|
Mülltonne: Infektion durch Audacity von falscher Website / Windows CD von ebay?Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
17.08.2023, 00:33 | #1 |
| Infektion durch Audacity von falscher Website / Windows CD von ebay? Guten Abend allerseits, seitdem mein PC mal geredet hat und dabei auch meinen korrekten Vornamen erwähnt hat, lässt mich das Gefühl nicht mehr los dass mein System evtl. kompromittiert sein könnte. Klar gibt es Sprachassistenten wie Cortana etc. Dieser habe ich allerdings bewusst nie eingerichtet/genützt. Im Gegenteil, sogar deaktiviert. Ich habe das damals (31.10.2021) sogar mit ShadowPlay's Videobeweis aufzeichnen können. (/watch?v=_x4W9KF7TfA) (Meine Namen habe ich rausgeschnitten) Zu dem Zeitpunkt war ich gerade AFK aber konnte es trotzdem aus einem anderen Raum hören. Komischer Weise hat diese Stimme nur das von sich gegeben, obwohl man ja vom Kontext denken könnte, dass noch etwas darauf folgen sollte. Seitdem hab ich sie nie wieder gehört.. Mögliche Gründe für eine Infektion: 1.) Ich habe mir mal die Software "Audacity" runtergeladen. Nun hab ich letztens gehört, dass die offizielle Seite "audacityteam.org" und nicht "audacity.de" ist (Diese aber als erster Treffer bei Google angezeigt wird) und dass diese Seite Malware verbreitet. Ich bin mir nicht mehr 100%ig sicher von welcher Seite ich sie geladen habe, allerdings kann ich nicht ausschließen sie von der fake Seite geladen zu haben. 2.) Ich habe damals, am 14.01.2016, meine Windows 7 CD über ebay für ca 25€ gekauft. Ich konnte die Rechnung noch in meinen E-mails finden. Hier ein paar Infos über die Firma: point4software.de Steuer-Nr. 117/216/90336 UStID-Nr DE128121661 Produktname: Windows 7 Professional inkl. DVD Multilingual SP1 & COA KEY 64-Bit Mittlerweile hab ich allerdings Windows 10 Pro (22H2) laufen. (Ich hatte damals meine Platte mit Truecrypt verschlüsselt, für das Upgrade musste ich sie entschlüsseln. Seitdem ist meine Platte nicht mehr verschlüsselt) Wäre es durch eine kompromittierte Windows-CD möglich, Malware ins UEFI zu bekommen, sodass selbst eine Neuinstallation des OS sie nicht entfernen könnte? Und wäre es möglich so eine Infektion zu erkennen? Danke schon mal im Voraus. FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2023 01 durchgeführt von zeu5 (Administrator) auf ZEU5-PC (17-08-2023 00:45:17) Gestartet von C:\Users\zeu5\Desktop\FRST64.exe Geladene Profile: zeu5 Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6> (C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> The Qt Company Ltd.) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebEngineProcess.exe <2> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Discord Inc. -> Discord Inc.) C:\Users\zeu5\AppData\Local\Discord\app-1.0.9016\Discord.exe <6> (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <45> (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (explorer.exe ->) (Voyetra Turtle Beach, Inc. -> ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\ROCCAT_Swarm_Monitor.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (EAM Experience Area Münsingen GmbH -> ) C:\Program Files (x86)\bitbeans\Simple DNSCrypt\dnscrypt-proxy\dnscrypt-proxy.exe (services.exe ->) (EAM Experience Area Münsingen GmbH -> ) C:\Program Files (x86)\bitbeans\Simple DNSCrypt\dnscrypt-proxy\dnscrypt-proxy-secondary.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (services.exe ->) (Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1ddf203f8d876fdf\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Voyetra Turtle Beach, Inc. -> ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\ROCCAT_dev_service.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1085512 2015-01-12] (Heidi Computers Ltd -> The Eraser Project) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc -> Logitech Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822016 2016-06-02] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [357944 2022-02-08] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2756672 2016-03-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH -> Geek Software GmbH) HKLM-x32\...\Run: [Xtreme Tuner] => C:\Program Files (x86)\XtremeTuner\XtremeTuner_KFA2\Xtreme Tuner.exe [13153088 2022-10-11] (Galaxy Microsystems Ltd. -> Galaxy Microsystems Ltd) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4374376 2023-07-28] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Datei ist nicht signiert] HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\Run: [TrueCrypt] => C:\Program Files\TrueCrypt\TrueCrypt.exe [1516496 2016-04-19] (TrueCrypt Foundation -> TrueCrypt Foundation) HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [643200 2017-09-26] (OpenVPN Technologies, Inc. -> ) HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\Run: [Voobly] => C:\Program Files (x86)\Voobly\voobly.exe [172032 2022-01-22] (Voobly) [Datei ist nicht signiert] HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2635880 2023-08-15] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\Run: [Discord] => C:\Users\zeu5\AppData\Local\Discord\Update.exe [1525016 2022-10-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-1825835939-2990920891-3683691434-1002\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [643200 2017-09-26] (OpenVPN Technologies, Inc. -> ) HKU\S-1-5-21-1825835939-2990920891-3683691434-1002\...\Run: [EpicGamesLauncher] => "X:\Fortnite\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent (Keine Datei) HKU\S-1-5-21-1825835939-2990920891-3683691434-1002\...\Run: [Discord] => C:\Users\User2\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-1825835939-2990920891-3683691434-1002\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2635880 2023-08-15] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-1825835939-2990920891-3683691434-501\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [643200 2017-09-26] (OpenVPN Technologies, Inc. -> ) HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\Windows\system32\hpinkstsB011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): C:\Windows\system32\HPDiscoPMB011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\115.0.5790.173\Installer\chrmstp.exe [2023-08-16] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm Monitor.lnk [2022-09-06] ShortcutTarget: ROCCAT Swarm Monitor.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\ROCCAT_Swarm_Monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT) Startup: C:\Users\zeu5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\c.txt [2018-09-21] () [Datei ist nicht signiert] ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {07B14134-2868-4D6F-9335-88DB896C914C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {2D93AEF6-31EA-443D-8F9E-5984EC4FAE58} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {345D4DB0-47B4-4139-A13E-574AD3430F82} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {3EEE192D-A72B-4932-96F0-1421F8B315DA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {4BC5C2B4-2D31-489B-87F1-5E43DFC7FD68} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {5D446E10-922C-4993-8305-3BD8E28B6E47} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG Task: {79DF50D1-7F60-450C-91B6-0C8855084245} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {95555454-5D40-4CC8-8FCC-58AD1D43B87C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG Task: {9782878C-7AC9-4A91-9229-439BD8A9242D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {B9AE4E7E-58B7-4A48-9D52-2807241C2A58} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG Task: {C2F3EAAA-145C-4C69-B4DD-2383F515E7E1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG Task: {C31C66A1-C775-4DAC-B2EF-C4A45DEA2EF6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {CA84A3DA-B845-4E2D-BF8A-2533C7F2F002} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {F07FBCE6-8AD7-4506-9F37-C0D50537B8F3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {4E99B99D-2A88-48C6-83FA-BD772B87A0C6} - System32\Tasks\{94A20BD4-4324-4F45-B5F5-8AE887CA71BE} => c:\program files (x86)\google\chrome\application\chrome.exe [3219224 2023-08-01] (Google LLC -> Google LLC) -> hxxps://ui.skype.com/ui/0/7.39.0.102/de/abandoninstall?page=tsProgressBar Task: {147D92C3-552B-4706-866C-16292146D42E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.) Task: {1176E6F5-C172-4FF0-89D6-2551600F2F9F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-18] (Google Inc -> Google Inc.) Task: {6AC9BCAC-1DF8-4719-AA25-29A26F6E203C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-18] (Google Inc -> Google Inc.) Task: {271FE3EA-F11B-4C08-A529-DA9767748999} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation) Task: {05800047-1DC6-4C3F-ABFC-2FC2005211BA} - System32\Tasks\JumpingBytes\PureSyncExit => "C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncAdmin.exe" exit (Keine Datei) Task: {AE1BD4C0-3A2D-43E5-9699-A2C5DDF0B46D} - System32\Tasks\JumpingBytes\PureSyncVSS => "C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncVSSStart.exe" (Keine Datei) Task: {57622D0D-601F-4662-AB12-95502AD57410} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [131776 2016-03-22] (Microsoft Corporation -> Microsoft Corporation) Task: {DE8E9D81-2F0F-487B-9E8A-380949A801B2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {5292534F-6975-4023-8066-7A772ADB0DEA} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc Task: {5292534F-6975-4023-8066-7A772ADB0DEA} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun Task: {5292534F-6975-4023-8066-7A772ADB0DEA} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData Task: {254D6AC0-4FD5-4EAA-ACA0-9C6FDFC384E2} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Keine Datei) Task: {31DAD7C3-2DBD-4E81-9477-4AFCF79EA62A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Keine Datei) Task: {1C29C513-F56F-4E6C-B2E0-BD90A8DCBE0B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Keine Datei) Task: {3864E0E9-3176-4045-BB21-B90FDB9BC102} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Keine Datei) Task: {CCEC1C27-D412-434B-B7F4-8016BE8A5E92} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Keine Datei) Task: {571F7E0A-19E5-469A-8009-F1FC5883EAFA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Keine Datei) Task: {E29EA717-1A7C-46D6-A9B7-5B384C46206D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 (Keine Datei) Task: {A55ADF92-B9E2-42CB-AA03-CAF9C9DF35BD} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Keine Datei) Task: {8F336CB5-612C-4566-925C-54B2C21D8BA4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Keine Datei) Task: {B5B789A9-2F4E-40E1-8CB5-7E75CBD9256E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Keine Datei) Task: {12FCCC4E-7739-4A3F-9187-9D1697331D07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Keine Datei) Task: {8E916F94-4289-4A91-B08B-3115F2C86DEF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (Keine Datei) Task: {B6DC20AF-F752-4E1E-B334-517AEF57ADA3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Keine Datei) Task: {73232F6A-83B1-483C-AB1A-00474A9C9946} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Keine Datei) Task: {6A1399CB-2289-4318-B94E-DA25B6EB5B9D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (Keine Datei) Task: {4D2CCA8F-9F2D-42D6-A1D9-41090A8D0C2A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Keine Datei) Task: {1C5A2937-075B-4FD0-8A43-1289E5358E9A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Keine Datei) Task: {D05AFA50-310C-4861-A1EC-BE3E4A378156} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (Keine Datei) Task: {89554DD4-A8F7-4CE5-9269-28D38AE606C3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Keine Datei) Task: {DFAB0DFD-A55C-464F-80C8-0BC7071FF89D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Keine Datei) Task: {3CE1DD87-8A46-46F2-8CA5-4814E0B1963C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Keine Datei) Task: {CEC86DE4-E56F-407B-81EC-89AA46BE21A4} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Keine Datei) Task: {CEDEBDB7-0A55-4EA4-9891-FB25E0794DC5} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {8B75F445-3885-4965-BBCE-C6950FA2FD3D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {C441F691-96A0-4FEE-96A4-3EC4C0D6E601} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {1269C3A7-0046-4C92-B363-89AC755FB625} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {437E061C-2C1C-4B1E-8F48-3BFC1508477D} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {53F9B65C-2DAD-4D89-A746-E997D1B4E367} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [686496 2023-08-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {4AABCB1D-210C-4A37-BB5F-0FC31DE51DD4} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-13] (Mozilla Corporation -> Mozilla Foundation) Task: {9CF29BA9-5828-4D4B-AB21-A32C3884F1AA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {36ACE0DA-12A7-42F8-B68C-3025D45AA1F4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {4660E095-A046-42FF-9BE9-304F492A50D9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {02227CB5-C798-49EF-A1EA-AA08BCB5169E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {08CEA8C0-ABB0-4530-B32A-47349EFF8E9D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {90DCC428-4A9B-49A7-ACA9-139F827B820E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AB001AC2-CC30-4D4B-9D59-041E8B2AABF8} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D9D57915-F854-4FB0-B548-57C475A73AC2} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3D8A0C5F-DFBE-405B-8BDA-028A6567C7C8} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C3D65DC4-84B7-4767-9DDC-712326DEA611} - System32\Tasks\ROCCAT DEVICE SERVICE => C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\ROCCAT_dev_service.exe [459672 2023-03-21] (Voyetra Turtle Beach, Inc. -> ROCCAT) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{5e68d4bf-e482-4a4f-b261-23ee4e12302e}: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{904dfac8-2ce9-4fa3-bdc2-89800e982318}: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{a10d5e64-8e40-470b-a4d8-f6a19cb3b876}: [DhcpNameServer] 172.16.32.1 Edge: ======= Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden] Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden] Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden] Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden] Edge Profile: C:\Users\zeu5\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-06] FireFox: ======== FF DefaultProfile: f4ayicbe.default FF ProfilePath: C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default [2023-08-13] FF Homepage: Mozilla\Firefox\Profiles\f4ayicbe.default -> about:blank FF Session Restore: Mozilla\Firefox\Profiles\f4ayicbe.default -> ist aktiviert. FF Extension: (Firefox Multi-Account Containers) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\@testpilot-containers.xpi [2023-04-02] FF Extension: (Self-Destructing Cookies) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2017-03-26] [] FF Extension: (Sahara Sand) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\{2ddbcb89-c6c1-4c0e-a146-21ba9bcd99ef}.xpi [2021-09-17] FF Extension: (LUCKY GREEN BAMBOO) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\{467445da-90dc-4c83-8dbf-76af093ef933}.xpi [2021-09-17] FF Extension: (NoScript) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2023-07-25] FF Extension: (Simple) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\{88294732-0365-48ab-a395-c1dbce968beb}.xpi [2021-09-17] FF Extension: (Simple Dark Blue Theme) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\{9c37e35c-4966-49bf-a5b3-dbc794a6282c}.xpi [2021-09-17] FF Extension: (puits bleu d'infini) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\{b3994f5b-c557-4b30-b0e1-1db9098f690e}.xpi [2021-09-17] FF Extension: (Video DownloadHelper) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-07-12] FF Extension: (Fresh Green Leaves) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\{bc45d3dd-3af3-48c2-ae95-8d68abbe9609}.xpi [2021-09-17] FF Extension: (Green) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\{c9bf0b1e-8c72-4721-894e-1ce2e22afbce}.xpi [2021-09-17] FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-20] FF Extension: (Dark Fox) - C:\Users\zeu5\AppData\Roaming\Mozilla\Firefox\Profiles\f4ayicbe.default\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-09-17] FF Extension: (New Tab by Yahoo) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2016-05-30] [] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-01] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Profile 7 CHR Profile: C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-04-28] CHR Profile: C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-08-17] CHR DefaultSearchURL: Profile 1 -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default CHR DefaultSearchKeyword: Profile 1 -> Yahoo CHR DefaultSuggestURL: Profile 1 -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Session Restore: Profile 1 -> ist aktiviert. CHR Extension: (Google Docs Offline) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-21] CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-08-10] CHR Extension: (Yahoo Partner) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh [2019-10-02] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 2 [2016-05-21] CHR Extension: (Google Präsentationen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-03] CHR Extension: (Google Docs) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-03] CHR Extension: (Google Drive) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-03] CHR Extension: (YouTube) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-03] CHR Extension: (Google Tabellen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-03] CHR Extension: (Google Docs Offline) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-09] CHR Extension: (Skype) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-09] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-03] CHR Extension: (Google Mail) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-03] CHR Profile: C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 3 [2016-09-17] CHR DefaultSearchURL: Profile 3 -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default CHR DefaultSearchKeyword: Profile 3 -> Yahoo CHR DefaultSuggestURL: Profile 3 -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Profile: C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-06-20] CHR DefaultSearchURL: Profile 4 -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default CHR DefaultSearchKeyword: Profile 4 -> Yahoo CHR DefaultSuggestURL: Profile 4 -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Extension: (Präsentationen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-20] CHR Extension: (Docs) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-20] CHR Extension: (Google Drive) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-17] CHR Extension: (YouTube) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-17] CHR Extension: (Adblock Plus) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-06-20] CHR Extension: (Adobe Acrobat) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03] CHR Extension: (Tabellen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-20] CHR Extension: (Google Docs Offline) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-17] CHR Extension: (Yahoo Partner) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh [2018-06-20] CHR Extension: (Skype) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-06-20] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-20] CHR Extension: (Google Mail) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-17] CHR Extension: (Chrome Media Router) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-20] CHR Profile: C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5 [2020-10-01] CHR DefaultSearchURL: Profile 5 -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default CHR DefaultSearchKeyword: Profile 5 -> Yahoo CHR DefaultSuggestURL: Profile 5 -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Extension: (Präsentationen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-30] CHR Extension: (Docs) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-30] CHR Extension: (Google Drive) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-09] CHR Extension: (YouTube) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-09] CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-30] CHR Extension: (Tabellen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-30] CHR Extension: (Google Docs Offline) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-30] CHR Extension: (Yahoo Partner) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh [2017-03-08] CHR Extension: (Skype) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2020-09-30] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-30] CHR Extension: (Google Mail) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-09-30] CHR Extension: (Chrome Media Router) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-30] CHR Profile: C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 6 [2020-05-20] CHR Extension: (Präsentationen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-04] CHR Extension: (Docs) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-04] CHR Extension: (Google Drive) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-06] CHR Extension: (YouTube) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-06] CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-09] CHR Extension: (Tabellen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-04] CHR Extension: (Google Docs Offline) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-23] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-09] CHR Extension: (Google Mail) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-27] CHR Extension: (Chrome Media Router) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-23] CHR Profile: C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 7 [2023-08-17] CHR Session Restore: Profile 7 -> ist aktiviert. CHR Extension: (Google Docs Offline) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-21] CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-08-10] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\zeu5\AppData\Local\Google\Chrome\User Data\System Profile [2021-04-28] CHR HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9884424 2022-11-16] (BattlEye Innovations e.K. -> ) R2 dnscrypt-proxy; C:\Program Files (x86)\bitbeans\Simple DNSCrypt\dnscrypt-proxy\dnscrypt-proxy.exe [243400 2017-01-21] (EAM Experience Area Münsingen GmbH -> ) R2 dnscrypt-proxy-secondary; C:\Program Files (x86)\bitbeans\Simple DNSCrypt\dnscrypt-proxy\dnscrypt-proxy-secondary.exe [243400 2017-01-21] (EAM Experience Area Münsingen GmbH -> ) R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [10933864 2023-08-15] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-08-09] (EasyAntiCheat Oy -> Epic Games, Inc) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc -> Logitech Inc.) S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] () [Datei ist nicht signiert] R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73856 2017-09-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73856 2017-09-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH -> Geek Software GmbH) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-11-29] (Rockstar Games, Inc. -> Rockstar Games) [Datei ist nicht signiert] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1ddf203f8d876fdf\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1ddf203f8d876fdf\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AppleIPod; C:\WINDOWS\System32\drivers\AppleIPod.sys [30096 2021-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> ) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [63032 2022-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 HWiNFO; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [55960 2018-09-19] (Martin Malik - REALiX -> REALiX(tm)) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc -> Logitech Inc.) R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (ManyCam LLC -> Visicom Media Inc.) R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (ManyCam LLC -> Visicom Media Inc.) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) S3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc) S3 RzDev_0046; C:\WINDOWS\System32\drivers\RzDev_0046.sys [51184 2018-03-20] (Razer USA Ltd. -> Razer Inc) S3 RzDev_006c; C:\WINDOWS\System32\drivers\RzDev_006c.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11376 2022-05-21] () [Datei ist nicht signiert] R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [323072 2023-07-12] (Microsoft Windows -> Microsoft Corporation) R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [48320 2018-08-20] (SteelSeries ApS -> ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> ) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49152 2020-08-22] (Microsoft Corporation) [Datei ist nicht signiert] S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 cpuz141; \??\C:\Users\zeu5\AppData\Local\Temp\cpuz141\cpuz141_x64.sys [X] <==== ACHTUNG S3 glavcam; \SystemRoot\system32\DRIVERS\glavcam.sys [X] U3 idsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-08-17 00:45 - 2023-08-17 00:48 - 000049112 _____ C:\Users\zeu5\Desktop\FRST.txt 2023-08-17 00:44 - 2023-08-17 00:47 - 000000000 ____D C:\FRST 2023-08-17 00:41 - 2023-08-17 00:41 - 003810770 _____ C:\Users\zeu5\Desktop\FB08.zip 2023-08-17 00:39 - 2023-08-17 00:39 - 002385408 _____ (Farbar) C:\Users\zeu5\Desktop\FRST64.exe 2023-08-17 00:13 - 2023-08-17 00:36 - 000000350 _____ C:\Users\zeu5\Desktop\TB Post.txt 2023-08-16 20:33 - 2023-08-16 20:33 - 002665802 _____ C:\Users\zeu5\Downloads\2023-08-16 Dienststellen Beschreibungen.pdf 2023-08-16 01:54 - 2023-08-16 02:05 - 000000000 ____D C:\Users\zeu5\Documents\Visual Studio 2015 2023-08-15 23:32 - 2023-08-16 00:35 - 000000000 ____D C:\Users\zeu5\Desktop\PDFs 2023-08-13 12:18 - 2023-08-05 22:55 - 001487472 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2023-08-13 12:18 - 2023-08-05 22:55 - 001226864 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2023-08-13 12:18 - 2023-08-05 22:55 - 000849080 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2023-08-13 12:18 - 2023-08-05 22:55 - 000849080 _____ C:\WINDOWS\system32\vulkaninfo.exe 2023-08-13 12:18 - 2023-08-05 22:55 - 000713912 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2023-08-13 12:18 - 2023-08-05 22:55 - 000713912 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2023-08-13 12:18 - 2023-08-05 22:55 - 000653504 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2023-08-13 12:18 - 2023-08-05 22:55 - 000653504 _____ C:\WINDOWS\system32\vulkan-1.dll 2023-08-13 12:18 - 2023-08-05 22:55 - 000637112 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2023-08-13 12:18 - 2023-08-05 22:55 - 000637112 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2023-08-13 12:18 - 2023-08-05 22:51 - 000920712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2023-08-13 12:18 - 2023-08-05 22:51 - 000668792 _____ C:\WINDOWS\system32\nvofapi64.dll 2023-08-13 12:18 - 2023-08-05 22:51 - 000503928 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2023-08-13 12:18 - 2023-08-05 22:50 - 001621616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2023-08-13 12:18 - 2023-08-05 22:50 - 001538072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2023-08-13 12:18 - 2023-08-05 22:50 - 001195024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2023-08-13 12:18 - 2023-08-05 22:50 - 000992376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2023-08-13 12:18 - 2023-08-05 22:50 - 000776328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2023-08-13 12:18 - 2023-08-05 22:50 - 000769160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2023-08-13 12:18 - 2023-08-05 22:49 - 014520856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2023-08-13 12:18 - 2023-08-05 22:49 - 012066952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2023-08-13 12:18 - 2023-08-05 22:49 - 006190616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2023-08-13 12:18 - 2023-08-05 22:49 - 003483160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2023-08-13 