848952 _____ C:\WINDOWS\system32\vulkaninfo.exe 2023-07-18 22:03 - 2023-07-14 09:13 - 000713776 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2023-07-18 22:03 - 2023-07-14 09:13 - 000713776 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2023-07-18 22:03 - 2023-07-14 09:12 - 001226776 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2023-07-18 22:03 - 2023-07-14 09:12 - 000653408 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2023-07-18 22:03 - 2023-07-14 09:12 - 000653408 _____ C:\WINDOWS\system32\vulkan-1.dll 2023-07-18 22:03 - 2023-07-14 09:12 - 000637024 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2023-07-18 22:03 - 2023-07-14 09:12 - 000637024 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2023-07-18 22:03 - 2023-07-14 09:08 - 000669184 _____ C:\WINDOWS\system32\nvofapi64.dll 2023-07-18 22:03 - 2023-07-14 09:08 - 000503832 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2023-07-18 22:03 - 2023-07-14 09:07 - 002167792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2023-07-18 22:03 - 2023-07-14 09:07 - 001622016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2023-07-18 22:03 - 2023-07-14 09:07 - 001538088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2023-07-18 22:03 - 2023-07-14 09:07 - 001194992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2023-07-18 22:03 - 2023-07-14 09:07 - 000992240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2023-07-18 22:03 - 2023-07-14 09:07 - 000776688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2023-07-18 22:03 - 2023-07-14 09:07 - 000769024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2023-07-18 22:03 - 2023-07-14 09:06 - 012066328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2023-07-18 22:03 - 2023-07-14 09:06 - 000459288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2023-07-18 22:03 - 2023-07-14 09:05 - 014520832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2023-07-18 22:03 - 2023-07-14 09:05 - 006190632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2023-07-18 22:03 - 2023-07-14 09:05 - 005844976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2023-07-18 22:03 - 2023-07-14 09:05 - 005550632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2023-07-18 22:03 - 2023-07-14 09:05 - 003482648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2023-07-18 22:03 - 2023-07-14 09:05 - 000852976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2023-07-18 22:03 - 2023-07-13 06:45 - 000108142 _____ C:\WINDOWS\system32\nvinfo.pb 2023-07-13 02:55 - 2023-07-13 02:57 - 000000000 ___HD C:\$WinREAgent ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-08-03 16:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-08-03 16:32 - 2023-06-15 16:34 - 000000000 ____D C:\Users\zigle\AppData\Local\Discord 2023-08-03 16:32 - 2022-06-25 18:28 - 000000000 ____D C:\Users\zigle\AppData\Roaming\NZXT CAM 2023-08-03 16:32 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps 2023-08-03 16:32 - 2022-02-24 19:08 - 000000000 ____D C:\Users\zigle\AppData\Roaming\discord 2023-08-03 16:32 - 2022-02-24 19:05 - 000000000 ____D C:\Program Files (x86)\Steam 2023-08-03 16:31 - 2023-05-07 14:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-08-03 16:31 - 2023-05-07 14:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-08-03 16:31 - 2022-10-22 15:41 - 000000000 ____D C:\ProgramData\NVIDIA 2023-08-03 16:31 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-08-03 16:31 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-08-03 16:31 - 2022-04-27 22:31 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat 2023-08-03 16:31 - 2022-02-24 18:42 - 000000000 ____D C:\Program Files (x86)\Google 2023-08-03 16:31 - 2022-02-24 18:12 - 001173024 _____ C:\WINDOWS\system32\wpbbin.exe 2023-08-03 16:31 - 2022-02-24 18:12 - 001134480 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe 2023-08-03 16:31 - 2022-02-24 18:12 - 000012288 ___SH C:\DumpStack.log.tmp 2023-08-03 01:24 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-08-02 19:23 - 2023-03-27 21:31 - 000000000 ____D C:\Users\zigle\AppData\Roaming\obs-studio 2023-08-02 14:21 - 2022-10-22 15:44 - 000000000 ____D C:\Users\zigle\AppData\Local\D3DSCache 2023-08-02 14:06 - 2023-05-07 14:11 - 001754660 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-08-02 14:06 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF 2023-08-02 13:59 - 2023-04-23 21:58 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2023-08-02 13:56 - 2023-04-23 21:58 - 000012288 _____ C:\WINDOWS\SysWOW64\AppRulesStorage 2023-08-02 13:56 - 2023-04-23 21:58 - 000000000 ____D C:\Program Files\Common Files\AV 2023-08-02 13:56 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2023-08-02 13:56 - 2022-02-24 19:04 - 000000000 ____D C:\Users\zigle\AppData\Local\CrashDumps 2023-08-02 13:56 - 2022-02-24 18:31 - 000000000 ____D C:\Users\zigle\AppData\Local\Packages 2023-08-02 01:14 - 2022-02-24 18:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-08-02 00:59 - 2022-02-24 21:03 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2023-08-02 00:34 - 2023-04-23 21:39 - 000000000 ____D C:\KVRT2020_Data 2023-08-01 23:29 - 2023-05-07 14:09 - 000004002 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{BE7438EE-75A2-40FB-AA82-DBA9C7D47D8F} 2023-08-01 23:29 - 2023-05-07 14:09 - 000003878 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{7C385CBA-F48D-49C4-B9D5-AEF18E0112C3} 2023-08-01 17:54 - 2023-05-07 14:12 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-568267705-2125286131-1783018927-1001 2023-08-01 17:54 - 2023-05-07 14:12 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-568267705-2125286131-1783018927-1001 2023-08-01 17:54 - 2023-05-07 14:12 - 000002395 _____ C:\Users\zigle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-07-30 03:04 - 2023-05-01 21:27 - 000000000 ____D C:\Users\zigle\AppData\Roaming\steelseries-gg-client 2023-07-29 17:24 - 2022-02-24 18:13 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-07-29 17:24 - 2022-02-24 18:13 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-07-28 23:24 - 2022-09-09 18:45 - 000000000 ____D C:\Users\zigle\AppData\Local\Spotify 2023-07-28 23:23 - 2022-09-09 18:45 - 000000000 ____D C:\Users\zigle\AppData\Roaming\Spotify 2023-07-27 23:12 - 2023-05-07 14:04 - 000000000 ____D C:\Users\zigle 2023-07-27 21:28 - 2022-02-24 18:42 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-07-27 21:28 - 2022-02-24 18:42 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-07-27 21:05 - 2022-04-26 15:36 - 000000000 ____D C:\Users\zigle\AppData\Local\Ubisoft Game Launcher 2023-07-27 16:22 - 2023-05-18 11:55 - 000000000 ____D C:\WINDOWS\Minidump 2023-07-27 16:15 - 2022-06-25 18:28 - 000000000 ____D C:\Program Files\NZXT CAM 2023-07-26 21:50 - 2022-04-21 18:56 - 000000000 ____D C:\Users\zigle\AppData\Local\Battle.net 2023-07-25 21:22 - 2022-02-24 18:45 - 000000000 ____D C:\ProgramData\Package Cache 2023-07-24 15:49 - 2023-05-07 14:09 - 000004244 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1651537158 2023-07-24 15:49 - 2022-05-03 02:19 - 000001434 _____ C:\Users\zigle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk 2023-07-22 11:51 - 2022-04-21 18:55 - 000000000 ____D C:\Program Files (x86)\Battle.net 2023-07-22 11:41 - 2022-04-13 23:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-07-21 22:29 - 2022-02-24 19:09 - 000000000 ____D C:\Users\zigle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2023-07-21 20:03 - 2022-03-18 12:34 - 000000000 ____D C:\Users\zigle\AppData\Roaming\WeMod 2023-07-21 19:44 - 2022-03-18 12:34 - 000000000 ____D C:\Users\zigle\AppData\Local\WeMod 2023-07-21 19:44 - 2022-02-24 19:08 - 000000000 ____D C:\Users\zigle\AppData\Local\SquirrelTemp 2023-07-21 17:57 - 2023-04-19 23:20 - 000002034 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk 2023-07-21 17:57 - 2022-05-24 12:14 - 000002354 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Breitbandmessung.lnk 2023-07-21 17:57 - 2022-04-28 22:15 - 000000000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCUE.lnk 2023-07-21 17:57 - 2022-04-27 21:40 - 000000000 ____D C:\ProgramData\Riot Games 2023-07-21 14:15 - 2022-04-13 23:24 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-07-21 14:12 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-07-20 19:39 - 2023-01-15 03:39 - 000000000 ____D C:\Program Files (x86)\Overwolf 2023-07-18 22:07 - 2022-10-22 15:42 - 000000000 ____D C:\Users\zigle\AppData\Local\NVIDIA 2023-07-14 09:12 - 2023-04-21 15:58 - 001487912 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2023-07-14 09:08 - 2023-06-05 18:23 - 000933912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2023-07-14 09:03 - 2023-04-21 15:58 - 007858064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2023-07-14 09:03 - 2023-04-21 15:58 - 006738032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2023-07-13 19:23 - 2022-02-26 21:05 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-07-13 19:21 - 2022-02-26 21:05 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-07-13 19:16 - 2023-05-07 14:02 - 000305136 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\DDFs 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-07-13 19:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-07-13 03:00 - 2023-05-07 14:05 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-07-12 14:58 - 2023-05-07 14:09 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-07-12 14:58 - 2023-05-07 14:09 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-07-10 16:47 - 2022-08-03 15:02 - 000000000 ____D C:\WINDOWS\system32\SteelSeries 2023-07-06 15:34 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2023-07-05 16:30 - 2022-05-17 17:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2023-07-05 16:29 - 2023-03-24 00:17 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2022-05-09 21:37 - 2022-09-05 15:32 - 000000032 _____ () C:\Users\zigle\AppData\Roaming\.machineId 2022-06-07 16:19 - 2022-06-07 16:19 - 000005219 _____ () C:\Users\zigle\AppData\Roaming\58870330-99e9-4363-a120-dc7ddf4fb758.tmp 2022-09-19 22:25 - 2022-09-19 22:25 - 000003918 _____ () C:\Users\zigle\AppData\Local\2360354350 2022-11-26 23:40 - 2022-11-26 23:40 - 000007605 _____ () C:\Users\zigle\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
03.08.2023, 15:41 | #13 |
| Trojaner Trojan.Multi.BroSubsc.genCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-08-2023 durchgeführt von zigle (03-08-2023 16:33:59) Gestartet von C:\Users\zigle\Downloads Microsoft Windows 11 Home Version 22H2 22621.1992 (X64) (2023-05-07 12:09:38) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-568267705-2125286131-1783018927-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-568267705-2125286131-1783018927-503 - Limited - Disabled) Gast (S-1-5-21-568267705-2125286131-1783018927-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-568267705-2125286131-1783018927-504 - Limited - Disabled) zigle (S-1-5-21-568267705-2125286131-1783018927-1001 - Administrator - Enabled) => C:\Users\zigle ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} FW: Kaspersky (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.8.0.1937 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.8.0.1937 - Advanced Micro Devices, Inc.) Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.) Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version: - Ubisoft) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts) Battlefield™ 2042 (HKLM-x32\...\{45e281f3-1414-47ea-bb64-4f50d50121f3}) (Version: 1.0.76.60710 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Breitbandmessung 3.3.0 (HKLM\...\14607473-30db-509f-94f0-bb7c085c619e) (Version: 3.3.0 - zafaco GmbH) Core Temp 1.18 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.18 - ALCPU) CORSAIR iCUE 4 Software (HKLM\...\{444A58EF-FD29-4558-BD8B-F4839576463C}) (Version: 4.33.138 - Corsair) CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.) CrystalDiskInfo 8.17.14 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.14 - Crystal Dew World) Diablo IV (HKLM-x32\...\Diablo IV) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Discord) (Version: 1.0.9013 - Discord Inc.) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.239.0.5496 - Electronic Arts) Hidden EA app (HKLM-x32\...\{2da5c03a-a437-48b6-85b8-7fafff95de5e}) (Version: 12.239.0.5496 - Electronic Arts) Elgato Stream Deck (HKLM\...\{E6DCB5EF-F35C-4F2D-BA2A-16091CDE111C}) (Version: 6.3.0.18948 - Corsair Memory, Inc.) Elgato Wave Link (HKLM\...\{3FA4D626-F5DC-43A9-B131-D9A0984B4984}) (Version: 1.8.1.476 - Corsair Memory, Inc.) ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_DRAM_RGB_AIO (HKLM\...\{40514BA6-1FC2-4BBD-84A2-504634A97196}) (Version: 1.0.4.16 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{ca38f41e-a37c-41b2-82e3-28b215743448}) (Version: 1.0.4.16 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.10.4 - ENE Tech) Hidden ENE_External_Device_HAL (HKLM-x32\...\{38581c7d-8a6c-4129-9046-8f5df621478b}) (Version: 1.0.10.4 - ENE Tech) Hidden ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM-x32\...\{ec10ac91-2e61-460a-b493-33f794a07682}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden Epic Games Launcher (HKLM-x32\...\{8ADEA716-6C06-4092-A62B-794F8BF8336A}) (Version: 1.3.51.0 - Epic Games, Inc.) Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) Futuremark SystemInfo (HKLM-x32\...\{6037E2E3-C7A4-4F37-AE61-0174E1A919BE}) (Version: 5.46.1056.0 - Futuremark) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.62.26 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.110 - Google LLC) HWiNFO64 Version 7.20 (HKLM\...\HWiNFO64_is1) (Version: 7.20 - Martin Malik - REALiX) Java 8 Update 361 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180361F0}) (Version: 8.0.3610.9 - Oracle Corporation) Logitech Capture (HKLM\...\Capture) (Version: 2.06.12 - Logitech) Microsoft .NET Host - 5.0.0 (x64) (HKLM\...\{1D88C674-5064-4E7F-BB8C-1E6F8374C35D}) (Version: 40.0.29419 - Microsoft Corporation) Hidden Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.10 (x86) (HKLM-x32\...\{3B28977C-9163-48A5-A08C-C01327E18AE2}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.0 (x64) (HKLM\...