|
Plagegeister aller Art und deren Bekämpfung: Trojaner oobe-maintenance ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
23.12.2023, 22:01 | #1 |
| Trojaner oobe-maintenance ? Ich hatte einen Trainer für ein spiel gesucht.Diesen auch Runtergeladen.Dann entpackt und dann mit AVG Premium geprüft.Nichts wurde erkannt.Dann habe ich das Programm geöffnet.Es ist nichts passiert bis auf eine höhere auslastung.Programm hatt sich auch nicht geöffnet.Kurz danach meldete sich AVG mit der meldung oobe-maintenance.exe blockiert da es auf die in Chrome gespeicherten Passwörter zugreifen wollte. Bei Virustotal erkennen nur eine Handvoll Programme etwas. Hier einmal der Link zur Analyse. https://www.virustotal.com/gui/file/e859660e01722f81b903fc4ffd566592415ba152797785ec15b8899044846bce/detection Nun bin ich mir nicht sicher ob ich mir etwas eingefangen habe da sonst nichts passiert ist bisher.Bin mir nun nicht sicher ob im Hintergrund etwas ist was vielleicht nicht erkannt wurde von AVG. Hier zuerst FRST Log, dann Addition Log von FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-12-2023 durchgeführt von Marvin (Administrator) auf DESKTOP-J95DT60 (23-12-2023 21:35:07) Gestartet von C:\Users\Marvin\Desktop\FRST64.exe Geladene Profile: Marvin & Tim & Rendern Plattform: Microsoft Windows 10 Home Version 22H2 19045.3803 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () [Datei ist nicht signiert] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4> (A-Volute -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe (C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe (C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe ->) (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe (C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe ->) () [Datei ist nicht signiert] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (explorer.exe ->) (614A9D21-6F29-4C9D-9F7D-FF59321D9E5F -> ) C:\Program Files\WindowsApps\6760NGPDFLab.PDFX_1.3.59.0_x64__sbe4t8mqwq93a\FileWatcher\FileWatcher.exe (explorer.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <50> (explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (explorer.exe ->) (Savitech Corp. -> SAVITECH) C:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7> (Node.js Foundation -> Joyent, Inc) C:\ProgramData\DNTException\node.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\RealPlayer\downloader2.exe (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUSTeK Computer Inc\AURA\AsLedService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\VpnSvc.exe (services.exe ->) (Brio) [Datei ist nicht signiert] C:\Program Files\FolderSize\FolderSizeSvc.exe (services.exe ->) (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox) C:\Program Files\Agent\Agent.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe (services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe (services.exe ->) (Garena Online Pte Ltd -> Garena Online) X:\Garena Ring of Elysium\Garena\Garena\2.0.1812.2810\gxxsvc.exe (services.exe ->) (Hi-Rez Studios) [Datei ist nicht signiert] E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (services.exe ->) (Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (services.exe ->) (Intel(R) Software -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RTUWPSrvcMain.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files\TP-Link\WifiAutoInstall\WifiAutoInstallSrv.exe (services.exe ->) (Tencent Technology(Shenzhen) Company Limited -> Tencent) X:\txgameassistant\appmarket\QMEmulatorService.exe (services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe (svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt\IGCC.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.) HKLM\...\Run: [SS2UILauncher] => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [560144 2017-04-13] (A-Volute -> ASUSTeK COMPUTER INC.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229280 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [454072 2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [3912504 2022-01-19] () [Datei ist nicht signiert] HKLM\...\Run: [SVLoadSense] => C:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe [1762000 2015-09-21] (Savitech Corp. -> SAVITECH) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot) HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2019-07-17] (Razer USA Ltd. -> Razer Inc.) HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel(R) Driver & Support Assistant -> Intel) HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [347560 2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.) HKLM-x32\...\Run: [RealPlayer] => C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe [5939656 2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.) HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\Real\RealPlayer\downloader2.exe [1182120 2022-08-25] (RealNetworks, Inc. -> ) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [WallpaperEngine] => E:\steam\SteamApps\common\wallpaper_engine\wallpaper64.exe [3772512 2022-12-06] (Skutta, Kristjan -> ) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [Steam] => E:\steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [TBPanel] => C:\Program Files\EXPERTool\TBPanel.exe [3200824 2019-10-01] (GAINWARD TECHNOLOGY INT'L LIMITED -> Gainward Co. Ltd.) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [Agent Tray] => C:\Program Files\Agent\AgentTray.exe [1716664 2021-02-01] (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [Amazon Music Helper] => C:\Users\Marvin\AppData\Local\Amazon Music\Amazon Music Helper.exe [2364128 2022-11-16] (Amazon.com Services LLC -> Amazon.com Services LLC) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [Amazon Music] => C:\Users\Marvin\AppData\Local\Amazon Music\Amazon Music.exe [24274144 2022-11-16] (Amazon.com Services LLC -> Amazon.com Services LLC) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [GogGalaxy] => D:\GOG Galaxy\GalaxyClient.exe [13993440 2023-11-10] (GOG sp. z o.o -> GOG.com) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [MicrosoftEdgeAutoLaunch_F685726A62F3A6F634D755C9957574A5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Run: [Intel Management Engine Components 1506245864] => wscript.exe /t:30 /nologo /e:jscript "C:\ProgramData\Intel\Intel(R) Management Engine Components\Intel MEC 3330589457" "C:\ProgramData\Intel\Intel(R) Management Engine Components" 684161620 (Keine Datei) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {1e9672be-23da-11ee-a016-ba4873b892e3} - "I:\HonorSuiteOnlineInstaller.exe" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {2ebbad78-d4e1-11ea-9d4b-3497f63612b9} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {38fcf5cc-bb47-11ed-a001-97e2eca85ec1} - "I:\HonorSuiteOnlineInstaller.exe" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {3d20f68d-f89f-11ec-9fe0-ea633d51bb00} - "J:\HonorSuiteOnlineInstaller.exe" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {77b79e9d-1f13-11ec-9fb6-8808a3f08b52} - "J:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {792898c2-9e10-11eb-9ee1-ec562a522ac8} - "I:\AutoRun.exe" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\MountPoints2: {d531db6f-5c8f-11e7-9bc5-b81a02e388c4} - "J:\pushinst.exe" HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited) HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\Run: [Opera GX Browser Assistant] => C:\Users\Tim\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\MountPoints2: {d531db6f-5c8f-11e7-9bc5-b81a02e388c4} - "I:\pushinst.exe" HKU\S-1-5-21-2418357992-2173213262-1883250885-1003\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated) HKLM\...\Windows x64\Print Processors\Canon MP270 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9X.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MP270 series: c:\windows\system32\CNMLM9X.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\120.0.6099.129\Installer\chrmstp.exe [2023-12-22] (Google LLC -> Google LLC) Startup: C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AORUS ENGINE.lnk [2021-07-17] ShortcutTarget: AORUS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [Datei ist nicht signiert] Startup: C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-05-17] ShortcutTarget: Twitch.lnk -> C:\Users\Marvin\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FiiO Control Panel Autostart.lnk [2018-05-15] ShortcutTarget: FiiO Control Panel Autostart.lnk -> C:\Program Files\FiiO\FiiO_Driver\W10_x64\FiiOCplApp.exe (Thesycon Software Solutions GmbH & Co. KG) [Datei ist nicht signiert] GroupPolicy: Beschränkung ? <==== ACHTUNG Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {00f07bb2-457c-40e5-8741-09b64abb2d77} - kein Dateipfad. <==== ACHTUNG Task: {0319baef-e4bf-4d71-b4b6-8dca2744c615} - kein Dateipfad. <==== ACHTUNG Task: {042c75eb-4a0e-4057-bb89-9886c74e1152} - kein Dateipfad. <==== ACHTUNG Task: {07241685-de7a-4c40-93e4-d152313b2972} - kein Dateipfad. <==== ACHTUNG Task: {07841969-831e-4791-b8a5-17d733d1c29e} - kein Dateipfad. <==== ACHTUNG Task: {0a01be28-3f74-4c38-8992-1f5402abb9a6} - kein Dateipfad. <==== ACHTUNG Task: {0ac03db4-08a7-4447-9fa3-158ed99a7840} - kein Dateipfad. <==== ACHTUNG Task: {0b0ec497-cee8-4f9b-b2ef-b5bb0ec44642} - kein Dateipfad. <==== ACHTUNG Task: {0bdc092c-d2c6-4b4d-8206-bfab8d10a02d} - kein Dateipfad. <==== ACHTUNG Task: {0d92017f-c5a8-41f4-a75e-c512d0dd2851} - kein Dateipfad. <==== ACHTUNG Task: {100002ff-d498-49cb-ad89-edc5552909a4} - kein Dateipfad. <==== ACHTUNG Task: {10807429-dd67-4e69-b197-89e22acb104d} - kein Dateipfad. <==== ACHTUNG Task: {1110341b-2f38-4d42-bdab-e0b579087b0e} - kein Dateipfad. <==== ACHTUNG Task: {12f296f8-d58f-415a-a466-7bdc1cb93990} - kein Dateipfad. <==== ACHTUNG Task: {158e5808-5c61-43da-bc6a-ba3fce690fea} - kein Dateipfad. <==== ACHTUNG Task: {1941edeb-2f3e-43e5-95eb-9e3d09b12b59} - kein Dateipfad. <==== ACHTUNG Task: {1b50ef89-c9fc-4c7f-8223-0b708324bad0} - kein Dateipfad. <==== ACHTUNG Task: {1ca3831b-e35d-46a6-8936-94fee5c76406} - kein Dateipfad. <==== ACHTUNG Task: {1e3fe6ac-9245-462a-a8ef-ee929319b370} - kein Dateipfad. <==== ACHTUNG Task: {207b1281-5a32-41a3-9fcb-e623ccdf8a2a} - kein Dateipfad. <==== ACHTUNG Task: {214707f8-2f7f-4383-900a-d6b997fa3dc8} - kein Dateipfad. <==== ACHTUNG Task: {228207a3-84d4-49f8-83fd-4765fdc7822c} - kein Dateipfad. <==== ACHTUNG Task: {22a1239e-24e6-45a6-8d4b-19b709b4b9b4} - kein Dateipfad. <==== ACHTUNG Task: {22be5f78-172e-4d18-bde9-e8284ad2a464} - kein Dateipfad. <==== ACHTUNG Task: {23439c45-2bb0-4a2f-b22b-abed3cf96fbf} - kein Dateipfad. <==== ACHTUNG Task: {235237f4-abce-4ecc-bdca-d199f7a990b4} - kein Dateipfad. <==== ACHTUNG Task: {279155d2-b67e-44c3-9749-01c874945634} - kein Dateipfad. <==== ACHTUNG Task: {297806de-b978-4e50-ba49-6cba6e9c8ac6} - kein Dateipfad. <==== ACHTUNG Task: {2aaf06b0-d224-4316-8adc-5cece7849403} - kein Dateipfad. <==== ACHTUNG Task: {2bf37f55-67cb-42b2-a044-3a3d4394296a} - kein Dateipfad. <==== ACHTUNG Task: {2e0fcfaf-e07b-4033-afb6-11dbb6b9e67c} - kein Dateipfad. <==== ACHTUNG Task: {3014ffc8-c5c6-4aaa-b632-9076869382d0} - kein Dateipfad. <==== ACHTUNG Task: {307354f7-f537-41b5-9dd0-0c50547b4843} - kein Dateipfad. <==== ACHTUNG Task: {33edb24a-ba30-49a6-a105-1c213fe0e0ed} - kein Dateipfad. <==== ACHTUNG Task: {352891b2-02fe-4be4-9f37-0e282a709e5e} - kein Dateipfad. <==== ACHTUNG Task: {3997b9d0-16a3-4e67-915c-50ae4a3242ce} - kein Dateipfad. <==== ACHTUNG Task: {3c54cdf4-bc53-4007-82cf-9bcc0a3bebcd} - kein Dateipfad. <==== ACHTUNG Task: {4181a82c-d9b1-458f-92cd-d5840fbc7c0b} - kein Dateipfad. <==== ACHTUNG Task: {43cc9c90-bb3e-4432-9d6a-aa24c579db12} - kein Dateipfad. <==== ACHTUNG Task: {43ee5746-6346-457e-af12-d49470792b6c} - kein Dateipfad. <==== ACHTUNG Task: {44bce527-6714-4fe1-a658-0548ec169092} - kein Dateipfad. <==== ACHTUNG Task: {45019cf6-fbdd-4a6d-bf89-14127cc35850} - kein Dateipfad. <==== ACHTUNG Task: {48304661-5126-479b-a93f-a0fac3d66ab8} - kein Dateipfad. <==== ACHTUNG Task: {492914ce-13f3-4e4c-b652-68b0e780a39f} - kein Dateipfad. <==== ACHTUNG Task: {4c27da43-ae9e-4b4f-99b8-f360ae79228e} - kein Dateipfad. <==== ACHTUNG Task: {4e9a1dda-8e7a-445c-b6b1-2584d0ceb83f} - kein Dateipfad. <==== ACHTUNG Task: {4efc2bc3-e0d8-4c56-8b88-842f47cbc659} - kein Dateipfad. <==== ACHTUNG Task: {5036F7F5-53F4-454C-BBD1-5E0FE4909892} - System32\Tasks\SS2UILauncherRun Task: {51c0c18f-5112-4ff9-8169-528bf67b47c6} - kein Dateipfad. <==== ACHTUNG Task: {5204cf0c-c0b1-4872-a0df-ea7358561d2a} - kein Dateipfad. <==== ACHTUNG Task: {55E29943-393D-4F8D-BBA8-37D98560948B} - System32\Tasks\User_Feed_Synchronization-{3B53E115-3F87-4AA3-B87F-5E36793C6DE1} Task: {561b73b6-5b0e-40c1-853e-c8bc083edeed} - kein Dateipfad. <==== ACHTUNG Task: {575c385c-9d4e-47b5-a181-38ad34f887bc} - kein Dateipfad. <==== ACHTUNG Task: {5EC444B4-B6A9-4CD1-A7B5-FEA3609C7743} - System32\Tasks\Opera GX scheduled Autoupdate 1585424583 Task: {5eecacc4-3f94-440a-bfba-75aa5803b10f} - kein Dateipfad. <==== ACHTUNG Task: {636f7a6b-05af-4483-860a-b7bba6af79eb} - kein Dateipfad. <==== ACHTUNG Task: {654b2dc3-8e56-4baa-8b13-8e9b8d23ffc0} - kein Dateipfad. <==== ACHTUNG Task: {664857fa-6b20-4ffb-aaa8-d9669395fd1a} - kein Dateipfad. <==== ACHTUNG Task: {6d9ecedc-a500-4872-b1e0-d7b9aa54d96f} - kein Dateipfad. <==== ACHTUNG Task: {70d399fb-bdff-4221-a4be-8ab73cf5ff9f} - kein Dateipfad. <==== ACHTUNG Task: {71d6d8be-5903-45ec-a28b-658ed338214b} - kein Dateipfad. <==== ACHTUNG Task: {732bdf17-9b53-49cc-9378-4129d6853aae} - kein Dateipfad. <==== ACHTUNG Task: {749355b1-3b71-491a-92c4-0b74f14c91b9} - kein Dateipfad. <==== ACHTUNG Task: {7567a239-6281-48f4-84d8-4e67e58ab35b} - kein Dateipfad. <==== ACHTUNG Task: {7a0a7cad-3cbc-4344-a1d2-cc36227b22e4} - kein Dateipfad. <==== ACHTUNG Task: {7ace46c0-3a39-4e04-80bc-ea7609707466} - kein Dateipfad. <==== ACHTUNG Task: {805462BE-A322-484C-BC43-72C5125909FD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2418357992-2173213262-1883250885-1001 Task: {82254a9c-30a1-40f5-91ea-755f27610678} - kein Dateipfad. <==== ACHTUNG Task: {834457e0-67cf-4af2-ae6d-27a59a0dd105} - kein Dateipfad. <==== ACHTUNG Task: {8710e29c-6aab-415b-9714-cd2539f3c5fa} - kein Dateipfad. <==== ACHTUNG Task: {887d8616-0f54-4944-a358-1fa805c1284c} - kein Dateipfad. <==== ACHTUNG Task: {88ddabd5-1641-4dc9-9b1f-5284d4a0034e} - kein Dateipfad. <==== ACHTUNG Task: {8a0e20f4-d68f-4572-a1d6-a55732c4bf73} - kein Dateipfad. <==== ACHTUNG Task: {8A1F7FF7-1043-4901-8886-5EF4F5A108D5} - System32\Tasks\RealDownloader Update Check Task: {8d217de8-c25d-4b21-aa01-82072dfdae94} - kein Dateipfad. <==== ACHTUNG Task: {8d82e73a-e6e6-4efc-93fb-787962a58da1} - kein Dateipfad. <==== ACHTUNG Task: {8E23F49B-8816-4208-A48C-4B5B3FAA1FB3} - System32\Tasks\SS2svc32Run Task: {91f7ab51-30d4-4e6e-b230-47d897654872} - kein Dateipfad. <==== ACHTUNG Task: {966e565a-5335-4606-9877-1d444ce1aec4} - kein Dateipfad. <==== ACHTUNG Task: {96f69300-191e-4275-809f-cbedf2c3930a} - kein Dateipfad. <==== ACHTUNG Task: {97095884-dcb3-4828-a215-ab663423a0f1} - kein Dateipfad. <==== ACHTUNG Task: {97272ebe-bb86-4ec6-a189-b342f0674e7c} - kein Dateipfad. <==== ACHTUNG Task: {9898a0c4-9743-42dd-9eeb-8bbbc7e7dda3} - kein Dateipfad. <==== ACHTUNG Task: {9b535b07-8673-44bc-9e80-09f7d510261c} - kein Dateipfad. <==== ACHTUNG Task: {9c269520-2ef9-445e-9780-c1f531318536} - kein Dateipfad. <==== ACHTUNG Task: {9e64924d-554c-4be1-b646-32761ae7fb12} - kein Dateipfad. <==== ACHTUNG Task: {a2b8bef3-b7d3-46c2-8e25-2f82b0ce7128} - kein Dateipfad. <==== ACHTUNG Task: {a2dee4c4-d117-44bd-b609-4b4f7e3563cb} - kein Dateipfad. <==== ACHTUNG Task: {a39ed01b-e77e-4e63-8b2b-5bb15107d252} - kein Dateipfad. <==== ACHTUNG Task: {a414e34a-bd49-4c55-a430-276ce6857b3a} - kein Dateipfad. <==== ACHTUNG Task: {a5035283-8fd9-4890-870f-5bad66c734e0} - kein Dateipfad. <==== ACHTUNG Task: {aec3a828-98e4-43cf-a047-02f6727d3583} - kein Dateipfad. <==== ACHTUNG Task: {b15354a1-306e-41e9-a1b4-a82c61d9caa5} - kein Dateipfad. <==== ACHTUNG Task: {b6032447-c9d2-436c-a2cd-812e7ea46465} - kein Dateipfad. <==== ACHTUNG Task: {b7f1c81b-076e-4623-9dd6-7ee2c34b8899} - kein Dateipfad. <==== ACHTUNG Task: {b82be94d-e829-4433-88dc-0b01617cfe69} - kein Dateipfad. <==== ACHTUNG Task: {BB028CC1-5198-4A60-B3E4-0CE392B8EBA0} - System32\Tasks\SS2svc64Run Task: {bbd375b8-6a95-4ce2-be0f-fa156d7164f2} - kein Dateipfad. <==== ACHTUNG Task: {bd2264a0-10be-4ccb-a5bd-46de3d0989e0} - kein Dateipfad. <==== ACHTUNG Task: {bdbdb72d-48b4-451f-b7fb-35007ccb31c5} - kein Dateipfad. <==== ACHTUNG Task: {bf8a77e5-8935-4bd1-a2c6-4029235b64bd} - kein Dateipfad. <==== ACHTUNG Task: {c29067eb-e5aa-4fef-a33e-e1dd6f7e542d} - kein Dateipfad. <==== ACHTUNG Task: {c545716f-870e-4401-9651-021a21a05914} - kein Dateipfad. <==== ACHTUNG Task: {c7b68c0e-b2ef-4721-b0dc-8b0266e07d1a} - kein Dateipfad. <==== ACHTUNG Task: {cad4fe3b-70a4-43f4-a31c-0295a374df94} - kein Dateipfad. <==== ACHTUNG Task: {cd26d286-05ce-4ede-88ac-32165c28f60e} - kein Dateipfad. <==== ACHTUNG Task: {cd9cc8e4-3fe7-4c91-9811-b544ba41fb28} - kein Dateipfad. <==== ACHTUNG Task: {cda07290-9bf6-4ee9-a02a-414af6017c69} - kein Dateipfad. <==== ACHTUNG Task: {d084f7a6-d80a-4666-9651-00dd22c98b73} - kein Dateipfad. <==== ACHTUNG Task: {d204c531-9a19-4659-a845-6e7116c62de7} - kein Dateipfad. <==== ACHTUNG