12:18 - 2023-08-05 22:49 - 000459376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2023-08-13 12:18 - 2023-08-05 22:48 - 005845104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2023-08-13 12:18 - 2023-08-05 22:48 - 005550728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2023-08-13 12:18 - 2023-08-05 22:48 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2023-08-13 12:18 - 2023-08-05 22:46 - 006738136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2023-08-13 12:17 - 2023-08-05 06:08 - 000108142 _____ C:\WINDOWS\system32\nvinfo.pb 2023-08-13 12:14 - 2023-08-14 13:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2023-08-13 12:09 - 2023-08-13 12:09 - 000000000 ____D C:\WINDOWS\LastGood 2023-08-12 23:33 - 2023-08-12 23:34 - 017197289 _____ C:\Users\zeu5\Documents\russell1953 Impact of science on society.pdf 2023-08-08 23:38 - 2023-08-08 23:38 - 000000000 ___HD C:\$WinREAgent 2023-08-03 14:17 - 2023-08-16 17:33 - 000000000 ____D C:\Users\zeu5\AppData\Local\DayZ 2023-08-03 14:17 - 2023-08-03 14:18 - 000000000 ____D C:\Users\zeu5\Documents\DayZ 2023-07-31 12:23 - 2023-07-31 12:23 - 000021274 _____ C:\Users\zeu5\Downloads\2110_sd0006_Ansuchen_Kostenrueckersatz_allgemein (3).pdf 2023-07-28 23:49 - 2023-07-28 23:51 - 001862356 _____ C:\WINDOWS\Minidump\072823-53500-01.dmp 2023-07-28 00:51 - 2023-07-28 00:54 - 000079935 _____ C:\Users\zeu5\Downloads\vokabeln.xlsx 2023-07-26 21:20 - 2023-07-26 21:20 - 000000000 ____D C:\Users\zeu5\PycharmProjects 2023-07-26 21:20 - 2023-07-26 21:20 - 000000000 ____D C:\Users\zeu5\AppData\Local\pypa 2023-07-26 21:19 - 2023-08-16 12:39 - 000000000 ____D C:\Users\zeu5\AppData\Roaming\JetBrains 2023-07-26 21:16 - 2023-08-16 12:39 - 000000000 ____D C:\Program Files\JetBrains 2023-07-26 21:08 - 2023-07-26 21:11 - 436149392 _____ C:\Users\zeu5\Downloads\pycharm-community-2023.2.exe 2023-07-26 18:54 - 2023-07-26 18:54 - 025426160 _____ (Python Software Foundation) C:\Users\zeu5\Downloads\python-3.11.4-amd64.exe 2023-07-24 23:43 - 2023-08-03 14:22 - 000000000 ____D C:\Users\zeu5\AppData\Local\Bohemia_Interactive_a.s ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-08-17 00:41 - 2017-10-15 05:03 - 000000000 ____D C:\Users\zeu5\Desktop\Tor Browser 2023-08-17 00:37 - 2019-09-04 12:18 - 000000000 ____D C:\Users\zeu5\AppData\Local\DayZ Launcher 2023-08-17 00:37 - 2016-04-20 01:32 - 000000000 ____D C:\Program Files (x86)\Steam 2023-08-17 00:33 - 2021-04-08 13:29 - 000000000 ____D C:\Users\zeu5\Documents\ActivePresenter Templates 2023-08-17 00:32 - 2021-04-08 13:29 - 000000000 ____D C:\Users\zeu5\Documents\ActivePresenter 2023-08-17 00:32 - 2021-04-08 13:29 - 000000000 ____D C:\Users\zeu5\AppData\Roaming\ActivePresenter 2023-08-17 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-08-17 00:23 - 2022-11-12 18:23 - 000000000 ____D C:\Users\zeu5\AppData\Local\Discord 2023-08-17 00:19 - 2021-12-18 03:55 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-08-17 00:19 - 2016-04-19 23:35 - 000000000 ____D C:\Program Files (x86)\Google 2023-08-16 23:57 - 2016-05-02 01:25 - 000049118 _____ C:\Users\zeu5\Documents\passes.kdbx 2023-08-16 23:57 - 2016-04-20 02:03 - 000000000 ____D C:\Users\zeu5\AppData\Roaming\KeePass 2023-08-16 22:08 - 2022-11-12 18:25 - 000000000 ____D C:\Users\zeu5\AppData\Roaming\discord 2023-08-16 22:08 - 2016-04-25 20:03 - 000000000 ____D C:\ProgramData\NVIDIA 2023-08-16 20:03 - 2020-08-22 00:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-08-16 19:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-08-16 19:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-08-16 12:40 - 2016-04-22 02:31 - 000000000 ____D C:\Users\zeu5\AppData\Local\FluxSoftware 2023-08-16 12:24 - 2017-08-18 17:33 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-08-16 02:08 - 2017-03-20 20:34 - 000000000 ____D C:\Users\zeu5\AppData\Local\tr4bant_s_NOTEBlock 2023-08-16 01:45 - 2016-09-07 20:59 - 000000000 ____D C:\Program Files (x86)\Audacity 2023-08-16 01:25 - 2016-05-11 00:21 - 000000000 ____D C:\Users\zeu5\Desktop\Ärzte 2023-08-16 00:30 - 2016-05-02 01:27 - 000000000 ____D C:\Users\zeu5\Documents\willhaben 2023-08-16 00:26 - 2021-09-10 23:41 - 000000000 ____D C:\Users\zeu5\Desktop\wd 2023-08-16 00:01 - 2023-02-21 20:06 - 000000000 ____D C:\Users\zeu5\Desktop\Neuer Ordner 2023-08-15 23:56 - 2020-06-03 11:56 - 000000000 ___RD C:\Users\zeu5\Desktop\Aa jonus Von der 2023-08-15 23:31 - 2023-07-06 12:08 - 000000000 ____D C:\Users\zeu5\Desktop\Kal excl 2023-08-15 20:40 - 2016-05-20 21:23 - 000000000 ____D C:\Users\zeu5\AppData\Local\CrashDumps 2023-08-15 13:03 - 2021-12-12 22:33 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1825835939-2990920891-3683691434-1000 2023-08-15 13:03 - 2020-08-22 01:24 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1825835939-2990920891-3683691434-1000 2023-08-15 13:03 - 2020-08-22 00:52 - 000002396 _____ C:\Users\zeu5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-08-14 15:48 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2023-08-14 13:57 - 2016-04-20 02:32 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-08-14 13:57 - 2016-04-20 02:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-08-13 12:22 - 2016-04-19 23:46 - 000000000 ____D C:\Users\zeu5\AppData\Local\NVIDIA 2023-08-13 12:10 - 2016-04-25 20:02 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2023-08-12 22:09 - 2016-11-23 18:08 - 000000000 ____D C:\Users\zeu5\AppData\LocalLow\Mozilla 2023-08-11 12:25 - 2020-06-08 12:44 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-08-10 21:26 - 2021-05-08 15:19 - 000007659 _____ C:\Users\zeu5\Desktop\vok.txt 2023-08-10 11:38 - 2016-04-20 01:39 - 000000000 ____D C:\Users\zeu5\AppData\Local\Steam 2023-08-10 01:19 - 2022-10-12 15:50 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-08-10 01:19 - 2020-08-22 01:24 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-08-09 11:08 - 2020-08-22 01:08 - 001916090 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-08-09 11:08 - 2019-12-07 16:51 - 000820582 _____ C:\WINDOWS\system32\perfh007.dat 2023-08-09 11:08 - 2019-12-07 16:51 - 000177114 _____ C:\WINDOWS\system32\perfc007.dat 2023-08-09 11:01 - 2020-08-22 01:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-08-09 11:01 - 2020-08-22 00:47 - 000008192 ___SH C:\DumpStack.log.tmp 2023-08-09 11:01 - 2016-10-27 23:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2023-08-09 01:28 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-08-09 01:25 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-08-09 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-08-09 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2023-08-09 01:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-08-09 01:03 - 2022-10-29 01:30 - 000000000 ____D C:\Users\zeu5\Desktop\Willhaben noch nicht hochgeladen 2023-08-09 00:58 - 2017-03-26 15:30 - 000000000 ____D C:\Users\zeu5\Desktop\sys 2023-08-09 00:00 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-08-08 23:54 - 2020-08-22 00:51 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-08-08 23:35 - 2016-04-20 11:14 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-08-08 23:27 - 2016-04-20 11:14 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-08-05 22:50 - 2023-03-23 19:03 - 002167928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2023-08-05 22:46 - 2020-07-19 14:23 - 007858216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2023-08-05 22:36 - 2016-05-11 13:53 - 000000000 ____D C:\Users\zeu5\AppData\Roaming\vlc 2023-08-05 06:08 - 2020-07-19 14:23 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2023-08-03 23:32 - 2020-08-22 00:47 - 000364328 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-08-03 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-08-03 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-08-03 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-08-03 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-08-03 23:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat 2023-08-03 14:18 - 2018-06-20 12:08 - 000000000 ____D C:\Users\zeu5\AppData\Local\D3DSCache 2023-08-02 10:09 - 2020-08-22 01:24 - 000003926 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2023-08-02 10:09 - 2020-08-22 01:24 - 000003802 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2023-07-29 00:29 - 2020-08-22 00:52 - 000000000 ____D C:\Users\zeu5 2023-07-28 23:52 - 2021-01-13 01:47 - 000000000 ____D C:\WINDOWS\Minidump 2023-07-28 23:49 - 2021-01-13 01:47 - 1643309528 _____ C:\WINDOWS\MEMORY.DMP 2023-07-28 00:07 - 2023-04-17 23:27 - 000000000 ____D C:\Users\zeu5\Desktop\MS 2023-07-26 21:05 - 2016-04-19 23:24 - 000000000 ____D C:\ProgramData\Package Cache 2023-07-23 21:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2006-12-11 19:13 - 2006-12-11 19:13 - 000097336 _____ (Un4seen Developments) C:\Users\zeu5\AppData\Local\bass.dll 2006-12-11 19:13 - 2006-12-11 19:13 - 000013872 _____ (Un4seen Developments) C:\Users\zeu5\AppData\Local\basscd.dll 2007-08-13 17:46 - 2007-08-13 17:46 - 000102912 _____ (Albert L Faber) C:\Users\zeu5\AppData\Local\CDRip.dll 2007-08-13 17:46 - 2007-08-13 17:46 - 000155136 _____ () C:\Users\zeu5\AppData\Local\lame_enc.dll 2007-01-18 21:09 - 2007-01-18 21:09 - 000623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\zeu5\AppData\Local\No23 Recorder.exe 2005-08-23 22:34 - 2005-08-23 22:34 - 000029184 _____ () C:\Users\zeu5\AppData\Local\no23xwrapper.dll 2006-10-26 01:06 - 2006-10-26 01:06 - 000015872 _____ () C:\Users\zeu5\AppData\Local\ogg.dll 2018-10-07 01:27 - 2022-10-23 14:57 - 000001474 _____ () C:\Users\zeu5\AppData\Local\RecConfig.xml 2017-05-11 22:57 - 2017-05-11 22:57 - 000000730 _____ () C:\Users\zeu5\AppData\Local\recently-used.xbel 2016-06-08 17:55 - 2017-11-27 23:50 - 000007600 _____ () C:\Users\zeu5\AppData\Local\Resmon.ResmonCfg 2023-06-19 09:43 - 2023-06-19 10:10 - 000000059 _____ () C:\Users\zeu5\AppData\Local\uts.ini 2006-10-26 01:06 - 2006-10-26 01:06 - 000143872 _____ () C:\Users\zeu5\AppData\Local\vorbis.dll 2006-10-26 01:06 - 2006-10-26 01:06 - 000064000 _____ () C:\Users\zeu5\AppData\Local\vorbisenc.dll 2006-10-26 01:06 - 2006-10-26 01:06 - 000019456 _____ () C:\Users\zeu5\AppData\Local\vorbisfile.dll ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== Teil 1: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-08-2023 01 durchgeführt von zeu5 (17-08-2023 00:50:03) Gestartet von C:\Users\zeu5\Desktop Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) (2020-08-21 23:24:50) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-1825835939-2990920891-3683691434-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1825835939-2990920891-3683691434-503 - Limited - Disabled) Gast (S-1-5-21-1825835939-2990920891-3683691434-501 - Limited - Enabled) => C:\Users\Gast User2 (S-1-5-21-1825835939-2990920891-3683691434-1002 - Limited - Enabled) => C:\Users\User2 WDAGUtilityAccount (S-1-5-21-1825835939-2990920891-3683691434-504 - Limited - Disabled) zeu5 (S-1-5-21-1825835939-2990920891-3683691434-1000 - Administrator - Enabled) => C:\Users\zeu5 ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) µTorrent (HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.) Active Directory Authentication Library für SQL Server (HKLM\...\{4E3C1E2A-1BC5-4A69-AF2C-BA4C5BD737C6}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden Active Directory Authentication Library für SQL Server (x86) (HKLM-x32\...\{ECDA2B3B-7692-4436-B4EF-26F5896F9BEE}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden ActivePresenter (HKLM\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 8.5.6 - Atomi Systems, Inc.) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.003.20269 - Adobe) Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Age of Mythology - The Titans Expansion (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: - ) Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - ) Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.1.3.3 - Electronic Arts, Inc.) Apple Mobile Device Support (HKLM\...\{82C2A7D9-6BFC-4BED-9EF9-C49780F02C3E}) (Version: 15.5.0.16 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 - Asmedia Technology) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ACHTUNG CPUID HWMonitor 1.46 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.46 - CPUID, Inc.) CrystalDiskMark 7.0.0h (HKLM\...\CrystalDiskMark7_is1) (Version: 7.0.0h - Crystal Dew World) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Devenv-Ressourcen für Microsoft Visual Studio 2015 (HKLM-x32\...\{FB44808B-AC6F-301D-806D-77815A51E242}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Discord (HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\Discord) (Version: 1.0.9007 - Discord Inc.) Discord (HKU\S-1-5-21-1825835939-2990920891-3683691434-1002\...\Discord) (Version: 1.0.9003 - Discord Inc.) Dotfuscator and Analytics Community Edition 5.19.1 (HKLM-x32\...\{2A7F99F6-88A4-4B44-B350-41C0B147A39C}) (Version: 5.19.1.3091 - PreEmptive Solutions) Hidden Dotfuscator and Analytics Community Edition Language Pack 5.19.1 de-DE (HKLM-x32\...\{9B01A53A-EAC9-46C3-B353-3754B7E76259}) (Version: 5.19.1.3091 - PreEmptive Solutions) Hidden EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.4.0.5517 - Electronic Arts) Hidden EA app (HKLM-x32\...\{643327aa-0d22-4bdd-82a4-d28be9d8fe50}) (Version: 13.4.0.5517 - Electronic Arts) Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Eraser 6.2.0.2962 (HKLM\...\{C6E287F1-2E47-45F0-BB51-94F815CFFB48}) (Version: 6.2.2962 - The Eraser Project) Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation) Erforderliche Komponenten für SSDT RC0 (HKLM-x32\...\{837FF5F6-F0CB-4C80-B003-65B14F1490FE}) (Version: 13.0.1100.286 - Microsoft Corporation) EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.) Exif Tag Remover 2.0 (HKLM-x32\...\Exif Tag Remover_is1) (Version: - RL Vision) Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GameRanger (HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\GameRanger) (Version: - GameRanger Technologies) Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.7 (HKLM-x32\...