|
Log-Analyse und Auswertung: Windows10: Windows Defender meldet Wacatac.B!ml TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.01.2024, 15:07 | #1 |
| Windows10: Windows Defender meldet Wacatac.B!ml Trojaner Frohes neues Jahr allerseits. Während dem Programmieren mit Visual Studio hat der Windows Defender mir gesagt, er habe den Trojaner Wacatac.B!ml in einer Zip Datei gefunden. Diese Zip Datei war ca. ein halbes Jahr alt und beinhaltete soweit ich mich errinern kann, Pixelarts von einem ehemaligen Kollegen. Es kann auch sein dass ich diese über ein Online Tool editiert habe und diese Zip Datei das Ergebnis war. Der Zip Ordner war (wsl. dank des Windows Defender) nicht mehr zu finden. Daraufhin habe ich jegliche Dateien die damit zu tun hatten in meinem Download Ordner entfernt. Da diese Dateien alle älter sind und schon öfter von mir verwendet und bewegt wurden wollte ich einmal sicher gehen, dass ich mir nichts eingefangen habe. Schonmal danke für eure Hilfe. Logfiles: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2024 durchgeführt von soere (Administrator) auf DESKTOP-5Q9M6SE (Gigabyte Technology Co., Ltd. B550 GAMING X V2) (02-01-2024 14:58:55) Gestartet von C:\Users\soere\Downloads\FRST64.exe Geladene Profile: soere Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3803 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: Chrome Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe (C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6> (Discord Inc. -> Discord Inc.) C:\Users\soere\AppData\Local\Discord\app-1.0.9028\Discord.exe <6> (explorer.exe ->) () [Datei ist nicht signiert] C:\Program Files\Student Printer\StudentPrinterNotifier.exe (explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe (explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <22> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe (services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe (services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe (services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\Gigabyte\GService\GCloud.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4e58e7ac1d277d04\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe (svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa\iCloud\secd.exe (svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe (svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13129552 2023-04-17] (SteelSeries ApS -> SteelSeries ApS) HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [613048 2023-05-24] (geek software GmbH -> geek software GmbH) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot) HKLM\...\Run: [Student Printer Notifier] => C:\Program Files\Student Printer\StudentPrinterNotifier /NSC-Print2005 /S (Keine Datei) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [126403424 2022-03-21] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2017432 2022-10-03] (Cisco Systems, Inc. -> Cisco Systems, Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1129440 2023-07-07] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-07-07] (Adobe Inc. -> ) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-10-04] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [Opera GX Stable] => C:\Users\soere\AppData\Local\Programs\Opera GX\launcher.exe [2296224 2023-12-21] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-12-08] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11517400 2023-11-05] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\soere\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [MicrosoftEdgeAutoLaunch_D06D155AFA9627861CD2DF456863381A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70918144 2023-12-12] (Riot Games, Inc. -> Riot Games, Inc.) HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [OpenOffice Updater] => C:\Users\soere\AppData\Roaming\OpenOffice Updater\Updater.exe [367480 2021-07-28] (Arne Koenig -> ) <==== ACHTUNG HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2189592 2023-11-15] (Wargaming Group Limited -> Wargaming.net) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2023-06-14] (Adobe Inc. -> Adobe Systems Inc) HKLM\...\Print\Monitors\SC-Print2005 Port: C:\WINDOWS\system32\Scp2005.dll [86016 2006-10-05] (SHARP CORPORATION) [Datei ist nicht signiert] HKLM\...\Print\Monitors\SHARP SS0E PCL6 Language Monitor: C:\WINDOWS\system32\SS0ELMON.dll [82432 2008-10-29] (Microsoft Windows Hardware Compatibility Publisher -> SHARP CORPORATION) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.130\Installer\chrmstp.exe [2023-12-26] (Google LLC -> Google LLC) Startup: C:\Users\soere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2023-12-20] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {89F79AE4-6FC1-4D8B-ABC5-C83AD03D7BBE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.) Task: {9DE7381A-2A22-44CB-9E8E-DE86B9DB535A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {4761AB65-2EB8-4DBA-B363-EB1BB63258D1} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {E2DF46A3-154E-4F4E-841B-EBC0312061EE} - System32\Tasks\Apple Diagnostics => C:\Users\soere\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2023-11-05] () [symlink -> ] Task: {E065378C-AD96-4468-9AA1-FEAD5624AA7B} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [17280 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {66150742-C1EE-491F-8CE0-8AD39ED3A86B} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [20352 2021-10-11] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {63722F1F-D81A-48CD-98D2-B64997FD97CE} - System32\Tasks\GoogleUpdateTaskMachineCore{A41DCD2B-2FF8-4999-B73F-6AF40C1E8F0E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-05] (Google LLC -> Google LLC) Task: {32EEC457-2BB0-4F27-A65E-163EECD92A58} - System32\Tasks\GoogleUpdateTaskMachineUA{7175B6DF-9778-4709-B595-1C3D2228B04C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-05] (Google LLC -> Google LLC) Task: {BBA9BABA-119C-41BD-A3DF-53E17A3D5D6D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {BFB4F3F5-D3E0-464F-A8CD-2C501E70F382} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {08A8D9F8-628D-4778-AE2B-241B166B7C9A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Task: {C7EDF46D-33B6-4ECC-A88C-9F802A64CCDC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Task: {9A957E72-1469-47D7-81F9-003720741BE0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Task: {D0999FC1-B596-4D70-8896-603625662A47} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [254944 2023-12-19] (Microsoft Corporation -> Microsoft) Task: {DF3991D1-AEC7-4781-8182-05F0321810B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {0197451D-13C5-4DC9-A7EB-2D8DEAF5AE20} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A0AEC091-3FDA-4208-8572-26733F77390A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5A1FFA93-DCA9-48AB-B785-A492AA729982} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {42DC5350-D9BC-45F9-BE8A-C44C81E9ADEC} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-08-18] () [Datei ist nicht signiert] Task: {8AC7E60E-24CC-4096-ABEF-D97A14ABE453} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {A4A52C8E-09EC-454B-86CB-7647B187DD9D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0C288D0C-4CBC-4FE7-9C95-0ACF5E57037A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7DF4EDF3-1D12-4A86-AD24-12BBCC704147} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BFBCCA3D-53DA-40B6-A1E2-D7BA88389AAD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B4A8AF76-F668-4BEB-AD0B-BAFEA01A143F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A1F4FEE5-C7F1-4F08-A835-28CB307885DE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D039A8E1-6DC9-4D70-AE29-04FBBB33FEFF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C0C2C0AD-E53F-44E5-B403-D89E8AB7D82B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4C10CC4E-9E35-471E-88D0-6ECDAEEAE937} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {E85A9DD6-D95B-40C0-8C3F-E091A80F4AA5} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3788760031-3244841089-4271810839-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {11D80DC0-4185-4B5E-99C6-95DF5336B9B4} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1671713000 => C:\Users\soere\AppData\Local\Programs\Opera GX\launcher.exe [2296224 2023-12-21] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\soere\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {94B8093B-7437-43D1-9196-FC53C9D96070} - System32\Tasks\Opera GX scheduled Autoupdate 1671191861 => C:\Users\soere\AppData\Local\Programs\Opera GX\launcher.exe [2296224 2023-12-21] (Opera Norway AS -> Opera Software) Task: {672A480B-8CC8-4B91-90BD-75533E01AEB4} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2023-12-19] (Overwolf Ltd -> Overwolf LTD) Task: {D2DED964-54F7-42F7-9AFA-C8FC3B9E4321} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\Thermald.exe [392264 2022-09-30] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {5E9A7589-0229-459A-A06F-CE44EF7A39C8} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\Sensord.exe [257408 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{e13c1c24-5e02-4afe-8be7-4799848d372c}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{e13c1c24-5e02-4afe-8be7-4799848d372c}: [DhcpDomain] fritz.box Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\soere\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-18] Edge Extension: (Google Docs Offline) - C:\Users\soere\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17] Edge Extension: (Edge relevant text changes) - C:\Users\soere\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-17] FireFox: ======== FF DefaultProfile: xj0ozq91.default FF ProfilePath: C:\Users\soere\AppData\Roaming\Zotero\Zotero\Profiles\xj0ozq91.default [2023-07-25] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @java.com/DTPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-07-07] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-07-07] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default [2024-01-02] CHR Notifications: Default -> hxxps://meet.google.com CHR Extension: (BetterTTV) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-12-25] CHR Extension: (7TV) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-12-16] CHR Extension: (Watch2Gether) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2023-06-19] CHR Extension: (uBlock Origin) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-12-05] CHR Extension: (Axure RP Extension for Chrome) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\dogkpdfcklifaemcdfbildhcofnopogp [2022-12-16] CHR Extension: (Watch Netflix Together) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjglnlhapkoahdmanogpccpmmpnakje [2023-06-19] CHR Extension: (Google Docs Offline) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-16] CHR Extension: (Netflix Party is now Teleparty) - C:\Users\soere\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2023-12-05] CHR HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001) Opera GXStable - "C:\Users\soere\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-07-07] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4555744 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-07-19] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-07-27] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [954704 2023-11-04] (EasyAntiCheat Oy -> Epic Games, Inc.) R2 EasyTuneEngineService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe [147824 2022-06-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-11-04] (Epic Games Inc. -> Epic Games, Inc.) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2023-12-15] (Microsoft Corporation -> Microsoft Corporation) R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2023-11-15] (HP Inc. -> HP Inc.) R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [Datei ist nicht signiert] S2 OCButtonService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe [127360 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2023-12-15] (Microsoft Corporation -> Microsoft Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2023-12-19] (Overwolf Ltd -> Overwolf LTD) R2 Parsec; C:\Program Files\Parsec\pservice.exe [424584 2022-12-16] (Parsec Cloud, Inc. -> Parsec) R2 PDF24; C:\Program Files\PDF24\pdf24.exe [613048 2023-05-24] (geek software GmbH -> geek software GmbH) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35152 2023-04-17] (SteelSeries ApS -> ) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [802752 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates) S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [41416 2023-12-19] (Microsoft Corporation -> Microsoft) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 GigabyteUpdateService; C:\WINDOWS\system32\GigabyteUpdateService.exe [861328 2023-12-30] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4e58e7ac1d277d04\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4e58e7ac1d277d04\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1869904 2024-01-02] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM) R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [310208 2022-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.) R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [32296 2022-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.) R3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [45248 2022-12-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) S3 HoYoProtect; C:\WINDOWS\system32\HoYoKProtect.sys [3712576 2023-03-30] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo) R3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1092552 2021-12-03] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft) R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2022-12-16] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) R3 parsecvusba; C:\WINDOWS\System32\drivers\parsecvusba.sys [256560 2022-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Parsec) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [43472 2023-03-27] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS) R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [44456 2023-03-13] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS) R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [251776 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [262648 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates) R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1060600 2023-10-12] (Oracle Corporation -> Oracle and/or its affiliates) S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2022-10-03] (Cisco Systems, Inc. -> Cisco Systems, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation) S3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [244264 2023-04-19] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited) U4 npcap_wifi; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2024-01-02 14:58 - 2024-01-02 14:59 - 000035037 _____ C:\Users\soere\Downloads\FRST.txt 2024-01-02 14:58 - 2024-01-02 14:59 - 000000000 ____D C:\FRST 2024-01-02 14:58 - 2024-01-02 14:58 - 002387456 _____ (Farbar) C:\Users\soere\Downloads\FRST64.exe 2024-01-02 14:25 - 2024-01-02 14:25 - 000000083 _____ C:\Users\soere\Downloads\response_1704201913107.json 2024-01-02 14:19 - 2024-01-02 14:19 - 000000634 _____ C:\Users\soere\Downloads\response_1704201593400.json 2024-01-01 20:12 - 2024-01-01 20:12 - 000000005 _____ C:\Users\soere\Downloads\response_1704136341730.json 2024-01-01 20:11 - 2024-01-01 20:11 - 000000162 _____ C:\Users\soere\Downloads\response_1704136278174.json 2024-01-01 20:11 - 2024-01-01 20:11 - 000000003 _____ C:\Users\soere\Downloads\response_1704136302729.html 2024-01-01 20:09 - 2024-01-01 20:09 - 000000116 _____ C:\Users\soere\Downloads\response_1704136184047.json 2024-01-01 20:07 - 2024-01-01 20:07 - 000000114 _____ C:\Users\soere\Downloads\response_1704136034114.html 2024-01-01 20:04 - 2024-01-01 20:04 - 000000007 _____ C:\Users\soere\Downloads\response_1704135837572.html 2024-01-01 20:03 - 2024-01-01 20:03 - 000000128 _____ C:\Users\soere\Downloads\response_1704135781021.html 2024-01-01 16:04 - 2024-01-02 14:15 - 000000000 ____D C:\Users\soere\AppData\Local\SourceServer 2024-01-01 15:01 - 2024-01-01 15:01 - 000000146 _____ C:\Users\soere\Downloads\response_1704117671669.json 2024-01-01 15:00 - 2024-01-01 15:00 - 000000668 _____ C:\Users\soere\Downloads\response_1704117610744.json 2023-12-31 14:04 - 2023-12-31 14:04 - 000000000 ____D C:\Users\soere\AppData\Roaming\sqlitebrowser 2023-12-31 13:55 - 2023-12-31 13:55 - 000001386 _____ C:\Users\Public\Desktop\DB Browser (SQLite).lnk 2023-12-31 13:55 - 2023-12-31 13:55 - 000000000 ____D C:\Program Files\DB Browser for SQLite 2023-12-31 13:51 - 2023-12-31 13:51 - 018038784 _____ C:\Users\soere\Downloads\DB.Browser.for.SQLite-3.12.2-win64.msi 2023-12-30 00:49 - 2023-12-30 00:51 - 000389872 _____ C:\Users\soere\Downloads\Soren_Char.pdf 2023-12-29 23:20 - 2023-12-30 00:31 - 000024879 _____ C:\Users\soere\Documents\dndyannick.odt 2023-12-19 13:36 - 2023-12-31 13:22 - 000000000 ____D C:\Users\soere\AppData\Local\NuGet 2023-12-19 13:36 - 2023-12-19 13:36 - 000000000 ____D C:\Users\soere\.nuget 2023-12-19 13:32 - 2023-12-19 13:32 - 000000000 ____D C:\Users\soere\.librarymanager 2023-12-19 13:29 - 2023-12-19 13:32 - 000000000 ____D C:\Users\soere\AppData\Roaming\NuGet 2023-12-19 13:29 - 2023-12-19 13:29 - 000000000 ____D C:\Users\soere\AppData\Local\AzureFunctionsTools 2023-12-19 13:28 - 2023-12-19 13:28 - 000000000 ____D C:\Users\soere\Documents\My Web Sites 2023-12-19 13:28 - 2023-12-19 13:28 - 000000000 ____D C:\Users\soere\Documents\IISExpress 2023-12-19 13:28 - 2023-12-19 13:28 - 000000000 ____D C:\Program Files\IIS Express 2023-12-19 13:28 - 2023-12-19 13:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Web Tools 2023-12-19 13:28 - 2023-12-19 13:28 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2023-12-19 13:28 - 2023-12-19 13:28 - 000000000 ____D C:\Program Files (x86)\IIS Express 2023-12-19 13:22 - 2023-12-19 13:22 - 000000000 ____D C:\Users\soere\source 2023-12-19 13:00 - 2023-12-19 13:00 - 000001925 _____ C:\Users\soere\Downloads\BewerberAufgabe.md 2023-12-19 12:48 - 2023-12-19 12:52 - 000000000 ____D C:\ProgramData\Unity 2023-12-19 12:48 - 2023-12-19 12:48 - 000000000 ____D C:\Users\soere\AppData\Roaming\Unity 2023-12-19 12:48 - 2023-12-19 12:48 - 000000000 ____D C:\Users\soere\AppData\LocalLow\Unity 2023-12-19 12:48 - 2023-12-19 12:48 - 000000000 ____D C:\Users\soere\AppData\Local\Unity 2023-12-19 12:45 - 2023-12-20 03:30 - 000000000 ____D C:\Users\soere\AppData\Roaming\UnityHub 2023-12-19 12:45 - 2023-12-19 12:45 - 000000000 ____D C:\Users\soere\AppData\Roaming\Unity Hub 2023-12-14 02:41 - 2023-12-14 02:41 - 000000000 ____D C:\WINDOWS\InboxApps 2023-12-13 12:26 - 2023-12-13 12:26 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2023-12-13 12:22 - 2023-12-13 12:22 - 000000000 ___HD C:\$WinREAgent 2023-12-13 12:06 - 2023-12-13 12:06 - 000060767 _____ C:\Users\soere\Downloads\Twitch Extensions.zip 2023-12-12 14:29 - 2023-12-12 14:29 - 693065411 _____ C:\Users\soere\Downloads\ZuschauerSicht.mp4 2023-12-05 21:03 - 2023-12-05 21:03 - 000001892 _____ C:\Users\soere\Desktop\Game Center.lnk 2023-12-05 21:03 - 2023-12-05 21:03 - 000000779 _____ C:\Users\soere\Desktop\World of Tanks EU.lnk 2023-12-05 21:03 - 2023-12-05 21:03 - 000000000 ____D C:\Users\soere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net 2023-12-05 21:02 - 2023-12-05 21:02 - 004821648 _____ (Wargaming.net ) C:\Users\soere\Downloads\wargaming_game_center_install_eu_cxgo2ot6h7aw.exe 2023-12-05 21:02 - 2023-12-05 21:02 - 000000000 ____D C:\ProgramData\Wargaming.net 2023-12-05 20:59 - 2023-12-05 21:03 - 000000000 ____D C:\Users\soere\AppData\Roaming\Wargaming.net 2023-12-05 14:13 - 2023-12-05 14:13 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2023-12-05 14:10 - 2023-12-26 22:22 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-12-05 14:10 - 2023-12-26 22:22 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-12-05 14:10 - 2023-12-07 00:16 - 000004002 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{7175B6DF-9778-4709-B595-1C3D2228B04C} 2023-12-05 14:10 - 2023-12-07 00:16 - 000003878 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{A41DCD2B-2FF8-4999-B73F-6AF40C1E8F0E} 2023-12-05 14:10 - 2023-12-05 14:10 - 001375280 _____ (Google LLC) C:\Users\soere\Downloads\ChromeSetup.exe ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2024-01-02 14:57 - 2023-10-10 16:23 - 000000000 ____D C:\Users\soere\AppData\Roaming\Code 2024-01-02 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-01-02 14:45 - 2022-12-16 13:20 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-01-02 14:45 - 2022-12-16 12:59 - 000000000 ____D C:\Program Files (x86)\Google 2024-01-02 14:43 - 2023-07-06 11:57 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2024-01-02 14:14 - 2022-12-16 14:21 - 000000000 ____D C:\Users\soere\AppData\Local\Discord 2024-01-02 13:58 - 2023-10-10 17:19 - 000000000 ____D C:\Users\soere\AppData\Local\.IdentityService 2024-01-02 13:14 - 2022-12-16 14:21 - 000000000 ____D C:\Users\soere\AppData\Roaming\discord 2024-01-02 12:38 - 2023-04-27 12:19 - 000000000 ____D C:\Program Files\Star Rail 2024-01-02 12:25 - 2022-12-16 12:23 - 000000000 ____D C:\ProgramData\NVIDIA 2024-01-02 11:40 - 2023-05-04 19:45 - 001869904 _____ (ANTICHEATEXPERT.COM) C:\WINDOWS\system32\Drivers\ACE-BASE.sys 2024-01-02 11:16 - 2022-12-28 00:08 - 000004172 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{195588D5-9A54-4231-B7E9-89B086E55604} 2024-01-02 11:13 - 2022-12-29 16:11 - 000000000 ___RD C:\Users\soere\iCloudDrive 2024-01-01 23:00 - 2022-12-16 13:52 - 000000000 ____D C:\ProgramData\Riot Games 2024-01-01 22:05 - 2022-12-16 14:06 - 000000000 ____D C:\Program Files (x86)\Steam 2024-01-01 19:31 - 2022-12-16 13:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-01-01 16:04 - 2023-10-10 17:19 - 000000000 ____D C:\Users\soere\Documents\Visual Studio 2022 2023-12-31 13:26 - 2022-12-16 12:28 - 000000000 ____D C:\Users\soere\AppData\Local\D3DSCache 2023-12-31 13:23 - 2023-10-10 17:10 - 000000000 ____D C:\Users\soere\.dotnet 2023-12-31 13:22 - 2023-10-10 17:19 - 000000000 ____D C:\Users\soere\.templateengine 2023-12-31 12:52 - 2022-12-16 13:28 - 001723308 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-12-31 12:52 - 2019-12-07 15:51 - 000743838 _____ C:\WINDOWS\system32\perfh007.dat 2023-12-31 12:52 - 2019-12-07 15:51 - 000150260 _____ C:\WINDOWS\system32\perfc007.dat 2023-12-31 12:52 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2023-12-30 01:23 - 2022-12-16 19:20 - 000875536 _____ C:\WINDOWS\system32\wpbbin.exe 2023-12-30 01:23 - 2022-12-16 19:20 - 000861328 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe 2023-12-30 01:23 - 2022-12-16 13:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-12-30 01:23 - 2022-12-16 13:22 - 000008192 ___SH C:\DumpStack.log.tmp 2023-12-30 01:23 - 2022-12-16 12:24 - 000089232 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe 2023-12-30 01:23 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-12-28 00:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-12-28 00:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-12-26 03:56 - 2022-12-18 16:33 - 000000000 ____D C:\Users\soere\AppData\Local\CrashDumps 2023-12-25 16:41 - 2022-12-16 13:24 - 000004240 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1671191861 2023-12-25 16:41 - 2022-12-16 12:57 - 000001438 _____ C:\Users\soere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk 2023-12-25 16:39 - 2022-12-16 12:20 - 000002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-12-21 18:02 - 2023-10-10 17:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2023-12-21 18:02 - 2022-12-30 19:14 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-12-20 19:16 - 2022-12-16 14:21 - 000002231 _____ C:\Users\soere\Desktop\Discord.lnk 2023-12-19 18:46 - 2023-08-17 14:46 - 000000000 ____D C:\Program Files (x86)\Overwolf 2023-12-19 14:09 - 2022-12-29 17:42 - 000000000 ____D C:\Users\soere\AppData\Roaming\Microsoft\Teams 2023-12-19 13:36 - 2022-12-16 13:22 - 000000000 ____D C:\Users\soere 2023-12-19 13:29 - 2022-12-29 17:42 - 000002368 _____ C:\Users\soere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2023-12-19 13:28 - 2023-10-10 17:10 - 000000000 ____D C:\WINDOWS\SysWOW64\1033 2023-12-19 13:28 - 2023-10-10 17:10 - 000000000 ____D C:\WINDOWS\SysWOW64\1031 2023-12-19 13:28 - 2023-10-10 17:10 - 000000000 ____D C:\WINDOWS\system32\1033 2023-12-19 13:28 - 2023-10-10 17:10 - 000000000 ____D C:\WINDOWS\system32\1031 2023-12-19 13:28 - 2023-10-10 17:08 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2023-12-19 13:28 - 2023-10-10 17:05 - 000001433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2023-12-19 13:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-12-19 13:22 - 2022-12-16 12:24 - 000000000 __RHD C:\Users\Public\AccountPictures 2023-12-19 13:01 - 2023-10-10 16:23 - 000000000 ____D C:\Users\soere\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2023-12-19 12:45 - 2023-10-10 17:19 - 000000000 ____D C:\Users\soere\AppData\Local\unityhub-updater 2023-12-18 15:56 - 2023-06-06 17:14 - 000000000 ____D C:\ProgramData\XSplit 2023-12-15 21:21 - 2022-12-29 16:12 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-12-15 21:21 - 2022-12-29 16:12 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-12-15 21:21 - 2022-12-16 13:24 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3788760031-3244841089-4271810839-1001 2023-12-14 13:30 - 2022-12-16 12:24 - 000000000 ____D C:\Users\soere\AppData\Local\Packages 2023-12-14 02:42 - 2022-12-16 13:22 - 000484928 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-12-14 02:41 - 2023-10-30 13:56 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK 2023-12-14 02:41 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-12-14 02:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-12-14 02:41 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2023-12-13 12:28 - 2019-12-07 15:54 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2023-12-13 12:28 - 2019-12-07 15:54 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2023-12-13 12:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-12-13 12:26 - 2022-12-16 13:24 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-12-12 20:07 - 2022-12-16 12:23 - 000000000 ____D C:\ProgramData\Packages 2023-12-12 20:06 - 2022-12-16 12:25 - 000000000 ____D C:\Users\soere\AppData\Local\PlaceholderTileLogoFolder 2023-12-12 13:37 - 2023-09-14 13:43 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll 2023-12-12 13:37 - 2022-12-16 14:54 - 002754152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2023-12-12 13:37 - 2022-12-16 14:54 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2023-12-12 13:37 - 2022-12-16 14:54 - 000214632 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2023-12-12 13:37 - 2022-12-16 14:54 - 000194040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2023-12-12 13:37 - 2022-12-16 14:54 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2023-12-12 13:37 - 2022-12-16 14:54 - 000095736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe 2023-12-12 13:37 - 2022-12-16 14:54 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe 2023-12-08 00:54 - 2023-04-03 14:59 - 000000000 ____D C:\Users\soere\AppData\Roaming\texstudio 2023-12-07 19:06 - 2022-12-16 19:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-12-05 14:13 - 2023-07-29 23:00 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 2023-12-05 14:13 - 2023-07-06 11:58 - 000003506 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2023-12-05 14:13 - 2022-12-29 16:07 - 000000000 ____D C:\Program Files\Microsoft Office ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2023-09-11 20:39 - 2023-11-27 22:36 - 000000171 _____ () C:\Users\soere\AppData\Roaming\BattleBitConfig.ini 2023-10-17 23:37 - 2023-10-17 23:37 - 000000016 _____ () C:\Users\soere\AppData\Roaming\obs-virtualcam.txt 2023-07-06 11:55 - 2023-07-06 11:55 - 000000410 _____ () C:\Users\soere\AppData\Local\oobelibMkey.log 2023-11-14 17:54 - 2023-11-15 11:22 - 000000128 _____ () C:\Users\soere\AppData\Local\PUTTY.RND 2023-09-04 02:39 - 2023-09-04 02:39 - 000007605 _____ () C:\Users\soere\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
02.01.2024, 15:08 | #2 |
| Logs Teil 2Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01.01.2024 durchgeführt von soere (02-01-2024 15:00:02) Gestartet von C:\Users\soere\Downloads Microsoft Windows 10 Pro Version 22H2 19045.3803 (X64) (2022-12-16 12:24:25) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-3788760031-3244841089-4271810839-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3788760031-3244841089-4271810839-503 - Limited - Disabled) Gast (S-1-5-21-3788760031-3244841089-4271810839-501 - Limited - Disabled) soere (S-1-5-21-3788760031-3244841089-4271810839-1001 - Administrator - Enabled) => C:\Users\soere WDAGUtilityAccount (S-1-5-21-3788760031-3244841089-4271810839-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) @BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.22.0718.1 - GIGABYTE) Hidden @BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.22.0718.1 - GIGABYTE) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 23.006.20380 - Adobe) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.11.0.522.1 - Adobe Inc.) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.4.0.63 - Adobe Inc.) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.254 - Amazon) AMD Product Verification Tool Version 1.0.6.4 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.6.4 - AMD) APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.23.1106.1 - Gigabyte) Hidden APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.23.1106.1 - Gigabyte) Application Verifier x64 External Package (DesktopEditions) (HKLM\...\{BA9EBE5B-CA3F-21B4-486D-A9B00754150A}) (Version: 10.1.22621.1778 - Microsoft) Hidden Application Verifier x64 External Package (OnecoreUAP) (HKLM\...\{C6C99077-7B71-0E55-3B00-2F2A4E3F85E4}) (Version: 10.1.22621.1778 - Microsoft) Hidden Audacity 3.2.4 (HKLM\...\Audacity_is1) (Version: 3.2.4 - Audacity Team) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.06079 - Cisco Systems, Inc.) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{F4BACC43-70D3-4CCF-A0C6-89512F64CBB4}) (Version: 4.10.06079 - Cisco Systems, Inc.) Hidden ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{22E13608-4DB0-4977-A267-3AAFA09CD54A}) (Version: 4.8.09037 - Microsoft Corporation) Hidden CodeBlocks (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\CodeBlocks) (Version: 20.03 - The Code::Blocks Team) CPUID HWMonitor 1.48 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.48 - CPUID, Inc.) CurseForge 0.237.1-14012 (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 0.237.1-14012 - Overwolf) DB Browser for SQLite (HKLM\...\{5211034D-495B-4A5E-9B8D-8961BBB2B9E2}) (Version: 3.12.2 - DB Browser for SQLite Team) DiagnosticsHub_CollectionService (HKLM\...\{FECAFEB5-8D0E-4AE4-8FA0-745BAA835C35}) (Version: 17.3.32601 - Microsoft Corporation) Hidden Discord (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Discord) (Version: 1.0.9008 - Discord Inc.) EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.22.1128 - GIGABYTE) Hidden EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.22.1128 - GIGABYTE) EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.22.1128 - GIGABYTE) Hidden EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.22.1128 - GIGABYTE) ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_DRAM_RGB_AIO (HKLM\...\{40514BA6-1FC2-4BBD-84A2-504634A97196}) (Version: 1.0.4.16 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{ca38f41e-a37c-41b2-82e3-28b215743448}) (Version: 1.0.4.16 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.10.4 - ENE Tech) Hidden ENE_External_Device_HAL (HKLM-x32\...\{38581c7d-8a6c-4129-9046-8f5df621478b}) (Version: 1.0.10.4 - ENE Tech) Hidden ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden ENE_X_AIC_HAL (HKLM-x32\...\{ec10ac91-2e61-460a-b493-33f794a07682}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden Entity Framework 6.2.0 Tools for Visual Studio 2022 (HKLM-x32\...\{3EDA2628-CE9D-4024-B0FC-669A477C3728}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{AB5BDF68-EFC7-4115-81E9-DE8A34292D21}) (Version: 1.3.80.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.) Essential Mod Installer (HKLM\...\{CC46337A-A85B-41A1-81AF-F33229A353A6}) (Version: 2.0.5 - ModCore Inc) FileZilla 3.66.1 (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\FileZilla Client) (Version: 3.66.1 - Tim Kosse) FTB App (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Overwolf_cmogmmciplgmocnhikmphehmeecmpaggknkjlbag) (Version: 1.23.829.1248 - Overwolf app) Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.27.0.0 - COGNOSPHERE PTE. LTD.) Git (HKLM\...\Git_is1) (Version: 2.41.0 - The Git Development Community) GitMind 1.0.8 (HKLM-x32\...\a0e10d84-6512-552f-a0ec-5dd2e61ffe64) (Version: 1.0.8 - Apowersoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.130 - Google LLC) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.19.0624.1 - GIGABYTE) IBM SPSS Statistics (HKLM\...\{09FBF63E-3FDB-48D1-B2BC-B6AC7709ABE0}) (Version: 29.0.0.0 - IBM Corp) icecap_collection_neutral (HKLM-x32\...\{9802507D-A556-4DAD-9342-F93D5F4F7C52}) (Version: 17.7.33906 - Microsoft Corporation) Hidden icecap_collection_x64 (HKLM\...\{C473D717-C41F-4DB5-86DA-4AC02801E6C4}) (Version: 17.7.33905 - Microsoft Corporation) Hidden icecap_collectionresources (HKLM-x32\...\{09B45D72-E1C8-4BD7-829C-03B633A40321}) (Version: 17.7.33906 - Microsoft Corporation) Hidden icecap_collectionresourcesx64 (HKLM-x32\...\{3765F7CC-9C33-417A-9DA7-D21813E8ECDD}) (Version: 17.7.33905 - Microsoft Corporation) Hidden iCloud Outlook (HKLM\...\{11727D12-D910-486F-9B36-B496F4AB334D}) (Version: 14.1.0.108 - Apple Inc.) IIS 10.0 Express (HKLM\...\{0DCE4558-8BF6-4C7A-B293-CDDDCE047934}) (Version: 10.0.08009 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden iVCam 7.0 (HKLM\...\iVCam_is1) (Version: 7.0.4 - e2eSoft) jamovi 2.3.21.0 (HKLM-x32\...\jamovi 2.3.21.0) (Version: 2.3.21.0 - The jamovi Project) Java 8 Update 391 (64-bit) (HKLM\...\{71324AE4-039E-4CA4-87B4-2F64180391F0}) (Version: 8.0.3910.13 - Oracle Corporation) Kits Configuration Installer (HKLM-x32\...\{08C5C88B-AB42-CE32-959B-9D9185692A0D}) (Version: 10.1.22621.1778 - Microsoft) Hidden Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{2D018AF1-91F2-4451-AECD-A802520315AD}) (Version: 4.8.09037 - Microsoft Corporation) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) League of Legends PBE (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Riot Game league_of_legends.pbe) (Version: - Riot Games, Inc) Lightworks (HKLM\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 2023.1.139219 - LWKS Software Ltd.) Microsoft .NET 6.0 Templates 7.0.401 (x64) (HKLM\...\{6B1026AB-7025-4966-8B71-815C6F44BA86}) (Version: 24.7.49314 - Microsoft Corporation) Hidden Microsoft .NET 7.0 Templates 7.0.401 (x64) (HKLM\...\{E6549237-EFBC-4F0B-9B8A-C9B8BE55E42A}) (Version: 28.6.49314 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.22 (x64) (HKLM\...\{00492157-700E-4270-A84F-998D6F5F120E}) (Version: 48.88.905 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.22 (x64_arm) (HKLM\...\{9BC43809-EB59-42FE-AE11-AE8AA69BA284}) (Version: 48.88.905 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.22 (x64_arm64) (HKLM\...\{9197674C-A168-4F44-81F4-7F12F613B481}) (Version: 48.88.905 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 6.0.22 (x64_x86) (HKLM\...\{693031F5-1322-49FB-B103-E407EF141250}) (Version: 48.88.905 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 7.0.11 (x64) (HKLM\...\{B4590CD9-297D-4441-B5FC-9712E40BD049}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 7.0.11 (x64_arm) (HKLM\...\{8B3A80E7-5F65-4C09-9F44-C0FF12BA1991}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 7.0.11 (x64_arm64) (HKLM\...\{8B2F0265-640E-4B82-B443-9ED055D7E3AA}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft .NET AppHost Pack - 7.0.11 (x64_x86) (HKLM\...\{9D2F1EC9-6DFA-45FF-A15C-A37374D5E8A5}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft .NET CoreRuntime For CoreCon (HKLM-x32\...\{48A8F171-52F2-372B-8414-EA50617708BE}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft .NET CoreRuntime SDK (HKLM-x32\...\{12702494-9E6A-3F5E-9441-2B7D258A639B}) (Version: 1.1.27004.0 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.7.1 Targeting Pack (HKLM-x32\...\{5686C5E9-A3B3-451E-A2EA-4C246CDE5CC9}) (Version: 4.7.02558 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.8 SDK (Deutsch) (HKLM-x32\...\{5F62E29E-C154-44CB-81D6-696FB3474844}) (Version: 4.8.03761 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.11 (x64) (HKLM\...\{B92B890A-04F2-4880-BA20-20D4364FB263}) (Version: 48.47.50420 - Microsoft Corporation) Hidden Microsoft .NET Host - 7.0.11 (x64) (HKLM\...\{2F2A55AD-B437-48AD-A8EE-B7900DBB74A2}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft .NET Host - 7.0.11 (x86) (HKLM-x32\...\{C08F670C-372D-4A53-86D0-0C76569524A9}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.11 (x64) (HKLM\...