Task: {d25be5ea-cc62-4341-a3bf-722104900af1} - kein Dateipfad. <==== ACHTUNG Task: {D6803D50-2A13-4273-976A-6FA77AD5C1EB} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1625436684 Task: {d68e3570-cd38-4a2e-91da-fe4aaa8e2556} - kein Dateipfad. <==== ACHTUNG Task: {d6ea4f8e-86d0-4a09-b21b-9bc30d02a3e3} - kein Dateipfad. <==== ACHTUNG Task: {d6efd2a4-13cd-42ff-9f02-847e62e1b115} - kein Dateipfad. <==== ACHTUNG Task: {d8b8f4ed-b960-43a0-b4d7-c38210e4274b} - kein Dateipfad. <==== ACHTUNG Task: {db225801-fb29-4ec3-8d85-e2cac88143c3} - kein Dateipfad. <==== ACHTUNG Task: {dc352cda-eee8-4e7b-8a7f-e160813d5cb4} - kein Dateipfad. <==== ACHTUNG Task: {dc62c5ca-b30e-4c66-a528-a4d730583a39} - kein Dateipfad. <==== ACHTUNG Task: {ddbf1751-d24e-42df-95dc-2765e7973f1e} - kein Dateipfad. <==== ACHTUNG Task: {e1e9d896-b193-4233-9bf8-208af2e91424} - kein Dateipfad. <==== ACHTUNG Task: {e2018ac5-5de8-4809-a3f6-a5637e807e6d} - kein Dateipfad. <==== ACHTUNG Task: {e3d06395-940b-4c10-8361-8757a1f70129} - kein Dateipfad. <==== ACHTUNG Task: {e3e218be-ca5f-4a07-9d18-4169ae0f6126} - kein Dateipfad. <==== ACHTUNG Task: {E484CABF-BDD8-4777-811D-BFB4FACBFAB3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2418357992-2173213262-1883250885-1001 Task: {ee6f00b9-08f7-4c59-98ed-cfdf4db14780} - kein Dateipfad. <==== ACHTUNG Task: {f33d4706-ded7-44f6-83eb-98cc5d9e621f} - kein Dateipfad. <==== ACHTUNG Task: {f57ebc75-47de-4b2d-9699-170e844b18ce} - kein Dateipfad. <==== ACHTUNG Task: {f72bffa4-6f24-425f-a602-1b1c2104e5d9} - kein Dateipfad. <==== ACHTUNG Task: {f7371c13-90a8-4a26-89d2-31a8969894bb} - kein Dateipfad. <==== ACHTUNG Task: {F8285B74-E97F-4882-BE43-F19FBFC378F9} - System32\Tasks\Opera scheduled Autoupdate 1664313497 Task: {fa46fda0-c26a-4e04-b73e-2d34c84ad9fa} - kein Dateipfad. <==== ACHTUNG Task: {fb50bc3d-9f89-4dcf-918a-c25bd3e9adc6} - kein Dateipfad. <==== ACHTUNG Task: {fd806eca-4320-4eec-bd12-21bdbf78c14f} - kein Dateipfad. <==== ACHTUNG Task: {ffa5da8a-a184-49fe-96d5-e1b38055399f} - kein Dateipfad. <==== ACHTUNG Task: {F414150B-AAF9-4A8C-87E4-CAC9B71038AB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.) Task: {AA8EBBF4-DC47-4608-A430-B3CE50E85536} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5131712 2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {FF0A273A-50D9-4E3D-904C-B298E3C8B4EA} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2096088 2018-01-04] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {A45CE2C7-6B48-4349-872A-6EFFE4AF1B8E} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1448408 2017-11-24] (ASUSTeK Computer Inc. -> ) Task: {8287D436-3798-4014-9206-D6A72CA4B8B3} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4417496 2017-11-24] (ASUSTeK Computer Inc. -> TODO: <Company name>) Task: {E052EBF5-7458-440C-A479-8F17EFE82996} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [3646264 2014-05-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {F3ECBFC4-5C91-4388-8A10-0324E4AE23BB} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [238392 2013-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {1FCF8C12-D083-4D16-8BEC-4A9C7C0DAAB5} - System32\Tasks\AVG Secure VPN Update => C:\Program Files\AVG\Secure VPN\VpnUpdate.exe [1435584 2023-11-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {D040DB88-3554-42D1-933E-210B43A9712C} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [7523256 2023-12-05] (AVG Technologies USA, LLC -> AVG Technologies) Task: {5B591A5D-2D06-4DEB-8931-21CF58EF8421} - System32\Tasks\AVG\AVG Secure VPN Bug Report => C:\Program Files\AVG\Secure VPN\AvBugReport.exe [4845496 2023-11-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 12 --programpath "C:\Program Files\AVG\Secure VPN" --configpath "C:\ProgramData\AVG\Secure VPN" --path "C:\ProgramData\AVG\Secure VPN\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\Secure VPN\log" --guid 6a64cff7-7d7f-4442-8b06-9d (Der Dateneintrag hat 10 mehr Zeichen). Task: {1021AA1E-5D96-4F77-A90E-10D65ED37FF3} - System32\Tasks\AVG\AVG Secure VPN Update => C:\Program Files\Common Files\AVG\Icarus\avg-vpn\icarus.exe [7116728 2023-11-06] (AVG Technologies USA, LLC -> AVG Technologies) Task: {E65A42D2-03AE-4019-BDBA-3FC4A4E446B7} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [4760376 2022-01-19] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --guid 0ecda659-4293-40dd-a13c-5843a3e3e0ea Task: {CCD77423-548F-4F9B-86D5-A9FBFA4AC020} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [6500152 2022-01-18] () [Datei ist nicht signiert] Task: {2ED9C832-2DEC-4391-9AAE-D737A55A93A2} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2181560 2023-08-11] (AVG Technologies USA, LLC -> AVG Technologies) Task: {F9FFF4CD-70C6-45FE-816D-9F2799888FAF} - System32\Tasks\BlueStacksHelper => X:\bluestaks\BlueStacks\Client\Helper\BlueStacksHelper.exe [754472 2021-04-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {48A328DA-F293-4376-B5D7-1ED61161761B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {0A6B212E-9321-4B95-BEEC-E28839557F97} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "6fff7926-25e0-4a8b-8bf5-c1ee5dafeca9" --version "6.19.10858" --silent Task: {CAAA30F4-C186-44B0-8440-B4FA367E1B0A} - System32\Tasks\CCleanerSkipUAC - Marvin => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {652AAA65-E396-45FC-9DE3-0CF026B7F816} - System32\Tasks\CCleanerSkipUAC - Tim => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {ADABE50A-69AC-458E-A166-10136728D9AA} - System32\Tasks\EXPERTool => C:\Program Files\EXPERTool\TBPanel.exe [3200824 2019-10-01] (GAINWARD TECHNOLOGY INT'L LIMITED -> Gainward Co. Ltd.) Task: {799F7868-A517-46DF-9C16-760B94194DBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-29] (Google Inc -> Google Inc.) Task: {64270C35-BFC2-48A1-94E6-DF309DA3FC71} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-29] (Google Inc -> Google Inc.) Task: {70F114BE-DAB8-45F7-8DC5-D5227CBC0D45} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {3586B9B9-B408-4EE8-B2C6-E29BF28899C7} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation) Task: {67A8FC8F-2BF6-4247-8D9F-C02F1E35DF91} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [33947520 2021-06-15] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.) Task: {1E3A79DB-606F-48D2-85D1-4271449E51EA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-23] (Mozilla Corporation -> Mozilla Foundation) Task: {F47D6ADD-EAB2-4B7E-AAA5-B8DD774D21B8} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) Task: {8A2809F6-9D14-43F4-AC23-62C564A1264E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {AF9E02EA-AE0B-4945-95FB-1723F4956F2A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {463DDF5A-67A8-4AA5-9480-17AA0375A3C9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9BAFAD45-810E-45E7-9F7A-B63D4B31CB9E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {31DE3C54-A912-4FF5-B42C-BCEAE5A2A0E7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {12B026D9-3C69-40BF-A1B3-1DFF1799BA36} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {64018113-FC47-463C-AFDA-ED595B6E1062} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {CA762E68-DB2E-4028-BC5A-7CA10C4AC1FA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A6C80720-5BBD-4E9C-9717-23D1049C2917} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4EEFED73-BBE8-4546-9949-1D91D4548D91} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2418357992-2173213262-1883250885-1001 => C:\Program Files (x86)\Real\RealPlayer\realupgrade.exe [129960 2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.) Task: {12CB6759-63F2-4675-96EB-F783E27DB1BE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2418357992-2173213262-1883250885-1001 => C:\Program Files (x86)\Real\RealPlayer\realupgrade.exe [129960 2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.) Task: {9EC204AF-D19F-4B7B-A5FC-E57B786A6E16} - System32\Tasks\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\NVIDIA RTX Voice.exe [5133296 2020-04-08] (NVIDIA Corporation -> Nvidia Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\gxx speed launcher.job => X:\Garena Ring of Elysium\Garena\Garena\Garena.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{345d741a-96f1-4bcf-a1a3-23bd110b1607}: [NameServer] 100.124.58.1 Tcpip\..\Interfaces\{421e292d-d30a-4c4d-a2a1-662d0e1196ce}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{421e292d-d30a-4c4d-a2a1-662d0e1196ce}: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{421e292d-d30a-4c4d-a2a1-662d0e1196ce}\7416C616879702144303F55374548545: [DhcpNameServer] 192.168.66.103 Tcpip\..\Interfaces\{421e292d-d30a-4c4d-a2a1-662d0e1196ce}\D46444: [DhcpNameServer] 192.168.123.79 Tcpip\..\Interfaces\{4bf0b090-4606-44ba-9c2e-7d9a559a20b3}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}\0777E65646: [DhcpNameServer] 192.168.4.1 Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}\4556E646160254874756E6465627: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}\4556E646160254874756E6465627: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}\4556E64616F5548545: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{86f3efbd-ae18-44b3-a50f-fb68fd9475cc}\64162797C496E6B6F5543403036443: [DhcpNameServer] 192.168.4.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Marvin\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-23] Edge Session Restore: Default -> ist aktiviert. Edge Extension: (Google Docs Offline) - C:\Users\Marvin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-29] Edge Extension: (Edge relevant text changes) - C:\Users\Marvin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-25] Edge Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Marvin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2023-12-13] FireFox: ======== FF DefaultProfile: 5ivp05vd.default FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default [2023-12-23] FF NetworkProxy: Mozilla\Firefox\Profiles\5ivp05vd.default -> type", 0 FF Session Restore: Mozilla\Firefox\Profiles\5ivp05vd.default -> ist aktiviert. FF Extension: (Ant Video downloader) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\anttoolbar@ant.com.xpi [2022-01-19] FF Extension: (MyJDownloader Browser Erweiterung) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2021-07-05] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json] FF Extension: (Popupblocker) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\{05ce2135-ced2-4272-97b0-c00c00a93355}.xpi [2022-09-11] FF Extension: (Slither.io Mods, Zoom, Unlock Skins, Bots) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\{6c7508bb-bf74-4b04-b41d-8d11872b0538}.xpi [2018-10-07] FF Extension: (NoScript) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2023-12-20] FF Extension: (Video DownloadHelper) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-08-26] FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\5ivp05vd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-26] FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2019-05-05] [] FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2019-05-05] FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-06-26] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @real.com/nppl3260;version=20.1.0.313 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=20.1.0.313 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2022-08-25] (RealNetworks, Inc. -> RealPlayer) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2418357992-2173213262-1883250885-1001: @ipcocx.com/npipcam;version=1.0 -> C:\Program Files (x86)\Common Files\IPCOCX2.0\IPCCameraOCX\npipcam.dll [2019-09-17] () [Datei ist nicht signiert] FF Plugin HKU\S-1-5-21-2418357992-2173213262-1883250885-1001: @ipcpbocx.com/npipcpb;version=1.0 -> C:\Program Files (x86)\Common Files\IPCOCX2.0\IPCCameraOCX\npipcpb.dll [2019-09-17] () [Datei ist nicht signiert] FF Plugin HKU\S-1-5-21-2418357992-2173213262-1883250885-1001: webnp/nsstPlugin -> C:\Users\Marvin\AppData\Roaming\WebPlugin\npnsstPlugin.dll [2016-03-15] (webnp) [Datei ist nicht signiert] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default [2023-12-23] CHR Notifications: Default -> hxxps://motheremutand.info; hxxps://rp-online.de; hxxps://www.auto-motor-und-sport.de; hxxps://www.autoscout24.de; hxxps://www.derwesten.de; hxxps://www.motor-talk.de CHR HomePage: Default -> hxxp://mysearch.avg.com?cid={A700F133-A495-4473-B9C3-56562EB2A93D}&mid=caf5dca0807947d28ff96d4c05ef2980-9b0c7dac13d189ad8797740668000eb7c4477c1b&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-18 14:17:46&v=18.0.0.248&pid=safeguard&sg=&sap=hp CHR StartupUrls: Default -> "hxxp://google.de/" CHR Session Restore: Default -> ist aktiviert. CHR Extension: (ProxFlow) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2021-05-11] CHR Extension: (Google Übersetzer) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22] CHR Extension: (Pop-up-Blocker für Chrome™ - Poper Blocker) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2023-12-18] CHR Extension: (Honey: Automatische Coupons & Prämien) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-12-15] CHR Extension: (Steam Inventory Helper) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2023-12-22] CHR Extension: (Video Downloader Professional) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2023-04-19] CHR Extension: (MyJDownloader Browser Erweiterung) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28] CHR Extension: (Mino (früher Minty) - Automatische Coupons) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fefnkplkicihcoenmljhbihhaaagjhpp [2023-12-12] CHR Extension: (Google Docs Offline) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17] CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-12-13] CHR Extension: (LetyShops — Cashback Service) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lphicbbhfmllgmomkkhjfkpbdlncafbn [2023-08-24] CHR Extension: (Coupert - Coupon Assistent & Cashback) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2023-12-20] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Spam Them Back) - C:\Users\Marvin\Music\youve-got-spam [2022-07-15] CHR Profile: C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-05-30] CHR Profile: C:\Users\Marvin\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-03] CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2019-05-05] CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2019-05-05] Opera: ======= OPR Profile: C:\Users\Marvin\AppData\Roaming\Opera Software\Opera Stable [2023-11-05] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Marvin\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-10-27] OPR Extension: (Opera Wallet) - C:\Users\Marvin\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-09-16] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Marvin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-09-27] StartMenuInternet: (HKU\S-1-5-21-2418357992-2173213262-1883250885-1002) Opera GXStable - "C:\Users\Tim\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.) R2 Agent; C:\Program Files\Agent\Agent.exe [9797560 2021-02-01] (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2015-06-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2017-06-29] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] R2 ASUS LED Control Service; C:\Program Files (x86)\ASUSTeK Computer Inc\AURA\AsLedService.exe [296240 2016-06-01] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Datei ist nicht signiert] R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [789952 2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [2408384 2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [1194424 2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [9090496 2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-05-31] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-09-01] (BattlEye Innovations e.K. -> ) S2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [13745976 2022-01-19] () [Datei ist nicht signiert] R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel(R) Driver & Support Assistant -> Intel) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2023-06-10] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-01-13] (EasyAntiCheat Oy -> Epic Games, Inc.) R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [Datei ist nicht signiert] R2 FoxitReaderUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitReaderUpdateService.exe [2357864 2020-08-31] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-09-12] (FUTUREMARK INC -> Futuremark) S3 GalaxyClientService; D:\GOG Galaxy\GalaxyClientService.exe [2350048 2023-11-10] (GOG sp. z o.o -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-08-24] (GOG sp. z o.o -> GOG.com) R2 GarenaPlatform; X:\Garena Ring of Elysium\Garena\Garena\2.0.1812.2810\gxxsvc.exe [320520 2018-12-28] (Garena Online Pte Ltd -> Garena Online) U2 HiPatchService; E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-03-01] (Hi-Rez Studios) [Datei ist nicht signiert] S3 HnGSteamService; D:\steam\steamapps\common\Heroes & Generals\hngservice.exe [788776 2021-04-03] (Reto-Moto ApS -> Reto-Moto ApS) [Datei ist nicht signiert] R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.) S3 luminati_net_updater_win_earnapp_com; C:\Program Files (x86)\EarnApp\net_updater32.exe [9123416 2022-09-05] (Bright Data Ltd -> BrightData Ltd. (certified)) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9405400 2023-12-23] (Malwarebytes Inc. -> Malwarebytes) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe [1274992 2023-12-08] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2018-04-21] (Even Balance, Inc. -> ) S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [98624 2020-07-22] (ProtonVPN AG -> ) S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-07-22] (ProtonVPN AG -> ) R2 QMEmulatorService; X:\TxGameAssistant\AppMarket\QMEmulatorService.exe [198736 2020-08-15] (Tencent Technology(Shenzhen) Company Limited -> Tencent) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [447080 2019-07-24] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943240 2019-07-24] (Razer USA Ltd. -> Razer Inc.) R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [38856 2022-07-05] (RealNetworks, Inc. -> RealNetworks, Inc.) R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [991176 2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.) S3 Rockstar Service; G:\Launcher\RockstarService.exe [1244144 2023-06-30] (Rockstar Games, Inc. -> Rockstar Games) R2 RTUsbSwSrvc; C:\WINDOWS\RTUWPSrvcMain.exe [956816 2023-01-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R2 SecureVPN; C:\Program Files\AVG\Secure VPN\VpnSvc.exe [11227072 2023-11-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WifiAutoInstallSrv; C:\Program Files\TP-Link\WifiAutoInstall\WifiAutoInstallSrv.exe [141368 2021-02-08] (Realtek Semiconductor Corp. -> Realtek) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited) ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [22192 2015-10-19] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-06-29] (ASUSTeK Computer Inc. -> ) R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-25] (ASUSTeK Computer Inc. -> ) R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [243176 2023-12-22] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [394048 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [298024 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [96616 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [26096 2023-11-17] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [39792 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [276888 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [561928 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [105392 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [80568 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [952896 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [711696 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R3 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [213336 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) S3 avgTap; C:\WINDOWS\System32\drivers\avgTap.sys [54888 2018-09-05] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project) R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [319712 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) S3 avgVpnRdr; C:\WINDOWS\System32\drivers\avgVpnRdr.sys [76552 2023-07-30] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.) R3 avgWintun; C:\WINDOWS\System32\drivers\avgWintun.sys [51712 2022-12-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgWireGuard; C:\WINDOWS\System32\drivers\avgWireguard.sys [499048 2022-08-17] (AVG Technologies USA, LLC -> WireGuard LLC) S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-10-25] (Bluestack Systems, Inc. -> Bluestack System Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [74872 2023-02-28] (Microsoft Windows Hardware Compatibility Publisher -> wch.cn) S3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45968 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) S3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21904 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) S3 CYUSB3; C:\WINDOWS\System32\Drivers\CYUSB3.sys [62648 2014-09-18] (Cypress Semiconductor Technology India Pvt Ltd. -> Cypress Semiconductor) R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 gdrv3; C:\WINDOWS\gdrv3.sys [36352 2023-10-24] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.) S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\RGBFusion\GVCIDrv64.sys [18432 2019-12-08] (Microsoft Windows Hardware Compatibility Publisher -> ) R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2017-12-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-05-07] (Logitech Inc -> Logitech Inc.) R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2023-09-26] (MyTestCertificate -> Oracle Corporation) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-06-27] (Logitech Inc -> Logitech Inc.) S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2017-06-27] (Logitech -> Logitech Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222784 2023-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-12-23] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2023-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2023-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188008 2023-12-23] (Malwarebytes Inc. -> Malwarebytes) R2 mi2c; C:\WINDOWS\system32\drivers\mi2c.sys [20784 2017-08-27] (AOC International (Europe) GmbH -> Nicomsoft Ltd.) R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2021-07-17] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) R3 rtwlanu6; C:\WINDOWS\System32\drivers\rtwlanu6.sys [7487408 2023-01-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> ) R1 SvThLSNS; C:\Program Files (x86)\SAVITECH\SVLoadSense\x64\SvThLSNS.sys [15184 2015-09-21] (Savitech Corp. -> Windows (R) Win 7 DDK provider) S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project) S3 TESMON; C:\WINDOWS\system32\drivers\TesMon.sys [2133640 2018-07-24] (Tencent Technology(Shenzhen) Company Limited -> Tencent) S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [812208 2020-05-09] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2020-01-16] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 UniSafe; C:\WINDOWS\system32\drivers\UniSafe.sys [581912 2020-07-03] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49664 2022-07-13] (Microsoft Corporation) [Datei ist nicht signiert] S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-02] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-02] (Microsoft Windows -> Microsoft Corporation) S3 X6va064; C:\WINDOWS\SysWOW64\Drivers\X6va064 [29000 2017-10-07] (Wiselogic Co., Ltd. -> ) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2023-12-09] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation) S3 ALSysIO; \??\C:\Users\Tim\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG U3 avgArDisk; kein ImagePath S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-12-23 21:27 - 2023-12-23 21:29 - 000117167 ____C C:\Users\Marvin\Desktop\Addition.txt 2023-12-23 21:25 - 2023-12-23 21:35 - 000069987 ____C C:\Users\Marvin\Desktop\FRST.txt 2023-12-23 21:25 - 2023-12-23 21:35 - 000000000 ____D C:\FRST 2023-12-23 21:24 - 2023-12-23 21:24 - 002387456 ____C (Farbar) C:\Users\Marvin\Desktop\FRST64.exe 2023-12-23 21:11 - 2023-12-23 21:11 - 000188008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2023-12-23 21:10 - 2023-12-23 21:10 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2023-12-23 21:07 - 2023-12-23 21:11 - 000000000 ___DC C:\Users\Marvin\AppData\Local\Malwarebytes 2023-12-23 19:00 - 2023-12-23 19:00 - 009798776 ____C (ESET) C:\Users\Marvin\Desktop\eset_smart_security_premium_live_installer.exe 2023-12-23 18:39 - 2023-12-23 18:39 - 000000000 ___HD C:\ProgramData\DNTException 2023-12-23 18:37 - 2023-12-23 18:37 - 000000000 ___DC C:\Users\Marvin\AppData\Roaming\notepadServer 2023-12-23 18:36 - 2023-12-23 18:36 - 000000000 ____D C:\ProgramData\Macrium 2023-12-22 14:22 - 2023-12-21 14:40 - 000314304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe 2023-12-18 17:51 - 2023-12-18 17:51 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2023-12-18 17:46 - 2023-12-08 02:23 - 001487368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2023-12-18 17:46 - 2023-12-08 02:23 - 001424064 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2023-12-18 17:46 - 2023-12-08 02:23 - 001424064 _____ C:\WINDOWS\system32\vulkan-1.dll 2023-12-18 17:46 - 2023-12-08 02:23 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2023-12-18 17:46 - 2023-12-08 02:23 - 001246400 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2023-12-18 17:46 - 2023-12-08 02:23 - 001227288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2023-12-18 17:46 - 2023-12-08 02:23 - 000850616 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2023-12-18 17:46 - 2023-12-08 02:23 - 000850616 _____ C:\WINDOWS\system32\vulkaninfo.exe 2023-12-18 17:46 - 2023-12-08 02:23 - 000731320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2023-12-18 17:46 - 2023-12-08 02:23 - 000731320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2023-12-18 17:45 - 2023-12-08 02:19 - 000957960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2023-12-18 17:45 - 2023-12-08 02:19 - 000670232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2023-12-18 17:45 - 2023-12-08 02:19 - 000505480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2023-12-18 17:45 - 2023-12-08 02:18 - 012375688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2023-12-18 17:45 - 2023-12-08 02:18 - 002170992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2023-12-18 17:45 - 2023-12-08 02:18 - 001624712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2023-12-18 17:45 - 2023-12-08 02:18 - 001541256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2023-12-18 17:45 - 2023-12-08 02:18 - 001198728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2023-12-18 17:45 - 2023-12-08 02:18 - 000997512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2023-12-18 17:45 - 2023-12-08 02:18 - 000810096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2023-12-18 17:45 - 2023-12-08 02:18 - 000773744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2023-12-18 17:45 - 2023-12-08 02:18 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2023-12-18 17:45 - 2023-12-08 02:17 - 015095408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2023-12-18 17:45 - 2023-12-08 02:17 - 006462600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2023-12-18 17:45 - 2023-12-08 02:17 - 005862512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2023-12-18 17:45 - 2023-12-08 02:17 - 005861000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2023-12-18 17:45 - 2023-12-08 02:17 - 003620488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2023-12-18 17:45 - 2023-12-08 02:17 - 000853640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2023-12-18 17:45 - 2023-12-08 02:16 - 006745768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2023-12-18 17:45 - 2023-12-07 00:05 - 000113947 _____ C:\WINDOWS\system32\nvinfo.pb 2023-12-17 18:02 - 2023-12-17 18:02 - 000000000 ____D C:\WINDOWS\InboxApps 2023-12-16 00:14 - 2023-12-16 00:14 - 000000718 ____C C:\Users\Marvin\Desktop\Ready or Not.lnk 2023-12-16 00:14 - 2023-12-16 00:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ready or Not 2023-12-13 16:40 - 2023-12-13 16:40 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2023-12-13 16:31 - 2023-12-13 16:31 - 000000000 ___HD C:\$WinREAgent 2023-12-09 18:49 - 2023-12-09 18:49 - 000000947 ____C C:\Users\Marvin\Desktop\Starfield.exe.lnk 2023-12-09 15:40 - 2023-12-23 16:05 - 000000000 ___DC C:\Users\Marvin\.BigNox 2023-12-09 15:40 - 2023-12-09 15:40 - 000000670 ____C C:\Users\Marvin\Desktop\Multi-Drive.lnk 2023-12-09 15:40 - 2023-12-09 15:40 - 000000619 ____C C:\Users\Marvin\Desktop\Nox.lnk 2023-12-09 15:40 - 2023-12-09 15:40 - 000000000 ____D C:\Program Files (x86)\Bignox 2023-12-03 01:55 - 2023-12-03 01:55 - 000000000 ___DC C:\Users\Tim\AppData\Local\D3DSCache 2023-12-03 01:53 - 2023-12-03 01:53 - 000000000 ___DC C:\Users\Tim\AppData\Roaming\Real 2023-12-03 01:53 - 2023-12-03 01:53 - 000000000 ___DC C:\Users\Tim\AppData\Local\Real 2023-12-03 01:52 - 2023-12-03 01:53 - 000000000 ___DC C:\Users\Tim\AppData\Roaming\Greenshot 2023-12-03 01:52 - 2023-12-03 01:52 - 000000000 ___DC C:\Users\Tim\AppData\LocalLow\NVIDIA 2023-12-03 01:52 - 2023-12-03 01:52 - 000000000 ___DC C:\Users\Tim\AppData\Local\NVIDIA 2023-12-03 01:52 - 2023-12-03 01:52 - 000000000 ___DC C:\Users\Tim\AppData\Local\Greenshot 2023-12-01 20:04 - 2023-12-23 18:25 - 000002194 ____C C:\Users\Marvin\Desktop\WeMod.lnk 2023-12-01 20:04 - 2023-12-23 18:25 - 000000000 ___DC C:\Users\Marvin\AppData\Local\WeMod 2023-12-01 20:04 - 2023-12-01 20:04 - 000144416 ____C (WeMod LLC) C:\Users\Marvin\Downloads\Ready Or Not Trainer Setup.exe ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-12-23 21:35 - 2017-06-29 07:16 - 000000000 ___DC C:\Users\Marvin\AppData\Roaming\NetSpeedMonitor 2023-12-23 21:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-12-23 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-12-23 21:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-12-23 21:17 - 2020-09-20 14:52 - 000000000 ____D C:\Program Files\Process Hacker 2 2023-12-23 21:17 - 2020-08-28 17:16 - 000000000 ___DC C:\Users\Tim\Downloads\chams 2023-12-23 21:17 - 2020-08-28 16:09 - 000000000 ___DC C:\Users\Tim\Downloads\1tapgang 2023-12-23 21:17 - 2017-12-30 14:53 - 000000000 __RDC C:\Users\Marvin\Desktop\Desktop datein 2023-12-23 21:15 - 2020-07-05 15:31 - 001722788 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-12-23 21:15 - 2020-02-19 23:09 - 000000000 ___DC C:\Users\Marvin\AppData\LocalLow\IGDump 2023-12-23 21:15 - 2019-12-07 15:50 - 000743708 _____ C:\WINDOWS\system32\perfh007.dat 2023-12-23 21:15 - 2019-12-07 15:50 - 000150130 _____ C:\WINDOWS\system32\perfc007.dat 2023-12-23 21:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2023-12-23 21:10 - 2021-12-17 02:29 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-12-23 21:10 - 2020-09-19 22:24 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-12-23 21:10 - 2017-06-29 07:09 - 000000000 ____D C:\Program Files (x86)\Google 2023-12-23 21:09 - 2022-08-25 12:51 - 000003592 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2418357992-2173213262-1883250885-1001 2023-12-23 21:09 - 2022-08-25 12:51 - 000003532 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2418357992-2173213262-1883250885-1001 2023-12-23 21:09 - 2021-07-19 16:26 - 000000000 ____D C:\ProgramData\NVIDIA 2023-12-23 21:09 - 2020-07-05 15:32 - 000003144 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner 2023-12-23 21:09 - 2018-11-23 00:19 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-12-23 21:09 - 2018-11-23 00:19 - 000000000 ____D C:\Program Files\Malwarebytes 2023-12-23 21:08 - 2022-01-02 00:13 - 000003974 _____ C:\WINDOWS\system32\Tasks\AVG Secure VPN Update 2023-12-23 21:08 - 2020-07-05 15:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-12-23 21:08 - 2017-06-29 07:06 - 000000000 ____D C:\ProgramData\Avg 2023-12-23 21:07 - 2023-09-02 22:01 - 000000000 ____D C:\WINDOWS\RTUWPSrvcMain 2023-12-23 21:07 - 2021-02-06 16:58 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2023-12-23 21:07 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2023-12-23 21:06 - 2019-08-24 22:00 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2023-12-23 21:04 - 2020-07-05 15:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-12-23 20:37 - 2020-07-05 15:32 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update 2023-12-23 20:37 - 2020-07-05 15:32 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2023-12-23 19:33 - 2022-11-07 21:20 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2023-12-23 19:33 - 2017-06-29 07:11 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-12-23 19:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2023-12-23 18:49 - 2020-05-16 20:47 - 000000000 ___DC C:\Users\Marvin\AppData\Roaming\WeMod 2023-12-23 18:42 - 2018-05-18 20:57 - 000000000 ___DC C:\Users\Marvin\AppData\Local\Avg 2023-12-23 18:40 - 2017-06-30 15:09 - 000000000 ___HD C:\ProgramData\Intel 2023-12-23 18:33 - 2023-06-10 19:00 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-12-23 18:33 - 2023-06-10 19:00 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-12-23 18:33 - 2023-06-10 19:00 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-12-23 18:33 - 2023-06-10 19:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-12-23 18:33 - 2023-06-10 19:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-12-23 18:33 - 2023-06-10 19:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-12-23 18:33 - 2023-06-10 19:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-12-23 18:33 - 2023-06-10 19:00 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-12-23 18:33 - 2023-06-10 19:00 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-12-23 18:33 - 2022-11-07 21:20 - 000002954 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2023-12-23 18:33 - 2021-09-17 17:57 - 000002256 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Marvin 2023-12-23 18:33 - 2020-08-27 02:36 - 000003682 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-12-23 18:33 - 2020-08-27 02:36 - 000003458 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-12-23 18:33 - 