\{700CB796-ADE2-4B2B-BB55-B6F3C1197F7C}) (Version: 1.7.40113.5 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.173 - Google LLC) HP Deskjet 3520 series - Grundlegende Software für das Gerät (HKLM\...\{15B2F0E3-3FAC-4495-B0FD-398EECFA4100}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard) HWiNFO64 Version 5.88 (HKLM\...\HWiNFO64_is1) (Version: 5.88 - Martin Malík - REALiX) HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz) HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC) IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Intel(R) Chipset Device Software (HKLM\...\{8C91A5EB-2C62-4A6D-8802-CC79FD2ED390}) (Version: 10.1.1.7 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1163 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{A5536A08-5A7F-4330-8947-0372B500A3BD}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{C6C06C9F-B452-4C7A-AB83-F5931AB9B372}) (Version: 11.0.0.1163 - Intel Corporation) Hidden Intel(R) ME UninstallLegacy (HKLM\...\{94BC10B9-159A-44E8-BEA1-34BF765FEA58}) (Version: 1.0.1.0 - Intel Corporation) Hidden Intel(R) Network Connections 20.2.3001.0 (HKLM\...\{638A518B-0D2E-4143-ACF8-F3D83D822E85}) (Version: 20.2.3001.0 - Intel) Hidden Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4463 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel® Trusted Connect Service Client (HKLM\...\{7D84E343-A23D-451C-B123-0195B2D903A6}) (Version: 1.42.17.0 - Intel Corporation) Hidden iPod-Unterstützung (HKLM\...\{5530CCC4-99F6-4198-BB1B-F1F78D6BCA76}) (Version: 12.11.3.7 - Apple Inc.) iTunes (HKLM\...\{B71B64F9-B245-4E4B-802E-DB6AB834EA13}) (Version: 12.12.3.5 - Apple Inc.) KeePass Password Safe 2.32 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.32 - Dominik Reichl) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LibreOffice 5.0.6.3 (HKLM-x32\...\{900D9036-4EDA-45EC-A095-E8AFB25D807A}) (Version: 5.0.6.3 - The Document Foundation) LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere) Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.81 - Logitech Inc.) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.) ManyCam 3.0.80 (remove only) (HKLM-x32\...\ManyCam) (Version: 3.0.80 - ManyCam LLC) MediaHuman YouTube to MP3 Converter 3.9.9.84 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.84 - MediaHuman) Microsoft .NET Core 5.0 SDK (HKLM-x32\...\{C8AC11BB-B680-44A2-ACE4-2D88D6A711CE}) (Version: 1.0.23224 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (HKLM-x32\...\{976C3D92-0DEC-37A6-A870-FF4FC18CD029}) (Version: 4.5.21005 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (DEU) (HKLM\...\{1DB0C90B-2A9F-3A1E-B1DF-616C5A2A1417}) (Version: 4.5.51209 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (HKLM\...\{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}) (Version: 4.6.01055 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.6.1 Developer Pack (DEU) (HKLM-x32\...\{ccac9f21-ebd8-47e8-b566-de87b1f69e42}) (Version: 4.6.1055 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.6.1 Developer Pack (HKLM-x32\...\{463d5540-8dfd-4eef-92e5-b729b3b73cfb}) (Version: 4.6.1055 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft Agents for Visual Studio 2015 Preview (HKLM-x32\...\{CE37CE67-2660-30EE-805B-78829CC3554B}) (Version: 14.0.23102 - Microsoft Corporation) Hidden Microsoft Agents für Visual Studio 2015-Vorschau - DEU (HKLM-x32\...\{8985706E-7C12-354B-BAEA-E765A3005F76}) (Version: 14.0.23102 - Microsoft Corporation) Hidden Microsoft ASP.NET and Web Tools 2015.1 (Beta8) - Visual Studio 2015 - deu (HKLM-x32\...\{62B8DE1A-F2A7-3984-9FBC-BD12E8281F07}) (Version: 14.1.11106.0 - Microsoft Corporation) Hidden Microsoft ASP.NET and Web Tools 2015.1 (Beta8) - Visual Studio 2015 (HKLM-x32\...\{F7BBF232-D4A1-3C5C-B131-69933F5F2D6B}) (Version: 14.1.11106.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 - Visual Studio 2015 - DEU (HKLM-x32\...\{D2988336-54F8-4619-9F88-6216BD7492F9}) (Version: 4.1.41102.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 - Visual Studio 2015 - ENU (HKLM-x32\...\{44A100D0-C1AE-4BB7-A0CC-AA60B7566681}) (Version: 4.1.41102.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2015 - DEU (HKLM-x32\...\{F110F1A3-96BE-E754-6530-CF2CBB276F00}) (Version: 5.2.40314.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2015 - ENU (HKLM-x32\...\{CA916A4C-52F7-5055-975F-9B4AD4204007}) (Version: 5.2.40314.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages 2 - Visual Studio 2015 - DEU (HKLM-x32\...\{8060EFE3-FADB-4FBE-9081-E73326067305}) (Version: 4.1.41102.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages 2 - Visual Studio 2015 - ENU (HKLM-x32\...\{65A12DD3-9992-47D2-8BA2-510CA59F893F}) (Version: 4.1.41102.0 - Microsoft Corporation) Hidden Microsoft Azure Mobile Services Connected Service (HKLM-x32\...\{A4495E4F-5218-48FB-8AD2-F3076011B9E1}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Azure Mobile Services SDK V2.0 (HKLM-x32\...\{A00EC54A-CE16-4CF6-A14A-5CF81A1FE03F}) (Version: 2.0.20908.0 - Microsoft Corporation) Hidden Microsoft Azure Mobile Services Tools for Visual Studio - v1.4 (HKLM-x32\...\{5536AAD4-740A-4577-843D-4281D3F30726}) (Version: 1.4.30611.1601 - Microsoft Corporation) Hidden Microsoft Azure Mobile Services Tools für Visual Studio Sprachpaket - v1.4 (HKLM-x32\...\{DE1EB612-3BAD-4F68-A6D7-3FE29F784203}) (Version: 1.4.30611.1601 - Microsoft Corporation) Hidden Microsoft Azure Shared Components for Visual Studio 2015 - v1.7 (HKLM-x32\...\{7F6E1C5A-25DF-4352-A9A4-B1CE272CA67F}) (Version: 1.7.40113.5 - Microsoft Corporation) Hidden Microsoft Azure Storage Connected Service (HKLM-x32\...\{6B3F93BC-7716-4D97-8B80-1334DA37DDE1}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Build Tools 14.0 (amd64) (HKLM\...\{7F017105-282F-4091-B16A-F8B8A69B0325}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Build Tools 14.0 (x86) (HKLM-x32\...\{DF27D91D-516E-4DA1-92AC-7D7D59B2D99E}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Build Tools Language Resources 14.0 (amd64) (HKLM\...\{388D7468-1CCA-40C8-9F08-4C20E972E922}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Build Tools Language Resources 14.0 (x86) (HKLM-x32\...\{CBE7F62C-646C-46C3-9AB4-A3F71E5A68CC}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) (HKLM\...\{25E80DAA-FD87-DCE5-202C-CC02F6673002}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.203 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.203 - Microsoft Corporation) Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{0536BCDF-7EF6-48F6-8765-A3C065A065A5}) (Version: 2.0.20621.0 - Microsoft Corporation) Hidden Microsoft Help Viewer 2.2 (HKLM-x32\...\{358AD966-5D2F-390C-B4F3-E93852CD8EAD}) (Version: 2.2.25123 - Microsoft Corporation) Hidden Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation) Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\{E3EB4146-7037-33B4-A9E1-F3100179207E}) (Version: 2.2.25123 - Microsoft Corporation) Hidden Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25123 - Microsoft Corporation) Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft NuGet - Visual Studio 2015 (HKLM-x32\...\{769EF2AA-ECB5-3686-A387-8980102F79B8}) (Version: 3.4.0.798 - Microsoft Corporation) Hidden Microsoft OneDrive (HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\OneDriveSetup.exe) (Version: 23.153.0724.0003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1825835939-2990920891-3683691434-1002\...\OneDriveSetup.exe) (Version: 23.086.0423.0001 - Microsoft Corporation) Microsoft Portable Library Multi-Targeting Pack (HKLM-x32\...\{1634C655-2398-35C0-89BE-291449A72F88}) (Version: 14.0.25123.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (HKLM-x32\...\{21D3A99F-92B6-3EB3-9AF6-2905443D7058}) (Version: 14.0.25123.00 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{BDEC3091-D84B-4F70-B1AB-6487354160F4}) (Version: 13.0.1100.286 - Microsoft Corporation) Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{8C76566F-6B51-43FD-A99E-AAA2E9A96918}) (Version: 13.0.1100.286 - Microsoft Corporation) Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{F5E316A6-F894-4DCF-9088-F07E06A1ABFA}) (Version: 13.0.1100.286 - Microsoft Corporation) Microsoft SQL Server 2016 T-SQL-Sprachdienst RC0 (HKLM-x32\...\{F5AF6F7A-E0DC-480C-94E3-B5596C9A239F}) (Version: 13.0.12000.52 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (14.0.60311.1) (HKLM-x32\...\{FE4AF448-6FF2-4996-889F-8F07BA88DB59}) (Version: 14.0.60311.1 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2016 Management Objects RC0 (HKLM-x32\...\{029A7000-E652-4D44-88C2-483C9FD345A7}) (Version: 13.0.1100.286 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x64 Debug Runtime - 14.0.23918 (HKLM\...\{5DFEB60C-501E-375A-9967-99BBCB6150C5}) (Version: 14.0.23918 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x86 Debug Runtime - 14.0.23918 (HKLM-x32\...\{0780A1F4-A089-3156-9996-6A1DC1342A96}) (Version: 14.0.23918 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Devenv (HKLM-x32\...\{FC1F3422-0C94-3178-AD95-3EA889DF55AF}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Diagnostic Tools - amd64 (HKLM\...\{62D2E847-606F-49FB-A38B-F9D5AA936331}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Profiling Tools (HKLM-x32\...\{4AD3777F-D26B-4FCD-8823-B1D9784141C6}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 SDK - ENU (HKLM-x32\...\{67A74EC1-A89D-3553-B38D-D17D4991CD2F}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 SDK Sprachpaket - DEU (HKLM-x32\...\{2D333157-0EEE-337D-AD50-996026BE1235}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Shell (Minimum) (HKLM-x32\...\{030A6785-C3A9-37DA-8530-444C320629FA}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Shell (Minimum) Interop Assemblies (HKLM-x32\...\{8A9AA17A-EF34-331C-8FB0-134269533C1B}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Shell-(Mindest)-Ressourcen (HKLM-x32\...\{9AF6476A-C906-376C-9158-0B36F5E37E18}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Testtools Sprachpaket – DEU (HKLM-x32\...\{E1B108D3-4DA4-4915-B809-0563A3A980E9}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Update 2 Diagnostic Tools - amd64 (HKLM\...\{098A6F36-894B-490D-92FE-742994AA7251}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Update 2 Diagnostic Tools - amd64 (HKLM\...\{CB7C5C3E-B628-4AA0-A3DF-FEBCDCEB5ECB}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Update 2 Diagnostic Tools - ENU (HKLM-x32\...\{8A8F7C2B-115E-44B2-86CE-ED4644628BFE}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Update 2 Diagnostic Tools - x86 (HKLM-x32\...\{033DD73B-2EC2-4EA0-B08F-15C44DC634DD}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Update 2 Diagnostic Tools - x86 (HKLM-x32\...\{2927B938-7A0D-4ACB-9740-431B12F2A745}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Update 2 Diagnostic Tools - x86 (HKLM-x32\...\{DDC53ADA-1D37-4038-82CA-C296C8C0027F}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Update 2 Performance Debugger Web Views (HKLM-x32\...\{FA32C998-12C6-49B8-9DA6-F5F058E505AB}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Update 2 Performance Debugger-Webansichten – Ressourcen DEU (HKLM-x32\...\{CCA454C0-6D9E-4A4E-824F-B6793C0BD843}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Update 2 Team Explorer Language Pack - ENU (HKLM-x32\...\{C0B28043-82F3-3BCF-BE6E-912B20DA401B}) (Version: 14.95.25118 - Microsoft) Hidden Microsoft Visual Studio 2015 Update 2-Diagnosetools – DEU (HKLM-x32\...\{5E493A93-C335-4EF7-B3BE-5AD0994ACFDF}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Update 2-Diagnosetools – DEU (HKLM-x32\...\{96696C50-83A7-4FEB-90FE-B7EFD8F872F5}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 VsGraphics Helper Dependencies (HKLM\...\{599702AA-91EB-38C1-B994-CDE35C57E007}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Windows Diagnostic Tools - ENU (HKLM-x32\...\{55DB2813-5327-41DD-831F-F9DFE14A3889}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 Windows Diagnostic Tools (HKLM-x32\...\{8E484670-06E5-401F-9D92-468ED5DB87A1}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 XAML Application Timeline - ENU (HKLM-x32\...\{428F280F-4141-400D-B2C5-A84134F85B8F}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 XAML Application Timeline (HKLM-x32\...\{77745491-4907-458D-B02C-B58D99EE5957}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 XAML Visual Diagnostics - ENU (HKLM-x32\...\{05B2B257-5D5E-4BA3-9A25-4FD07CA668DE}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015 XAML Visual Diagnostics (HKLM-x32\...\{431D8A5C-C7D8-46F1-AA46-2581C59C7530}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015-Leistungserfassungstools - DEU (HKLM\...\{4F4AD505-AAA6-400D-A79A-76E27ABAAAEF}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015-Leistungserfassungstools (HKLM\...\{65956D81-BDC2-4402-90F3-8BE8A8FD042B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015-Vorbereitung (HKLM-x32\...\{10F97A69-C876-48BA-9EE4-CC5DB98C96AD}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015-Vorbereitung (HKLM-x32\...\{21B8DBC0-B5B3-42D1-8645-910ACCE81596}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio 2015-Vorbereitung (HKLM-x32\...\{4002A594-C093-44E1-AAB8-E805FBEC3EBB}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Microsoft Visual Studio Community 2015 mit Update 2 (HKLM-x32\...\{f2892dc5-7ac2-4ae4-a296-b5b159f61255}) (Version: 14.0.25123.0 - Microsoft Corporation) Microsoft Visual Studio Connected Services (HKLM-x32\...\{14A30BB4-D565-41EA-9D9E-974ADC0CF1BF}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Microsoft Visual Studio Services Hub (HKLM-x32\...\{8CE767E5-878E-47F9-87C2-813D72D06BAE}) (Version: 1.0.25123.00 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2015 Update 2 Office Integration (x64) (HKLM\...\{041FD3D8-612C-3CB2-AB44-1E7B79990C37}) (Version: 14.95.25118 - Microsoft) Hidden Microsoft Visual Studio Team Foundation Server 2015 Update 2 Office Integration Language Pack (x64) - ENU (HKLM\...\{E69EC2BF-D4CE-3842-AA87-B782C473A2C0}) (Version: 14.95.25118 - Microsoft) Hidden Microsoft Visual Studio Team Foundation Server 2015 Update 2 Storyboarding (x64) (HKLM\...\{1850F701-7CCE-3AE9-9FC2-D4D75837A39E}) (Version: 14.95.25118 - Microsoft) Hidden Microsoft Visual Studio Team Foundation Server 2015 Update 2 Storyboarding Language Pack (x64) - ENU (HKLM\...