\{5E63E49B-C88C-46C5-855C-A7B07C11CDC8}) (Version: 48.47.50420 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 7.0.11 (x64) (HKLM\...\{46EFE56D-D4FA-41C4-B4A8-758472829352}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 7.0.11 (x86) (HKLM-x32\...\{11EC5621-9865-4AF6-BECB-50C29F8EAD5A}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft .NET Native SDK (HKLM-x32\...\{EF0C772D-F5E3-36D0-BDAB-FD378533CD40}) (Version: 15.0.24211.07 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.11 (x64) (HKLM\...\{C3DD1448-513A-4DB8-978D-6991562EA63D}) (Version: 48.47.50420 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.22 (x64) (HKLM\...\{853BA4E9-D41A-4FF6-AB22-A6FFDD77EA78}) (Version: 48.88.905 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.22 (x86) (HKLM-x32\...\{9CDBBEFF-3784-4101-BFEA-11659F6497D6}) (Version: 48.88.905 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 7.0.11 (x64) (HKLM\...\{D6647DA1-8C22-49DF-B7A4-DAFBC309FF62}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 7.0.11 (x86) (HKLM-x32\...\{613053BB-5A78-4018-A7FD-20BFA3E373D8}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft .NET SDK 7.0.401 (x64) from Visual Studio (HKLM\...\{C99997AA-882F-4530-BEC3-A77CCA751665}) (Version: 7.4.123.42530 - Microsoft Corporation) Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden Microsoft .NET Targeting Pack - 6.0.22 (x64) (HKLM\...\{E5ED75AE-C585-4E92-ABB1-C73D15B6FCFB}) (Version: 48.88.905 - Microsoft Corporation) Hidden Microsoft .NET Targeting Pack - 6.0.22 (x86) (HKLM-x32\...\{324616CF-99AE-4160-88A2-5266E2D5B8E3}) (Version: 48.88.905 - Microsoft Corporation) Hidden Microsoft .NET Targeting Pack - 7.0.11 (x64) (HKLM\...\{7C543980-5CE7-435D-A17E-B90E75A7111C}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft .NET Targeting Pack - 7.0.11 (x86) (HKLM-x32\...\{67CF9667-F2D7-4D6F-B6FA-E3C56621AB38}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft .NET Toolset 7.0.401 (x64) (HKLM\...\{1F882F1D-C6F4-483F-B089-97FB8136CC0D}) (Version: 28.6.49314 - Microsoft Corporation) Hidden Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.17029.20068 - Microsoft Corporation) Microsoft ASP.NET Core 6.0.22 Shared Framework (x64) (HKLM\...\{9AE95AE3-1EA4-3A47-960F-45FBA5AC756D}) (Version: 6.0.22.23424 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 6.0.22 Shared Framework (x86) (HKLM-x32\...\{5D55F55A-53F2-3096-8C7C-154607E2BC3C}) (Version: 6.0.22.23424 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 6.0.22 Targeting Pack (x64) (HKLM\...\{62B3D87C-C00E-3D18-84E2-4B82862F6F5C}) (Version: 6.0.22.23424 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 6.0.22 Targeting Pack (x86) (HKLM-x32\...\{FBF5C5E5-71CF-347B-A294-33B8CBF68F1C}) (Version: 6.0.22.23424 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 7.0.11 Shared Framework (x64) (HKLM\...\{CA88828A-2892-3C7C-A537-E06862C1A1AD}) (Version: 7.0.11.23425 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 7.0.11 Shared Framework (x86) (HKLM-x32\...\{84445AF1-1ABE-3A32-8688-B47113FF6C6F}) (Version: 7.0.11.23425 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 7.0.11 Targeting Pack (x64) (HKLM\...\{10F73512-ACEB-3547-B80E-F5DA3D26AEE0}) (Version: 7.0.11.23425 - Microsoft Corporation) Hidden Microsoft ASP.NET Core 7.0.11 Targeting Pack (x86) (HKLM-x32\...\{03D37CA6-E965-30CB-8D92-04997C2353C7}) (Version: 7.0.11.23425 - Microsoft Corporation) Hidden Microsoft ASP.NET Core Module for IIS Express (HKLM\...\{FAFEE5E3-E00A-4CE8-B495-8F66A5FAB236}) (Version: 12.2.18292.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Core Module V2 for IIS Express (HKLM\...\{F0E9CE77-BF19-4BBE-B228-A42F782F82E4}) (Version: 17.0.22116.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Diagnostic Pack for Visual Studio (HKLM-x32\...\{E8302952-8B6E-39D2-994B-D5C98B0CFDD5}) (Version: 17.7.273.65229 - Microsoft Corporation) Hidden Microsoft Command Line Utilities 15 for SQL Server (HKLM\...\{41C0DB18-1790-465E-B0DD-D9CAA35CACBE}) (Version: 15.0.1300.359 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.91 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.91 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft NetStandard SDK (HKLM-x32\...\{737FDDA7-B944-4CB5-92D9-3D56373BD301}) (Version: 15.0.51105 - Microsoft Corporation) Hidden Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{97FA5676-7F15-4C39-BFA1-CE67BA1833C2}) (Version: 17.7.2.1 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation) Microsoft SQL Server 2019 LocalDB (HKLM\...\{36E492B8-CB83-4DA5-A5D2-D99A8E8228A1}) (Version: 15.0.4153.1 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Teams) (Version: 1.6.00.33567 - Microsoft Corporation) Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.23.33413 - Microsoft) Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}) (Version: 17.0.0.5175695 - Microsoft) Hidden Microsoft UniversalWindowsPlatform SDK (HKLM-x32\...\{C756420B-C91C-4410-8092-F49C24CEF594}) (Version: 15.9.16 - Microsoft) Hidden Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Debug Runtime - 14.36.32532 (HKLM\...\{44B8E53D-68C7-4FCD-A0D7-753CA2C2EF94}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Debug Runtime - 14.36.32532 (HKLM-x32\...\{B8E2B857-228D-4770-83BD-BACCFF4F7738}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.85.1 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.8.2112.61926 - Microsoft Corporation) Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{486A2339-BB19-41D7-94F9-AF5A112ABCA7}) (Version: 3.7.2174.19405 - Microsoft Corporation) Hidden Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{1E349A5D-32BC-40E1-9C54-92CF63F7F8FD}) (Version: 3.7.2174.19405 - Microsoft Corporation) Hidden Microsoft Web Deploy 4.0 (HKLM\...\{CAB76C8B-BA50-46D3-A9A2-C8B7F9F338BD}) (Version: 10.0.7421 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM\...\{A39D4115-3A27-4245-AE92-3214B8B21932}) (Version: 48.47.50419 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM-x32\...\{c4846f79-a633-4ae4-92a3-92fdbeb33da2}) (Version: 6.0.11.31823 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM\...\{6B3108CD-E279-4795-BCBF-BDEA037A7913}) (Version: 48.88.914 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.22 (x86) (HKLM-x32\...\{40C49971-4ED3-401F-9759-B1D1A571ECE8}) (Version: 48.88.914 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 7.0.11 (x64) (HKLM\...\{5821D2E1-1595-4753-AC3E-C87CA97A88BA}) (Version: 56.44.917 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 7.0.11 (x86) (HKLM-x32\...\{805502BD-C5C4-45FD-8959-7B020DF70889}) (Version: 56.44.917 - Microsoft Corporation) Hidden Microsoft Windows Desktop Targeting Pack - 6.0.22 (x64) (HKLM\...\{E00BA379-8B79-448C-B6CF-8E378BF0B1C5}) (Version: 48.88.914 - Microsoft Corporation) Hidden Microsoft Windows Desktop Targeting Pack - 6.0.22 (x86) (HKLM-x32\...\{1588932A-9A33-4B01-8C5F-5EA0642C73FB}) (Version: 48.88.914 - Microsoft Corporation) Hidden Microsoft Windows Desktop Targeting Pack - 7.0.11 (x64) (HKLM\...\{18020BBB-E7E7-4693-A125-655E16BE2440}) (Version: 56.44.917 - Microsoft Corporation) Hidden Microsoft Windows Desktop Targeting Pack - 7.0.11 (x86) (HKLM-x32\...\{D2528EB1-542A-4FFF-B69E-6ECCE7A1C640}) (Version: 56.44.917 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft.NET.Sdk.Android.Manifest-7.0.100 (x64) (HKLM\...\{A3FC67E9-CDFB-431B-933D-5BD4D58ED7C7}) (Version: 33.0.68 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.iOS.Manifest-7.0.100 (x64) (HKLM\...\{C2593731-0B45-4357-8595-06EAF40278A7}) (Version: 16.4.7098 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.MacCatalyst.Manifest-7.0.100 (x64) (HKLM\...\{FC74E30E-B060-4571-8FB9-FEA87879BAAD}) (Version: 16.4.7098 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.macOS.Manifest-7.0.100 (x64) (HKLM\...\{0A15F72C-8F66-464E-B712-7B7DCF9918E3}) (Version: 13.3.7098 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.Maui.Manifest-7.0.100 (x64) (HKLM\...\{F743B197-AB4A-4E7E-AB0D-8FE1E906141F}) (Version: 7.0.92 - Microsoft Corporation) Hidden Microsoft.NET.Sdk.tvOS.Manifest-7.0.100 (x64) (HKLM\...\{001D765B-88DF-49F0-BA26-71C3FD9160E2}) (Version: 16.4.7098 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{865931E6-4859-49E4-98AB-15A010B1CF49}) (Version: 56.44.898 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{1E19FDB1-9EA4-4C55-A5AF-1687016C18A8}) (Version: 56.44.898 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{9DC6E8FE-E22F-404C-B1F4-77BA208FF4BD}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{39EED48F-6686-44DB-AECB-5ABD6EDFFFE6}) (Version: 56.44.907 - Microsoft Corporation) Hidden Microsoft-System-CLR-Typen für SQL Server 2019 (HKLM\...\{A2494B75-7366-47C0-A58F-C41BEE9317E6}) (Version: 15.0.2000.5 - Microsoft Corporation) MiKTeX (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\MiKTeX) (Version: 22.10 - MiKTeX.org) Modrinth App (HKLM\...\{B922AC30-B821-4212-A382-6B98120AAB65}) (Version: 0.6.1 - modrinth) MSI Development Tools (HKLM-x32\...\{6588C8DD-86E9-BA17-9AC0-5970EE2A9785}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Node.js (HKLM\...\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}) (Version: 18.16.0 - Node.js Foundation) Npcap (HKLM-x32\...\NpcapInst) (Version: 1.71 - Nmap Project) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation) NVIDIA Grafiktreiber 537.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 537.42 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 28.1.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20068 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden OpenOffice 4.1.14 (HKLM-x32\...\{67817932-052B-4DB6-8E7C-A78585923709}) (Version: 4.114.9811 - Apache Software Foundation) OpenOffice Updater (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice) <==== ACHTUNG Opera GX Stable 105.0.4970.63 (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Opera GX 105.0.4970.63) (Version: 105.0.4970.63 - Opera Software) Oracle VM VirtualBox 7.0.12 (HKLM\...\{09581F4C-7DBB-473B-A6BB-D4A317D108A9}) (Version: 7.0.12 - Oracle and/or its affiliates) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.240.0.6 - Overwolf Ltd.) Paket zur Festlegung von "Doc Redirected"-Zielversionen von Microsoft .NET Framework 4.7.1 (Deutsch) (HKLM-x32\...\{5B970BE4-A2F2-41BD-8B91-FEA8DAA1DB9B}) (Version: 4.7.02558 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.7.2 (Deutsch) (HKLM-x32\...\{98FE7C2A-22A4-401A-B45B-2AA107C06DD7}) (Version: 4.7.03062 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen von Microsoft .NET Framework 4.8 (Deutsch) (HKLM-x32\...\{9E68042B-8597-4DE3-BA10-D1198BA9316B}) (Version: 4.8.03761 - Microsoft Corporation) Hidden Parsec (HKLM-x32\...\Parsec) (Version: 150-86h - Parsec Cloud Inc.) Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.1 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{07236f40-ec25-4646-8cb6-b6aaf1597324}) (Version: 1.1.0.1 - Patriot Memory) Hidden PDF24 Creator 11.12.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.12.1 - PDF24.org) RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.22.1130.1 - Gigabyte) Riot Client (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc) SDK ARM Additions (HKLM-x32\...\{7BE28BCD-F5C4-709B-7152-56D9CBA82A80}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden SDK ARM Redistributables (HKLM-x32\...\{400003B3-6DEC-963F-86D9-D0C39AF12D89}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Shotcut (HKLM\...\Shotcut) (Version: 23.05.07 - Meltytech, LLC) SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.22.1128 - GIGABYTE) Hidden SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.22.1128 - GIGABYTE) Smart Backup (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.21.0326.1 - GIGABYTE) Star Rail (HKLM\...\Star Rail) (Version: 2.31.0.0 - COGNOSPHERE PTE. LTD.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries GG 36.0.0 (HKLM\...\SteelSeries GG) (Version: 36.0.0 - SteelSeries ApS) Student Printer (HKLM\...\Student Printer) (Version: 2022-07-30 - Computer Science Students' Representative Council) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.8070 - Microsoft Corporation) TeXstudio - TeXstudio is a fully featured LaTeX editor. (HKLM\...\TeXstudio) (Version: 4.5.1 - Benito van der Zander) Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version: - Ubisoft) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 137.0.10799 - Ubisoft) Unity Hub 2.4.4 (HKLM\...