2020-07-05 15:32 - 000003568 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2023-12-23 18:33 - 2020-07-05 15:32 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-12-23 18:33 - 2020-07-05 15:32 - 000003344 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2023-12-23 18:33 - 2020-07-05 15:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2023-12-23 18:28 - 2023-06-10 19:28 - 000000000 ___DC C:\Users\Marvin\AppData\Local\D3DSCache 2023-12-23 18:25 - 2020-05-16 18:32 - 000000000 ___DC C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod 2023-12-23 17:57 - 2022-08-08 16:42 - 000000298 ____C C:\Users\Marvin\d4ac4633ebd6440fa397b84f1bc94a3c.7z 2023-12-23 17:57 - 2020-07-05 15:24 - 000000000 ___DC C:\Users\Marvin 2023-12-23 17:57 - 2018-03-21 09:05 - 000000000 ___DC C:\Users\Marvin\vmlogs 2023-12-23 17:57 - 2018-03-21 09:04 - 000000000 ___DC C:\Users\Marvin\AppData\Local\Nox 2023-12-23 17:54 - 2021-03-13 02:24 - 000000000 ___DC C:\Users\Marvin\AppData\Roaming\vlc 2023-12-23 16:57 - 2020-12-25 21:36 - 000000000 ___DC C:\Users\Marvin\AppData\Roaming\XuanZhi 2023-12-23 16:50 - 2022-02-15 22:24 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-12-23 16:49 - 2017-06-29 07:11 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-12-23 16:48 - 2020-12-25 21:41 - 000000000 ___DC C:\Users\Marvin\.Ld2VirtualBox 2023-12-23 16:06 - 2018-02-26 11:25 - 000000000 ___DC C:\Users\Marvin\.android 2023-12-23 16:05 - 2020-01-22 23:19 - 000000000 ___DC C:\Users\Marvin\AppData\Local\NoxSrv 2023-12-23 14:19 - 2020-08-27 02:36 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-12-22 14:32 - 2017-06-29 07:10 - 000002329 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-12-22 14:22 - 2020-05-02 14:17 - 000243176 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys 2023-12-22 14:22 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-12-21 14:40 - 2020-10-19 17:09 - 000276888 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys 2023-12-21 14:40 - 2020-05-02 14:17 - 000952896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys 2023-12-21 14:40 - 2020-05-02 14:17 - 000711696 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys 2023-12-21 14:40 - 2020-05-02 14:17 - 000561928 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys 2023-12-21 14:40 - 2020-05-02 14:17 - 000394048 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys 2023-12-21 14:40 - 2020-05-02 14:17 - 000319712 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys 2023-12-21 14:40 - 2020-05-02 14:17 - 000298024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys 2023-12-21 14:40 - 2020-05-02 14:17 - 000105392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys 2023-12-21 14:40 - 2020-05-02 14:17 - 000096616 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys 2023-12-21 14:40 - 2020-05-02 14:17 - 000080568 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys 2023-12-21 14:40 - 2020-05-02 14:17 - 000039792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys 2023-12-21 14:25 - 2023-07-16 17:13 - 000000000 ___DC C:\Users\Marvin\AppData\Local\Greenshot 2023-12-18 17:51 - 2021-07-20 08:32 - 000000000 ___DC C:\Users\Marvin\AppData\Local\NVIDIA 2023-12-18 17:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-12-17 18:13 - 2017-06-29 07:30 - 000000000 ___DC C:\Users\Marvin\AppData\Local\CrashDumps 2023-12-17 18:04 - 2017-10-20 14:17 - 000000000 ___DC C:\Users\Marvin\AppData\Local\Packages 2023-12-17 18:03 - 2020-07-05 15:22 - 000340240 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-12-17 18:03 - 2018-02-26 21:30 - 000000000 ____D C:\Program Files\CCleaner 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-12-17 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-12-17 18:02 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2023-12-15 23:51 - 2021-04-24 00:24 - 000000000 ___DC C:\Users\Marvin\AppData\Local\JDownloader 2.0 2023-12-13 16:42 - 2019-12-07 15:54 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2023-12-13 16:42 - 2019-12-07 15:54 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2023-12-13 16:40 - 2020-07-05 15:24 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-12-09 15:52 - 2023-09-22 19:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com] 2023-12-09 15:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration 2023-12-08 02:16 - 2023-07-15 21:05 - 007869576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2023-12-03 02:00 - 2020-07-05 15:24 - 000000000 ___DC C:\Users\Tim 2023-12-03 01:54 - 2021-08-03 21:12 - 000000000 ___DC C:\Users\Tim\AppData\Local\NVIDIA Corporation 2023-12-03 01:54 - 2019-09-14 14:25 - 000000000 ___DC C:\Users\Tim\AppData\Local\PlaceholderTileLogoFolder 2023-12-03 01:54 - 2019-09-13 17:32 - 000000000 ___DC C:\Users\Tim\AppData\Local\Publishers 2023-12-03 01:54 - 2019-09-13 17:32 - 000000000 ___DC C:\Users\Tim\AppData\Local\Packages 2023-12-03 01:52 - 2019-09-13 17:32 - 000002328 ____C C:\Users\Tim\Desktop\Google Chrome.lnk 2023-12-01 20:04 - 2017-06-30 18:05 - 000000000 ___DC C:\Users\Marvin\AppData\Local\SquirrelTemp 2023-11-28 14:45 - 2018-07-11 15:39 - 000000000 ____D C:\ProgramData\Packages 2023-11-28 14:45 - 2018-05-28 08:26 - 000000000 ___DC C:\Users\Marvin\AppData\Local\PlaceholderTileLogoFolder 2023-11-28 14:45 - 2017-06-29 06:49 - 000000000 ___DC C:\Users\Marvin\AppData\Local\Publishers ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2020-12-25 21:41 - 2020-12-25 21:41 - 000000068 ____C () C:\Users\Marvin\AppData\Roaming\changzhi_leidian.data 2021-11-08 20:21 - 2021-11-08 20:21 - 000000128 ____C () C:\Users\Marvin\AppData\Roaming\changzhi_leidianmac.data 2021-01-14 19:58 - 2021-01-14 19:58 - 000000068 ____C () C:\Users\Marvin\AppData\Roaming\changzhi_mplayer.data 2017-08-29 00:18 - 2017-08-29 00:22 - 000000600 ____C () C:\Users\Marvin\AppData\Roaming\winscp.rnd 2023-01-04 23:17 - 2023-01-04 23:20 - 000000053 ____C () C:\Users\Marvin\AppData\Roaming\~SiMPLEX.ini 2021-07-22 03:34 - 2021-07-22 03:37 - 001065984 ____C () C:\Users\Marvin\AppData\Local\file__0.localstorage 2017-07-06 16:24 - 2017-09-24 02:41 - 000000600 ____C () C:\Users\Marvin\AppData\Local\PUTTY.RND 2020-02-10 10:35 - 2020-02-10 10:35 - 000002172 ____C () C:\Users\Marvin\AppData\Local\recently-used.xbel 2018-04-10 12:02 - 2020-12-29 17:39 - 000007603 ____C () C:\Users\Marvin\AppData\Local\resmon.resmoncfg 2020-02-23 18:53 - 2021-05-28 15:43 - 000000070 ____C () C:\Users\Marvin\AppData\Local\update_progress.txt ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== Geändert von Marvin255 (23.12.2023 um 22:09 Uhr) |
23.12.2023, 22:02 | #2 |
| Trojaner oobe-maintenance ? Addition
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-12-2023 durchgeführt von Marvin (23-12-2023 21:36:06) Gestartet von C:\Users\Marvin\Desktop Microsoft Windows 10 Home Version 22H2 19045.3803 (X64) (2020-07-05 14:32:25) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-2418357992-2173213262-1883250885-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2418357992-2173213262-1883250885-503 - Limited - Disabled) Gast (S-1-5-21-2418357992-2173213262-1883250885-501 - Limited - Disabled) Marvin (S-1-5-21-2418357992-2173213262-1883250885-1001 - Administrator - Enabled) => C:\Users\Marvin Rendern (S-1-5-21-2418357992-2173213262-1883250885-1003 - Administrator - Enabled) => C:\Users\Rendern Tim (S-1-5-21-2418357992-2173213262-1883250885-1002 - Administrator - Enabled) => C:\Users\Tim WDAGUtilityAccount (S-1-5-21-2418357992-2173213262-1883250885-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411} AS: AVG Antivirus (Enabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) . . (HKLM\...\{8FD6FE5A-E1E1-47F3-BBE6-FE2B1364DCB8}) (Version: 7.1 - Intel) Hidden . . . (HKLM-x32\...\{2394186A-5445-4293-B739-352009350342}) (Version: 3.0.0.9 - Intel) Hidden 3DMark (HKLM\...\{BDD2EE93-C1C4-4536-A59E-C85326E454A8}) (Version: 2.4.3819.0 - Futuremark) Hidden 3DMark (HKLM-x32\...\{4f8a7a7f-23df-4a3b-a6e8-b46222e740b3}) (Version: 2.4.3819.0 - Futuremark) 4K Video Downloader (HKLM\...\{62C59C21-F5F5-41A1-B575-DE37FEAA285B}) (Version: 4.21.2.4970 - Open Media LLC) Adobe Acrobat Reader - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 23.006.20380 - Adobe Systems Incorporated) Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0) (Version: 21.0 - Adobe Systems Incorporated) Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.00.13 - ASUSTeK Computer Inc.) AIDA64 Extreme v6.33 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.33 - FinalWire Ltd.) Amazon Music (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Amazon Amazon Music) (Version: 9.4.0.2386 - Amazon.com Services LLC) Any Video Converter 8.2.0 (HKLM-x32\...\Any Video Converter) (Version: 8.2.0 - Anvsoft) AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 2.0.4.0 - GIGABYTE Technology Co.,Inc.) Ashampoo Photo Optimizer FREE (HKLM\...\{91B33C97-65C7-CD30-B393-C710162776AA}_is1) (Version: 1.9.7 - Ashampoo GmbH & Co. KG) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.6.0000 - Asmedia Technology) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.59.1 - Asmedia Technology) Asus Sonic Suite Plugins (HKLM-x32\...\{33a5e7af-230c-4676-8304-74018007b452}) (Version: 2.2.3601 - ASUSTeKcomputer.Inc) Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 0.1.8363064.1703288 - Audible, Inc.) AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.01.09 - ASUSTeK Computer Inc.) AURA RGB Lighting Control for Graphic card & ROG-XG-STATION-2 (HKLM-x32\...\InstallShield_{AD025C19-8F13-4D1E-9DE1-5F10D3BA1CCC}) (Version: 0.0.5.4 - ASUSTek COMPUTER INC.) AVG Internet Security (HKLM\...\AVG Antivirus) (Version: 23.12.8700.1355 - AVG) AVG Secure VPN (HKLM\...\AVG Secure VPN) (Version: 5.28.9117.9586 - AVG) AVG TuneUp (HKLM\...\AVG TuneUp) (Version: 21.4.3521.3998 - AVG) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) BIO-Key TouchLock Tool version v1.0.0.4 (HKLM-x32\...\{1438856A-2A45-429F-8120-5B965E3EF8C8}_is1) (Version: v1.0.0.4 - BIO-Key) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.31.59.3502 - BlueStack Systems, Inc.) Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - ) Canon MP270 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 6.19 - Piriform) Cheat Engine 6.8.3 (HKLM-x32\...\Cheat Engine 6.8.3_is1) (Version: - Cheat Engine) CHITUBOX 1.9.0 (HKLM-x32\...\CHITUBOX 1.9.0) (Version: - -CBD Technology Co.,Ltd-) CHITUBOX V1.9.1 (HKLM-x32\...\CHITUBOX V1.9.1) (Version: - -CBD Technology Co.,Ltd-) Chroma Clock version 1.0.3 (HKLM-x32\...\{05C726E4-E592-4078-B0CF-41E65FE313DD}_is1) (Version: 1.0.3 - Tim Gebauer) Chroma Sync (HKLM-x32\...\{BC8D681E-1F5D-4C68-8E3E-A9A614D66C14}) (Version: 1.1.1 - Ultrabox Entertainment Limited) Cities Skylines Sports Venues (HKLM-x32\...\Cities Skylines Sports Venues_is1) (Version: - ) CPUID CPU-Z 1.93 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.93 - CPUID, Inc.) CPUID HWMonitor 1.37 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.37 - CPUID, Inc.) CPUID HWMonitor Pro 1.45 (HKLM\...\CPUID HWMonitorPro_is1) (Version: 1.45 - CPUID, Inc.) CrystalDiskInfo 9.1.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.1.1 - Crystal Dew World) CrystalDiskMark 8.0.4c (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4c - Crystal Dew World) Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 2.1 - GOG.com) Cyberpunk 2077: Phantom Liberty (HKLM-x32\...\1256837418_is1) (Version: 2.1 - GOG.com) Cypress USB-Serial Driver Installer (remove only) (HKLM-x32\...\Cypress USB-Serial Driver Installer) (Version: 1.0.1.66 - Cypress Semiconductors) Danale version 5.1.8 (HKLM-x32\...\{B22D9BA8-60FA-4B81-B5FA-9BD64B663410}_is1) (Version: 5.1.8 - ÉîÛÚÊдóÄÿƼ¼ÓÐÏÞ¹«Ë¾) Discord (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Discord) (Version: 0.0.305 - Discord Inc.) Discord (HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\Discord) (Version: 0.0.310 - Discord Inc.) EarnApp (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\EarnApp) (Version: 1.324.391 - Bright Data Ltd.) EasySettingBox (HKLM-x32\...\{7E750925-00C9-4B23-A1E8-BBFC0955CFD8}) (Version: 1.0.33 - Samsung) Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft) ENE RGB HAL (HKLM\...\{8DA1B230-D82E-4A24-9237-363E2E1E2695}) (Version: 1.0.21.0 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{bb670f8d-3d66-4f36-8e60-02b71bb0a4e9}) (Version: 1.0.21.0 - Ene Tech.) Hidden ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.2.2 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{c0cc7253-fa06-46c2-9ceb-f8641408262f}) (Version: 1.0.2.2 - Ene Tech.) Hidden ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{54d3d2b5-db16-446d-b6dd-f4964b166b3b}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM-x32\...\{ec10ac91-2e61-460a-b493-33f794a07682}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.6.0 - ENE Tech) Hidden ENE_X-JMI_HAL (HKLM-x32\...\{27822d04-20a7-439d-a5e4-0125815fa927}) (Version: 1.0.6.0 - ENE Tech) Hidden Epic Games Launcher (HKLM-x32\...\{A5A6A747-393C-4B28-AB7B-2DE2BA7F7D73}) (Version: 1.1.267.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) EXPERTool v10.32 (HKLM\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 10.32.0.1 - Gainward Co. Ltd.) FiiO Portable High-Res Music Player series v4.11.0 (HKLM-x32\...\Software_FiiO_fiio_usbaudio_Setup) (Version: 4.11.0 - FiiO) FileZilla Client 3.27.1 (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\FileZilla Client) (Version: 3.27.1 - Tim Kosse) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio) Forza Horizon 4 (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Forza Horizon 4) (Version: - HOODLUM) Forza Horizon 5 (HKLM-x32\...\Forza Horizon 5_is1) (Version: - ) Foxit PhantomPDF (HKLM-x32\...\{33c353c9-5748-4e71-b8d4-c38ef6cc82f3}) (Version: 9.6.0.25114 - Foxit Software Inc.) Foxit PhantomPDF (HKLM-x32\...\{8B8EA992-9CEA-11E9-A74D-54BF64A63C26}) (Version: 9.6.0.25114 - Foxit Software Inc.) Hidden Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.0.37527 - Foxit Software Inc.) FreeCAD 0.19.2 (Installiert für den aktuellen Benutzer) (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\FreeCAD0192) (Version: 0.19.2 - FreeCAD Team) Futuremark SystemInfo (HKLM-x32\...\{80DAA2DD-18D3-4C18-927E-8D150C112912}) (Version: 5.2.624.0 - Futuremark) FWsim Fireworks Simulator (HKLM-x32\...\FWsim) (Version: - FWsim.com) GameDog (HKLM-x32\...\{4A80BB36-4429-4D17-AB30-5AF548066648}) (Version: 1.0.5809.3846 - Wolfspirit) Gameforge Live 2.0.13 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge) Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company) Geeks3D FurMark 1.27.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.27.0.0 - Geeks3D) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.73.27 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.129 - Google LLC) Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google) Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) HiP2P Client (HKLM-x32\...\{2F3762A1-58CA-43A8-9854-88BCC34C6D2F}) (Version: 6.4.2.1 - Hi) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Hitman 2 (HKLM-x32\...\{F7E0BCEB-1F73-468C-BC5B-CFD39EC31149}_is1) (Version: - IO Interactive) Honeygain (HKLM-x32\...\{B78F433F-8C09-4DC8-A595-901BC3D2502A}) (Version: 0.12.0.0 - Honeygain) <==== ACHTUNG IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) i-Menu version 4.3.6 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.6 - AOC) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{871689FB-5226-4641-8ED2-6FDAA2DF65C1}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{D9D63ED7-B857-450C-B46A-1371885084E5}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden Intel(R) Network Connections 20.2.4001.0 (HKLM\...\{638A518B-0D2E-4143-ACF8-F3D83D822E85}) (Version: 20.2.4001.0 - Intel) Hidden Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4678 - Intel Corporation) Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel® Driver & Support Assistant (HKLM-x32\...\{01f3f6b8-1a81-4b10-b51f-f69af12e1d69}) (Version: 3.0.0.9 - Intel) IPCCameraOCX (HKLM-x32\...\IPCCameraOCX) (Version: - ) IPCTool (HKLM-x32\...\IPCTool) (Version: - ) IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan) iSpy (64 bit) (HKLM\...\{8D976365-F122-421C-A56D-BA0F482A0614}) (Version: 7.2.1.0 - DeveloperInABox) iSpy package installer (64 bit) (HKLM-x32\...\{4d185fcc-2f23-4c5e-985f-e0a4edc054bd}) (Version: 7.2.1.0 - DeveloperInABox) iVMS-4200(V2.8.2.2_ML) (HKLM-x32\...\{7697245D-2E00-4B83-AD27-C051DE314D1F}) (Version: 2.8.2.2 - hikvision) Java(TM) SE Development Kit 12.0.1 (64-bit) (HKLM\...\{0D60E96D-0B74-55A5-ACA5-0F6786FDF256}) (Version: 12.0.1.0 - Oracle Corporation) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Jurassic World Evolution (HKLM-x32\...\Jurassic World Evolution_is1) (Version: - ) Knuddels Standalone App (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App") Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LauncherSetup (HKLM\...\{EF6A75C9-263C-4FEE-9027-C5116E454C3D}) (Version: 2.2.3601 - ASUSTeKcomputer.Inc) Hidden LDPlayer (HKLM-x32\...\LDPlayer4) (Version: 5.0.11 - XUANZHI INTERNATIONAL CO., LIMITED) Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.) LPD8 Editor (HKLM-x32\...\LPD8Editor) (Version: - ) Lumia UEFI Blue Driver (HKLM-x32\...