\{2A248AE6-E332-3704-AE59-D8B315ADE0B3}) (Version: 14.95.25118 - Microsoft) Hidden Microsoft VisualStudio JavaScript Language Service (HKLM-x32\...\{4CE130ED-0CA1-4BA5-9293-41509E4C8885}) (Version: 14.0.25205 - Microsoft Corporation) Hidden Microsoft VisualStudio JavaScript Project System (HKLM-x32\...\{1B7D3336-E234-44CB-ACAB-EB16B0FC4CEE}) (Version: 14.0.25205 - Microsoft Corporation) Hidden Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation) Microsoft.VisualStudio.Office365 (HKLM-x32\...\{3196EC29-B75D-4EE3-8AB0-46418BC31483}) (Version: 1.6.2.0 - Microsoft Corporation) Hidden Microsoft-System-CLR-Typen für SQL Server*2016 RC0 (HKLM\...\{71F2875A-58DC-432F-B959-67B6D928E08F}) (Version: 13.0.1100.286 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server*2016 RC0 (HKLM-x32\...\{D2C7A7B6-719A-4F6A-881A-555B999F82AC}) (Version: 13.0.1100.286 - Microsoft Corporation) Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (HKLM-x32\...\{F6C04806-5A52-31D1-ACF7-A010F8315E7A}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 116.0.2 (x64 de)) (Version: 116.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 116.0.2.8617 - Mozilla) MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{13FE8B50-B340-4FDA-BB6E-AA1F5FAB8205}) (Version: 14.0.25123 - Microsoft Corporation) Hidden MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD) MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios) No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.2 - Notepad++ Team) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation) NVIDIA Grafiktreiber 536.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.99 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation) OpenVPN 2.4.4-I601 (HKLM\...\OpenVPN) (Version: 2.4.4-I601 - OpenVPN Technologies, Inc.) paint.net (HKLM\...\{E91052A0-E7C9-4462-B7B5-2C7279F7203B}) (Version: 4.3.12 - dotPDN LLC) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (HKLM-x32\...\{63045916-32E7-31D6-BD8E-C13406E137B5}) (Version: 4.5.21005 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation) PDF24 Creator 8.0.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) Photo Common (HKLM-x32\...\{87DABDEA-47A4-4182-AA7C-2C90DAAE3117}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PreEmptive Analytics Client German Language Pack (HKLM-x32\...\{B9EE1E60-4884-4B2F-9187-92F532437D60}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden Proxifier version 3.29 (HKLM-x32\...\Proxifier_is1) (Version: 3.29 - Initex) RawTherapee Version 5.0 (HKLM\...\{128459AB-59A7-430A-8BD0-3D8803D50400}_is1) (Version: 5.0 - rawtherapee.com) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.0 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder) ROCCAT SWARM (HKLM-x32\...\{2E1673CF-DA13-42F7-B916-6706E9BA01FC}) (Version: 1.94.140 - ROCCAT GmbH) Hidden ROCCAT SWARM (HKLM-x32\...\InstallShield_{2E1673CF-DA13-42F7-B916-6706E9BA01FC}) (Version: 1.94.140 - ROCCAT GmbH) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.49.529 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games) Roslyn Language Services - x86 (HKLM-x32\...\{263EF873-F5D0-3134-A962-356C21A3510F}) (Version: 14.0.25126 - Microsoft Corporation) Hidden Roslyn Language Services - x86 (HKLM-x32\...\{E13626E2-E326-3F4B-8F60-16863E929945}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 - Samsung Electronics Co., Ltd.) Simple DNSCrypt (HKLM-x32\...\{EF03BEC3-4ECA-411C-8299-AB859EB7EF82}) (Version: 0.4.2 - bitbeans) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Team Explorer for Microsoft Visual Studio 2015 Update 2 (HKLM-x32\...\{7932CD6F-86D3-3EE4-8A02-B954404D1FFC}) (Version: 14.95.25118 - Microsoft) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.0 - TeamSpeak Systems GmbH) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer) Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Tools for .Net 3.5 - DEU Lang Pack (HKLM-x32\...\{13BD574A-7F41-420A-B486-7A2D4CEB7F3B}) (Version: 3.11.50727 - Microsoft Corporation) Hidden Tools for .Net 3.5 (HKLM-x32\...\{1690CE56-2231-4E59-9006-A0876D949EA8}) (Version: 3.11.50727 - Microsoft Corporation) Hidden TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) TypeScript Power Tool (HKLM-x32\...\{60890089-588B-4362-B9C5-A9C11D6E5DD1}) (Version: 1.8.9.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{DD51688B-194A-4A10-83D8-40AD1D9954A1}) (Version: 1.8.30.0 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation) UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft) Visual C++ Compiler/Tools X86 Base Package (HKLM-x32\...\{99C9FABF-C085-38C9-B2DA-7E4943471D31}) (Version: 14.0.23918 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X86 Base Package (HKLM-x32\...\{A5E71A84-9BAB-3A96-A5F8-62AD16E09E56}) (Version: 14.0.23918 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X86 Base Resource Package (HKLM-x32\...\{02652192-DE3F-3B9B-89C4-C166A872A9DA}) (Version: 14.0.23918 - Microsoft Corporation) Hidden Visual C++ Compiler/Tools X86 Base Resource Package (HKLM-x32\...\{3A48D017-EC51-3774-8BA9-A4D88D711B6D}) (Version: 14.0.23918 - Microsoft Corporation) Hidden Visual C++ IDE Base Package (HKLM-x32\...\{ECC8F805-E519-3314-8C79-DC6CAC3E64DC}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Base Resource Package (HKLM-x32\...\{39ABF265-44CC-3062-90BB-5AFF901B155A}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Base Resource Package (HKLM-x32\...\{C81E59A8-9D2E-3CC0-911C-7BA4C8A24A9A}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Visual C++ IDE Common Package (HKLM-x32\...\{E57E4E87-61B6-3FDC-A4D3-BAE317678B74}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Common Resource Package (HKLM-x32\...\{37E563C9-C9E9-381A-91A4-AD225947A659}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Package (HKLM-x32\...\{AB3903D7-8CC4-3708-9558-93F68CED88C5}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{19055D06-F01E-3BF2-987B-DF9BC14C69FC}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{1E315887-E33F-3726-A9AC-A3A56B0DF4B3}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{3CAA7C8A-EF8D-3F7B-9710-197F5C606255}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{65FFE121-03FA-345D-8149-50AC21A4F985}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{705D1F4A-2E06-3C3C-A1C6-B7572D650418}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{B2BA21D5-8973-3AA6-936D-F2C51BF6D764}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{BC0FB8BF-E57B-30AB-8B77-DC11C75B4212}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{C915EA4E-24C9-3398-983C-CB9B9220B1EE}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{CAC666AC-1986-3B50-9670-552432D5B88A}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{D84B1C7A-7C28-3133-AA25-2D36763182AD}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{E413256C-F028-3C5E-B9B2-728ED1F544C6}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{E6597C44-DF3C-3BE6-A5A1-28E6DAECBA30}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{EB4B3254-5483-3C7B-AC56-D49231C3B51A}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Core Professional Plus Resource Package (HKLM-x32\...\{EF3EE0BB-DDB9-32F0-98CA-32C4B6C47D7E}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Debugger Package (HKLM-x32\...\{78EC1C10-1AD9-35ED-9F4D-AC0238AE8A2B}) (Version: 14.0.25126 - Microsoft Corporation) Hidden Visual C++ IDE Debugger Resource Package (HKLM-x32\...\{07D6193A-B6D0-332E-BF64-D9707210008F}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE Professional Core Package (HKLM-x32\...\{3101E866-DD09-3926-8929-C6B580B951C5}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ IDE x64 Package (HKLM\...\{3E62C619-F43D-396C-B266-FA472CFE0B4B}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ Library PGO X86 Package (HKLM-x32\...\{2E6C63B5-A075-3591-96CA-F7FEA8226482}) (Version: 14.0.23918 - Microsoft Corporation) Hidden Visual C++ MSBuild ARM Package (HKLM-x32\...\{030702BF-6F52-356B-A223-F9CA15B465DA}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ MSBuild Base Package (HKLM-x32\...\{A563F0A7-CF99-37E6-A917-CD6A2509F79C}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ MSBuild Base Resource Package (HKLM-x32\...\{999DD1D3-8C89-3F62-BA5A-3E46B8F7385D}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ MSBuild X64 Package (HKLM-x32\...\{2AA9034E-6735-30BD-92A4-A18791D1616F}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual C++ MSBuild X86 Package (HKLM-x32\...\{ADB88179-BECB-3FA3-AB20-9362E8A2626C}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual F# 4.0 SDK Language Pack - DEU (HKLM-x32\...\{459F37E3-8C9F-3E0D-ADCD-C23EFBCC4C2A}) (Version: 14.0.23413 - Microsoft Corporation) Hidden Visual F# 4.0 VS Language Pack - DEU (HKLM-x32\...\{6A536541-565A-33A0-B50E-8ACF7849D000}) (Version: 14.0.23413 - Microsoft Corporation) Hidden Visual Studio 2012 Verification SDK (HKLM-x32\...\{3DCCF375-3903-35C7-967A-9EFEE9ED9A77}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Visual Studio 2015 Prerequisites - DEU Language Pack (HKLM\...\{447A06BC-E1AC-4DA0-B99A-2453D5038D41}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Visual Studio 2015 Prerequisites (HKLM\...\{DF32E41C-24AD-4A87-B43A-B38553B1806E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation) Visual Studio Graphics Analyzer (HKLM-x32\...\{C70EC402-4FAA-3B06-9BE6-77C52DBCD9B3}) (Version: 14.0.25123 - Microsoft Corporation) Hidden VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN) Voobly Game Data (HKLM-x32\...\Voobly_is1) (Version: Voobly Game Datas - Voobly) VS Update core components (HKLM-x32\...\{6A878817-D626-305A-BE8D-94C93F70E27A}) (Version: 14.0.25123 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 DEU Language Pack (HKLM-x32\...\{A18C9DC6-4DE8-4C3C-9CE7-8CCC33BFAB3A}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (HKLM-x32\...\{7498BA51-A725-4293-A5E4-AB28BDE1C18A}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22314 - Microsoft Corporation) Windows Espc Package (HKLM-x32\...\{42AF2A8C-6EBB-3D2E-9BF1-6135379FBABC}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Windows Espc Resource Package (HKLM-x32\...\{FC94D188-1E08-3707-9D23-F41178D44664}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\{66233218-CA57-4AB2-BA43-A97AA4635960}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (HKLM-x32\...\{FC071B45-4A5F-408F-92F8-4D9D693E866F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Phone SDK 8.0 Assemblys für Visual Studio 2015 – DEU (HKLM-x32\...\{D235401E-F745-3094-991D-984835E0D51A}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Windows Software Development Kit DirectX x64 Remote (HKLM\...\{5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1}) (Version: 8.100.25984 - Microsoft Corporation) Hidden Windows Software Development Kit DirectX x86 Remote (HKLM-x32\...\{A1CB8286-CFB3-A985-D799-721A0F2A27F3}) (Version: 8.100.25984 - Microsoft Corporation) Hidden Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (HKLM\...\{96F4525A-470D-F15C-796E-58D9988C3E5F}) (Version: 8.100.26936 - Microsoft Corporation) Hidden Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{56AD3004-0B49-967F-F682-B05650B61A78}) (Version: 8.100.26936 - Microsoft Corporation) Hidden Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.5 - ASUSTeK COMPUTER INC.) WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) XAMPP (HKLM\...\xampp) (Version: 8.0.10-0 - Bitnami) XtremeTuner (HKLM-x32\...\XtremeTuner) (Version: 1.0.9.2 - Galaxy Microsystems Ltd.) Youtube Downloader HD v. 5.1 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com) Geändert von kay12 (17.08.2023 um 00:39 Uhr) Grund: youtube link eingebettet |
17.08.2023, 00:35 | #2 |
| Infektion durch Audacity von falscher Website / Windows CD von ebay? Addition.txt
__________________Teil 2: Code:
ATTFilter Packages: ========= Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-14] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-08-13] (NVIDIA Corp.) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8040.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Studios) [MS Ad] Windows File Recovery -> C:\Program Files\WindowsApps\Microsoft.WindowsFileRecovery_0.1.20151.0_x64__8wekyb3d8bbwe [2023-06-18] (Microsoft Corporation) WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-04-25] (Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-18] (Notepad++ -> ) ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-01-12] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers1: [PureSync] -> {D1079645-619B-4d0b-8FD5-1008B95134E1} => C:\Program Files (x86)\Jumping Bytes\PureSync\psshell64.dll [2010-12-21] (Jumping Bytes - Dipl.-Ing. Christoph Guentner -> Jumping Bytes) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-01-12] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers2: [PureSync] -> {D1079645-619B-4d0b-8FD5-1008B95134E1} => C:\Program Files (x86)\Jumping Bytes\PureSync\psshell64.dll [2010-12-21] (Jumping Bytes - Dipl.-Ing. Christoph Guentner -> Jumping Bytes) ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-01-12] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers4: [PureSync] -> {D1079645-619B-4d0b-8FD5-1008B95134E1} => C:\Program Files (x86)\Jumping Bytes\PureSync\psshell64.dll [2010-12-21] (Jumping Bytes - Dipl.-Ing. Christoph Guentner -> Jumping Bytes) ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-01-12] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> Keine Datei ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1ddf203f8d876fdf\nvshext.dll [2023-08-05] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-01-12] (Heidi Computers Ltd -> The Eraser Project) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\zeu5\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Markus (standard) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 7" ShortcutWithArgument: C:\Users\zeu5\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\save - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\zeu5\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Training - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4" ShortcutWithArgument: C:\Users\zeu5\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\LERNEN - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6" ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2015-12-29 06:25 - 2015-12-29 00:25 - 000120334 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\libgcc_s_dw2-1.dll 2015-12-29 06:25 - 2015-12-29 00:25 - 001540622 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\libstdc++-6.dll 2022-06-14 15:59 - 2022-08-30 13:45 - 007523840 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\resource.