\{Unity Technologies - Hub}) (Version: 2.4.4 - Unity Technologies Inc.) Universal CRT Extension SDK (HKLM-x32\...\{640AA136-3DC4-1E64-E317-0E5A58658D98}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{A29C2470-79D9-5644-B949-05F9593D09D5}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{0BA20A07-3F89-098A-CA1E-669C59DCCC82}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{56745E0F-0674-D1D9-03CC-ABBC176F265B}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Universal CRT Tools x86 (HKLM-x32\...\{22FCC062-E9CA-536E-BEC3-F8297BD57FEB}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{2774FBBA-82BB-2BBA-905E-493262010D5C}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) vcpp_crt.redist.clickonce (HKLM-x32\...\{5865805E-5B1F-4816-8592-AF25683E5ED3}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Visual C++ Library CRT Appx Package (HKLM-x32\...\{431D0FD2-34E7-4EA0-956E-DE5F8D18B5DF}) (Version: 14.37.32822 - Microsoft Corporation) Hidden Visual C++ Library CRT Appx Package (HKLM-x32\...\{F1EAA7E7-CD69-4FCE-869B-7E59057589F3}) (Version: 14.37.32822 - Microsoft Corporation) Hidden Visual C++ Library CRT Appx Resource Package (HKLM-x32\...\{E22DED42-0B61-4D61-84F8-0CE733607180}) (Version: 14.37.32822 - Microsoft Corporation) Hidden Visual C++ Library CRT ARM64 Appx Package (HKLM-x32\...\{CFB5CF5F-8935-4A23-B31E-355BAE870A06}) (Version: 14.37.32822 - Microsoft Corporation) Hidden Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{3EE6653A-8320-40F2-A506-A71E0086D818}) (Version: 14.37.32822 - Microsoft Corporation) Hidden Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{977F76D8-20EA-4FB2-9A27-93555841D297}) (Version: 14.37.32822 - Microsoft Corporation) Hidden Visual C++ Library CRT Desktop Appx Package (HKLM-x32\...\{FBB34C9D-5CB0-492D-9E08-8EF9A8355EE4}) (Version: 14.37.32822 - Microsoft Corporation) Hidden Visual Studio Community 2022 (HKLM-x32\...\4cc60441) (Version: 17.7.4 - Microsoft Corporation) VS Immersive Activate Helper (HKLM-x32\...\{FFFF1EAF-0FE4-4E67-82C2-CA5DB41BB093}) (Version: 17.0.125.0 - Microsoft Corporation) Hidden VS JIT Debugger (HKLM\...\{C17B72FB-7790-44C0-B897-9BEE0BAD5BA0}) (Version: 17.0.125.0 - Microsoft Corporation) Hidden VS Script Debugging Common (HKLM\...\{D56DC014-C4C1-4330-B32B-D9785DAE7BCB}) (Version: 17.0.125.0 - Microsoft Corporation) Hidden vs_BlendMsi (HKLM-x32\...\{A4E5108B-BA9A-448A-9340-0D7D80FF83CB}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsi (HKLM-x32\...\{56A6FFBE-06B3-458A-8A85-F4A53A110F0A}) (Version: 17.7.33927 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsires (HKLM-x32\...\{38A4F53D-3A39-47A2-AB6E-B31E516D993B}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_clickoncesigntoolmsi (HKLM-x32\...\{BCB997A7-B596-4751-B89B-99EE68BBEB2A}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{8B51A705-B3BC-44BD-A15E-44B72999FF3F}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_communitysharedmsi (HKLM-x32\...\{E3B95A13-C589-4E09-A331-5843B7D2BE17}) (Version: 17.7.33906 - Microsoft Corporation) Hidden vs_communityx64msi (HKLM\...\{25142701-E789-4B30-BE5D-1ABBC6A73C58}) (Version: 17.7.33906 - Microsoft Corporation) Hidden vs_CoreEditorFonts (HKLM-x32\...\{1851460E-0E63-4117-B5BA-25A2F045801B}) (Version: 17.7.40001 - Microsoft Corporation) vs_devenvsharedmsi (HKLM-x32\...\{BCE6B32B-B6BE-4029-B885-589381E9A3E5}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_devenx64vmsi (HKLM\...\{FEC0DB40-683B-4DA9-9835-536BA563875F}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{437AA1D3-B32C-48B8-B990-DFC40B4377A5}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{7ACDEE02-0D96-45EE-BD1F-04B02E8BA9DF}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{7D10063F-E04A-445A-A26C-3A9DD0F1A9D4}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_githubprotocolhandlermsi (HKLM-x32\...\{91BC038F-2A3C-4104-B97B-FC591FFAF908}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_Graphics_Singletonx64 (HKLM\...\{4F12BBE1-044E-4512-8726-BA8AE304E877}) (Version: 17.7.33906 - Microsoft Corporation) Hidden vs_Graphics_Singletonx86 (HKLM-x32\...\{21249F7B-9083-4D74-8194-0DFFF543C847}) (Version: 17.7.33906 - Microsoft Corporation) Hidden vs_minshellinteropsharedmsi (HKLM-x32\...\{F83B6F23-E63B-4C23-AE0F-CB77CAC4670B}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_minshellinteropx64msi (HKLM\...\{2F52726C-4CCD-499D-A4F7-D5DBDF18D413}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{5F691D02-FA35-46C9-A0C1-9060DA4B6472}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_minshellsharedmsi (HKLM-x32\...\{C86459CD-1FF9-445C-AFEE-C06CFD8E5E9E}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_minshellx64msi (HKLM\...\{CC6B3835-25A7-401A-88B2-F6766E04DE67}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{AD69B2F8-7768-4E45-B372-EE930C6A5075}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_tipsmsi (HKLM-x32\...\{CBD590CF-5A4F-4475-BDBA-22B28E1E854E}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_vswebprotocolselectormsi (HKLM-x32\...\{11E5CECF-CE4F-4C38-95A0-27D601417219}) (Version: 17.7.33905 - Microsoft Corporation) Hidden vs_vswebprotocolselectormsires (HKLM-x32\...\{DEBE9767-941B-43A3-8935-22301D1F87F7}) (Version: 17.7.33905 - Microsoft Corporation) Hidden VSDC Free Video Editor Version 8.1.3.459 (HKLM\...\VSDC Free Video Editor_is1) (Version: 8.1.3.459 - Flash-Integro LLC) Wargaming.net Game Center (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\Wargaming.net Game Center) (Version: 23.6.0.4252 - Wargaming.net) WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden Websuche (Chrome/Edge) (HKLM-x32\...\Websuche) (Version: - Websuche) <==== ACHTUNG WinAppDeploy (HKLM-x32\...\{310841C5-1EAE-7693-ADCB-DD3F2CA16939}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows App Certification Kit Native Components (HKLM\...\{3C39ADF8-779F-9BBA-A032-EBCB2E618D88}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{983A0FB8-8F3E-6CDA-505D-E650FEEFF907}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows App Certification Kit x64 (HKLM-x32\...\{84F44941-C1F3-A926-B1F6-F4D4F5312700}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows App Certification Kit x64 (OnecoreUAP) (HKLM-x32\...\{6B177C76-BD5E-1C9D-B18B-3860057D9186}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows Desktop Extension SDK (HKLM-x32\...\{91463BCA-7E2D-010F-E689-6D4FDC4884FD}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows Desktop Extension SDK Contracts (HKLM-x32\...\{50B4CEAC-AE60-974A-85BE-307E43E0AAB2}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows IoT Extension SDK (HKLM-x32\...\{9B611744-77A6-58BF-B043-A75948644418}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows IoT Extension SDK Contracts (HKLM-x32\...\{E8047A08-108F-3B12-CA3D-2BB7A69BEB7D}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows Mobile Extension SDK (HKLM-x32\...\{236F8426-0EDC-8E92-F9DE-3F21AFDE576B}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows Mobile Extension SDK Contracts (HKLM-x32\...\{14C45195-F2B9-8C5E-0974-4A8ACE2770DA}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK (HKLM-x32\...\{37EDECAB-0393-12BD-23BF-BB35B2E44910}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK AddOn (HKLM-x32\...\{342873C0-1C08-4A99-82B6-50D1D2043E5A}) (Version: 10.1.0.0 - Microsoft Corporation) Windows SDK ARM Desktop Tools (HKLM-x32\...\{0994A06F-313E-DD5F-B75A-58DCB28F8455}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Desktop Headers arm (HKLM-x32\...\{25CABEFE-6666-3AED-0960-24FA8E6329D4}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Desktop Headers arm64 (HKLM-x32\...\{18835C47-DC12-7D82-1466-0E2A8D43F6DA}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Desktop Headers x64 (HKLM-x32\...\{8004B497-910B-A5FE-2CEA-261220EA03FB}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Desktop Headers x86 (HKLM-x32\...\{19CBC7DA-8683-39C0-BF1E-AE50161DECCF}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Desktop Libs arm (HKLM-x32\...\{5520C5D7-40CA-9018-7E5E-7D24FEADBF06}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Desktop Libs arm64 (HKLM-x32\...\{E1D05688-46C6-7802-6B8A-A80452EBD536}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Desktop Libs x64 (HKLM-x32\...\{249C17D8-6368-5E32-0750-8B63EAA6DB27}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Desktop Libs x86 (HKLM-x32\...\{E92BF341-5C12-4D71-2EB9-DEF3301D975A}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Desktop Tools arm64 (HKLM-x32\...\{CE0988DF-C585-2975-C86C-043A10183B43}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Desktop Tools x64 (HKLM-x32\...\{3F039884-4CF9-3792-2E59-DFC613A7B787}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Desktop Tools x86 (HKLM-x32\...\{B81A53BF-1CC8-05CA-CE18-73B5795CA40A}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK DirectX x64 Remote (HKLM\...\{E900C16E-16BC-3334-C580-C397ADF00392}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK DirectX x86 Remote (HKLM-x32\...\{7722657D-1A18-AA7C-6C96-D0F6EBB9D569}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK EULA (HKLM-x32\...\{2A8763AF-718C-F79C-1B72-40A40DB7D747}) (Version: 10.1.22621.1778 - Microsoft Corporations) Hidden Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{87547313-9E8E-2905-B204-DE1F14247A0A}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps (HKLM-x32\...\{B9068540-804E-5916-3AC5-6B8C8A4A29C2}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{24D631F1-E024-CDED-9826-6FDE7B302F1B}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{8FB84296-2AF4-0C83-9119-A0C87121D23C}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{63C391A4-5D95-C0CE-AE64-DD6116633AA6}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{27E80A91-CAE2-7EE1-3976-9147E470DAE4}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{8B66D078-B5E0-DF10-9D1D-23107F6377BB}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{1ABAD1A7-0E0B-1151-F8A9-B0E0361D3911}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{DF5D9024-4E78-3241-11AD-8CEDA96E8161}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{266B39D5-0BA1-1B07-C88D-CE6E2020DA2F}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{E519CE76-5D10-DF0F-E8D1-E6F904C6A1B0}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Redistributables (HKLM-x32\...\{1B8B240B-64B3-7BB0-28EA-B4FD3E014EE9}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows SDK Signing Tools (HKLM-x32\...\{1627AF2C-A038-4515-2E99-79DB644304F9}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows Software Development Kit - Windows 10.0.22621.1778 (HKLM-x32\...\{d7f51c79-38df-4c6f-be17-0fcce28bc257}) (Version: 10.1.22621.1778 - Microsoft Corporation) Windows Team Extension SDK (HKLM-x32\...\{31EC808C-5E4A-7598-2D10-F4DC5AACF712}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Windows Team Extension SDK Contracts (HKLM-x32\...\{B2FD09CB-D8C8-0740-4C4F-E857316106DB}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden windows_toolscorepkg (HKLM-x32\...\{84E8051D-7D22-4FED-897D-D9D487FFC2B2}) (Version: 17.7.33906 - Microsoft Corporation) Hidden Winmail Opener 1.7 (HKLM-x32\...\Winmail Opener) (Version: 1.7 - Eolsoft) WinRT Intellisense Desktop - en-us (HKLM-x32\...\{D320C576-1179-C3CF-3366-499E70687CBC}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{EF6A42E0-4415-8A2A-0CA5-5D63B04C2B61}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{D4E07266-9BA3-A41B-4534-A7C2E9A37552}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{BBF83174-085D-AB2A-521F-43B0ECC090E4}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{3E5645DA-FC25-A1B6-4B51-DC709D49C0A4}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{432C3C3F-F542-0F19-5B4E-F7D26CF0E4A6}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{07FD1393-AF25-3DE9-F7B3-1480ADEC9455}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{48AC78E4-28A1-A892-7D52-880A96BC8319}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0267F209-4CB6-3E80-6E7D-98756838E8F5}) (Version: 10.1.22621.1778 - Microsoft Corporation) Hidden Wireshark 4.0.5 64-bit (HKLM-x32\...\Wireshark) (Version: 4.0.5 - The Wireshark developer community, hxxps://www.wireshark.org) World of Tanks EU (HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\1247805424) (Version: - Wargaming.net) WPT Redistributables (HKLM-x32\...\{7CB8E267-B43F-847D-FA5E-5EE44CA144C6}) (Version: 10.1.22621.1778 - Microsoft) Hidden WPTx64 (DesktopEditions) (HKLM-x32\...\{01E60261-D451-5AD3-8304-B33FEBD5F5BC}) (Version: 10.1.22621.1778 - Microsoft) Hidden WPTx64 (OnecoreUAP) (HKLM-x32\...