\{0DA2670C-83CF-4F3A-929C-19FB3C26B094}) (Version: 40.0.29419 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.10 (x86) (HKLM-x32\...\{EBD44C5E-F1AF-4955-AEDF-F15D06384A9C}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.0 (x64) (HKLM\...\{FE6FF6ED-93DE-42E3-991D-346F0C1FC187}) (Version: 40.0.29419 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation) Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.10 (x86) (HKLM-x32\...\{98CA5A6B-4ECC-4E6D-BF18-6B20CBB6E5F4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\OneDriveSetup.exe) (Version: 23.147.0716.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{6a3b46d3-fbf1-4b22-8b42-48b675de6b81}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 (HKLM-x32\...\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}) (Version: 14.34.31938.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 (HKLM-x32\...\{080D8397-60F4-44B3-BB95-FBB950CB0B4E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 (HKLM-x32\...\{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}) (Version: 14.34.31938 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.0 (x64) (HKLM\...\{B4FC1E81-3264-49A2-80C7-24C296546D67}) (Version: 40.0.29420 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.0 (x64) (HKLM-x32\...\{b1b6fa8e-9e9e-4fc2-9a62-6cfdcc8f0878}) (Version: 5.0.0.29420 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{0F3E4057-E2BB-4114-A646-F143DB5CE4C9}) (Version: 48.43.48870 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{9dd24b73-88e0-4f0f-882a-500e00d2bdef}) (Version: 6.0.10.31726 - Microsoft Corporation) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 114.0.2 (x64 de)) (Version: 114.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.1 - Mozilla) Nefarius Software Solutions e.U. HidHide (x64) (HKLM\...\{B62A2DE2-E6A8-438B-B05B-6E9287A0191D}) (Version: 1.0.30.0 - Nefarius Software Solutions e.U.) Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.) NVIDIA Audio Effects SDK (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_AudioEffects) (Version: 1.3.0.21 - NVIDIA Corporation) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation) NVIDIA Grafiktreiber 536.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.67 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NZXT CAM 4.53.2 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.53.2 - NZXT, Inc.) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.0.0 - OBS Project) Opera GX Stable 100.0.4815.82 (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Opera GX 100.0.4815.82) (Version: 100.0.4815.82 - Opera Software) Opera GX Stable 86.0.4363.64 (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Opera GX 86.0.4363.64) (Version: 86.0.4363.64 - Opera Software) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.228.0.20 - Overwolf Ltd.) Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.1 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{07236f40-ec25-4646-8cb6-b6aaf1597324}) (Version: 1.1.0.1 - Patriot Memory) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.8.0630.062814 - Razer Inc.) RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.22.1221.1 - Gigabyte) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) RivaTuner Statistics Server 7.3.3 (HKLM-x32\...\RTSS) (Version: 7.3.3 - Unwinder) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.70.1389 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.7 - Rockstar Games) Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts) Spotify (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Spotify) (Version: 1.2.16.947.gcfbaa410 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries GG 43.0.0 (HKLM\...\SteelSeries GG) (Version: 43.0.0 - SteelSeries ApS) TeamSpeak 3 Client (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH) TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.53.0 - TechPowerUp) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 140.0.10857 - Ubisoft) UNO (HKLM-x32\...\Uplay Install 3352) (Version: - Ubisoft) UVK - Ultra Virus Killer (HKLM\...\UVK - Ultra virus killer) (Version: 11.10.8.0 - Carifred) VALORANT (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) Valorant Tracker (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\Overwolf_ipmlnnogholfmdmenfijjifldcpjoecappfccceh) (Version: 1.11.1 - Overwolf app) WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden WeMod (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\WeMod) (Version: 8.10.3 - WeMod) Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation) Wolfenstein: The New Order (HKLM-x32\...\1943729964_is1) (Version: 1.0.0.2 hotfix - GOG.com) WOW 8.15.0.0 (HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\com.bskyb.wowtv_is1) (Version: 8.15.0.0 - WOW) Packages: ========= BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.29.0_x64__ffd303wmbhcjt [2023-05-22] (BreeZip) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa [2023-05-25] (Apple Inc.) [Startup Task] Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-02-25] (Microsoft Corporation) Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-05-08] (Microsoft Corp.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-07-18] (NVIDIA Corp.) PowerWash Simulator -> C:\Program Files\WindowsApps\39C668CD.PowerWashSimulator_12.2304.280.0_x64__r7bfsmp40f67j [2023-06-29] (Square Enix Ltd.) Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.145.0_x64__pwbj9vvecjh7j [2023-07-14] (Amazon Development Centre (London) Ltd) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2023-05-07] (Realtek Semiconductor Corp) Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.419.2201.879_neutral__8wekyb3d8bbwe [2023-04-19] (Microsoft Corporation) Zip Extractor Pro -> C:\Program Files\WindowsApps\38526MediaLife.ZipPlus_2.0.4.0_x86__1crh1k73ty8mg [2022-12-22] (Media Life) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-568267705-2125286131-1783018927-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => Keine Datei ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_14c40086f8e718c9\nvshext.dll [2023-07-14] (NVIDIA Corporation -> NVIDIA Corporation) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2023-03-02 08:55 - 2023-02-27 22:39 - 001393152 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll 2023-07-27 16:15 - 2023-07-26 23:06 - 001569280 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\CTITSDKDeviceTool.dll 2022-04-01 15:48 - 2022-04-01 15:48 - 000045056 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIntelI2C.dll 2023-07-27 16:15 - 2023-07-26 23:06 - 002882560 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\ffmpeg.dll 2023-07-27 16:15 - 2023-07-26 23:06 - 000480768 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\libegl.dll 2023-07-27 16:15 - 2023-07-26 23:06 - 007625728 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\libglesv2.dll 2023-04-29 19:26 - 2023-07-26 23:06 - 005334528 _____ () [Datei ist nicht signiert] C:\Program Files\NZXT CAM\vk_swiftshader.dll 2022-08-24 11:45 - 2022-08-24 11:45 - 000242176 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccv3.dll 2022-04-02 14:02 - 2022-04-02 14:02 - 000524800 _____ (GIGABYTE Technology Co.,Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll 2020-11-05 14:16 - 2020-11-05 14:16 - 000268800 _____ (GIGABYTE Technology Co.,Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll 2022-05-25 11:20 - 2022-05-25 11:20 - 001992704 _____ (GIGABYTE) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACPCIeSSD_Lib.dll 2021-02-22 20:38 - 2021-02-22 20:38 - 000990720 _____ (JMicron Technology Co.) [Datei ist nicht signiert] C:\Program Files\ENE\Aac_ENE_X-JMI_HAL\JMFWUpdateDll.dll 2023-07-27 16:15 - 2023-07-26 23:06 - 000083456 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] \\?