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000017920 _____ () [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libEGL.DLL 2023-08-15 12:43 - 2023-08-15 12:43 - 003567616 _____ () [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libGLESv2.dll 2015-12-29 06:25 - 2015-12-29 00:25 - 000079360 _____ (MingW-W64 Project. All rights reserved.) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\libwinpthread-1.dll 2015-12-29 06:52 - 2015-12-29 00:52 - 002177536 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\LIBEAY32.dll 2015-12-29 06:52 - 2015-12-29 00:52 - 000462336 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\ssleay32.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll 2016-06-11 02:15 - 2016-06-10 20:15 - 000058880 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qdds.dll 2016-06-10 15:32 - 2016-06-10 09:32 - 000033792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qgif.dll 2016-06-11 02:15 - 2016-06-10 20:15 - 000046592 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qicns.dll 2016-06-10 15:33 - 2016-06-10 09:33 - 000036352 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qico.dll 2016-06-10 15:32 - 2016-06-10 09:32 - 000258560 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qjpeg.dll 2016-06-11 01:51 - 2016-06-10 19:51 - 000028672 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qsvg.dll 2016-06-11 02:15 - 2016-06-10 20:15 - 000028672 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qtga.dll 2016-06-11 02:15 - 2016-06-10 20:15 - 000495616 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qtiff.dll 2016-06-11 02:15 - 2016-06-10 20:15 - 000027648 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qwbmp.dll 2016-06-11 02:16 - 2016-06-10 20:16 - 000416768 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\imageformats\qwebp.dll 2016-06-13 03:38 - 2016-06-12 21:38 - 000317440 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\mediaservice\dsengine.dll 2016-06-10 15:34 - 2016-06-10 09:34 - 001489920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\platforms\qwindows.dll 2020-01-13 09:29 - 2020-01-13 03:29 - 005384704 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5Core.dll 2016-06-10 15:23 - 2016-06-10 09:23 - 005283840 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5Gui.dll 2016-06-13 03:29 - 2016-06-12 21:29 - 000853504 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5Multimedia.dll 2016-06-10 15:17 - 2016-06-10 09:17 - 001610240 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5Network.dll 2016-06-11 01:51 - 2016-06-10 19:51 - 000348160 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5Svg.dll 2023-02-07 03:24 - 2016-06-12 21:27 - 000188416 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5WebSockets.dll 2016-06-10 15:29 - 2016-06-10 09:29 - 006358528 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\Qt5Widgets.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000046592 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000031744 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qgif.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000039936 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qicns.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000031232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qico.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000415232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qjpeg.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000025600 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qsvg.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000025088 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtga.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000380416 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtiff.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000023552 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwbmp.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000532992 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwebp.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 001455616 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\platforms\qwindows.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000227328 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt\labs\platform\qtlabsplatformplugin.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 006270976 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 006947328 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Gui.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 001389568 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000327168 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Positioning.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000319488 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5PrintSupport.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 003798528 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Qml.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000440832 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlModels.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000054784 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlWorkerScript.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 004254720 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Quick.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000171520 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickControls2.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000222208 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickShapes.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 001128960 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickTemplates2.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000075264 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickWidgets.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000334848 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Svg.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000133120 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebChannel.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000396288 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngine.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 103583232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngineCore.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000250880 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebEngineWidgets.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000157184 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 005611520 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Widgets.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000463360 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WinExtras.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000210432 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000056832 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000059392 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000018432 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick.2\qtquick2plugin.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000294400 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000106496 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Layouts\qquicklayoutsplugin.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000017920 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Shapes\qmlshapesplugin.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000325120 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000045568 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Window.2\windowplugin.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000021504 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebChannel\declarative_webchannel.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000093696 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtWebEngine\qtwebengineplugin.dll 2023-08-15 12:43 - 2023-08-15 12:43 - 000135680 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\styles\qwindowsvistastyle.dll 2020-10-26 18:13 - 2022-08-15 11:23 - 000110207 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\BASS.dll 2020-10-26 18:13 - 2022-08-15 11:23 - 000012166 _____ (Un4seen Developments) [Datei ist nicht signiert] C:\Program Files (x86)\ROCCAT\ROCCAT SWARM\BASSWASAPI.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Public\AppData:CSM [472] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [482] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset SearchScopes: HKU\S-1-5-21-1825835939-2990920891-3683691434-1000 -> {8B1B5D43-8880-4ED2-918D-52A754F337AF} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2016-04-25 23:08 - 000002030 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 compatexchange.cloudapp.net 127.0.0.1 a-0001.a-msedge.net 127.0.0.1 choice.microsoft.com 127.0.0.1 choice.microsoft.com.nsatc.net 127.0.0.1 corpext.msitadfs.glbdns2.microsoft.com 127.0.0.1 df.telemetry.microsoft.com 127.0.0.1 oca.telemetry.microsoft.com 127.0.0.1 oca.telemetry.microsoft.com.nsatc.net 127.0.0.1 redir.metaservices.microsoft.com 127.0.0.1 reports.wes.df.telemetry.microsoft.com 127.0.0.1 services.wes.df.telemetry.microsoft.com 127.0.0.1 settings-sandbox.data.microsoft.com 127.0.0.1 sls.update.microsoft.com.akadns.net 127.0.0.1 sqm.df.telemetry.microsoft.com 127.0.0.1 sqm.telemetry.microsoft.com 127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net 127.0.0.1 statsfe2.ws.microsoft.com 127.0.0.1 telecommand.telemetry.microsoft.com 127.0.0.1 telecommand.telemetry.microsoft.com.nsat�c.net 127.0.0.1 telemetry.appex.bing.net 127.0.0.1 telemetry.microsoft.com 127.0.0.1 telemetry.urs.microsoft.com 127.0.0.1 vortex-sandbox.data.microsoft.com 127.0.0.1 vortex-win.data.microsoft.com 127.0.0.1 vortex.data.microsoft.com 127.0.0.1 watson.ppe.telemetry.microsoft.com 127.0.0.1 watson.telemetry.microsoft.com 127.0.0.1 watson.telemetry.microsoft.com.nsatc.net ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\OpenVPN\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Users\zeu5\.dnx\bin;C:\Program Files\Microsoft DNX\Dnvm\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Windows Live\Shared;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\zeu5\Pictures\Wallpaper\leafwaterwallpaper.jpg HKU\S-1-5-21-1825835939-2990920891-3683691434-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\User2\Downloads\andy-holmes-rCbdp8VCYhQ-unsplash.jpg HKU\S-1-5-21-1825835939-2990920891-3683691434-501\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 10.0.0.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Keine Datei) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun HKLM\...\StartupApproved\StartupFolder: => "HandyAndy.lnk" HKLM\...\StartupApproved\Run: => "Eraser" HKLM\...\StartupApproved\Run: => "Launch LCore" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "USB3MON" HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad" HKLM\...\StartupApproved\Run32: => "PDFPrint" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "Xtreme Tuner" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\StartupFolder: => "GameRanger.lnk" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\StartupFolder: => "c.txt" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "f.lux" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "RocketDock" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "TrueCrypt" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "SandboxieControl" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "OPENVPN-GUI" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "Voobly" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "vidnotifier.exe" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "HP Deskjet 3520 series (NET)" HKU\S-1-5-21-1825835939-2990920891-3683691434-1000\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-1825835939-2990920891-3683691434-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1825835939-2990920891-3683691434-1002\...\StartupApproved\Run: => "OPENVPN-GUI" HKU\S-1-5-21-1825835939-2990920891-3683691434-1002\...