\{A2D060A4-5312-54F0-8E90-8C0CB3962939}) (Version: 10.1.22621.1778 - Microsoft) Hidden Zotero (HKLM-x32\...\Zotero 6.0.26 (x86 en-US)) (Version: 6.0.26 - Corporation for Digital Scholarship) Packages: ========= Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2023-07-11] (Adobe Systems Incorporated) Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2023-11-17] () Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2023-07-07] (Adobe Systems Incorporated) Adobe XD -> C:\Program Files\WindowsApps\Adobe.XD_57.0.12.14_x64__pc75e8sa7ep4e [2023-07-10] (Adobe Inc.) AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-15] (Microsoft Corporation) Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2023.11.13.0_neutral__6rarf9sa4v8jt [2023-11-21] (Disney) HEVC-Videoerweiterungen -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.0.61933.0_x64__8wekyb3d8bbwe [2023-08-13] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-15] (HP Inc.) iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa [2023-11-05] (Apple Inc.) [Startup Task] Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-01-07] (Microsoft Corporation) Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23320.3027.2591.1505_x64__8wekyb3d8bbwe [2023-12-28] (Microsoft) [Startup Task] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.5101.0_x64__8wekyb3d8bbwe [2023-12-15] (Microsoft Studios) Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2023-12-21] (Microsoft Studios) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-09-27] (NVIDIA Corp.) PlayScore 2 -> C:\Program Files\WindowsApps\OrganumLimited.30940FE7B5E68_1.2.6.0_x64__zg76e4ax0jf7e [2023-11-27] (Organum Limited) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-09] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0 [2023-12-09] (Spotify AB) [Startup Task] XboxInsiderHub -> C:\Program Files\WindowsApps\Microsoft.XboxInsider_1.2311.14001.0_x64__8wekyb3d8bbwe [2023-11-18] (Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3788760031-3244841089-4271810839-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F3DBD83F99D4} -> [Creative Cloud Files] => C:\Users\soere\Creative Cloud Files [2023-07-10 13:09] CustomCLSID: HKU\S-1-5-21-3788760031-3244841089-4271810839-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-3788760031-3244841089-4271810839-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\soere\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23334.10\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3788760031-3244841089-4271810839-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-3788760031-3244841089-4271810839-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-3788760031-3244841089-4271810839-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\soere\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3788760031-3244841089-4271810839-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) CustomCLSID: HKU\S-1-5-21-3788760031-3244841089-4271810839-1001_Classes\CLSID\{F327D00B-F1C4-41CA-B390-A7505D64A223} -> [iCloud Drive] => C:\Users\soere\iCloudDrive [2022-12-29 16:11] ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-07-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-07-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-07-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-07-07] (Adobe Inc. -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-09-07] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-15] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4e58e7ac1d277d04\nvshext.dll [2023-09-14] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-07-07] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-09-07] (Adobe Inc. -> Adobe Systems Inc.) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [Datei ist nicht signiert] HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2023-11-03 19:52 - 2023-11-03 19:52 - 001934336 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll 2022-08-24 11:45 - 2022-08-24 11:45 - 000242176 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\Gigabyte\AppCenter\yccV3.dll 2021-11-05 17:07 - 2021-11-05 17:07 - 000236544 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [Datei ist nicht signiert] C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\yccV3.dll 2022-12-16 14:54 - 2023-12-12 13:37 - 000634880 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\SYSTEM32\gameplatformservices.dll 2022-12-29 16:10 - 2022-12-29 16:10 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll 2022-12-29 16:10 - 2022-12-29 16:10 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll 2006-10-05 23:46 - 2006-10-05 23:46 - 000086016 _____ (SHARP CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\Scp2005.dll 2015-10-14 01:15 - 2015-10-14 01:15 - 002042368 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\Gigabyte\AppCenter\osvi.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\soere\AppData\Local\Microsoft:ISBD1 [68] AlternateDataStreams: C:\Users\soere\AppData\Local\Microsoft:ISBD2 [33] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Incorporated) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM - Smart Backup - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Incorporated) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\sharepoint.com -> hxxps://unisaarlandde-files.sharepoint.com ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2023-10-30 13:57 - 2023-10-30 14:12 - 000000534 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.20.150.126 c9feb202-1c22-4b77-ba43-e80175761bc3.mshome.net # 2023 11 1 6 13 12 25 979 172.20.144.1 DESKTOP-5Q9M6SE.mshome.net # 2028 10 6 28 13 12 25 979 ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\nodejs\;C:\Program Files\Git\cmd;C:\Program Files\dotnet\;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\ HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\soere\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tctd2_youtube_2560x1440_001.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) ist aktiviert. Network Binding: ============= Ethernet 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) Ethernet 3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) vEthernet (Ethernet 3): Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) vEthernet (Ethernet 3): VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) vEthernet (Ethernet): VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) vEthernet (Ethernet): Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\Run: => "PDF24" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "Greenshot" HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D06D155AFA9627861CD2DF456863381A" HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\StartupApproved\Run: => "Opera GX Stable" HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer" HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\StartupApproved\Run: => "RiotClient" HKU\S-1-5-21-3788760031-3244841089-4271810839-1001\...\StartupApproved\Run: => "Wargaming.net Game Center" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{B4AA7C82-213B-4D9B-A286-86564975D6D8}] => (Allow) LPort=9009 FirewallRules: [{6818E747-692C-4C2A-A03D-8AB292A0683C}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{2A4B827C-8637-49B5-97C5-9718F16BE5BF}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{B0B52761-6FEC-4302-BACB-7F97BFFB254D}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{3B3EC928-C54B-4E40-A9BC-85AE881636E5}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) FirewallRules: [UDP Query User{5CAD3730-1B55-41E6-981B-3A71F0F1A922}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) FirewallRules: [{ECE268DE-40BC-464A-9875-CF919C11B07D}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{EEC34B4F-910D-4AEF-B44D-DA2B09CAC8AB}C:\users\soere\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\soere\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{555BB53E-3A3F-4F2A-8653-1FF0CF36B273}C:\users\soere\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\soere\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{552CB6E1-575F-4FF6-9729-94F231848145}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BCF9B1A8-8194-445A-AB94-81630D61E716}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{610467CF-0452-44A4-AA98-5B8D2F14B42A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{43FE6005-7DD4-47DF-B0D5-0CC2D4538AC8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{A2160CDD-06F0-4B13-93BA-C9CB1ABA4D97}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4C39B510-298E-4560-96A5-BA6A24816E06}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{EB5028A2-C723-4DFE-920D-6ECE2E8A0250}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 22\x64\FarmingSimulator2022Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{D83A2CC6-02A2-4F68-8AE2-A38667E84F5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 22\x64\FarmingSimulator2022Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{6EDDCEC9-DB2C-4C23-A1D4-A223AE98A1D4}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{97346856-9BF9-4106-877D-72F7304FF0E5}C:\users\soere\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\soere\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{69BACB1F-FEA4-4D55-A60F-E62C20D0B9FF}C:\users\soere\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\soere\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{FE001141-7395-4063-A677-3033BA7158BE}] => (Allow) LPort=9009 FirewallRules: [{1D7B35C5-9B21-4153-8C54-64293E173693}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [{8846ECE0-25FC-4CA0-8450-2B1ABB8AE64C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [{6552DF15-C4AD-4ED9-BFA8-0D9FD533E8F9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [{91766EFD-0243-41D3-992C-8A435F06AAD2}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [{CFA5D676-D4B7-493F-B9F2-E94A0461F631}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe => Keine Datei FirewallRules: [{71901288-A041-4321-B146-B3F4E24C8133}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Star Wars - The Skywalker Saga\LEGOSTARWARSSKYWALKERSAGA_DX11.exe => Keine Datei FirewallRules: [TCP Query User{85FBF44F-B817-40CF-9DF5-E42E938E32F1}C:\users\soere\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\soere\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [UDP Query User{D4599155-9069-4E1B-AE32-43D421EED0EE}C:\users\soere\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\soere\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [TCP Query User{EC07055C-4AB7-497B-A0D2-7EEEF7CF58D3}C:\program files (x86)\steam\steamapps\common\farming simulator 22\x64\farmingsimulator2022game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\farming simulator 22\x64\farmingsimulator2022game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [UDP Query User{2C1F40E0-49C4-41F4-899B-517484557A16}C:\program files (x86)\steam\steamapps\common\farming simulator 22\x64\farmingsimulator2022game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\farming simulator 22\x64\farmingsimulator2022game.exe (GIANTS Software GmbH -> GIANTS Software GmbH) FirewallRules: [{C1F6F739-288B-4FF4-A077-91855D18EA0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brotato\Brotato.exe (Blobfish Games) [Datei ist nicht signiert] FirewallRules: [{68FAB15E-0957-4A93-A480-4844B89F3736}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brotato\Brotato.exe (Blobfish Games) [Datei ist nicht signiert] FirewallRules: [{1314521B-3516-4C88-A9C9-C1C6963D8411}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CF17F5B8-C81F-4FBC-9A63-EF7CBE4E9301}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{48AE210E-12A0-41AA-B0B6-2F2BE1AD974E}C:\program files (x86)\apowersoft\gitmind\gitmind.exe] => (Block) C:\program files (x86)\apowersoft\gitmind\gitmind.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [UDP Query User{AE5B6DEA-559E-4D43-BFA5-F56F09B13E72}C:\program files (x86)\apowersoft\gitmind\gitmind.exe] => (Block) C:\program files (x86)\apowersoft\gitmind\gitmind.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [{A1510211-8D34-44F0-9C26-5687CFC309B3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division 2\TheDivision2.