\C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\nzxt-device\SiUSBXp64.dll 2023-01-17 13:13 - 2023-01-17 13:13 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files\Corsair\CORSAIR iCUE 4 Software\SiUSBXp.dll 2023-05-23 11:02 - 2019-05-28 22:36 - 003407360 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\cz.danol.discordmixer.sdPlugin\bin\libcrypto-1_1-x64.dll 2023-05-23 11:02 - 2019-05-28 22:36 - 000681472 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Users\zigle\AppData\Roaming\Elgato\StreamDeck\Plugins\cz.danol.discordmixer.sdPlugin\bin\libssl-1_1-x64.dll 2017-10-05 15:26 - 2017-10-05 15:26 - 002247168 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll 2018-12-08 08:22 - 2018-12-08 08:22 - 002059264 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll 2022-10-03 10:00 - 2022-10-03 10:00 - 000516096 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll 2022-10-13 16:38 - 2022-10-13 16:38 - 002046464 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\WINDOWS\system32\9EarsSurroundSound.dll:72B1DE377E [3442] AlternateDataStreams: C:\WINDOWS\system32\9EarsSurroundSound.dll:97D88723C8 [4306] AlternateDataStreams: C:\ProgramData\AMDAutoUpdate.log:5AFFBDE7FB [4306] AlternateDataStreams: C:\ProgramData\AMDAutoUpdate.log:B5D3D35FA8 [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk:B026C77744 [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Breitbandmessung.lnk:405F340306 [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk:83A68E50E4 [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCUE.lnk:35C8A47BAF [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCUE.lnk:97831153DE [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NZXT CAM.lnk:AB04221C49 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_361\bin\ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_361\bin\jp2ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\localhost -> localhost ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\dotnet\;;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-568267705-2125286131-1783018927-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\zigle\Downloads\ultra-instinct-goku-dragon-ball-blue-power.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\Run: => "CORSAIR iCUE 4 Software" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "Opera GX Stable" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "GogGalaxy" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4AF148971660ED09CC41DC556DFB6C6E" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-568267705-2125286131-1783018927-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_24B02A7A179033EAE02E8246A105555E" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{A0252331-049C-4046-A453-86EA48B01750}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland S.A. -> Techland) FirewallRules: [{058A71BA-B1EF-4D54-B8CB-F6AEA495C9EB}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland S.A. -> Techland) FirewallRules: [{A52A9088-634C-4F93-8E8F-B0DBAD07E02D}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe (Techland S.A. -> Techland) FirewallRules: [{D1A8BF7A-49F6-44CE-9E44-31A2C793F3B3}] => (Allow) E:\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe (Techland S.A. -> Techland) FirewallRules: [{32F9BB18-B67B-4BCA-B5DA-CF19C303456F}] => (Allow) E:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert] FirewallRules: [{2A930A1B-E22C-46C5-AA71-1156527632F1}] => (Allow) E:\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{9D851819-3D54-4031-ABF2-1E20FC466970}D:\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) D:\wolfenstein the new order\wolfneworder_x64.exe (MachineGames) [Datei ist nicht signiert] FirewallRules: [TCP Query User{9C75F34E-091C-41A1-BB49-9F53869F4B21}D:\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) D:\wolfenstein the new order\wolfneworder_x64.exe (MachineGames) [Datei ist nicht signiert] FirewallRules: [{50000AE6-04D2-4F84-9033-B91392086E93}] => (Allow) LPort=8088 FirewallRules: [{7E067420-8A0C-46A3-8A7C-DC1526E1A225}] => (Allow) LPort=8088 FirewallRules: [UDP Query User{AB3CE73C-89CF-4164-A874-B9836EA9304A}C:\users\zigle\riot games\riot client\riotclientservices.exe] => (Allow) C:\users\zigle\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{9F2BA5D1-57F4-402D-B81E-8EEBB184D936}C:\users\zigle\riot games\riot client\riotclientservices.exe] => (Allow) C:\users\zigle\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{3A499CB5-F922-4C5D-824B-AA41DBFDEC5C}E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [TCP Query User{984D6D06-5E03-441C-9F7C-9A1086620BB1}E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [UDP Query User{C5EB8C7D-A04A-4A9A-8B69-4991093B4510}E:\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) E:\call of duty black ops cold war\blackopscoldwar.exe => Keine Datei FirewallRules: [TCP Query User{0CF63E07-5701-4815-ABE2-36581B75BD55}E:\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) E:\call of duty black ops cold war\blackopscoldwar.exe => Keine Datei FirewallRules: [UDP Query User{4A66AAF6-1288-493C-B2E9-F3A5CDBACF3B}E:\steamlibrary\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe] => (Allow) E:\steamlibrary\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe (Irrational Games) [Datei ist nicht signiert] FirewallRules: [TCP Query User{FEB489A8-FBAA-40FF-8DB9-1DDB74210945}E:\steamlibrary\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe] => (Allow) E:\steamlibrary\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe (Irrational Games) [Datei ist nicht signiert] FirewallRules: [{39535E1F-73E0-4C68-84D2-11FF2450D04A}] => (Allow) E:\SteamLibrary\steamapps\common\Sons Of The Forest\SonsOfTheForest.exe () [Datei ist nicht signiert] FirewallRules: [{D9F14177-964C-4227-B4E8-DF47FF36A41A}] => (Allow) E:\SteamLibrary\steamapps\common\Sons Of The Forest\SonsOfTheForest.exe () [Datei ist nicht signiert] FirewallRules: [{1DEAA6C6-32A5-4332-B2D1-B0166D2141AC}] => (Allow) E:\SteamLibrary\steamapps\common\BioShock Infinite\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [{665E91EC-DB13-4177-956A-D93E83A19967}] => (Allow) E:\SteamLibrary\steamapps\common\BioShock Infinite\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [UDP Query User{88BD51B3-9228-4CBA-8D84-C2A7704D0178}E:\steamlibrary\steamapps\common\theouterworlds\indiana\binaries\win64\indiana-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\theouterworlds\indiana\binaries\win64\indiana-win64-shipping.exe => Keine Datei FirewallRules: [TCP Query User{3A15C9C5-8DE7-49F3-A013-66990581E87B}E:\steamlibrary\steamapps\common\theouterworlds\indiana\binaries\win64\indiana-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\theouterworlds\indiana\binaries\win64\indiana-win64-shipping.exe => Keine Datei FirewallRules: [{71F54422-B384-498E-B243-306A9AE28E0C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{DD77B646-EAAD-44D5-8D1D-30154AA1916C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{D8AC9F06-E072-4BEB-AB21-655615DCE723}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{0594E1B8-2D45-4989-A1B2-2152DAA5A751}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{A71656F4-D855-4488-BB6A-23B9C855D0B3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{FE616C7D-255F-426E-9B33-78322C504E57}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => Keine Datei FirewallRules: [{1C829E08-F626-40A6-8C63-502DECDFF3D7}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 5\Launcher.exe () [Datei ist nicht signiert] FirewallRules: [{B049F560-FB6C-40F5-B562-0AC6308857E5}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 5\Launcher.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{92E20EF2-54E6-4D32-BBB0-8DF8AFFE4ECE}E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [TCP Query User{65F9C58A-C2AF-45A0-B39A-40C1AF7C9551}E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) E:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [{E148E9CB-8B2C-483E-A578-6971562A9A5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{B7EC9C6F-D669-4CCF-BF4E-D286EF230F4B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{826B9CC6-592F-4865-AA49-8D2AD66F4CB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{941D256C-72E4-4CB5-820E-74D1126E1566}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{62C7A6CF-A108-44ED-848B-AED96D8673F8}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe (CAPCOM CO., LTD. -> CAPCOM U.S.A, INC.) FirewallRules: [{AD6BAE75-CBB7-4997-BBC1-E244B9B0013C}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe (CAPCOM CO., LTD. -> CAPCOM U.S.A, INC.) FirewallRules: [{62334C84-A46A-495E-847A-5C0253C7EB9A}] => (Allow) E:\SteamLibrary\steamapps\common\Yu-Gi-Oh! Duel Links\dlpc.exe () [Datei ist nicht signiert] FirewallRules: [{6969C10E-C65B-4456-8CD4-2B4B44DE3CCF}] => (Allow) E:\SteamLibrary\steamapps\common\Yu-Gi-Oh! Duel Links\dlpc.exe () [Datei ist nicht signiert] FirewallRules: [{2777F7A0-135C-4879-81B8-F5FF64047A3C}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe (Underwriters Laboratories Inc. -> ) FirewallRules: [{0CF67890-E968-4B48-9FA3-2625E8E19E69}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe (Underwriters Laboratories Inc. -> ) FirewallRules: [{C2BF100B-AF0C-4397-A74B-62689A323F93}] => (Allow) LPort=32682 FirewallRules: [{86DA8F17-42B3-4CFB-BC2C-28F1EAF6074A}] => (Allow) LPort=26822 FirewallRules: [{9CD8139F-CC88-4904-B5A4-42EBAD5A2B19}] => (Allow) E:\SteamLibrary\steamapps\common\Ghost Watchers\Ghost Watchers.exe () [Datei ist nicht signiert] FirewallRules: [{CE0F9B7B-30EF-4483-B0DB-EED4ADBCD858}] => (Allow) E:\SteamLibrary\steamapps\common\Ghost Watchers\Ghost Watchers.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{39A353AD-4FA2-4DD2-A5A5-16194EFD6CDC}E:\rocketleague\binaries\win64\rocketleague.exe] => (Allow) E:\rocketleague\binaries\win64\rocketleague.exe => Keine Datei FirewallRules: [TCP Query User{EF5F82F7-8796-40D4-B0AC-5263F0C5F0C9}E:\rocketleague\binaries\win64\rocketleague.exe] => (Allow) E:\rocketleague\binaries\win64\rocketleague.exe => Keine Datei FirewallRules: [UDP Query User{7706974C-CE74-4B32-BC0D-10E8CE31ECE5}E:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{B7BA334B-EDC9-46FD-8E67-A653AA38D763}E:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{9057B859-1CFC-459B-B2C1-B07CA95120F3}] => (Allow) E:\SteamLibrary\steamapps\common\Grim Dawn\x64\Grim Dawn.exe => Keine Datei FirewallRules: [{1E9233E2-7A4C-4FD0-9E2C-84DD30C48C4F}] => (Allow) E:\SteamLibrary\steamapps\common\Grim Dawn\x64\Grim Dawn.exe => Keine Datei FirewallRules: [UDP Query User{093DD0F2-C46B-4D70-8587-30376F5AB04C}C:\users\zigle\riot games\riot client\riotclientservices.exe] => (Allow) C:\users\zigle\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{533C5F20-6916-43AC-85C7-C632F4BF4E4E}C:\users\zigle\riot games\riot client\riotclientservices.exe] => (Allow) C:\users\zigle\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{4AF7DA4D-62CD-4358-8AB5-E73D61A25BBE}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{864794A2-7DA4-427D-9F78-6B72E27C9122}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{4A422D2A-8B74-4CA8-A54A-AD8622EAB5F4}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe => Keine Datei FirewallRules: [{34F62E3F-1AE6-46F6-882C-FDB59FC6EC4C}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe => Keine Datei FirewallRules: [{8A37F9F5-6702-4E9B-AC16-22B9350D5760}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => Keine Datei FirewallRules: [{B113BCDA-811C-48E7-941E-30DF6D9982BB}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => Keine Datei FirewallRules: [{78D3214B-E897-4A56-9626-1ED3F19FCAA6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{EDD2C76B-E820-40E7-8333-E4ABB450EDDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{62EB2112-7555-413B-9381-E6038416CB79}] => (Allow) E:\Grand Theft Auto V\GTA5.exe => Keine Datei FirewallRules: [{A0823BF9-109A-4414-891E-D902F16CCD39}] => (Allow) E:\Grand Theft Auto V\GTA5.exe => Keine Datei FirewallRules: [{D5BC0469-4083-4F9E-B92E-EF4E03A764F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7451BABB-3271-45DE-9520-70CEC6E41501}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{872A2BD9-7D33-4B07-9C4C-142FA83A50EE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{19B44D00-56ED-4825-B801-23A4D9D3BB0F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5C4C91CD-5D4B-42CE-B160-FDC316684B5D}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark) FirewallRules: [{ABB1B0B5-F9CD-4431-89B8-D1C57DE6E3D9}] => (Allow) E:\SteamLibrary\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark) FirewallRules: [UDP Query User{B19573B7-61D6-4A96-8547-5A724CAAE790}E:\steamlibrary\steamapps\common\haunt chaser\hauntchaser\binaries\win64\hauntchaser-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\haunt chaser\hauntchaser\binaries\win64\hauntchaser-win64-shipping.exe (Clock Wizard Games) [Datei ist nicht signiert] FirewallRules: [TCP Query User{68737115-28BA-4E60-B982-3671EA3828F8}E:\steamlibrary\steamapps\common\haunt chaser\hauntchaser\binaries\win64\hauntchaser-win64-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\haunt chaser\hauntchaser\binaries\win64\hauntchaser-win64-shipping.exe (Clock Wizard Games) [Datei ist nicht signiert] FirewallRules: [{5E46C099-771A-40C6-977A-844E860ABA55}] => (Allow) E:\SteamLibrary\steamapps\common\Haunt Chaser\HauntChaser.