\StartupApproved\Run: => "Discord" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{8DAFBBBD-AE1B-44EC-AF77-4DB5A426F70B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{F3F66504-E4ED-417D-982D-EF95099A0485}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{9657A61F-D8EE-452F-B833-237BF8C50784}X:\call of duty modern warfare\modernwarfare.exe] => (Allow) X:\call of duty modern warfare\modernwarfare.exe => Keine Datei FirewallRules: [TCP Query User{2006BD39-5479-4D6F-80D7-28DD21974AF5}X:\call of duty modern warfare\modernwarfare.exe] => (Allow) X:\call of duty modern warfare\modernwarfare.exe => Keine Datei FirewallRules: [{340D5199-960F-4131-A8A6-09B18A834634}] => (Allow) C:\Users\zeu5\AppData\Roaming\BitTorrent\BitTorrent.exe => Keine Datei FirewallRules: [{E4B5487F-21AB-4CE8-B2D1-3D6A44F4F9CB}] => (Allow) C:\Users\zeu5\AppData\Roaming\BitTorrent\BitTorrent.exe => Keine Datei FirewallRules: [{D23D7F45-87FB-428F-BB71-3F1ED597515D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{81453FCD-3A4D-464A-9494-AAD7C951F710}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C673746A-9781-4039-8324-7B59A2D6449F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{EC536382-0A2A-411F-803A-8B7874D71BC8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{40CD26C7-AA23-4BF2-B17F-B3EB65721153}] => (Allow) C:\Users\zeu5\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{9B54AA84-CCFC-4D41-BBC3-6E7ACCE411C5}] => (Allow) C:\Users\zeu5\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{3CACB09E-E8EC-4142-8A90-E87043BAD93E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei FirewallRules: [TCP Query User{FB32EDD9-B222-42EC-A03B-CCDE0813A432}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei FirewallRules: [UDP Query User{A4CBDDD2-A9D5-4F68-971B-271CC24F8EC9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => Keine Datei FirewallRules: [TCP Query User{5B00B8F2-C49E-4BE0-9D24-7CB82204A602}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => Keine Datei FirewallRules: [UDP Query User{A37DBE55-AAD0-4C07-A379-66BAE6522FF6}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Keine Datei FirewallRules: [TCP Query User{AEE54240-55DA-4C79-AC39-E94014FDE32A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Keine Datei FirewallRules: [UDP Query User{7D19AA83-F711-4748-974C-036E6FA8E4D0}C:\program files (x86)\microsoft games\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomx.exe (Ensemble Studios) [Datei ist nicht signiert] FirewallRules: [TCP Query User{F73C91BD-EC3E-4164-AF26-20A99724DBA7}C:\program files (x86)\microsoft games\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomx.exe (Ensemble Studios) [Datei ist nicht signiert] FirewallRules: [UDP Query User{830C07EF-A747-44FA-B896-1EF7B51AD774}C:\users\zeu5\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\zeu5\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd) FirewallRules: [TCP Query User{90BC0A7E-AD59-4F81-B3DD-2D51FA9E6B35}C:\users\zeu5\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\zeu5\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd) FirewallRules: [{371128B9-0DB3-4959-B228-23BBD2C937FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{37DD7915-7C27-4C38-89CA-089630469EDA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{DBB4907E-996B-4C27-B292-00A55B096E7C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{31F40FC5-7BEC-4546-9EA2-25FBABD48287}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{156FFE1A-2340-4C2D-B0EB-9D6A6EF483C9}] => (Allow) LPort=1900 FirewallRules: [{4DB810FD-1F74-43CC-8F56-30D5FCF68BEE}] => (Allow) LPort=2869 FirewallRules: [{EE4A4EDB-9E56-4EC1-98FB-0D655A3C0888}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{8A8495C9-EC90-45BF-97AF-DC65A5EA0104}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => Keine Datei FirewallRules: [TCP Query User{69FB2000-4DB5-4F29-A50D-1331B603A7A4}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => Keine Datei FirewallRules: [{6E2A1FD3-EE57-4D62-81A7-268D11E8E803}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe => Keine Datei FirewallRules: [{B32E5AFE-881A-45A0-8663-3928B24C2049}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe => Keine Datei FirewallRules: [{5DB3E91A-679B-46DA-919D-FFA64899BDE9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{69EBC794-1922-4ECF-869E-636D9E6B1FA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B1576ADE-004C-4080-864F-DED580ED5A80}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei FirewallRules: [{F2B891BB-532F-448E-AD8F-F2BA1D3ADE72}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => Keine Datei FirewallRules: [{F3F0B9F0-5918-4372-882E-DC844F865221}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{24E1E80F-9977-45AD-84AE-5A350E483E0E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{7CF92FE9-98B2-4CFD-82AA-BC23975909FA}] => (Allow) C:\Users\zeu5\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{03C0B702-BBB5-4F91-AB12-E516EAE7EA80}] => (Allow) C:\Users\zeu5\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{38171350-B5E6-49DA-A296-46B4D6851EB8}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{7D1DE2E0-454E-4E2A-A9A6-F4388D64E753}C:\users\zeu5\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\zeu5\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd) FirewallRules: [UDP Query User{70FB9F58-9A0B-4DDF-9235-E1BD76FFB06B}C:\users\zeu5\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\zeu5\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd) FirewallRules: [TCP Query User{E70D97EF-9F38-47C3-8589-2AFF54418CD7}C:\program files (x86)\microsoft games\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomx.exe (Ensemble Studios) [Datei ist nicht signiert] FirewallRules: [UDP Query User{42B4F471-D592-49A9-B523-8AEE1FC53F7B}C:\program files (x86)\microsoft games\age of mythology\aomx.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomx.exe (Ensemble Studios) [Datei ist nicht signiert] FirewallRules: [TCP Query User{052615C2-19C8-455B-BAD3-28CBDE2F388F}C:\users\zeu5\desktop\sportable\app\skype\phone\skype.exe] => (Allow) C:\users\zeu5\desktop\sportable\app\skype\phone\skype.exe => Keine Datei FirewallRules: [UDP Query User{A4507A96-C12F-4BF9-9E26-15FA7A62D89D}C:\users\zeu5\desktop\sportable\app\skype\phone\skype.exe] => (Allow) C:\users\zeu5\desktop\sportable\app\skype\phone\skype.exe => Keine Datei FirewallRules: [{DD2386CD-BA67-4642-BC2C-6E4548AEEB50}] => (Block) C:\users\zeu5\desktop\sportable\app\skype\phone\skype.exe => Keine Datei FirewallRules: [{1174F5F9-BEBD-4126-90F5-BF75EF3D92CF}] => (Block) C:\users\zeu5\desktop\sportable\app\skype\phone\skype.exe => Keine Datei FirewallRules: [TCP Query User{A161C6FF-5632-4F0B-9385-B2BF910FD52F}C:\users\zeu5\documents\recs\sportable\app\skype\phone\skype.exe] => (Allow) C:\users\zeu5\documents\recs\sportable\app\skype\phone\skype.exe => Keine Datei FirewallRules: [UDP Query User{C2E3F912-7EB4-468A-B4BF-216E0C5374A5}C:\users\zeu5\documents\recs\sportable\app\skype\phone\skype.exe] => (Allow) C:\users\zeu5\documents\recs\sportable\app\skype\phone\skype.exe => Keine Datei FirewallRules: [{733842F0-ED8E-4417-ABC1-9399F96C4B64}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{D3FA94E4-EDC9-48EB-9175-14E0236EA0C3}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{BD70FDB0-D4B6-4D47-A98D-CB478D6274F9}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [TCP Query User{DEACC112-0F89-4E82-8FA2-D00D4C5C8A97}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Block) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT) FirewallRules: [UDP Query User{6E75478C-0F6A-4A24-9C43-A2735B35D39A}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Block) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT) FirewallRules: [{90D412F1-A569-4C54-8F93-F4F9C4B1F887}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [{0C4DD0E5-BD28-4DE4-BB1A-0A5AE1AEF2C2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei FirewallRules: [{C6006FD5-9783-4E16-BCD7-A13BDA76EBA3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{172F683C-F178-4E78-98B3-046895117C5B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{8E01EC0E-339A-4C9A-962B-E1870C2ED6CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{5AAFE17D-CA76-48A0-A469-02FEE0131021}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{19254D60-07D3-43BD-80A4-A4E1C40AFE6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{F5DFD89A-F44E-4D6A-8105-6E4A015B10CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{443F498D-FBDE-493F-8F2F-2F871C349048}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => Keine Datei FirewallRules: [{690381C8-8811-4AB1-8F0A-E2CF2C90DAA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{3D53EC2E-5B67-429C-B5FC-E040E9BB5005}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{38DC0169-DE2B-4959-A335-BF47F6AD89C1}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe => Keine Datei FirewallRules: [UDP Query User{2651932D-69D7-4BE8-85F4-2E31FFF83887}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe => Keine Datei FirewallRules: [TCP Query User{E1F78172-D4FD-4494-A923-0FEA8F167FC5}C:\users\zeu5\documents\1234\ecln 0.3.0 fud mod\echelon.exe] => (Allow) C:\users\zeu5\documents\1234\ecln 0.3.0 fud mod\echelon.exe => Keine Datei FirewallRules: [UDP Query User{CF30AA12-1F4D-4606-94AF-D4DDB818436A}C:\users\zeu5\documents\1234\ecln 0.3.0 fud mod\echelon.exe] => (Allow) C:\users\zeu5\documents\1234\ecln 0.3.0 fud mod\echelon.exe => Keine Datei FirewallRules: [{8C7E7B11-9BE8-4C29-B374-22F8C6448CD6}] => (Allow) C:\Users\zeu5\AppData\Local\Temp\andy-x64\Setup.exe => Keine Datei FirewallRules: [{7A2FE6D0-3DC4-4AF9-AD2F-330CC003091E}] => (Allow) C:\Users\zeu5\AppData\Local\Temp\andy-x64\Setup.exe => Keine Datei FirewallRules: [{E37E6C9C-D9E4-4BCD-A8AE-EA1ADE831EA8}] => (Allow) C:\Program Files\Andy\andy.exe => Keine Datei FirewallRules: [{917A904E-2A83-419A-A5F6-1565A85ED09D}] => (Allow) C:\Program Files\Andy\andy.exe => Keine Datei FirewallRules: [{C4C97B32-71ED-4B2B-8887-54481413482F}] => (Allow) C:\Program Files\Andy\AndyConsole.exe => Keine Datei FirewallRules: [{8BF19432-57B2-4666-B0D0-09A340D0F72E}] => (Allow) C:\Program Files\Andy\AndyConsole.exe => Keine Datei FirewallRules: [{5F2D1888-914B-4B4D-B562-E149AF5988EF}] => (Allow) C:\Program Files\Andy\HandyAndy.exe => Keine Datei FirewallRules: [{7E5F14CD-07FC-48B2-8040-5DFEB8CF0DC2}] => (Allow) C:\Program Files\Andy\HandyAndy.exe => Keine Datei FirewallRules: [{70BCAB72-2A9A-4E7D-B7A8-0F23CA409963}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe => Keine Datei FirewallRules: [{55F7D1EB-92BF-4861-B65E-9FA4ED3CDB36}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe => Keine Datei FirewallRules: [{AFDA8994-0304-4A6F-BBA0-20DF1A3F5C78}] => (Allow) C:\Users\zeu5\AppData\Local\Temp\RemoveTemp.exe => Keine Datei FirewallRules: [{B16DDE6F-8BFB-4D94-8796-37D9F9D44262}] => (Allow) C:\Users\zeu5\AppData\Local\Temp\RemoveTemp.exe => Keine Datei FirewallRules: [{AC19ADDF-8D96-42B8-9EED-757138676145}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe => Keine Datei FirewallRules: [{E298D2F6-5EA7-4BFE-87EA-CB327C326A87}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe => Keine Datei FirewallRules: [{96E8262D-1003-4BD8-A303-AE646CB58162}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe => Keine Datei FirewallRules: [{A8F73BAE-9938-4722-99F9-F3D4DF0E89C7}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe => Keine Datei FirewallRules: [{D7959298-F272-4D46-A57E-BB43773E22DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => Keine Datei FirewallRules: [{9159C1F4-FD58-4A09-8532-3C2F079A4189}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => Keine Datei FirewallRules: [TCP Query User{80D5AE0A-3060-414D-9298-B7A32246F6DA}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei FirewallRules: [UDP Query User{54B932E5-361D-4513-904C-FC34810EFAE5}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Keine Datei FirewallRules: [TCP Query User{16A2561B-270B-44B8-B6C5-2CE6461C61B9}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [UDP Query User{CBA7DB7B-CC23-45E7-89C7-26DFD311338E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [TCP Query User{BD2665F3-3C93-45B8-B3BD-FCF97C79CAD1}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => Keine Datei FirewallRules: [UDP Query User{2A1DECA3-C808-4C2E-B2D4-F53751EC4EE0}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe => Keine Datei FirewallRules: [TCP Query User{0E1F01D7-4ECC-4388-8CBD-D6C06E0F65A7}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [UDP Query User{CA014726-0B04-4ECC-A317-6774BB67788C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [TCP Query User{EB02569C-6335-4092-A1F3-3095605372F2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{3E934087-26D2-407B-9781-7736EF642B79}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{865D31F4-771D-41B1-99A5-D1398D00991E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => Keine Datei FirewallRules: [{42B935C0-FA8E-4459-860A-564DDB3628E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe => Keine Datei FirewallRules: [TCP Query User{A1E333CF-33D7-4D07-AE92-1460CD2A5CA8}C:\program files (x86)\java\jre1.8.0_141\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_141\bin\java.exe => Keine Datei FirewallRules: [UDP Query User{29F2A620-8B27-45E1-94A7-9696AD7018D1}C:\program files (x86)\java\jre1.8.0_141\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_141\bin\java.exe => Keine Datei FirewallRules: [{18939A93-2949-4900-853D-C2699AC04D2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame.exe => Keine Datei FirewallRules: [{7FBA96C9-4C68-46E0-A063-B1D2D08FA170}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame.exe => Keine Datei FirewallRules: [{B4623F83-57DE-4CCD-BBB4-5A8DE7377EA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Miscreated\Bin64\Miscreated.exe => Keine Datei FirewallRules: [{A40E693F-27A0-48AF-A806-6496A13A2E38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Miscreated\Bin64\Miscreated.exe => Keine Datei FirewallRules: [{8E6CDDCE-D26A-4F33-83AF-9ADC808640A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Miscreated\EasyAntiCheat\EasyAntiCheat_x64.dll => Keine Datei FirewallRules: [{24DEA02A-D0C1-4A84-9F0B-613125345E97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Miscreated\EasyAntiCheat\EasyAntiCheat_x64.dll => Keine Datei FirewallRules: [TCP Query User{6B5FB213-C352-4078-A1AE-600252EE54D6}X:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) X:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Keine Datei FirewallRules: [UDP Query User{A07D79FE-78C8-4A55-AB69-AD9C4D74FC4E}X:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) X:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe => Keine Datei FirewallRules: [TCP Query User{6FBAF921-7F11-4AC7-B2A4-D73F19492F47}X:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) X:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => Keine Datei FirewallRules: [UDP Query User{E1843975-0D9C-45AB-B09D-6F66B76D87F4}X:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) X:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe => Keine Datei FirewallRules: [TCP Query User{A953205F-D248-4948-B708-BB4F573ECC52}X:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) X:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei FirewallRules: [UDP Query User{BBDD87FD-4D53-4024-94AD-2C9F012C7046}X:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) X:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei FirewallRules: [{6796B9CC-9A54-4AAA-A0DA-C445BAEBAF99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{1D9E4634-FBAD-4B31-AB13-2E73A018AE4F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{A317FDFB-1654-4E9E-972A-D1004F3D0324}X:\origin games\apex\r5apex.exe] => (Allow) X:\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [UDP Query User{FB25D668-3E73-47FD-AAEB-E2E920528589}X:\origin games\apex\r5apex.exe] => (Allow) X:\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [TCP Query User{48C47B05-F26F-41A9-B4A1-06E51C02649A}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT) FirewallRules: [UDP Query User{9A072889-7B84-4B0C-A9DF-E11BCEE6DB6B}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT) FirewallRules: [TCP Query User{558C61A4-CF78-4AC3-AA93-3651E3726496}C:\program files (x86)\steam\steamapps\common\xera\xera\binaries\win64\xera-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xera\xera\binaries\win64\xera-win64-shipping.exe => Keine Datei FirewallRules: [UDP Query User{D92740C3-1233-424D-A139-855D268B3631}C:\program files (x86)\steam\steamapps\common\xera\xera\binaries\win64\xera-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xera\xera\binaries\win64\xera-win64-shipping.exe => Keine Datei FirewallRules: [TCP Query User{C9ACB812-4CE5-4A17-BFBB-B3D293407A80}C:\program files (x86)\steam\steamapps\common\scum\scum\binaries\win64\scum.