\{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}) (Version: 1.1.10.1526 - Microsoft) Malwarebytes version 4.6.7.301 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.7.301 - Malwarebytes) Microsoft .NET Host - 7.0.13 (x64) (HKLM\...\{B1D03F3A-4024-4038-9321-5A0FB1EEE438}) (Version: 56.52.4000 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 7.0.13 (x64) (HKLM\...\{C0B5B3B6-2590-414F-A8BE-E14CEE0FA592}) (Version: 56.52.4000 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 7.0.13 (x64) (HKLM\...\{AC2EB45F-5D39-4A5C-9450-AC69A7E0772E}) (Version: 56.52.4000 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.91 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.77 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation) Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft OneDrive (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\OneDriveSetup.exe) (Version: 22.253.1204.0001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2418357992-2173213262-1883250885-1003\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft VC++ redistributables repacked. (HKLM\...\{D736B443-AF61-4775-9488-DDF59F87BD1F}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F102A269-3323-427C-914D-E5E71F61453D}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1b103cea-f037-4504-81de-956057b442c3}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 7.0.13 (x64) (HKLM\...\{48C3558E-F79D-4F4F-A174-1D55C64A1C9A}) (Version: 56.52.4000 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 7.0.13 (x64) (HKLM-x32\...\{c908c003-d159-4779-b629-effcd07597e5}) (Version: 7.0.13.33018 - Microsoft Corporation) Microsoft_VC100_CRT_SP1_x64 (HKLM\...\{680EDA59-9266-44B4-949E-0C24F65DFF82}) (Version: 10.0.40219.1 - Nokia) Hidden Microsoft_VC100_CRT_SP1_x86 (HKLM-x32\...\{E3B64CC5-C011-40C0-92BC-7316CD5E5688}) (Version: 10.0.40219.1 - Nokia) Hidden Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang) MouseRecorder v1.0.52 (HKLM-x32\...\MouseRecorder_is1) (Version: 1.0.52 - Bartels Media GmbH) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 121.0 (x64 de)) (Version: 121.0 - Mozilla) MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD) MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden MSVCRT Redists (HKLM\...\{0EC4A100-12A2-11E9-9504-00155D6302F2}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden NAVIGON Fresh 3.6.0 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.6.0 - NAVIGON) Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 5.0.2 - Neat Video team, ABSoft & Team V.R) Neat Video v5.1.8 Demo plug-in for Vegas (64-bit) (HKLM\...\Neat Video v5 plug-in for Vegas_is1) (Version: - Neat Video team, ABSoft) NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) No Mans Sky Beyond (HKLM-x32\...\No Mans Sky Beyond_is1) (Version: - ) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.1 - Notepad++ Team) NoxPlayer (HKLM-x32\...\Nox) (Version: 7.0.5.9 - Duodian Technology Co. Ltd.) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation) NVIDIA Grafiktreiber 546.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.33 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA NVIDIA RTX Voice Driver 1.0.0.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_RTXVoice.Driver) (Version: 1.0.0.2 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA RTX Voice Application (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_RTXVoice) (Version: 0.5.12.6 - NVIDIA Corporation) NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project) OpenIV (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\OpenIV) (Version: 4.0.1.1452 - .black/OpenIV Team) OpenOffice 4.1.8 (HKLM-x32\...\{3C1972F6-E411-4B54-AD4C-EF24894301D6}) (Version: 4.18.9803 - Apache Software Foundation) Opera GX Stable 76.0.4017.208 (HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\Opera GX 76.0.4017.208) (Version: 76.0.4017.208 - Opera Software) Opera Stable 92.0.4561.33 (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Opera 92.0.4561.33) (Version: 92.0.4561.33 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.122.52971 - Electronic Arts, Inc.) Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory) PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 - ) PowerArchiver 2022 (HKLM\...\PowerArchiver_is1) (Version: 21.00.18 - ConeXware, Inc.) Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32) Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 9.3.0.74 - Bitsum) ProductDaemonSetup (HKLM\...\{F4BAC9D7-0E42-4456-AD6F-88D0F06FEC27}) (Version: 2.2.3601 - ASUSTeKcomputer.Inc) Hidden ProtonVPN (HKLM-x32\...\{2E5B3FB1-FDCC-4BC8-AA99-E0EE5343CAF8}) (Version: 1.16.3 - Proton Technologies AG) Hidden ProtonVPN (HKLM-x32\...\ProtonVPN 1.16.3) (Version: 1.16.3 - Proton Technologies AG) ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.6 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.1 - Razer Inc.) Ready or Not (HKLM-x32\...\Ready or Not_is1) (Version: - ) RealLifeRPG (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\RealLifeRPG) (Version: 2.4.4 - RealLifeRPG) RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 20.1) (Version: 20.1.0 - RealNetworks) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8158 - Realtek Semiconductor Corp.) REDlauncher (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - CD Projekt RED) REDlauncher (HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com) RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.21.0608.1 - GIGABYTE) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.74.1546 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.8.4 - Rockstar Games) SADPTool (HKLM-x32\...\{7D9B79C2-B1B2-433B-844F-F4299B86F26E}) (Version: 3.0.0.2 - hikvision) Sensarea, v 1.12.1 (HKLM-x32\...\Sensarea_is1) (Version: - ) SnowRunner Build and Dispatch (HKLM-x32\...\SnowRunner Build and Dispatch_is1) (Version: - ) SonicRadarSetup (HKLM\...\{731D72B4-5DBF-4B75-864A-F2FB0C9DE96C}) (Version: 1.0.0.0 - ASUSTeKcomputer.Inc) Hidden SonicStudioSetup (HKLM\...\{B826CAA3-B878-451F-8167-3D504B430625}) (Version: 2.2.3601 - ASUSTeKcomputer.Inc) Hidden Starfield (HKLM-x32\...\Starfield_is1) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stellar Phoenix Windows Data Recovery (HKLM-x32\...\Stellar Phoenix Windows Data Recovery_is1) (Version: 7.0.0.0 - Stellar Information Technology Pvt Ltd.) SVLoadSense (HKLM-x32\...\{C4226734-F925-448C-8F15-0D5419F003DF}) (Version: 1.0.12 - SAVITECH) TeamSpeak 3 Client (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH) TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: - TechPowerUp) Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal) TP-Link Archer TX20U Plus Driver version 2.0.2.0 (HKLM\...\{BBADB2D6-0408-42D0-AAF8-B79D3E8B994C}_is1) (Version: 2.0.2.0 - TP-Link Corporation Limited) Twitch (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Twitch Interactive, Inc.) Twitch (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 137.0.10799 - Ubisoft) Ultimaker Cura 5.1.0 (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\Ultimaker Cura 5.1.0) (Version: 5.1.0 - Ultimaker B.V.) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden USB Serial Port Driver (HKLM-x32\...\{E12118B5-C66D-42A6-B2CC-B1A861B5885E}) (Version: 1.1.13.1605 - Microsoft) vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VEGAS Pro 16.0 (HKLM\...\{0D348B21-12A2-11E9-9474-00155D6302F2}) (Version: 16.0.361 - VEGAS) Video Compressor 2021 (HKLM-x32\...\Video Compressor_is1) (Version: 2021 - Compressor Software) VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN) vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden Watch_Dogs 2 (HKLM-x32\...\Watch_Dogs 2_is1) (Version: - ) WebPlugin 2.0.1.45 (HKLM-x32\...\WebPlugin) (Version: 2.0.1.45 - My company, Inc.) WeMod (HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\WeMod) (Version: 8.13.3-beta00 - WeMod) Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers) Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation) Windows-Treiberpaket - Adafruit Industries LLC (usbser) Ports (02/25/2016 6.2.2600.0) (HKLM\...\1245A5961AC9D2C18ADF9EEC931D77E059B7F74E) (Version: 02/25/2016 6.2.2600.0 - Adafruit Industries LLC) Windows-Treiberpaket - Arduino LLC (www.arduino.cc) Arduino USB Driver (11/24/2015 1.2.3.0) (HKLM\...\8B585560B248755A6C5A24D5C0F50FA998310883) (Version: 11/24/2015 1.2.3.0 - Arduino LLC (www.arduino.cc)) Windows-Treiberpaket - Arduino LLC (www.arduino.cc) Genuino USB Driver (01/07/2016 1.0.3.0) (HKLM\...\EC414D98E2986DCA1628FAED2163CD1C9A4ED7EC) (Version: 01/07/2016 1.0.3.0 - Arduino LLC (www.arduino.cc)) Windows-Treiberpaket - libusb-win32 (libusb0) libusb-win32 devices (04/21/2015 1.0.0.0) (HKLM\...\28E91B69CA377EB48D6E1B92C37F897036E8A818) (Version: 04/21/2015 1.0.0.0 - libusb-win32) Windows-Treiberpaket - STMicroelectronics (usbser) Ports (04/25/2010 1.3.1) (HKLM\...\1628ECA16EA833D7F30DD35215E306FAD333DF83) (Version: 04/25/2010 1.3.1 - STMicroelectronics) Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited) WinRAR 5.71 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft) WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft) WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft) XTUPackage (HKLM-x32\...\{84D11A20-6E7F-4FBB-A2FB-117FCF871040}) (Version: 1.0.0 - ASUSTeK COMPUTER INC.) Packages: ========= AdBlock -> C:\Program Files\WindowsApps\BetaFish.AdBlock_2.13.0.0_neutral__c1wakc4j0nefm [2020-06-27] (BetaFish) Adobe Acrobat Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC [2023-12-03] () Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-12-03] (HP Inc.) Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2023-12-15] (INTEL CORP) [Startup Task] Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-12-18] (NVIDIA Corp.) PDF X -> C:\Program Files\WindowsApps\6760NGPDFLab.PDFX_1.3.59.0_x64__sbe4t8mqwq93a [2023-12-14] (NG PDF Lab) [Startup Task] Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-12-03] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0 [2023-12-10] (Spotify AB) [Startup Task] Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-13] (Twitter Inc.) Xbox Zubehör -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2310.2310.17002.0_x64__8wekyb3d8bbwe [2023-10-27] (Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\ChromeHTML: -> <==== ACHTUNG CustomCLSID: HKU\S-1-5-21-2418357992-2173213262-1883250885-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2418357992-2173213262-1883250885-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2418357992-2173213262-1883250885-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2418357992-2173213262-1883250885-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2418357992-2173213262-1883250885-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2418357992-2173213262-1883250885-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Keine Datei ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Keine Datei ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Keine Datei ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-06-18] (Notepad++ -> ) ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Keine Datei ContextMenuHandlers1: [PowerArchiver] -> {d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files\PowerArchiver\PASHLEXT.DLL [2022-01-20] (ConeXware, Inc. -> ConeXware, Inc.) ContextMenuHandlers1: [PowerArchiver64] -> {d03d3e78-0c44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files\PowerArchiver\PASHLEXT64.DLL [2022-01-20] (ConeXware, Inc. -> ConeXware, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Keine Datei ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-12-23] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Keine Datei ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpcontextmenu.dll [2022-08-25] (RealNetworks, Inc. -> RealNetworks, Inc.) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Keine Datei ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_866484083fc526af\nvshext.dll [2023-12-08] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-12-21] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2019-06-28] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-12-23] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [PowerArchiver] -> {d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files\PowerArchiver\PASHLEXT.DLL [2022-01-20] (ConeXware, Inc. -> ConeXware, Inc.) ContextMenuHandlers6: [PowerArchiver64] -> {d03d3e78-0c44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files\PowerArchiver\PASHLEXT64.DLL [2022-01-20] (ConeXware, Inc. -> ConeXware, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2018-10-01 17:22 - 2013-11-20 09:10 - 000662016 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll 2018-10-01 17:22 - 2013-07-02 09:40 - 000253952 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll 2021-02-06 01:58 - 2020-09-06 07:25 - 009224704 _____ () [Datei ist nicht signiert] C:\Program Files\Agent\dlls\x64\jingle_peerconnection_so.DLL 2021-02-06 01:58 - 2020-08-17 13:38 - 001570816 _____ () [Datei ist nicht signiert] C:\Program Files\Agent\runtimes\win-x64\native\e_sqlite3.dll 2017-04-13 17:54 - 2017-04-13 17:54 - 000098816 _____ () [Datei ist nicht signiert] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\sradarlauncher.dll 2018-10-01 17:21 - 2015-06-05 12:00 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.22\ASACPI.DLL 2018-10-01 17:21 - 2017-11-24 07:47 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpi.dll 2018-10-01 17:16 - 2023-12-23 21:08 - 000042792 _____ (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll 2018-10-01 17:21 - 2015-06-05 12:00 - 000677376 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.22\asacpiEx.dll 2018-10-01 17:21 - 2017-11-24 07:47 - 000676864 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\asacpiEx.dll 2018-10-01 17:22 - 2013-11-20 09:10 - 000221184 _____ (ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\AsMultiLang.dll 2021-02-06 01:58 - 2020-04-17 09:38 - 023347712 _____ (Emgu Corporation) [Datei ist nicht signiert] C:\Program Files\Agent\dlls\x64\cvextern.DLL 2021-02-06 01:58 - 2020-05-19 14:31 - 044478464 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files\Agent\dlls\x64\avcodec-58.dll 2021-02-06 01:58 - 2020-05-19 14:31 - 002724352 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files\Agent\dlls\x64\avdevice-58.dll 2021-02-06 01:58 - 2020-05-19 14:31 - 007821824 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files\Agent\dlls\x64\avfilter-7.dll 2021-02-06 01:58 - 2020-05-19 14:31 - 010381312 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files\Agent\dlls\x64\avformat-58.dll 2021-02-06 01:58 - 2020-05-19 14:31 - 000793600 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files\Agent\dlls\x64\avutil-56.dll 2021-02-06 01:58 - 2020-05-19 14:31 - 000135168 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files\Agent\dlls\x64\postproc-55.dll 2021-02-06 01:58 - 2020-05-19 14:31 - 000428032 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files\Agent\dlls\x64\swresample-3.dll 2021-02-06 01:58 - 2020-05-19 14:31 - 000544256 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files\Agent\dlls\x64\swscale-5.dll 2010-04-04 22:08 - 2010-04-04 22:08 - 001253376 _____ (Florian Gilles) [Datei ist nicht signiert] C:\Program Files\NetSpeedMonitor\nsm.dll 2011-09-29 23:19 - 2020-05-10 00:01 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\LIBEAY32.dll 2011-09-29 23:19 - 2020-05-10 00:01 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\ssleay32.dll 2014-02-17 09:13 - 2020-05-10 00:01 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\platforms\qwindows.dll 2023-03-14 21:39 - 2020-05-10 00:01 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Core.dll 2023-03-14 21:39 - 2020-05-10 00:01 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Gui.dll 2023-03-14 21:39 - 2020-05-10 00:01 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Network.dll 2023-03-14 21:39 - 2020-05-10 00:01 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5WebSockets.dll 2023-03-14 21:39 - 2020-05-10 00:01 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Widgets.dll 2023-03-14 21:39 - 2020-05-10 00:01 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] D:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Marvin\Anwendungsdaten:b2471a6db8deb9681d22d6d26ae65e4b [394] AlternateDataStreams: C:\Users\Marvin\AppData\Roaming:b2471a6db8deb9681d22d6d26ae65e4b [394] AlternateDataStreams: C:\Users\Public\AppData:CSM [480] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== SearchScopes: HKU\S-1-5-21-2418357992-2173213262-1883250885-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealPlayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin64.dll [2022-08-25] (RealNetworks, Inc. -> RealPlayer) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealPlayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin.dll [2022-08-25] (RealNetworks, Inc. -> RealPlayer) BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2019-06-28] (FOXIT SOFTWARE INC. -> ) Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2019-06-28] (FOXIT SOFTWARE INC. -> ) ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2021-09-09 01:05 - 2021-09-09 01:05 - 000000873 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 coin-hive.com 127.0.0.1 coinhive.com ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\program files (x86)\razer chroma sdk\bin;c:\program files\razer chroma sdk\bin;c:\program files (x86)\intel\icls client\;c:\program files\intel\icls client\;c:\program files (x86)\razer chroma sdk\bin;c:\program files\razer chroma sdk\bin;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\users\marvin\appdata\local\microsoft\windowsapps;c:\program files (x86)\intel\intel(r) management engine components\dal;c:\program files\intel\intel(r) management engine components\dal;c:\program files (x86)\intel\intel(r) management engine components\ipt;c:\program files\intel\intel(r) management engine components\ipt;c:\program files (x86)\gtksharp\2.12\bin;c:\windows\system32\openssh\;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\users\marvin\appdata\local\microsoft\windowsapps;c:\users\marvin\desktop\phoenixsuit_v1.10\phoenixsuit_v1.10\;c:\program files\putty\;c:\program files\process lasso\;;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\ HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marvin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg HKU\S-1-5-21-2418357992-2173213262-1883250885-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Tim\Desktop\ev0_wallpaper1.jpg HKU\S-1-5-21-2418357992-2173213262-1883250885-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0) ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) MSCONFIG\Services: BEService => 3 MSCONFIG\Services: EasyAntiCheat => 3 MSCONFIG\Services: PnkBstrA => 2 HKLM\...