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [{69C7C648-4B05-4EF2-9A9D-C52D26966775}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{A059A04E-4BD7-4962-AD3B-A9B77353823D}C:\users\soere\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\soere\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{29B4E1BD-5AC9-4A16-BB9B-B272BD6CF879}C:\users\soere\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\soere\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{524FBCF3-E494-43A8-B4C5-92E90A175E97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Police Simulator Patrol Officers\Boston.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{8CE25C12-75F5-44C0-8A00-D9B8D023A200}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Police Simulator Patrol Officers\Boston.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{74C034F0-8523-45D7-B74D-1121B1887A96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FLERP\FLERP.exe () [Datei ist nicht signiert] FirewallRules: [{456D305E-3507-4935-B628-AFC62CF7FA99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FLERP\FLERP.exe () [Datei ist nicht signiert] FirewallRules: [{52A39A3B-653B-4298-BA56-ED6CCD0D72EC}] => (Allow) LPort=9009 FirewallRules: [{BB3D3AAF-F3A1-492B-8936-9FF4F59BCA29}] => (Allow) LPort=9009 FirewallRules: [{356CB03F-3C22-4999-A0C1-CA2E8A58D065}] => (Allow) LPort=9009 FirewallRules: [{F2E949F8-413C-489D-BED4-44BF64A38E45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [Datei ist nicht signiert] FirewallRules: [{05F06522-55FB-4812-8A4A-6DDA39F95400}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [Datei ist nicht signiert] FirewallRules: [{5634C954-F4D8-4AEF-B6AA-CBAA03EDF558}] => (Allow) LPort=9009 FirewallRules: [{C95266EE-80B9-4012-977C-6F25DA36FE90}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{FDB8C30D-ED5C-45AF-8895-243AF2B4C1E6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{06997A28-2275-4289-AE08-3AED8246881A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{61FC28A4-4C97-43D6-AFA8-AB77D0A8DA68}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{E9ECED16-5D9E-4AEC-801E-67542C0E95E5}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe (Shanghai Yitu Information Technology Co., Ltd. -> ) FirewallRules: [UDP Query User{651545AB-BF75-417D-B26C-4B0B67FC2928}C:\program files\e2esoft\ivcam\ivcam.exe] => (Allow) C:\program files\e2esoft\ivcam\ivcam.exe (Shanghai Yitu Information Technology Co., Ltd. -> ) FirewallRules: [{D68ECA90-81FC-4283-A71E-645BE6855BA9}] => (Allow) LPort=9009 FirewallRules: [{F0CBE250-A9B4-4FD9-8F27-0FCA60EBD239}] => (Allow) C:\Program Files\Lightworks\lightworks.exe (LWKS Software Ltd. -> LWKS Software Ltd) FirewallRules: [{1261FACA-98A9-44DC-9CA5-D5E2983DA9F8}] => (Allow) C:\Program Files\Lightworks\lightworks.exe (LWKS Software Ltd. -> LWKS Software Ltd) FirewallRules: [{A73CB0D7-1F56-43B9-AAC9-98D1B196C47D}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe (LWKS Software Ltd. -> LWKS Software Ltd) FirewallRules: [{1AAAD12B-C81B-48E9-9708-674374C0A3F7}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe (LWKS Software Ltd. -> LWKS Software Ltd) FirewallRules: [{8ACEAE00-60A0-4C15-801A-542D5C40580C}] => (Allow) LPort=9009 FirewallRules: [{67A2967F-9030-42E5-BFDB-29A53F86B8ED}] => (Allow) LPort=9009 FirewallRules: [{8CEAFA71-B3BB-4282-8726-0C6BC64886CD}] => (Allow) LPort=9009 FirewallRules: [{4DB4E8D4-F20F-4403-9370-C05ADD8A59E5}] => (Allow) LPort=9009 FirewallRules: [{87344279-DF2A-43DD-83F6-36239C7F7E88}] => (Allow) C:\Program Files\Parsec\parsecd.exe (Parsec Cloud, Inc. -> Parsec) FirewallRules: [{8768EE19-3545-4E69-B0E7-332A9B91D4D4}] => (Allow) LPort=9009 FirewallRules: [{8A81990B-51E9-46AB-A292-6B8AAFA32DFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei FirewallRules: [{962DD838-F74D-46A7-A928-F654711893FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei FirewallRules: [{4B86E17F-4858-4782-8032-CB01608B9A0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{50E6AC36-44F7-45A1-9FBD-5F4F0A336C0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Rock Galactic\FSD.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{7D440C90-3549-4C3A-8B48-E05B9B54C86C}C:\users\soere\desktop\ss\v2.4\project 1.exe] => (Allow) C:\users\soere\desktop\ss\v2.4\project 1.exe => Keine Datei FirewallRules: [UDP Query User{9DD3D663-BE38-402A-A831-9E5C5BEFE00B}C:\users\soere\desktop\ss\v2.4\project 1.exe] => (Allow) C:\users\soere\desktop\ss\v2.4\project 1.exe => Keine Datei FirewallRules: [{8C9F4BFD-92E7-4506-9879-00B147755F20}] => (Allow) LPort=9009 FirewallRules: [{AE4671B2-2C5D-4E56-9E50-A63F43230660}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{9E453290-7E2E-480D-B616-6151680D5F7A}C:\users\soere\appdata\local\discord\app-1.0.9012\discord.exe] => (Block) C:\users\soere\appdata\local\discord\app-1.0.9012\discord.exe => Keine Datei FirewallRules: [UDP Query User{4E8D922E-14AF-4375-AE00-91CDB0BF00BF}C:\users\soere\appdata\local\discord\app-1.0.9012\discord.exe] => (Block) C:\users\soere\appdata\local\discord\app-1.0.9012\discord.exe => Keine Datei FirewallRules: [TCP Query User{218DEB68-BB72-4326-89A7-5CCBD2C71488}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{5B775AC3-9201-4BA6-A438-4036C1865B3F}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{CE9F04BD-8FA8-4176-98CE-FE2FFAE43C83}C:\program files\ibm\spss statistics\stats.exe] => (Allow) C:\program files\ibm\spss statistics\stats.exe (International Business Machines Corporation -> IBM Corp.) FirewallRules: [UDP Query User{5884A71B-8C94-4994-AEB1-9E86A8C888F4}C:\program files\ibm\spss statistics\stats.exe] => (Allow) C:\program files\ibm\spss statistics\stats.exe (International Business Machines Corporation -> IBM Corp.) FirewallRules: [TCP Query User{8BE71594-6E48-4977-A3DA-F2AE543FE590}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{E088F9F0-D62A-45C8-959D-6654836E4487}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{42C04A28-8F54-4043-ABF1-EBAD20894A0B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{47D9F5A5-1458-4A1C-AE9E-32AF7F53894A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{AD6589D5-8657-45F5-9571-E9A5C181E49D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{8E1BFE37-41EE-4FED-9222-EF42688B52E5}C:\program files\star rail\games\starrail.exe] => (Allow) C:\program files\star rail\games\starrail.exe (COGNOSPHERE PTE. LTD. -> HoYoVerse SG) FirewallRules: [UDP Query User{1891C070-9CD3-478C-A5E6-5E6DEC7A655C}C:\program files\star rail\games\starrail.exe] => (Allow) C:\program files\star rail\games\starrail.exe (COGNOSPHERE PTE. LTD. -> HoYoVerse SG) FirewallRules: [TCP Query User{49E9824A-B471-48A8-B4AA-0A3E6D4FB71D}C:\program files\star rail\games\starrail_data\plugins\x86_64\zfgamebrowser.exe] => (Allow) C:\program files\star rail\games\starrail_data\plugins\x86_64\zfgamebrowser.exe (COGNOSPHERE PTE. LTD. -> ) FirewallRules: [UDP Query User{F7F3ACA7-0AC6-414F-A457-6D9EDBFFB19C}C:\program files\star rail\games\starrail_data\plugins\x86_64\zfgamebrowser.exe] => (Allow) C:\program files\star rail\games\starrail_data\plugins\x86_64\zfgamebrowser.exe (COGNOSPHERE PTE. LTD. -> ) FirewallRules: [{89A19995-B0C1-45D6-8C21-3B6B835F26A8}] => (Allow) LPort=9009 FirewallRules: [{054FD0B9-4047-43BE-BADC-D526CDE99182}] => (Allow) LPort=9009 FirewallRules: [{F4A75FDC-FCA0-4790-83AF-B2E2FA80BB1D}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC) FirewallRules: [{4F7CBFC3-DE76-4BD1-99C5-33D4A17B5BF4}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC) FirewallRules: [{473D986E-8968-482D-A5C7-CE53C61295E7}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC) FirewallRules: [{2BF4296A-6D3A-4FD8-8DF2-E6D0F626BDCB}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC) FirewallRules: [{CF6D3FE3-9FDE-4D99-8673-FFD9110389A4}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC) FirewallRules: [{D9DE11C8-7BE1-4143-BED7-47EEAD785407}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC) FirewallRules: [{1E7CC769-EB70-41EE-9066-498F59639EA5}] => (Allow) LPort=9009 FirewallRules: [{2DCFBFDD-268A-4317-887F-430E29994A96}] => (Allow) LPort=9009 FirewallRules: [{0F526F2C-8336-48F8-AF8D-6377E29C2DF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe (Robot Entertainment, Inc.) [Datei ist nicht signiert] FirewallRules: [{C24BBC2A-9EDF-4FC2-A1ED-0BC8315455FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die!\Build\release\OrcsMustDie.exe (Robot Entertainment, Inc.) [Datei ist nicht signiert] FirewallRules: [{07AF03AA-198A-4C27-82A2-135F1E0E3CE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe (Robot Entertainment) [Datei ist nicht signiert] FirewallRules: [{6E5CCC09-3B33-4B14-9A10-B5920FE6171E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe (Robot Entertainment) [Datei ist nicht signiert] FirewallRules: [TCP Query User{C5B4E7AA-3FEB-47F3-8085-AF2A5C83930E}C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe (Robot Entertainment, Inc.) [Datei ist nicht signiert] FirewallRules: [UDP Query User{EC18FA0F-51EF-4AFB-AB62-DB77DE57F99A}C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe (Robot Entertainment, Inc.) [Datei ist nicht signiert] FirewallRules: [{9E62DB67-AC20-44AA-B3A5-BAE1C97FC108}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{87DB6562-0FEA-467A-B1D1-527351E580D1}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{78BE8E6F-1DE4-47EA-BD0B-FAE710232FC0}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{0A05C4A1-ABFE-4E09-BE91-17EEB13CE820}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Datei ist nicht signiert] FirewallRules: [{B00ED326-4795-426D-A057-2EA0502C112A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Datei ist nicht signiert] FirewallRules: [TCP Query User{C8E9290F-D9B8-4C1F-9E90-608F00C6BB04}C:\users\soere\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\soere\appdata\local\discord\app-1.0.9013\discord.exe => Keine Datei FirewallRules: [UDP Query User{7325F555-5749-43E5-87FB-D0E8675D0D83}C:\users\soere\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\soere\appdata\local\discord\app-1.0.9013\discord.exe => Keine Datei FirewallRules: [{5F94D073-BFF1-4487-BD44-D78C86262103}] => (Allow) LPort=9009 FirewallRules: [{358776C7-FB99-445E-BD93-B4BEF8323075}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [Datei ist nicht signiert] FirewallRules: [{F53ACAA3-8730-466B-8451-426A313A3DBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OxygenNotIncluded\OxygenNotIncluded.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{12A91082-A564-4C3D-99BB-8C7F567280EE}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [Datei ist nicht signiert] FirewallRules: [UDP Query User{9B329EC5-D188-4286-9DC1-BE59C7C8B369}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [Datei ist nicht signiert] FirewallRules: [{51989FA6-BAFE-4FBD-822D-8487479934A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Construction Simulator\ConSim.exe () [Datei ist nicht signiert] FirewallRules: [{DB3AA416-A6BC-4D73-A96F-7CADB6B4D9CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Construction Simulator\ConSim.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{E85A1DCB-32DA-43F6-B016-34D3A0A54921}C:\users\soere\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\soere\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe FirewallRules: [UDP Query User{96BCFE5D-6454-432C-BDDC-7827283C2BE1}C:\users\soere\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\soere\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe FirewallRules: [{42959857-63FD-4257-BF61-AF961169431E}] => (Allow) LPort=9009 FirewallRules: [{5DEC9F69-E462-42C7-8DDE-5BDCFF015B66}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{A5A6D4D1-9903-4FF4-8F6A-CB4712E066C5}C:\users\soere\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\soere\appdata\local\enlisted\launcher.exe => Keine Datei FirewallRules: [UDP Query User{12EB76D2-E3D5-4942-B865-632D0C14433E}C:\users\soere\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\soere\appdata\local\enlisted\launcher.exe => Keine Datei FirewallRules: [TCP Query User{8C9F2E1D-4FD4-4BB0-8FA3-7B80245D5D27}C:\users\soere\appdata\local\enlisted\win64\enlisted.exe] => (Allow) C:\users\soere\appdata\local\enlisted\win64\enlisted.exe => Keine Datei FirewallRules: [UDP Query User{EC6CFA0D-C6A6-48E2-A04B-B1FA58CF7BCE}C:\users\soere\appdata\local\enlisted\win64\enlisted.exe] => (Allow) C:\users\soere\appdata\local\enlisted\win64\enlisted.exe => Keine Datei FirewallRules: [{BCCF2FD6-2ABD-49A9-91A4-19FF8A27CA7F}] => (Allow) LPort=9009 FirewallRules: [{5D2274EC-BA4E-4959-B3D8-51FE6FAA680B}] => (Allow) LPort=9009 FirewallRules: [{F90FF99C-1E49-4497-A36F-B7DEDA26F9B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe => Keine Datei FirewallRules: [{2C5E2728-B05F-41BF-87FE-E670C71D8423}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe => Keine Datei FirewallRules: [{8B9CDA96-8624-4724-A85B-2874F536A989}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{F54BB0CF-9A42-43D9-B392-B59F92FBA6B6}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => Keine Datei FirewallRules: [UDP Query User{61CD9500-CA22-4B48-9DB8-2A5CC5F84D89}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => Keine Datei FirewallRules: [{52D7026B-6398-4FD4-9169-FAA048C4D916}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{2364E87F-F40B-466C-AF72-75575D8972FC}E:\program files\musescore 4\bin\musescore4.exe] => (Allow) E:\program files\musescore 4\bin\musescore4.