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\scum\scum\binaries\win64\scum.exe => Keine Datei FirewallRules: [UDP Query User{36850C67-4B9E-433A-8CC0-2CC63965E89F}C:\program files (x86)\steam\steamapps\common\scum\scum\binaries\win64\scum.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\scum\scum\binaries\win64\scum.exe => Keine Datei FirewallRules: [TCP Query User{EB1642D2-C5FB-4F63-B71C-12E178ABE8BD}C:\users\zeu5\appdata\local\discord\app-0.0.307\discord.exe] => (Allow) C:\users\zeu5\appdata\local\discord\app-0.0.307\discord.exe => Keine Datei FirewallRules: [UDP Query User{B2696791-48C5-4D33-95C2-C25F15F53950}C:\users\zeu5\appdata\local\discord\app-0.0.307\discord.exe] => (Allow) C:\users\zeu5\appdata\local\discord\app-0.0.307\discord.exe => Keine Datei FirewallRules: [{6B3F64E0-3D72-464E-ABE3-923D0ED43CFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => Keine Datei FirewallRules: [{FA9D609D-9EEE-45CF-9DDA-64F9A790C5BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe => Keine Datei FirewallRules: [{EF0784D4-B93A-4B00-BC4A-3357E8B3F96B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{5EFF8BA6-EF30-490B-8A8F-3E92E0950E2D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4C9588B2-9FE9-4C7B-9E89-B2A6C197367A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4B2ADD6B-EE30-437F-AAFC-04CC60E811A9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{B29DAF52-B9C9-4570-903A-CD274DB05DBE}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{40C8EB77-D1C6-4940-9FF2-40759A300FAB}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{2232AFD4-6EF2-4375-80AA-2DF090755861}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> ) FirewallRules: [UDP Query User{847E65BC-C1B6-450F-AE2E-6C66B0E166FF}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> ) FirewallRules: [TCP Query User{6F314CB4-635A-434C-9E77-22FFDEB6B982}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert] FirewallRules: [UDP Query User{BA84348B-ED9E-4FCA-B2DC-39B7810AF10F}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Datei ist nicht signiert] FirewallRules: [TCP Query User{69F3138E-12A2-4694-A139-CB585F2F21EC}X:\fortnite\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) X:\fortnite\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => Keine Datei FirewallRules: [UDP Query User{3871485B-38FB-4D8A-819E-BF66CF207551}X:\fortnite\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) X:\fortnite\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => Keine Datei FirewallRules: [{0D758A58-00A5-45F5-80C0-AEEE17D55EF7}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{03D4E348-2C4C-4805-8401-E13D7AA57FA9}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe (Voobly) [Datei ist nicht signiert] FirewallRules: [UDP Query User{299B1C67-654A-4C3A-A624-EB1653FC3C72}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe (Voobly) [Datei ist nicht signiert] FirewallRules: [TCP Query User{02F173C8-3A2D-476E-A7C0-D0D30472970B}C:\program files (x86)\microsoft games\age of mythology\aomxnocd.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomxnocd.exe (Ensemble Studios) [Datei ist nicht signiert] FirewallRules: [UDP Query User{353EBEAF-8EFE-4BF2-BC22-FA0A75831DF0}C:\program files (x86)\microsoft games\age of mythology\aomxnocd.exe] => (Allow) C:\program files (x86)\microsoft games\age of mythology\aomxnocd.exe (Ensemble Studios) [Datei ist nicht signiert] FirewallRules: [TCP Query User{0F944BE7-4977-4F9B-A6AD-8CF2029FCF48}C:\users\zeu5\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\zeu5\appdata\local\discord\app-1.0.9006\discord.exe => Keine Datei FirewallRules: [UDP Query User{0D257E55-B802-4373-B942-1D1081E30E27}C:\users\zeu5\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\zeu5\appdata\local\discord\app-1.0.9006\discord.exe => Keine Datei FirewallRules: [TCP Query User{BBE0BEB6-0224-4ABD-811C-A56BE68950A6}C:\program files (x86)\xtremetuner\xtremetuner_kfa2\xtreme tuner.exe] => (Allow) C:\program files (x86)\xtremetuner\xtremetuner_kfa2\xtreme tuner.exe (Galaxy Microsystems Ltd. -> Galaxy Microsystems Ltd) FirewallRules: [UDP Query User{1FF474F8-BB05-4410-AB7E-78F1BB6817E1}C:\program files (x86)\xtremetuner\xtremetuner_kfa2\xtreme tuner.exe] => (Allow) C:\program files (x86)\xtremetuner\xtremetuner_kfa2\xtreme tuner.exe (Galaxy Microsystems Ltd. -> Galaxy Microsystems Ltd) FirewallRules: [{050FC772-5782-4FC3-B466-FC4FD5E75BA4}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{CECA1C00-5371-4CA3-AF67-BCBB4E22B372}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{A797F2D6-00D1-4C63-8BA2-8458F8FD026A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{8CCD7F09-71F1-45C0-BD1C-79726653E9FC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{C990237D-37DD-4BFB-B39A-A245D91FB954}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{4819B823-0827-427E-B3BA-1534F6DD7AE5}] => (Allow) C:\Program Files\ATOMI\ActivePresenter\ActivePresenter.exe (Atomi Systems, Inc.) [Datei ist nicht signiert] FirewallRules: [{F9979268-41D1-45AE-899F-85DB4E55F416}] => (Allow) C:\Program Files\ATOMI\ActivePresenter\rlactivator.exe (Atomi Systems, Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{DC78F343-D37B-4737-804B-1AD45EBABD11}C:\users\zeu5\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\zeu5\appdata\local\discord\app-1.0.9008\discord.exe => Keine Datei FirewallRules: [UDP Query User{25E7678B-F7A3-4607-B01B-CAACDF2B1B83}C:\users\zeu5\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\zeu5\appdata\local\discord\app-1.0.9008\discord.exe => Keine Datei FirewallRules: [{E5FC8DFF-1E6A-498A-9FB4-92C1CDE1CC21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{94037D50-3BD5-4EB9-8CD3-1FEA570E31AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{AA59E69B-D463-4DFF-A75C-0CDB1590B30A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{5845B373-2B2B-4EEE-AF06-705C32FFDD2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{410F6674-770C-405D-AC93-1D96E62C9D63}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{26A2F549-2E78-4682-AA52-91FE4C8A5664}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{88B3CBE5-1912-484A-B30A-02BCDB2DDCFC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{ADB4224A-7B57-4CBF-90E2-177C6A25D91E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{429860BC-F7E4-47E2-9666-CADA0A0C13C3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{9CD814DB-D4E9-40A7-9F17-86DE3B284FAB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{B4C03D91-4396-456A-BA65-8A748FCEDC96}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B9E99C1F-DD0F-4705-B2ED-D4179B0C20A7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{3BACF3C4-2BFB-4FFC-9E85-0DD778A76A08}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CE7503F2-A741-46EC-91B7-5756F044D05E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4FC79F2D-C107-4A3F-BBF2-21605DE1712E}] => (Allow) X:\STEAM\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.) FirewallRules: [{F73019FF-E2BC-4DDC-86F3-BAE09FAAC5FF}] => (Allow) X:\STEAM\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.) FirewallRules: [{DA7C64F2-7B0E-4C1C-BE13-9B47CEF41B13}] => (Allow) X:\STEAM\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations) FirewallRules: [{768F7078-E524-4655-BD05-59769833EAC6}] => (Allow) X:\STEAM\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations) FirewallRules: [{2BDD1C88-28D0-42BA-A792-BDAC834F7CF6}] => (Allow) X:\STEAM\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.) FirewallRules: [{73DC2596-B6A8-4D82-A5D0-3EEFA92BA71D}] => (Allow) X:\STEAM\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.) FirewallRules: [TCP Query User{3745120D-D3A5-49FF-907E-D860148C281C}C:\users\zeu5\documents\1234\schwarze sonne rat 1.0\client.exe] => (Block) C:\users\zeu5\documents\1234\schwarze sonne rat 1.0\client.exe => Keine Datei FirewallRules: [UDP Query User{F93DB6F4-0580-4F75-9559-B01D3AB5A84F}C:\users\zeu5\documents\1234\schwarze sonne rat 1.0\client.exe] => (Block) C:\users\zeu5\documents\1234\schwarze sonne rat 1.0\client.exe => Keine Datei FirewallRules: [{7CFC2C2D-BF79-4F61-86D1-0B8A125A1E96}] => (Allow) X:\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{4E4FA759-F5CA-4938-AF14-2850FDB48D06}] => (Allow) X:\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{A82F2231-AB52-4886-B8EF-2744ACEB6FC9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.203\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9C90AE9A-BAAE-44D1-88AD-6E7A7BAE59E4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{FDF25F28-FB1C-4CFD-B356-0395FA25720E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.101.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4B6A7950-66F8-4CCE-B933-EA04CD4C4959}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.101.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BFF4FBEA-A7DA-4C84-A08C-016F3838DA6B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.101.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F9B0EFB3-40E5-4359-84C4-1F46FF7D8934}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.101.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Wiederherstellungspunkte ========================= 16-08-2023 12:35:46 Removed Python Launcher ==================== Fehlerhafte Geräte im Gerätemanager ============ ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (08/16/2023 12:17:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname zeu5-PC.local already in use; will try zeu5-PC-2.local instead Error: (08/16/2023 12:17:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 zeu5-PC.local. Addr 10.0.0.3 Error: (08/16/2023 12:17:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 10.0.0.3:5353 16 zeu5-PC.local. AAAA 2001:0871:0055:9BB6:402A:6DD6:DF2C:9EC7 Error: (08/16/2023 12:17:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 zeu5-PC.local. AAAA FE80:0000:0000:0000:3E87:0AE3:B2A8:FAE5 Error: (08/16/2023 12:17:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 10.0.0.3:5353 16 zeu5-PC.local. AAAA 2001:0871:0055:9BB6:402A:6DD6:DF2C:9EC7 Error: (08/16/2023 12:17:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 zeu5-PC.local. Addr 10.0.0.3 Error: (08/16/2023 12:17:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 10.0.0.3:5353 16 zeu5-PC.local. AAAA 2001:0871:0055:9BB6:402A:6DD6:DF2C:9EC7 Error: (08/16/2023 02:38:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15625 Systemfehler: ============= Error: (08/14/2023 02:30:17 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (08/13/2023 12:21:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/13/2023 12:21:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "NVIDIA LocalSystem Container" wurde mit folgendem Fehler beendet: Für einen allgemeinen Befehl wurde ein Ergebnis zurückgegeben, das auf einen Fehler hinweist. Error: (08/13/2023 12:09:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/13/2023 12:09:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "NVIDIA LocalSystem Container" wurde mit folgendem Fehler beendet: Für einen allgemeinen Befehl wurde ein Ergebnis zurückgegeben, das auf einen Fehler hinweist. Error: (08/09/2023 11:07:03 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde nicht richtig gestartet. Error: (08/09/2023 11:01:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "SecDrv" wurde aufgrund folgenden Fehlers nicht gestartet: Der Treiber konnte nicht geladen werden. Error: (08/09/2023 11:01:46 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS CodeIntegrity: =============== Date: 2022-12-02 12:42:35 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements. Date: 2022-12-02 12:42:34 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements. Date: 2022-09-25 11:08:57 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 3802 03/15/2018 Hauptplatine: ASUSTeK COMPUTER INC. Z170-A Prozessor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz Prozentuale Nutzung des RAM: 52% Installierter physikalischer RAM: 16321.28 MB Verfügbarer physikalischer RAM: 7686.82 MB Summe virtueller Speicher: 33631.47 MB Verfügbarer virtueller Speicher: 16767.28 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:930.92 GB) (Free:326.89 GB) (Model: WDC WD1003FZEX-00MK2A0) NTFS Drive x: (Volume) (Fixed) (Total:465.76 GB) (Free:250.37 GB) NTFS \\?\Volume{7d8e150a-0673-11e6-ae46-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{a236968c-0000-0000-0000-50c1e8000000}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 4F894457) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: A236968C) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=503 MB) - (Type=27) ==================== Ende von Addition.txt ======================= |
Themen zu Infektion durch Audacity von falscher Website / Windows CD von ebay? |
administrator, adobe, bonjour, defender, desktop, ebay, entfernen, firefox, geforce, google, homepage, malware, mozilla, nvidia, pdf, prozesse, realtek, rundll, scan, server, services.exe, software, system, usb, windows |