\StartupApproved\StartupFolder: => "FiiO Control Panel Autostart.lnk" HKLM\...\StartupApproved\StartupFolder: => "AVG Secure VPN.lnk" HKLM\...\StartupApproved\Run: => "TuneupUI.exe" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "Launch LCore" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "DSATray" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKLM\...\StartupApproved\Run32: => "RealPlayer" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\StartupApproved\Run: => "CCXProcess" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\StartupApproved\Run: => "TBPanel" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\StartupApproved\Run: => "Windscribe" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\StartupApproved\Run: => "Amazon Music Helper" HKU\S-1-5-21-2418357992-2173213262-1883250885-1001\...\StartupApproved\Run: => "Amazon Music" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{47246ECD-1AAA-4700-9BF8-E7BFA9F43C6E}] => (Allow) E:\Spiele\origin games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{B8D21D97-04C9-4462-ACF3-C2266AD7BFDE}] => (Allow) E:\Spiele\origin games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{2D9D8921-3553-453C-A932-9BD6D55EF436}] => (Allow) E:\Spiele\origin games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{9C82516A-BD5B-44B8-A9C2-223A96254D1B}] => (Allow) E:\Spiele\origin games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{7CAB65C1-46DE-451B-8262-C0AB23716C03}] => (Allow) E:\Spiele\origin games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{81F54954-ECDF-4BA7-9ECE-AFF7E446B71A}] => (Allow) E:\Spiele\origin games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{A29E1502-17E3-47FC-BA5C-963F6377E179}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{DDFE0B22-F700-4117-B88E-819268607A50}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{9CA64E52-244E-4520-B022-05BC7C7B2ECA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{EEFEF41C-3202-4AAE-ABB2-0C2AD310070E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{090F5750-DA5D-4FAA-A6C4-EA11ECEAA9EB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{A09D300A-6E3F-4CF7-AC90-9ABC6D690E3C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{0E5CBDBD-63DE-4EEE-A675-C3FA4D719822}] => (Allow) C:\Users\Marvin\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{CFA3611E-3ADD-4F7D-96C9-AA29B3098DB5}] => (Allow) C:\Users\Marvin\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{1D59765C-B971-43CD-8038-8C9E3EF4815E}] => (Allow) C:\Users\Marvin\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{D41BF5E0-9BDF-4378-886B-8FFF6E968CDA}] => (Allow) C:\Users\Marvin\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{49821532-0A83-4210-89DE-471AB3FEC1DE}] => (Allow) C:\Users\Marvin\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{9C3264B8-1409-4CCD-B8EC-1E02E0F7DFA2}] => (Allow) C:\Users\Marvin\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{BA91C349-31E7-4A15-8F33-9BF775B8CB0A}] => (Allow) x:\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{B8980B5B-2C6B-4543-B349-12A0EA131C80}] => (Allow) x:\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{2856D9E3-2E31-4F5F-AA94-BE71D2949362}] => (Allow) x:\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{E54AFD01-C3F7-437A-8EF0-8C0A2D831B82}] => (Allow) x:\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司) FirewallRules: [{CB70D590-24A9-40D7-93B3-DF2ED666F665}] => (Allow) x:\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{EF07465F-9B97-4A41-8326-537474E68E04}] => (Allow) x:\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{EE7E07C6-B9A3-4C45-A210-0E34874D7BF2}] => (Allow) x:\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{F7D0A118-C6D9-460F-82FB-BB8E80A7947C}] => (Allow) x:\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{5D520D33-26F1-421D-8387-4280B78A61C3}] => (Allow) x:\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{B9DA0A5E-9DE1-4570-B38F-B661724296C9}] => (Allow) x:\txgameassistant\ui\adb.exe () [Datei ist nicht signiert] FirewallRules: [{A8C4B151-AEB7-47FD-B9D8-D9347349A8DE}] => (Allow) x:\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{7B3801F0-ABA6-4798-BD0B-6B99F80CC84E}] => (Allow) D:\steam\steamapps\common\Ring of Elysium\SLauncher.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{7763D93B-A033-4A9E-9422-E22C97EAB332}] => (Allow) D:\steam\steamapps\common\Ring of Elysium\SLauncher.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{6591C464-F7EE-40FA-89C5-25EBA3AA91A7}] => (Allow) D:\steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [Datei ist nicht signiert] FirewallRules: [{2DC34968-1291-4A40-A186-94527046107F}] => (Allow) D:\steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [Datei ist nicht signiert] FirewallRules: [{2C2AD7E5-2143-4FBC-AF94-FA22D873CAC0}] => (Allow) E:\steam\SteamApps\common\Alien Swarm\swarm.exe () [Datei ist nicht signiert] FirewallRules: [{9AF19588-04E1-420B-A23A-A410DF4BC715}] => (Allow) E:\steam\SteamApps\common\Alien Swarm\swarm.exe () [Datei ist nicht signiert] FirewallRules: [{A201D5F2-AA53-492A-96A2-C9545A995278}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [{95763847-F4A1-4B89-B837-65ED351612C6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) FirewallRules: [{E0E667EF-536B-4599-92A8-0F8434C827BB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) FirewallRules: [{04ED3681-4415-46E9-B963-C558F415CA97}] => (Allow) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{D5D68A37-2BB7-439C-874F-77577F7252F8}] => (Allow) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{AB829356-5948-4368-B1CE-3489C25DF17C}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> ) FirewallRules: [UDP Query User{80FEAB78-B6A2-4750-9D77-92659E9491FC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [TCP Query User{4E65E4BE-AF75-4671-B837-E3E8E03F3A68}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [UDP Query User{4C212568-75AF-4BB3-B7EC-A05D490C4D84}C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe] => (Allow) C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe (Ultrabox Entertainment Limited) [Datei ist nicht signiert] FirewallRules: [TCP Query User{BD18F823-4079-448E-8386-97D3B7F241A1}C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe] => (Allow) C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe (Ultrabox Entertainment Limited) [Datei ist nicht signiert] FirewallRules: [UDP Query User{7416498F-98B9-49AF-B488-7A91B26EF593}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [TCP Query User{0C19B845-9A5F-4136-8550-5B9B0E517DA7}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.) FirewallRules: [{F46F4E08-2887-4B58-A034-E71F256EA2C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E6651978-93F1-467A-A6E5-5A6E2F88A92A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{84D350FA-32B9-4A59-996F-A273D12CA3F7}] => (Allow) E:\steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{603FBEA3-84AA-4C37-BD0B-784B39C8208B}] => (Allow) E:\steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E33D6F82-130F-458B-8C14-2669208F33A6}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [Datei ist nicht signiert] FirewallRules: [{6A802949-110E-4883-8B04-DBFBCA18380C}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [Datei ist nicht signiert] FirewallRules: [TCP Query User{BEDC75E6-4655-4A2C-8C3F-8FE7D09F45C6}E:\steam\steamapps\common\source sdk base\hl2.exe] => (Allow) E:\steam\steamapps\common\source sdk base\hl2.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{4AA4D6FE-D4AC-410C-B857-72DBA0EA2B77}E:\steam\steamapps\common\source sdk base\hl2.exe] => (Allow) E:\steam\steamapps\common\source sdk base\hl2.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{B1EF6263-357C-4C4B-B861-6A3FF6C39A1E}E:\spiele\origin games\battlefield 4\bf4.exe] => (Allow) E:\spiele\origin games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [UDP Query User{DCD37E2C-6FE7-4DF0-B003-2ADE7A657533}E:\spiele\origin games\battlefield 4\bf4.exe] => (Allow) E:\spiele\origin games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{EE207006-EBD9-42E2-8A71-199CA1FFE649}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [Datei ist nicht signiert] FirewallRules: [{CD2D0B27-03B4-48AC-BE50-81673479C8BF}] => (Allow) D:\steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [Datei ist nicht signiert] FirewallRules: [{844843E8-AD52-44B3-B1FB-151FF4FA2B83}] => (Allow) E:\steam\SteamApps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{A7FF3829-7627-4025-80C5-2CD0EFA91523}] => (Allow) E:\steam\SteamApps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{D6DA8CFC-FFE5-42F9-A7FE-F070A62D7B35}] => (Allow) D:\steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS) [Datei ist nicht signiert] FirewallRules: [{14B982AE-C435-48D5-939C-FCA1DBEFFC6E}] => (Allow) D:\steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe (Reto-Moto ApS -> Reto-Moto ApS) [Datei ist nicht signiert] FirewallRules: [TCP Query User{0364CD8C-9A0B-4CC4-8EA4-79DC284AC4DE}D:\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [UDP Query User{903B60EC-8C08-4AB3-9EA4-440B1C425BAC}D:\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\bin\javaw.exe FirewallRules: [TCP Query User{4D648AAA-0581-4418-A26E-FDA676232DD2}E:\steam\steamapps\common\source sdk base\hl2.exe] => (Block) E:\steam\steamapps\common\source sdk base\hl2.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{C275734A-C59F-4498-813D-3E21C00962EA}E:\steam\steamapps\common\source sdk base\hl2.exe] => (Block) E:\steam\steamapps\common\source sdk base\hl2.exe () [Datei ist nicht signiert] FirewallRules: [{8DBF4D5C-C650-4D46-8E44-E16A8919F920}] => (Allow) x:\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{581D703F-B2B1-4ED4-AD01-E4DC7C57CE16}] => (Allow) x:\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{5D916591-31B8-4EA7-95BD-A04ABFAFB1D2}] => (Allow) x:\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司) FirewallRules: [{A3B8B985-B7A3-4065-AA20-E631E8169DC9}] => (Allow) x:\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{47A19800-9384-403E-AB3A-B4D9627C372E}] => (Allow) x:\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{E894B72F-296F-476A-BA4F-7C9F4B7FB4C7}] => (Allow) x:\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{80E01E88-37D4-4CA7-9671-F2DD5FC60C9E}] => (Allow) x:\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{12989898-6E5C-489D-BF67-DAF83BC7EA9D}] => (Allow) x:\txgameassistant\ui\adb.exe () [Datei ist nicht signiert] FirewallRules: [{3C368C2C-EA11-48BE-844D-F7204D25D6C8}] => (Allow) x:\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{2FCF24D5-5119-46CB-BCC6-E1D50B3454E8}] => (Allow) x:\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{407E771F-AE7B-457C-BF13-77FA9033797C}] => (Allow) x:\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{691D808C-E688-4203-943B-43B94388E4F0}] => (Allow) x:\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{580DAE9D-4474-401D-90B0-697829D220B6}] => (Allow) x:\txgameassistant\ui\adb.exe () [Datei ist nicht signiert] FirewallRules: [{98124BCE-73D1-4EA5-A381-92E8A88EB1F5}] => (Allow) x:\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{E765CDC5-DFAA-44D8-885A-CD79EE676DCB}] => (Allow) x:\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{934AC94E-DB17-4361-BF91-F3388193907B}] => (Allow) x:\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{99BA3325-0170-46CE-AAC9-8BAC16BCC883}] => (Allow) F:\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{421B998C-0B04-4763-8245-FC982A893667}] => (Allow) F:\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{C5C4A3A6-9545-4DBC-A64B-99B8796166D2}F:\imagewriter\win32diskimager.exe] => (Allow) F:\imagewriter\win32diskimager.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{DAB7C0FF-6F7E-4F0C-BB5C-8A283810B15C}F:\imagewriter\win32diskimager.exe] => (Allow) F:\imagewriter\win32diskimager.exe () [Datei ist nicht signiert] FirewallRules: [{E7AE723A-2923-4100-AE7C-3F99B934E565}] => (Allow) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{55260B5A-6944-45A0-A997-668182B63A18}] => (Allow) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{60569BE7-72C4-435A-A828-6CCC69408C6E}] => (Allow) x:\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{9FAA73CC-D8E7-4FF5-AE82-3C6C14F7B14C}] => (Allow) x:\txgameassistant\ui\adb.exe () [Datei ist nicht signiert] FirewallRules: [{C0FC2FCE-EEE1-4721-9CD7-D1E020B4FCE1}] => (Allow) x:\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{0608E825-681F-4F43-8A36-7F17E654ADEE}] => (Allow) x:\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{37001BC9-A56C-4630-9773-8457AF253EB2}] => (Allow) x:\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{EA0BA715-5B57-421F-8D59-B83E0F43DD3C}] => (Allow) x:\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{D890AAF9-4A02-4F76-8260-513DF8E666B6}] => (Allow) x:\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{48E1808B-C082-4A8E-B833-A80A0B39955B}] => (Allow) x:\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司) FirewallRules: [{363B0D24-26DC-43E4-9FE4-A7797BB5A259}] => (Allow) x:\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{7EE3575A-F4E9-451C-AB8E-EA1CF7BDCBF9}] => (Allow) x:\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{FA37F67B-31AC-4177-A97C-433DDCD8C5B8}] => (Allow) x:\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [TCP Query User{C2AC5848-2E01-46E3-AADB-054628722F09}C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe] => (Allow) C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe (Ultrabox Entertainment Limited) [Datei ist nicht signiert] FirewallRules: [UDP Query User{841FDE64-1B69-4B6A-9930-11567BAE6F21}C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe] => (Allow) C:\program files (x86)\ultrabox entertainment\chroma sync\chroma sync.exe (Ultrabox Entertainment Limited) [Datei ist nicht signiert] FirewallRules: [TCP Query User{F77FEAC5-1B50-4F88-971D-6B264D8570CC}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{E437FA17-D74C-4624-B96C-93DDB5FDE67B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{94787287-9291-4105-A643-9E8B42691404}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) FirewallRules: [{1368086D-D532-40F3-8CAD-4BD1B4A8A6FB}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) FirewallRules: [{8B7A282F-A77D-4C6E-858B-2E8671B1BE1B}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) FirewallRules: [{86199424-CAD1-4937-8D81-3980D6BE6D5E}] => (Allow) x:\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{13E98DD6-C610-4197-93DE-61624FE8BB12}] => (Allow) x:\txgameassistant\ui\adb.exe () [Datei ist nicht signiert] FirewallRules: [{1D33CEB9-CFD5-4D2B-B2AB-1295C1C7676B}] => (Allow) x:\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{E345586B-E4FB-4BEE-A264-82B658F6F9F2}] => (Allow) x:\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{B7C00D81-52E5-45B5-8915-929D06727BBE}] => (Allow) x:\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{0AEEF772-256F-4762-B98A-0B11DE78361C}] => (Allow) x:\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{8959EA47-9DD5-484F-97A2-6C4F42236F12}] => (Allow) x:\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{03AEFC6C-9173-42D4-92BC-C39C64098B0C}] => (Allow) x:\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司) FirewallRules: [{79469CCF-CE4D-45F4-950F-D4C73A596E13}] => (Allow) x:\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{CC021B4E-E0F1-44F0-9CDD-5C2CCF5BDDC5}] => (Allow) x:\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{87EE6D80-A698-4039-AB1F-B711BC1655CD}] => (Allow) x:\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent) FirewallRules: [{888149C4-0F23-4F21-9BEF-AE6E79BE00AD}] => (Allow) X:\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{9E87AFCB-73DD-4083-A658-BAF881389721}] => (Allow) X:\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{E2439680-5D7D-4462-9103-EB2A03582579}] => (Allow) X:\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{3009066C-5856-4CD4-A371-4A319438E1A1}] => (Allow) X:\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{FE956D2A-0119-4A3F-AB8F-1755BED63214}] => (Allow) X:\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{C7EAB735-0039-4B40-89B8-B5E9FE80CD1F}] => (Allow) X:\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> ) FirewallRules: [{4EB26E60-70FE-4A67-9AA0-889A0DB2A7E8}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{D05D6293-2924-43E1-8403-FEF824AEE2F2}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [TCP Query User{C40DE6DA-BA55-429D-85CD-C67859DB056E}G:\red dead redemption 2\rdr2.exe] => (Block) G:\red dead redemption 2\rdr2.exe (Rockstar Games) [Datei ist nicht signiert] FirewallRules: [UDP Query User{C4461650-1A37-4CC4-A99B-85A488570715}G:\red dead redemption 2\rdr2.exe] => (Block) G:\red dead redemption 2\rdr2.exe (Rockstar Games) [Datei ist nicht signiert] FirewallRules: [{C3B2176E-60B6-4C19-8CB4-846318900E19}] => (Allow) E:\steam\SteamApps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{501CE4F5-3719-49F8-B0C0-0015AE27337D}] => (Allow) E:\steam\SteamApps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [TCP Query User{0BB61A98-4279-48B1-9C2E-EB9ABDD4DC43}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [UDP Query User{65A2D648-F256-4459-82FD-BDA23594E828}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{C80C772E-ABDE-4F76-BFFE-55D4926C773B}] => (Block) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{0CB21CE2-1224-482B-A158-9B7141451C35}] => (Block) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [TCP Query User{E457363E-A72D-4084-BD53-4E740CE8EBFF}G:\ldplayer\ldplayer4.0\dnplayer.exe] => (Allow) G:\ldplayer\ldplayer4.0\dnplayer.exe => Keine Datei FirewallRules: [UDP Query User{3F9209FF-4E84-438F-91F6-FDE1F33E7545}G:\ldplayer\ldplayer4.0\dnplayer.exe] => (Allow) G:\ldplayer\ldplayer4.0\dnplayer.exe => Keine Datei FirewallRules: [TCP Query User{C91F44D9-88F6-4E73-B4DC-8BED996F3845}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [UDP Query User{A2F92D00-69F6-4061-A1C8-F493D11A7DC5}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [TCP Query User{B6BBDEE5-FB94-4852-8DF2-3AA07E1B499B}C:\users\tim\appdata\local\programs\opera gx\71.0.3770.441\opera.exe] => (Allow) C:\users\tim\appdata\local\programs\opera gx\71.0.3770.441\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{6139C38A-6643-4865-91E1-B6BD767CDF22}C:\users\tim\appdata\local\programs\opera gx\71.0.3770.441\opera.exe] => (Allow) C:\users\tim\appdata\local\programs\opera gx\71.0.3770.441\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{FCDF9203-98D8-4D1E-A3A8-0863DA259BAB}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{7C7EDA88-2A4F-4B45-846D-9B1A199227D4}C:\program files (x86)\ipctool\ipctool.exe] => (Allow) C:\program files (x86)\ipctool\ipctool.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{472D4F54-8C2E-4D8F-AA69-4B4C43EBA152}C:\program files (x86)\danale\danalecms.exe] => (Allow) C:\program files (x86)\danale\danalecms.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{92617F75-4074-4434-A781-0C10346D5FD0}C:\program files (x86)\danale\danalecms.exe] => (Allow) C:\program files (x86)\danale\danalecms.exe () [Datei ist nicht signiert] FirewallRules: [{7FA22D6F-EC80-4E8D-A252-0D78742925DD}] => (Block) C:\program files (x86)\danale\danalecms.exe () [Datei ist nicht signiert] FirewallRules: [{6B681596-50C2-4E7D-9927-95902C18717F}] => (Block) C:\program files (x86)\danale\danalecms.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{3FA989D4-D8CC-4AEA-B100-F4D1AAF3C8CD}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{100A998F-88F9-4CD3-A121-1CEB430D9C59}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4F458B20-6E36-4906-A4BF-23712CA04821}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D0313E33-F083-4345-8ED4-0F922DD2E783}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{83B54F7A-A18B-4FA6-8D5C-E2D894C92081}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [Datei ist nicht signiert] FirewallRules: [UDP Query User{7F9497EC-8860-4EBF-B614-377791F7E5BC}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [Datei ist nicht signiert] FirewallRules: [{20DED55A-5AD5-49A4-8814-0DE006413D67}] => (Block) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [Datei ist nicht signiert] FirewallRules: [{8A67E9A2-4809-4D58-B7EE-A31EB8A620E0}] => (Block) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [Datei ist nicht signiert] FirewallRules: [{AF989FED-1922-4E3F-BDBC-E20E052C50CA}] => (Allow) LPort=8090 FirewallRules: [{9EE0383F-193C-486F-B763-9857C57245E0}] => (Allow) C:\Program Files\Agent\Agent.exe (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox) FirewallRules: [TCP Query User{7C3E1029-E27E-4453-9AD1-9015187130B4}C:\program files\agent\agenttray.exe] => (Allow) C:\program files\agent\agenttray.exe (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox) FirewallRules: [UDP Query User{2576B55C-AD13-4197-AB38-BB530A6837E5}C:\program files\agent\agenttray.exe] => (Allow) C:\program files\agent\agenttray.exe (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox) FirewallRules: [{4EC665BC-07AC-4F87-BA6D-3DA839046BC8}] => (Block) C:\program files\agent\agenttray.exe (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox) FirewallRules: [{13BBEE45-9F9F-4352-B26B-F81F7E4D64B3}] => (Block) C:\program files\agent\agenttray.exe (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> Developerinabox) FirewallRules: [TCP Query User{93D9E414-78F7-4A1D-8D04-9AF973BDF4A7}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [UDP Query User{45E7552E-694D-4FC7-872E-EE3C30D509FB}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited) FirewallRules: [TCP Query User{5B503BB2-EB3E-4DB8-8823-CD5157E6C9F6}C:\users\tim\appdata\local\programs\opera gx\71.0.3770.441\opera.exe] => (Allow) C:\users\tim\appdata\local\programs\opera gx\71.0.3770.441\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{E8690A60-22B0-4F70-9100-2E8C86839C1F}C:\users\tim\appdata\local\programs\opera gx\71.0.3770.441\opera.exe] => (Allow) C:\users\tim\appdata\local\programs\opera gx\71.0.3770.441\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{49F17BEF-FADF-4C01-B436-72E9844DFC3F}C:\users\tim\appdata\local\programs\opera gx\76.0.4017.208\opera.exe] => (Allow) C:\users\tim\appdata\local\programs\opera gx\76.0.4017.208\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{A9EC4DFF-6277-4CE2-9BC5-79C7A42E76B2}C:\users\tim\appdata\local\programs\opera gx\76.0.4017.208\opera.exe] => (Allow) C:\users\tim\appdata\local\programs\opera gx\76.0.4017.208\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{A30B2B24-5A09-4C4B-9765-699B8244C986}G:\dying light\dyinglightgame.exe] => (Allow) G:\dying light\dyinglightgame.exe (Techland Sp. z o.o. -> Techland) FirewallRules: [UDP Query User{C1D07646-AF29-4785-BF25-FCC192E7EBAA}G:\dying light\dyinglightgame.exe] => (Allow) G:\dying light\dyinglightgame.exe (Techland Sp. z o.o. -> Techland) FirewallRules: [TCP Query User{F9228AF8-7DEE-4435-BC68-D0B84A62A518}E:\games\fireworks.mania.an.explosive.simulator.v2021.6.2\fireworks mania.exe] => (Allow) E:\games\fireworks.mania.an.explosive.simulator.v2021.6.2\fireworks mania.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{26F397FE-1811-4A4A-B56D-41081BD4BA8A}E:\games\fireworks.mania.an.explosive.simulator.v2021.6.2\fireworks mania.exe] => (Allow) E:\games\fireworks.mania.an.explosive.simulator.v2021.6.2\fireworks mania.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{F25C9514-A392-4349-88D9-E36DCFE9CDF7}C:\program files (x86)\hip2p client\p2pclient.exe] => (Allow) C:\program files (x86)\hip2p client\p2pclient.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{5C9A1925-F5F1-49F3-9E90-EB7FAFADA24F}C:\program files (x86)\hip2p client\p2pclient.exe] => (Allow) C:\program files (x86)\hip2p client\p2pclient.exe () [Datei ist nicht signiert] FirewallRules: [{3773904F-1DD7-482E-8447-DD4B2E965322}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{9F2E32B8-72A3-4F97-A4E3-256B9BC3009F}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{5DF08097-DB36-46B4-A6DB-5CCB0946904E}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe () [Datei ist nicht signiert] FirewallRules: [{66033C14-0DC4-436E-8CA8-1226CF41589D}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe () [Datei ist nicht signiert] FirewallRules: [{BF785CAD-8DF5-4164-9636-25D94BB23011}] => (Allow) C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{2C22E7EF-4753-406A-97CA-06FE54E08D47}] => (Allow) C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [{ee02fe6e-9cd9-4179-ad99-c0eca36b1174}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [TCP Query User{BAEB2E41-99E9-49C1-B35B-E4666818EF36}G:\games\forza horizon 5\forzahorizon5.exe] => (Allow) G:\games\forza horizon 5\forzahorizon5.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{874E7460-33D6-4E45-B4DD-DAFA4F8564EA}G:\games\forza horizon 5\forzahorizon5.exe] => (Allow) G:\games\forza horizon 5\forzahorizon5.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{2C04065D-6071-4938-9401-2E074B346BF9}C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{2177F8A6-39B5-4337-AC2D-A9BA06917B0D}C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe () [Datei ist nicht signiert] FirewallRules: [{E42A4BA0-ACD2-4E2E-8AF6-D5D1674C5B86}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.) FirewallRules: [{36E5C768-A286-44B8-A50F-6C38403ED96B}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc. -> RealNetworks, Inc.) FirewallRules: [TCP Query User{59A1C37B-E05B-450F-A5E5-989C32B85E4F}C:\users\marvin\appdata\local\programs\opera\opera.exe] => (Block) C:\users\marvin\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{74FA0C76-F15B-412C-9D7E-59B56F434CB8}C:\users\marvin\appdata\local\programs\opera\opera.exe] => (Block) C:\users\marvin\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{75D7FB66-4A6F-4DC5-8881-3340D97DFAFA}G:\red dead redemption 2\rdr2.exe] => (Block) G:\red dead redemption 2\rdr2.exe (Rockstar Games) [Datei ist nicht signiert] FirewallRules: [UDP Query User{6B69FC91-5127-44B8-9B5E-21C316B51F67}G:\red dead redemption 2\rdr2.exe] => (Block) G:\red dead redemption 2\rdr2.exe (Rockstar Games) [Datei ist nicht signiert] FirewallRules: [TCP Query User{A65CCC33-ADE3-4C36-BCCD-41E46602D9E0}G:\games\sons.of.the.forest.patch.3\sons.of.the.forest.patch.3\game\sonsoftheforest.exe] => (Block) G:\games\sons.of.the.forest.patch.3\sons.of.the.forest.patch.3\game\sonsoftheforest.exe => Keine Datei FirewallRules: [UDP Query User{9BF014B1-3B31-48B7-87A3-1F9FD9AB20AA}G:\games\sons.of.the.forest.patch.3\sons.of.the.forest.patch.3\game\sonsoftheforest.exe] => (Block) G:\games\sons.of.the.forest.patch.3\sons.of.the.forest.patch.3\game\sonsoftheforest.exe => Keine Datei FirewallRules: [{CA0D4E62-64CE-435D-BD80-FD30A67904FC}] => (Allow) E:\steam\SteamApps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{3D05B82A-C194-4A6F-B01C-1C4B1655CC01}] => (Allow) E:\steam\SteamApps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{87B3B3F5-5568-4F79-8378-C547B00A4D45}] => (Allow) G:\SteamLibrary\steamapps\common\Aliens Fireteam Elite\Endeavor.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{81B47916-C27F-4620-BDBE-6533E930E6A7}] => (Allow) G:\SteamLibrary\steamapps\common\Aliens Fireteam Elite\Endeavor.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{8C20D642-E58D-46BB-A1A5-9D1750CFD91C}G:\steamlibrary\steamapps\common\aliens fireteam elite\endeavor\binaries\win64\endeavor-win64-shipping.exe] => (Allow) G:\steamlibrary\steamapps\common\aliens fireteam elite\endeavor\binaries\win64\endeavor-win64-shipping.exe (CN=Cold Iron Studios LLC) [Datei ist nicht signiert] FirewallRules: [UDP Query User{E1DC5BF3-EF21-4CBD-87A3-772CB4F3E380}G:\steamlibrary\steamapps\common\aliens fireteam elite\endeavor\binaries\win64\endeavor-win64-shipping.exe] => (Allow) G:\steamlibrary\steamapps\common\aliens fireteam elite\endeavor\binaries\win64\endeavor-win64-shipping.exe (CN=Cold Iron Studios LLC) [Datei ist nicht signiert] FirewallRules: [{B27BDB9E-86F1-4222-8194-F37B2065DFF7}] => (Allow) E:\steam\SteamApps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> ) FirewallRules: [{967087E9-1D49-42E8-907C-7E3F418F7824}] => (Allow) E:\steam\SteamApps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> ) FirewallRules: [{705DE54E-54A6-4CB6-ACDC-3CB1EB8156E2}] => (Allow) G:\SteamLibrary\steamapps\common\Tom Clancy's The Division 2\TheDivision2.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [{3624D8DF-A942-43AE-A38E-9CB83F7A9E75}] => (Allow) G:\SteamLibrary\steamapps\common\Tom Clancy's The Division 2\TheDivision2.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [{FC837D86-38EC-4C83-B435-6B80977A582E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{04505012-9C50-4B30-AE49-34A29EFAA4CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5506D3C6-870C-44E0-B3FA-C1C15626D6FF}] => (Allow) E:\steam\SteamApps\common\APB Reloaded\Binaries\APB_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{2E417E88-FED7-4116-B03A-451A8D2D50BA}] => (Allow) E:\steam\SteamApps\common\APB Reloaded\Binaries\APB_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{B2FDBC1A-8117-4EFD-B812-D81548474FF3}] => (Allow) E:\steam\SteamApps\common\APB Reloaded\Binaries\APB.exe (Little Orbit Inc -> Little Orbit LLC) FirewallRules: [{BA163E41-DC9D-4935-A303-9FCA7158494F}] => (Allow) E:\steam\SteamApps\common\APB Reloaded\Binaries\APB.exe (Little Orbit Inc -> Little Orbit LLC) FirewallRules: [{E37B1F37-CCD5-4A39-BABB-8DD6ADB4670B}] => (Allow) E:\steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe (Little Orbit LLC -> Vivox Inc.) FirewallRules: [{F5327B18-3544-454B-9815-6D8C608A8285}] => (Allow) E:\steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe (Little Orbit LLC -> Vivox Inc.) FirewallRules: [{80203E92-8FBB-42A4-BB65-735A537A73AD}] => (Allow) G:\SteamLibrary\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games) FirewallRules: [{630F5E49-4878-4DB6-9687-8D110879C3C7}] => (Allow) G:\SteamLibrary\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games) FirewallRules: [{9087BBC9-A914-4D9F-8203-2CB3C9C39B2B}] => (Allow) G:\SteamLibrary\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games) FirewallRules: [{F1D831A8-046C-401A-A941-B3C98435224D}] => (Allow) G:\SteamLibrary\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games) FirewallRules: [{C8E55369-907B-4F71-9E6C-F5C2B4E1389C}] => (Allow) G:\SteamLibrary\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [Datei ist nicht signiert] FirewallRules: [{664BF746-641B-41A0-A85E-71A5F690DE78}] => (Allow) G:\SteamLibrary\steamapps\common\Metro Exodus Enhanced Edition\MetroExodus.exe (4A Games) [Datei ist nicht signiert] FirewallRules: [TCP Query User{AF9172E7-28A0-46D0-9AFE-8DDFBBC368BB}C:\users\marvin\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\marvin\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{D3C6561E-56C5-44CA-9EA6-3CF1889CBA8C}C:\users\marvin\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\marvin\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{8546DBAA-4590-4607-BB39-00F817D88B38}] => (Allow) G:\SteamLibrary\steamapps\common\Kane and Lynch Dead Men\Launcher.exe => Keine Datei FirewallRules: [{6447BF6C-87E6-4C07-B1F7-C24258A7D316}] => (Allow) G:\SteamLibrary\steamapps\common\Kane and Lynch Dead Men\Launcher.exe => Keine Datei FirewallRules: [TCP Query User{93E6212E-75E9-4E15-B707-164185CC9298}G:\steamlibrary\steamapps\common\kane and lynch dead men\kaneandlynch.exe] => (Allow) G:\steamlibrary\steamapps\common\kane and lynch dead men\kaneandlynch.exe => Keine Datei FirewallRules: [UDP Query User{6232408E-F7CD-46A1-A2AA-FAEA4042DEBF}G:\steamlibrary\steamapps\common\kane and lynch dead men\kaneandlynch.exe] => (Allow) G:\steamlibrary\steamapps\common\kane and lynch dead men\kaneandlynch.exe => Keine Datei FirewallRules: [{5EF470E2-533B-49E0-B16D-AF792FDEE418}] => (Allow) G:\SteamLibrary\steamapps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe (GSC Game World -> ) FirewallRules: [{A41B3278-375D-4F86-B7E2-088DFD3F439F}] => (Allow) G:\SteamLibrary\steamapps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe (GSC Game World -> ) FirewallRules: [{CEE5E775-8171-46A6-92DC-5D284941173F}] => (Allow) G:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe => Keine Datei FirewallRules: [{15A980FD-64D0-44D8-BEC0-BD513CCABB2E}] => (Allow) G:\SteamLibrary\steamapps\common\assettocorsa\AssettoCorsa.exe => Keine Datei FirewallRules: [TCP Query User{F731EE85-3D07-45FD-A8DA-07A75A924C60}G:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) G:\steamlibrary\steamapps\common\assettocorsa\acs.exe => Keine Datei FirewallRules: [UDP Query User{ED01E97E-C3B8-4BDA-85EB-15257B19667F}G:\steamlibrary\steamapps\common\assettocorsa\acs.exe] => (Allow) G:\steamlibrary\steamapps\common\assettocorsa\acs.exe => Keine Datei FirewallRules: [{A5A855E3-4743-483B-937D-CE7D58CB1B7E}] => (Allow) G:\SteamLibrary\steamapps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe (Valve Corp. -> SEGA Corporation) FirewallRules: [{00DB82BF-3B54-4FA3-8372-B6123299E4B7}] => (Allow) G:\SteamLibrary\steamapps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe (Valve Corp. -> SEGA Corporation) FirewallRules: [TCP Query User{BBF44D3C-AB8C-4C41-BC0F-DB5EFF1D8BAB}G:\games\forza horizon 5\forzahorizon5.exe] => (Allow) G:\games\forza horizon 5\forzahorizon5.