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{ECD16E63-4685-44ED-835F-F2A9B8A4C909}] => (Allow) E:\SteamLibrary\steamapps\common\Haunt Chaser\HauntChaser.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{2526E9C9-5943-4D7F-BFB8-2039895F7328}E:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei FirewallRules: [TCP Query User{39539895-B7CC-4BAC-B2B1-7B31489BD23D}E:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei FirewallRules: [UDP Query User{86E03B64-E7E9-4D49-A750-928020AA717C}E:\xbox games\back 4 blood\content\gobi\binaries\wingdk\back4blood.exe] => (Allow) E:\xbox games\back 4 blood\content\gobi\binaries\wingdk\back4blood.exe => Keine Datei FirewallRules: [TCP Query User{8BF11126-3DAF-4FCC-8476-B43159F642CB}E:\xbox games\back 4 blood\content\gobi\binaries\wingdk\back4blood.exe] => (Allow) E:\xbox games\back 4 blood\content\gobi\binaries\wingdk\back4blood.exe => Keine Datei FirewallRules: [UDP Query User{6DC0BC89-9CFF-4606-BD69-2D8870DA8FDE}C:\users\zigle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\zigle\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{010CD4F8-6107-454B-9234-DD10C7E20BC6}C:\users\zigle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\zigle\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{20B97474-1C3F-4B46-B1DB-34D68E4A63B5}] => (Allow) E:\SteamLibrary\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{E01FB0E9-19F1-43FD-8E63-58A3112D282D}] => (Allow) E:\SteamLibrary\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{DFD43AC9-C9A5-4B12-9ACA-85692CA7D6EA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{BAA2EEF3-05F7-4EEF-BDE6-624CE1D9941E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B8AC8512-3D0B-439D-A0F0-84732FE4A0FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{8463CDAA-F646-48BE-AC8B-832C783C249F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [UDP Query User{46E240E8-87CC-4A0E-9174-2CE5C7446679}E:\origin\diablo iii\x64\diablo iii64.exe] => (Allow) E:\origin\diablo iii\x64\diablo iii64.exe => Keine Datei FirewallRules: [TCP Query User{EF3614D1-ECE2-4B9C-8D34-1A8178C4CCFA}E:\origin\diablo iii\x64\diablo iii64.exe] => (Allow) E:\origin\diablo iii\x64\diablo iii64.exe => Keine Datei FirewallRules: [UDP Query User{7498C4D0-16D8-43BD-AA36-67397DF395A6}C:\users\zigle\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\zigle\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{F15886A4-F11F-405E-9A07-ECF3F0972B3E}C:\users\zigle\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\zigle\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{3582F424-2A91-437C-AC49-3DFA8ACA4526}C:\users\zigle\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\zigle\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{2063AEA9-BBA6-49A8-8688-F39687CC139D}C:\users\zigle\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\zigle\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{FB09B9B5-AAE7-4719-AEE5-45BE5D93EDAB}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => Keine Datei FirewallRules: [{454B9E8E-9F5B-463F-A1B6-86A90AADECD1}] => (Allow) E:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => Keine Datei FirewallRules: [{A41C34CB-9169-4109-8B29-A96F70783410}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe (CAPCOM CO., LTD. -> CAPCOM U.S.A, INC.) FirewallRules: [{74618B2B-C768-412C-87AF-C89A6FDDE25A}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe (CAPCOM CO., LTD. -> CAPCOM U.S.A, INC.) FirewallRules: [{979CE043-D4BF-4B5B-AC4F-D9E9DE89748D}] => (Allow) E:\Assassin's Creed Valhalla\ACValhalla_Plus.exe (UBISOFT ENTERTAINMENT INC. -> ) FirewallRules: [{E606F292-ED30-457B-B359-097A0CAFD20A}] => (Allow) E:\SteamLibrary\steamapps\common\Oblivity\Oblivity.exe () [Datei ist nicht signiert] FirewallRules: [{B0694B4A-4DFD-43D2-9D7C-F4C456F7B7B6}] => (Allow) E:\SteamLibrary\steamapps\common\Oblivity\Oblivity.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{2242EFF7-E320-4E00-B13E-DFCE367A4E42}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{3C041DFB-6BF3-423B-8D58-6A1C98DB71E2}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{587ADC20-B194-47D0-8125-EF0D4A53DA41}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{8E854FF1-26FA-4067-BC83-0CDAD4989794}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D458249D-133C-400B-BA46-A8A9B2F7366A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{641CA09A-8CEA-4D47-89CE-51021D7411BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{F3BF5401-5BFF-44A9-951B-0EEAC9B88BB4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{385E6705-33F4-4DEF-85BB-0212615D1F1E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{7324D3BD-77D7-4A1A-8EBA-77D65FA3E22F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{93436195-B697-4F7B-8BBE-9F55E8E2898B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{7ED3CB6E-1120-4DB2-BEFC-68C8513C7EB8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{3A3E056D-7C85-4155-BB77-D61FD11E4D05}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{9CF28299-9B82-41A6-AE00-CE19238D75FF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{4A5A920A-FCC1-4A3B-B74D-EEB2C1BCDF43}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{BF63A4B9-F92B-4E37-9106-6C1BFBF92135}] => (Allow) D:\SteamLibrary\steamapps\common\RESIDENT EVIL 4 BIOHAZARD RE4\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{B4F092F9-288B-4EFA-AC69-D6E519C8CC66}] => (Allow) D:\SteamLibrary\steamapps\common\RESIDENT EVIL 4 BIOHAZARD RE4\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{0251A5DD-1475-460C-9AE4-68661EBFEE37}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => Keine Datei FirewallRules: [{355F360A-3EF2-4FB5-BBC0-E6A95C8508D1}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia Definitive Edition\2KLauncher\LauncherPatcher.exe => Keine Datei FirewallRules: [{441B0259-1CCC-4247-8AAC-CBF99E5EDDA8}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => Keine Datei FirewallRules: [{49ED6B38-FFD8-40C1-8DA0-C98B177EF9F1}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => Keine Datei FirewallRules: [{C6D55EDD-8D59-4A19-804F-AA62EABB8711}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{0DC94396-88EF-4B98-B5D1-2FFBB01247D1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{DF9D5A43-305C-4E39-94AA-029B7E036590}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{A3B7F1B4-0F68-48EB-A3F5-5205DBE80313}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{016E1649-82D7-4C54-B66E-2340DE844323}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{A9559138-F229-4952-B3EB-D73F7F6F0425}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{F2E19475-0613-40D9-963C-9BDB5EF08D17}] => (Allow) E:\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{6521B1F7-A811-444C-84CD-C60FC1A1F94E}] => (Allow) E:\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{22C436F5-D68A-4111-ABD0-23238F2608E4}] => (Allow) E:\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{E67FD927-A5BC-49FA-B538-D8A951DD8721}] => (Allow) E:\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{55BEFDB1-625D-4DF1-A08D-E05B698FD895}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{12FEFDAD-53FD-46BA-9576-1AF581178244}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{9EF9AB87-C771-4846-820A-A3CEE6DE5BEB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{01FF7B22-A057-4927-A6F4-5458D859A907}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{3A936116-8FE8-47C5-8F63-9710306A58BD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{F8A83C85-E3A2-4B51-9028-28070AB9F221}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{18BCDD5F-20D1-49CE-95A6-1086B54B0880}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{DB16D338-F965-4F55-B144-E6417334F0A9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{12343107-387E-433C-A7F7-9BDE3C3FA349}] => (Allow) C:\Program Files\EA Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{8D9F5DBF-9585-4549-94D3-AC28D6AD9CCB}] => (Allow) C:\Program Files\EA Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{307F2A44-F2E7-4213-8368-46A077F9A54A}] => (Allow) E:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Datei ist nicht signiert] FirewallRules: [{33A21831-7622-4EB1-AE03-FBFF0C0C3359}] => (Allow) E:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Datei ist nicht signiert] FirewallRules: [{CD3E6DC6-1C71-4147-96FF-4E5BC2D6E778}] => (Allow) C:\Program Files\Elgato\Volume Controller\ElgatoAudioControlServer.exe (Corsair Memory, Inc. -> ) FirewallRules: [{45CE4F1F-64A9-4B37-A46B-B60828E1D587}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS) FirewallRules: [{88961722-D383-460A-B510-C4319F44FC3A}] => (Allow) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) FirewallRules: [{774DDC58-7F25-472F-AAA5-F1F5D18FE848}] => (Allow) C:\Program Files\Elgato\WaveLink\WaveLink.exe (Corsair Memory, Inc. -> Corsair Memory, Inc) FirewallRules: [{09D0F5FE-091F-4FBA-ADDC-ED75FC34BA15}] => (Allow) E:\Battlefield 2042\BF2042_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{62DD3B4B-CA7A-4877-8336-FDDE6D41B90A}] => (Allow) E:\Battlefield 2042\BF2042_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{46D24B9B-5A2B-413D-9223-E79993BDB019}] => (Allow) E:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert] FirewallRules: [{1EF846D0-2FB3-47A6-8C7A-20499F4EAC12}] => (Allow) E:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert] FirewallRules: [{71BD6EC9-779D-4A09-ABAA-326C9E7948DD}] => (Allow) E:\SteamLibrary\steamapps\common\Ben and Ed - Blood Party\BaEBloodParty.exe () [Datei ist nicht signiert] FirewallRules: [{4944B0DB-3997-49C4-91E1-999DBBBAD006}] => (Allow) E:\SteamLibrary\steamapps\common\Ben and Ed - Blood Party\BaEBloodParty.exe () [Datei ist nicht signiert] FirewallRules: [{C85901DC-7D08-49B5-B1B7-F39EAD29C111}] => (Allow) E:\SteamLibrary\steamapps\common\Metro Exodus\MetroExodus.exe (4A Games) [Datei ist nicht signiert] FirewallRules: [{035C974D-16DC-427E-9B53-539F30082F3E}] => (Allow) E:\SteamLibrary\steamapps\common\Metro Exodus\MetroExodus.exe (4A Games) [Datei ist nicht signiert] FirewallRules: [{3FCC6D55-2710-4218-BE3E-230B8E87340E}] => (Allow) C:\Users\zigle\AppData\Local\Programs\Opera GX\100.0.4815.44\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{08D78649-4403-4CDB-94DB-01D0CEFB835E}] => (Allow) C:\Program Files (x86)\Overwolf\0.226.1.3\OverwolfBrowser.exe => Keine Datei FirewallRules: [{59DF131C-9E8B-4CCD-B171-FA1CF2D1F099}] => (Allow) C:\Program Files (x86)\Overwolf\0.226.1.3\OverwolfBrowser.exe => Keine Datei FirewallRules: [{9EA17089-1861-4D15-BB6C-34947D353C8F}] => (Block) C:\Program Files (x86)\Overwolf\0.226.1.3\OverwolfBrowser.exe => Keine Datei FirewallRules: [{AC5335C2-D817-4837-9934-57E5A8838380}] => (Block) C:\Program Files (x86)\Overwolf\0.226.1.3\OverwolfBrowser.exe => Keine Datei FirewallRules: [{3703FDA3-8BA7-4A14-88E6-A743E565B715}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.33\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{80487684-9616-428C-BAD7-84428CF52F84}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.33\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{EDEEF0AF-FEE6-43DC-BDEB-1DFF27E4F7E3}] => (Block) C:\Program Files (x86)\Overwolf\0.223.0.33\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{E27B2815-93F3-4850-B218-3CF86EF88665}] => (Block) C:\Program Files (x86)\Overwolf\0.223.0.33\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{C92516EF-5C47-420C-B753-65AFF63C0951}] => (Allow) C:\Program Files (x86)\Overwolf\0.228.0.20\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{B47A5ADF-9A3E-474D-A194-93FA6D74584F}] => (Allow) C:\Program Files (x86)\Overwolf\0.228.0.20\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{DCA04AD8-FF57-481A-B665-F8BB50EF6FE1}] => (Allow) E:\SteamLibrary\steamapps\common\DRAGON BALL Z KAKAROT\AT.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{EA4B1ECE-7039-4D2C-B441-D894734C9F38}] => (Allow) E:\SteamLibrary\steamapps\common\DRAGON BALL Z KAKAROT\AT.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{E3B49D5B-5C61-4A7C-B039-7430B2E39E27}] => (Allow) C:\Users\zigle\AppData\Local\Programs\Opera GX\100.0.4815.82\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{A9B421A3-A89E-40B0-BB43-4BF695699DB4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\UNO\uno.exe (Chengdu Ubisoft Software Co., Ltd. -> ) FirewallRules: [{9528608C-61BB-434C-B1D8-82E850A53D0A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\UNO\uno.exe (Chengdu Ubisoft Software Co., Ltd. -> ) FirewallRules: [{2FF3C705-EF27-41D0-9B5E-18E2EF5B736C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{A4E4A288-E695-4518-97B5-CFE22356E322}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{29540877-D493-4026-A995-B8A9110B03A5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23195.1506.2253.6778_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{39310446-BC0A-453E-946A-07B7CEA943AD}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23195.1506.2253.6778_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B7263FD7-934D-4DB0-9EE5-1A8897DF4FD7}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe (DOS SANTOS DA SILVA ALFREDO -> Carifred.com) FirewallRules: [{588AB9F0-E4A1-4783-AD64-969EC3819EB6}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe (DOS SANTOS DA SILVA ALFREDO -> Carifred.com) FirewallRules: [{4BF643BE-4DEA-4A8D-93E7-205AAC76EC02}] => (Allow) C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe (DOS SANTOS DA SILVA ALFREDO -> Carifred.com) FirewallRules: [{3B74A9B1-05BD-4315-A1BA-88EDC2D1B881}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23195.1511.2279.823_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FCAC9836-5012-40C7-B1BE-6B288B12E2E3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23195.1511.2279.823_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Wiederherstellungspunkte ========================= 02-08-2023 13:56:56 Removed Kaspersky Password Manager ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: Sonic Studio Virtual Mixer Description: Sonic Studio Virtual Mixer Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Nahimic Service: AVoluteSS3Vad Problem: : Windows cannot initialize the device driver for this hardware. (Code 37) Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (08/03/2023 