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{07C3EA85-E28B-4085-9736-B8A87DA3455F}G:\games\forza horizon 5\forzahorizon5.exe] => (Allow) G:\games\forza horizon 5\forzahorizon5.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{1874D06E-4BE8-48CC-A11C-7EB1CE2DEE3E}E:\games\fireworks.mania.an.explosive.simulator.v20230405\fireworks.mania.an.explosive.simulator.v20230405\fireworks.mania.an.explosive.simulator.v20230405\fireworks mania.exe] => (Allow) E:\games\fireworks.mania.an.explosive.simulator.v20230405\fireworks.mania.an.explosive.simulator.v20230405\fireworks.mania.an.explosive.simulator.v20230405\fireworks mania.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{1ECB7011-ED42-4892-8E2D-FEC897C73796}E:\games\fireworks.mania.an.explosive.simulator.v20230405\fireworks.mania.an.explosive.simulator.v20230405\fireworks.mania.an.explosive.simulator.v20230405\fireworks mania.exe] => (Allow) E:\games\fireworks.mania.an.explosive.simulator.v20230405\fireworks.mania.an.explosive.simulator.v20230405\fireworks.mania.an.explosive.simulator.v20230405\fireworks mania.exe () [Datei ist nicht signiert] FirewallRules: [{F7EF0777-793D-4BF5-8C76-ED1214731BC9}] => (Allow) E:\steam\SteamApps\common\APB Reloaded\Binaries\APB_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{39CD0190-F098-45F0-B5FF-97B8E2975DFE}] => (Allow) E:\steam\SteamApps\common\APB Reloaded\Binaries\APB_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{6B644126-714E-4942-BF55-CA517E8D79F0}] => (Allow) E:\steam\SteamApps\common\APB Reloaded\Binaries\APB.exe (Little Orbit Inc -> Little Orbit LLC) FirewallRules: [{922197C3-FC92-4F35-B2E8-F37BE79A35E0}] => (Allow) E:\steam\SteamApps\common\APB Reloaded\Binaries\APB.exe (Little Orbit Inc -> Little Orbit LLC) FirewallRules: [{F5AFE251-9CB9-476F-B6A6-B2DDE2F0AF18}] => (Allow) E:\steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe (Little Orbit LLC -> Vivox Inc.) FirewallRules: [{AF297ADB-522E-4E43-8926-A6C1FC073CAF}] => (Allow) E:\steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe (Little Orbit LLC -> Vivox Inc.) FirewallRules: [TCP Query User{DC9F1E31-43B3-4CAF-BF4A-6F6BF582A61F}C:\users\marvin\appdata\local\arduino15\packages\builtin\tools\mdns-discovery\1.0.9\mdns-discovery.exe] => (Allow) C:\users\marvin\appdata\local\arduino15\packages\builtin\tools\mdns-discovery\1.0.9\mdns-discovery.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{A74F3AC3-DDB4-4B53-9713-BC508D57B300}C:\users\marvin\appdata\local\arduino15\packages\builtin\tools\mdns-discovery\1.0.9\mdns-discovery.exe] => (Allow) C:\users\marvin\appdata\local\arduino15\packages\builtin\tools\mdns-discovery\1.0.9\mdns-discovery.exe () [Datei ist nicht signiert] FirewallRules: [{D84B68CA-6C54-4D7B-B1D7-7861E1344D9D}] => (Block) C:\users\marvin\appdata\local\arduino15\packages\builtin\tools\mdns-discovery\1.0.9\mdns-discovery.exe () [Datei ist nicht signiert] FirewallRules: [{D89D89B5-0E62-4B46-BA08-BAD988A0B88B}] => (Block) C:\users\marvin\appdata\local\arduino15\packages\builtin\tools\mdns-discovery\1.0.9\mdns-discovery.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{7754BB34-EC61-41D9-B120-B81F5CA6BAA7}H:\gog\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) H:\gog\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [UDP Query User{79607416-06FA-4CAF-AC52-9D677E35D89A}H:\gog\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) H:\gog\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.) FirewallRules: [{3A927FE6-E22C-4F7A-AB23-00F9A48DD340}] => (Allow) G:\SteamLibrary\steamapps\common\Duke Nukem Forever\System\DukeForever.exe () [Datei ist nicht signiert] FirewallRules: [{4876F491-A8CB-45D4-A84A-922176C45092}] => (Allow) G:\SteamLibrary\steamapps\common\Duke Nukem Forever\System\DukeForever.exe () [Datei ist nicht signiert] FirewallRules: [{ce6f536f-09e6-4932-ac4d-a834bec6b7e2}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) FirewallRules: [{A8A5528F-2745-4BFC-8CAD-D1F2862A1AF6}] => (Allow) G:\SteamLibrary\steamapps\common\House Party\HouseParty.exe () [Datei ist nicht signiert] FirewallRules: [{8FFD1B0E-D4FE-4D13-B9A7-65ADD45260D3}] => (Allow) G:\SteamLibrary\steamapps\common\House Party\HouseParty.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{2B79B8F8-DC26-4060-A15E-04444F1A7C61}G:\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) G:\steamlibrary\steamapps\common\garrysmod\hl2.exe (Facepunch Studios Ltd) [Datei ist nicht signiert] FirewallRules: [UDP Query User{35DCB448-581B-433E-909F-C838D74901AC}G:\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) G:\steamlibrary\steamapps\common\garrysmod\hl2.exe (Facepunch Studios Ltd) [Datei ist nicht signiert] FirewallRules: [{A529BCCE-2302-429D-AABC-FB7BBA3EE3FD}] => (Block) G:\steamlibrary\steamapps\common\garrysmod\hl2.exe (Facepunch Studios Ltd) [Datei ist nicht signiert] FirewallRules: [{E654A89B-50DA-4656-A516-F0F55520A479}] => (Block) G:\steamlibrary\steamapps\common\garrysmod\hl2.exe (Facepunch Studios Ltd) [Datei ist nicht signiert] FirewallRules: [TCP Query User{EA6606AB-DA3D-421E-9CBD-A7FEF4B122EC}E:\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe] => (Allow) E:\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [UDP Query User{CD796C5D-BDEC-47F0-A0B3-7A2EE814094B}E:\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe] => (Allow) E:\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{4C44591E-88CD-4BF7-84F2-D7EC3792A059}] => (Block) E:\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{2A1AD207-B895-438C-8542-2E75FA429C6A}] => (Block) E:\steam\steamapps\common\counter-strike global offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [TCP Query User{79963A2E-6C40-446C-A523-ECA49AA2E70C}G:\games\ready.or.not.v24.02.2023\ready.or.not.v24.02.2023\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Block) G:\games\ready.or.not.v24.02.2023\ready.or.not.v24.02.2023\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [Datei ist nicht signiert] FirewallRules: [UDP Query User{3ACEB1AC-B0B8-4161-909E-2BB87835CBFC}G:\games\ready.or.not.v24.02.2023\ready.or.not.v24.02.2023\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Block) G:\games\ready.or.not.v24.02.2023\ready.or.not.v24.02.2023\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [Datei ist nicht signiert] FirewallRules: [{9F1624CD-2BE9-42EA-BE15-6CCCB859E5B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BE97BEAA-2E93-4881-AFFF-E0891435AFDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{36A082DA-7C51-465C-90DF-4DF62C5A925D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{ACFCB948-29AD-4DCD-8368-97A8EAFDA916}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{80C0ED86-179C-41C1-AD6A-19F1E39FA7BB}] => (Allow) D:\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.) FirewallRules: [{10EEB65C-EF1A-49FB-A0F3-FB44ECBBE2FE}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> Nox Limited Corporation) FirewallRules: [{9880FACC-5E8F-47B0-A3C1-EBC2F47C5BA4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{81E74E4F-2DB9-4B6E-90E8-AEAF4F27B78C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{D6E20B0E-936D-4DFE-BCFB-04093785A089}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{1911544F-98AB-429B-BBAE-C0366FCBAA16}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{BE85DCE7-D53B-4971-9DFF-90D6F83D8F1A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{8D12B298-E3CF-467C-A13C-7C0FCDE139A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{9048D75B-703C-4B8C-A232-C2B538CC1E9A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{F2267177-0BBF-40D5-9D9A-F55932D652B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{13C2F30D-D5BB-439B-BE63-AA8863DA70AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{44F209ED-A388-45F1-9C90-CD83C19EDC1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{852B9660-8A8F-40F5-B741-A7940ED65235}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6F44480D-0679-4B7B-A3EC-4B92783648D5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{82FF7951-24CC-4864-B270-C87BA51EF522}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{61309E02-C016-40F4-9730-843F5DC66DCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{53B6B657-BFA0-405B-9E42-0091D415AAF0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.77\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{AD59F2C5-8C48-4221-A7E7-29607E57C62F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{8F9EE01E-083E-481B-846A-F8B1FC09DB4A}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) FirewallRules: [{357233BE-9A03-49C1-AD6F-A5F9A3F95F6C}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:110.41 GB) (Free:6.7 GB) (6%) ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: TAP-ProtonVPN Windows Adapter V9 Description: TAP-ProtonVPN Windows Adapter V9 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-ProtonVPN Windows Provider V9 Service: tapprotonvpn Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (12/18/2023 07:48:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf DATA (E:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A) Error: (12/18/2023 07:45:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf SSD 1TB (I:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A) Error: (12/18/2023 07:44:09 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf Packard Bell (D:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A) Error: (12/18/2023 07:43:54 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf (G:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A) Error: (12/18/2023 07:43:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf (F:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A) Error: (12/18/2023 07:43:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf (X:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A) Error: (12/17/2023 06:13:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: SS2svc32.exe, Version: 0.0.0.0, Zeitstempel: 0x58ef9f38 Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.3693, Zeitstempel: 0x3ab9e7d5 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000e6d13 ID des fehlerhaften Prozesses: 0x28e0 Startzeit der fehlerhaften Anwendung: 0x01da310c5d537d36 Pfad der fehlerhaften Anwendung: C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll Berichtskennung: b7b8e3f9-1911-40c1-a4ae-17956e6381e2 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (12/15/2023 06:27:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.19041.3693, Zeitstempel: 0x46b74d3d Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x715681f0 ID des fehlerhaften Prozesses: 0x3dd4 Startzeit der fehlerhaften Anwendung: 0x01da2f7bf093fc5c Pfad der fehlerhaften Anwendung: C:\WINDOWS\SysWOW64\explorer.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 28000d7d-22f8-40e4-9eca-952bc4fb11c4 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (12/23/2023 09:08:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "CleanupPSvc" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (12/23/2023 09:08:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst CleanupPSvc erreicht. Error: (12/23/2023 09:07:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts. Error: (12/23/2023 07:33:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "CleanupPSvc" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (12/23/2023 07:33:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst CleanupPSvc erreicht. Error: (12/23/2023 06:30:37 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-J95DT60) Description: Der Server "{F53321FA-34F8-4B7F-B9A3-361877CB94CF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (12/23/2023 06:28:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-J95DT60) Description: Der Server "{F53321FA-34F8-4B7F-B9A3-361877CB94CF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (12/23/2023 05:59:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-J95DT60) Description: Der Server "{D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. CodeIntegrity: =============== Date: 2023-12-23 21:37:04 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2023-12-23 21:33:19 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends Inc. 3802 03/15/2018 Hauptplatine: ASUSTeK COMPUTER INC. MAXIMUS VIII HERO Prozessor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz Prozentuale Nutzung des RAM: 53% Installierter physikalischer RAM: 16320.83 MB Verfügbarer physikalischer RAM: 7662.28 MB Summe virtueller Speicher: 23232.83 MB Verfügbarer virtueller Speicher: 10121.65 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:110.41 GB) (Free:6.7 GB) (Model: Samsung SSD 840 Series) NTFS Drive d: (Packard Bell) (Fixed) (Total:475.05 GB) (Free:12.2 GB) (Model: Hitachi HDT721010SLA360) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: (DATA) (Fixed) (Total:456.46 GB) (Free:9.37 GB) (Model: Hitachi HDT721010SLA360) NTFS Drive f: () (Fixed) (Total:32.78 GB) (Free:2.67 GB) (Model: SAMSUNG HD322GJ) NTFS Drive g: () (Fixed) (Total:931.5 GB) (Free:163.66 GB) (Model: TOSHIBA DT01ACA100) NTFS Drive h: (M2 SSD) (Fixed) (Total:238.47 GB) (Free:147.04 GB) (Model: SAMSUNG MZALQ256HAJD-000L2) NTFS Drive i: (SSD 1TB) (Fixed) (Total:931.5 GB) (Free:669.24 GB) (Model: ATA CT1000BX500SSD1 USB Device) NTFS Drive x: () (Fixed) (Total:258.97 GB) (Free:3.97 GB) NTFS \\?\Volume{15cd3326-b920-46c9-b28c-b70bad11e12c}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{e6f540d6-e954-4e04-b120-b3a646385ade}\ () (Fixed) (Total:0.82 GB) (Free:0.21 GB) NTFS \\?\Volume{401393d9-4133-439b-ad8f-9dff1fb0d914}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: C807C807) Partition: GPT. ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: A703A703) Partition: GPT. ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: D9FA2484) Partition 1: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (Size: 111.8 GB) (Disk ID: 3438D90E) Partition: GPT. ========================================================== Disk: 4 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 307D971B) Partition 1: (Active) - (Size=475 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=456.5 GB) - (Type=07 NTFS) ========================================================== Disk: 5 (Size: 1024 byte) (Disk ID: 6F20736B) No partition Table on disk 5. Disk 5 is a removable device. ========================================================== Disk: 6 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= |
30.12.2023, 13:58 | #3 |
/// TB-Ausbilder | Trojaner oobe-maintenance ?Mein Name ist Matthias und ich werde dir bei der Analyse und Bereinigung deines Systems helfen. Leider wurde dein Thema scheinbar übersehen. Benötigst du immer noch Hilfe? |
30.12.2023, 16:03 | #4 |
| Trojaner oobe-maintenance ? Ja, brauche noch Hilfe. Kleines Update> habe die Datei sofort gelöscht. Da sie weder von AVG Internet Security Premium noch von Malewarebytes erkannt wurde. Auch bei einem Scan haben beide gesagt, die Datei wäre in Ordnung. Erst ist auch nichts. weiter passiert.Leider wurden dann Kurz danach meine Konten alle geändert. Ich habe weder im Browser noch bei google Passwörter gespeichert.Dennoch hatten diese Personen scheinbar alle meine Passwörter. Ich habe aber auch keine Passwörter mehr nach dem Trojaner eingegeben. Daher wunderte mich der Zugriff auf Amazon und Co wo ich nicht mal eingeloggt war. |
31.12.2023, 10:32 | #5 |
/// TB-Ausbilder | Trojaner oobe-maintenance ? Es könnte sein, dass durch diese Datei eine Schadsoftware ausgeführt wurde, die dann deine Zugangsdaten abgegriffen hat Es könnte auch sein, dass Kriminelle online in ein Konto eingebrochen sind (entweder weil du es schlecht gesichert hattest oder weil der Anbieter Sicherheitslücken hatte) und du für verschiedene Dienste ähnliche oder schwache Passwörter verwendet hast. Wir sehen uns das Ganze an. Du solltest (sofern noch nicht geschehen), von einem sauberen System alle Passwörter für Online-Konten ändern. Wann ist das Ganze mit dem Trainer passiert? am 23.12. ? Hast du die Software "Honeygain" bewusst/absichtlich installiert? Wir beginnen mit einer Spezialsuche mit FRST. Schritt 1
Geändert von M-K-D-B (31.12.2023 um 11:07 Uhr) |
04.01.2024, 20:17 | #6 |
/// TB-Ausbilder | Trojaner oobe-maintenance ? Fehlende Rückmeldung Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und ein eigenes Thema erstellen! |
15.01.2024, 11:39 | #7 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner oobe-maintenance ? Hier ist mindestens eine gecrackte Software im Spiel: Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Trojaner oobe-maintenance ? |
192.168.0.2, antivirus, blockiert, cid, downloader, firefox, google, home, homepage, installation, internet, mozilla, programm, prozesse, realtek, rundll, scan, security, software, spam, svchost.exe, trojaner, usb, virus, windows |