04:31:47 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-OCHEK1J$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Thu, 03 Aug 2023 14:31:47 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 2d5a105c-ed9a-4cb6-9cd6-475372a35a36 Methode: GET(219ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (08/03/2023 04:31:46 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Thu, 03 Aug 2023 14:31:45 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 22a18417-770a-4de0-a5b7-fdd30e11a27e Methode: GET(515ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (08/02/2023 02:01:31 PM) (Source: CAM Service) (EventID: 1) (User: ) Description: request thread encountered an error: Failed to send result: io error: Die Pipe wird gerade geschlossen. (os error 232) Error: (08/02/2023 02:00:07 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-OCHEK1J$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Wed, 02 Aug 2023 12:00:10 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: e1325040-1bae-4c03-a21c-15fb089a68b4 Methode: GET(219ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (08/02/2023 02:00:06 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT) Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Wed, 02 Aug 2023 12:00:09 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: fab3b795-21fe-401b-9b46-8702c756d79b Methode: GET(672ms) Phase: GetCACaps Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (08/02/2023 01:59:21 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (08/02/2023 01:59:21 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (08/02/2023 01:56:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary klupd_Kaspersky4Win-21-13_mark. System Error: Das System kann die angegebene Datei nicht finden. . Systemfehler: ============= Error: (08/03/2023 04:31:34 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT-AUTORITÄT) Description: Der Ereignisprotokollierungsdienst hat einen Fehler beim Initialisieren der Veröffentlichung von Ressourcen für Kanal "Nefarius-Drivers-HidHideClient/Diagnostic" erkannt. Falls ein direkter Kanal festgelegt ist, kann dies ein Hinweis darauf sein, dass auch das Protokollieren der Ressourcen nicht initialisiert werden konnte. Error: (08/03/2023 04:31:34 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT-AUTORITÄT) Description: Der Ereignisprotokollierungsdienst hat einen Fehler beim Initialisieren der Veröffentlichung von Ressourcen für Kanal "Nefarius-Drivers-HidHide/Diagnostic" erkannt. Falls ein direkter Kanal festgelegt ist, kann dies ein Hinweis darauf sein, dass auch das Protokollieren der Ressourcen nicht initialisiert werden konnte. Error: (08/03/2023 01:24:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/03/2023 01:24:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Corsair Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/03/2023 01:24:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert. Error: (08/03/2023 01:24:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Logi Facecam Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/03/2023 01:24:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Razer Chroma SDK Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/03/2023 01:24:09 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Razer Chroma SDK Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Windows Defender: ================ Date: 2023-08-02 14:21:36 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {8F86353E-C511-4E75-9ED7-214943F48DD2} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2023-08-02 01:48:40 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {AF4A550D-B587-48F0-B572-700023574E4B} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Event[0] Date: 2023-08-02 01:54:36 Description: Microsoft Defender Antivirus Ressourcenmonitor: Der Arbeitsspeicherverbrauch hat das Limit überschritten. Trefferanzahl: 50 Aktueller Schwellenwert: 3145780 Date: 2023-08-02 01:54:36 Description: Microsoft Defender Antivirus Ressourcenmonitor: Der Arbeitsspeicherverbrauch hat das Limit überschritten. Trefferanzahl: 49 Aktueller Schwellenwert: 3145780 Date: 2023-08-02 00:59:28 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.387.1965.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.20200.4 Fehlercode: 0x80072f8f Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten. Date: 2023-08-02 00:59:28 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.387.1965.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiSpyware Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.20200.4 Fehlercode: 0x80072f8f Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten. Date: 2023-08-02 00:59:28 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.387.1965.0 Update Source: Microsoft Center zum Schutz vor Schadsoftware Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.20200.4 Fehlercode: 0x80072f8f Fehlerbeschreibung: Es ist ein Sicherheitsfehler aufgetreten. CodeIntegrity: =============== Date: 2023-08-02 13:56:21 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\com_antivirus.dll that did not meet the Windows signing level requirements. Date: 2023-08-02 13:25:37 Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\com_antivirus.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 2423 08/10/2021 Hauptplatine: ASUSTeK COMPUTER INC. ROG STRIX B550-F GAMING Prozessor: AMD Ryzen 7 5800X 8-Core Processor Prozentuale Nutzung des RAM: 27% Installierter physikalischer RAM: 32682.69 MB Verfügbarer physikalischer RAM: 23661.38 MB Summe virtueller Speicher: 37546.69 MB Verfügbarer virtueller Speicher: 26123.49 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:221.58 GB) (Free:35.84 GB) (Model: KINGSTON SA400M8240G) NTFS Drive d: () (Fixed) (Total:929.87 GB) (Free:814.32 GB) (Model: Microsoft Storage Space Device) NTFS Drive e: (Volume) (Fixed) (Total:931.5 GB) (Free:73.01 GB) (Model: WD_BLACK SN850 1TB) NTFS \\?\Volume{7431e8b2-f7ba-481b-9eca-c95141dcc22d}\ (Windows RE tools) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS \\?\Volume{1487ec54-7e38-4cf1-a652-f2be4145d632}\ () (Fixed) (Total:0.64 GB) (Free:0.08 GB) NTFS \\?\Volume{fa1d6e09-fd90-480a-88b1-53b44e1d8096}\ () (Fixed) (Total:0.67 GB) (Free:0.21 GB) NTFS \\?\Volume{addba845-9620-47db-a7a6-09e3f0c0eae4}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. ==================== Ende von Addition.txt ======================= |
03.08.2023, 20:18 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner Trojan.Multi.BroSubsc.gen System aufräumen: unnötige und veraltete Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren:
__________________ Logfiles bitte immer in CODE-Tags posten |
03.08.2023, 20:24 | #15 |
| Trojaner Trojan.Multi.BroSubsc.gen Ist das ein muss ? und der trojaner ist weg ? |
Themen zu Trojaner Trojan.Multi.BroSubsc.gen |
antivirus, channel, cloud protection, current, defender, desinfizieren, domain, engine, event, kaspersky, offline, product, programdata, protection, provider, scan, scans, security, troja, trojaner, update, value, version, windows, windows defender |