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{5EA56338-FBC1-489C-B04D-3862C0C107BA}E:\program files\musescore 4\bin\musescore4.exe] => (Allow) E:\program files\musescore 4\bin\musescore4.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{B479886B-5BE7-4972-88C8-89D510CAADCB}C:\users\soere\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.812.1236\jdk-17.0.1+12-minimal\bin\java.exe] => (Allow) C:\users\soere\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.812.1236\jdk-17.0.1+12-minimal\bin\java.exe => Keine Datei FirewallRules: [UDP Query User{8E62A50A-02E9-4F51-A615-235A527ABC8F}C:\users\soere\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.812.1236\jdk-17.0.1+12-minimal\bin\java.exe] => (Allow) C:\users\soere\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.812.1236\jdk-17.0.1+12-minimal\bin\java.exe => Keine Datei FirewallRules: [TCP Query User{C23EF3F7-73CB-4483-86FA-2B235D1E4516}C:\users\soere\appdata\local\.ftba\bin\runtime\jdk8u312-b07-jre\bin\javaw.exe] => (Allow) C:\users\soere\appdata\local\.ftba\bin\runtime\jdk8u312-b07-jre\bin\javaw.exe FirewallRules: [UDP Query User{4F9321CA-282A-4D03-B1CE-46898C9058C5}C:\users\soere\appdata\local\.ftba\bin\runtime\jdk8u312-b07-jre\bin\javaw.exe] => (Allow) C:\users\soere\appdata\local\.ftba\bin\runtime\jdk8u312-b07-jre\bin\javaw.exe FirewallRules: [TCP Query User{771BF4C9-6E6D-449D-8949-796418A7538C}C:\users\soere\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\soere\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [UDP Query User{B7E73E6D-05BA-4869-BEA7-9AC35947C36D}C:\users\soere\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\soere\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [TCP Query User{0A7E2ACC-F712-4E78-B727-0C276C1AF5C5}C:\users\soere\downloads\tipping_point_build\tipping_point_build\tales of a lost package.exe] => (Allow) C:\users\soere\downloads\tipping_point_build\tipping_point_build\tales of a lost package.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{7AE1154A-4DA5-4600-8FC2-0163D41F0CF7}C:\users\soere\downloads\tipping_point_build\tipping_point_build\tales of a lost package.exe] => (Allow) C:\users\soere\downloads\tipping_point_build\tipping_point_build\tales of a lost package.exe () [Datei ist nicht signiert] FirewallRules: [TCP Query User{B4BE15C3-2275-4244-9B76-C5CFA390FDAB}C:\users\soere\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\soere\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [UDP Query User{883DCD16-4B84-40D1-A6C9-7E698C0B9CEB}C:\users\soere\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\soere\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe FirewallRules: [TCP Query User{4178DC35-D9CD-4829-A5CD-525DE9478D06}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => Keine Datei FirewallRules: [UDP Query User{06E68DEC-ACCE-4609-9B9E-8FC5F0571051}C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => Keine Datei FirewallRules: [TCP Query User{40A1BD2D-7C95-48F1-8977-852A3BC74972}C:\program files\star rail\games\starrail_data\plugins\x86_64\zfgamebrowser.exe] => (Allow) C:\program files\star rail\games\starrail_data\plugins\x86_64\zfgamebrowser.exe (COGNOSPHERE PTE. LTD. -> ) FirewallRules: [UDP Query User{F38AE4B2-14B2-4D3E-8E0A-EB5B05349C4B}C:\program files\star rail\games\starrail_data\plugins\x86_64\zfgamebrowser.exe] => (Allow) C:\program files\star rail\games\starrail_data\plugins\x86_64\zfgamebrowser.exe (COGNOSPHERE PTE. LTD. -> ) FirewallRules: [{B98D2A47-57DB-44A3-B7E8-EC190CEA04B7}] => (Allow) LPort=9009 FirewallRules: [{9D09EAAA-B4D2-4F5B-8B36-3206EA7DA94A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\112 Operator\Operator 112.exe () [Datei ist nicht signiert] FirewallRules: [{8D289269-68FB-4780-9ECA-3E9D7982E9F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\112 Operator\Operator 112.exe () [Datei ist nicht signiert] FirewallRules: [{3EDDC5E7-C9DB-494E-AFD5-C9355F810950}] => (Allow) LPort=9009 FirewallRules: [{E6D45170-BF55-4D6D-B3DC-EC258ED03CDF}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{9643AFD3-B3C8-424B-BBFA-11840CC59080}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{EBC19A92-AB4E-4DF6-AE01-510BB0502DAC}] => (Allow) LPort=9009 FirewallRules: [{94EA367A-0E64-4657-AB28-3804DFA1F9C4}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\BattleBitEAC.exe () [Datei ist nicht signiert] FirewallRules: [{FDD8E478-8D40-496A-BF2C-A0CE42ACCF08}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\BattleBitEAC.exe () [Datei ist nicht signiert] FirewallRules: [{B09B1C2A-67F7-4E3D-83DB-37FFD5EE2363}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\EasyAntiCheat\EasyAntiCheat_EOS_Setup.exe (EasyAntiCheat Oy -> Epic Games, Inc.) FirewallRules: [{02594363-CBA7-425C-8A7B-702DF7A4C2B5}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\EasyAntiCheat\EasyAntiCheat_EOS_Setup.exe (EasyAntiCheat Oy -> Epic Games, Inc.) FirewallRules: [{574033D7-9048-48D0-A5F0-222ED409126E}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\BattleBit.exe () [Datei ist nicht signiert] FirewallRules: [{BBB9433E-075A-4D83-B5D5-99A40D4AA707}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\BattleBit.exe () [Datei ist nicht signiert] FirewallRules: [{C8D24403-7E11-4B50-A882-9EB7AEBA3556}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\EasyAntiCheat.exe (EasyAntiCheat Oy -> Epic Games, Inc.) FirewallRules: [{DE6491D3-76F9-4338-A12C-AE991AC72A54}] => (Allow) F:\SteamLibrary\steamapps\common\BattleBit Remastered\EasyAntiCheat.exe (EasyAntiCheat Oy -> Epic Games, Inc.) FirewallRules: [{DF6C81B8-6A20-455F-9EB8-309DF912553C}] => (Allow) LPort=9009 FirewallRules: [{0E64F9C2-5F31-45AB-97A3-9E4E48F3CE14}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{26BA993C-88EB-4356-BEC2-71B11D281988}F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> ) FirewallRules: [UDP Query User{4F0F957D-BE4A-41D6-82C3-54AECBDEB096}F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> ) FirewallRules: [TCP Query User{844CFBCC-3A74-41E5-8728-A9E88CC993DB}F:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) F:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe => Keine Datei FirewallRules: [UDP Query User{165BD4DF-1B82-4C43-8E1E-10FBAC879CC5}F:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) F:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe => Keine Datei FirewallRules: [{12CF35B3-7CC8-49E8-9B47-BE27BB5988C8}] => (Allow) F:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{99DA9A70-3F61-464E-A43E-93F2BDA2D89E}] => (Allow) F:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{8F11D5C3-D959-4907-B2AE-CA4C7CC6A41B}] => (Allow) F:\SteamLibrary\steamapps\common\Station to Station\StationToStation.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{1C0D9E0A-2B80-446A-B92E-BD5CDE0675EC}] => (Allow) F:\SteamLibrary\steamapps\common\Station to Station\StationToStation.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{0EA10EEA-CE4A-45CA-9736-A16AA06DCF0C}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies Aps -> Unity Technologies Inc.) FirewallRules: [{21D85E1E-33E4-49BD-BEA3-DE9484851476}] => (Allow) LPort=9009 FirewallRules: [{0CA83BD0-87E8-4C19-96EA-317EC0B9A23F}] => (Allow) LPort=9009 FirewallRules: [{B2F47A3B-48C5-4532-A9DE-463CA6A91440}] => (Allow) F:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc.) FirewallRules: [{B7E499C3-C5C7-4BAF-A068-67C93A973BEE}] => (Allow) F:\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc.) FirewallRules: [{188753E7-FDC9-4D68-99BC-6EFBB7DAA973}] => (Allow) F:\SteamLibrary\steamapps\common\The Finals Playtest\Discovery.exe (Embark Studios AB -> ) FirewallRules: [{F7C6A044-9BD0-4CB6-B9F7-DCDA3DE3F035}] => (Allow) F:\SteamLibrary\steamapps\common\The Finals Playtest\Discovery.exe (Embark Studios AB -> ) FirewallRules: [{60565EDE-5644-42F4-B844-27C19B52A966}] => (Allow) LPort=9009 FirewallRules: [{1D115CDE-11D1-4D8B-A2C7-BA212C18653A}] => (Allow) LPort=9009 FirewallRules: [{3E988CF9-3F10-4875-86C6-E15DE94A71BB}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{383779D4-82F1-488D-A3F0-C7D5797AA537}C:\users\soere\appdata\roaming\com.modrinth.theseus\meta\java_versions\zulu17.46.19-ca-jre17.0.9-win_x64\bin\javaw.exe] => (Allow) C:\users\soere\appdata\roaming\com.modrinth.theseus\meta\java_versions\zulu17.46.19-ca-jre17.0.9-win_x64\bin\javaw.exe FirewallRules: [UDP Query User{B57BADD2-5F24-4C36-A62C-1A5624B0C23D}C:\users\soere\appdata\roaming\com.modrinth.theseus\meta\java_versions\zulu17.46.19-ca-jre17.0.9-win_x64\bin\javaw.exe] => (Allow) C:\users\soere\appdata\roaming\com.modrinth.theseus\meta\java_versions\zulu17.46.19-ca-jre17.0.9-win_x64\bin\javaw.exe FirewallRules: [{2E797CC6-15CC-40F2-9184-1323050C001B}] => (Block) C:\users\soere\appdata\roaming\com.modrinth.theseus\meta\java_versions\zulu17.46.19-ca-jre17.0.9-win_x64\bin\javaw.exe FirewallRules: [{EE2DC657-1F33-4E4F-BBF8-FC5308D1D28D}] => (Block) C:\users\soere\appdata\roaming\com.modrinth.theseus\meta\java_versions\zulu17.46.19-ca-jre17.0.9-win_x64\bin\javaw.exe FirewallRules: [{E763BCB0-829A-469F-B55F-18BC9C6A3FD2}] => (Allow) F:\SteamLibrary\steamapps\common\MiniRoyale Playtest\RoomRoyalA.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [{163216C6-F89C-4DFC-A3A2-296B03D51A33}] => (Allow) F:\SteamLibrary\steamapps\common\MiniRoyale Playtest\RoomRoyalA.exe (Epic Games, Inc.) [Datei ist nicht signiert] FirewallRules: [TCP Query User{9757DEB4-53F9-4092-ABB5-9ADA37147496}F:\steamlibrary\steamapps\common\miniroyale playtest\miniroyale\binaries\win64\roomroyala-win64-shipping.exe] => (Allow) F:\steamlibrary\steamapps\common\miniroyale playtest\miniroyale\binaries\win64\roomroyala-win64-shipping.exe (Indigoblue) [Datei ist nicht signiert] FirewallRules: [UDP Query User{B5AA23D1-0D5B-481B-8CE5-D134D4850C59}F:\steamlibrary\steamapps\common\miniroyale playtest\miniroyale\binaries\win64\roomroyala-win64-shipping.exe] => (Allow) F:\steamlibrary\steamapps\common\miniroyale playtest\miniroyale\binaries\win64\roomroyala-win64-shipping.exe (Indigoblue) [Datei ist nicht signiert] FirewallRules: [{9176D8C6-288B-462D-A122-7EB107997D61}] => (Allow) LPort=9009 FirewallRules: [{9386CF5B-438C-48C2-863D-08AEABAF1B67}] => (Allow) LPort=9009 FirewallRules: [{51959384-99EA-47F5-9BB2-C25E00DAF8B8}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{FF8BF050-6412-471B-98D9-9CC54AC35501}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{CE223FE1-6DC3-4373-9EE8-AF5BDD5FA8EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DD3090B3-6EEE-4477-A9F5-0B40B66803B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5318A225-91CF-47CC-B59F-3CBEE6EB2FAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9DF24C98-CA2E-47BB-B1F5-6A694425A6CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{1CD1FBC6-E083-4C34-86EF-BEC44416EADE}] => (Allow) LPort=9009 FirewallRules: [{C49F07A2-A3E4-4F9C-BA6B-670ADB136E43}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{A6BF83BC-D582-4755-9EE0-5AE9D6075C31}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net) FirewallRules: [UDP Query User{785473C6-FDCC-4295-9339-9541FAF51CCB}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net) FirewallRules: [{656B16F1-8662-43D1-AF09-7AB743E510BD}] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net) FirewallRules: [{FFEA77EE-94EF-4C06-899F-3381922DCDBF}] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net) FirewallRules: [TCP Query User{6BBEBAA0-1917-427A-B9A6-E71C6CA29BE5}E:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) E:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [UDP Query User{1C942E61-ACA9-4039-A134-C5338E37CA46}E:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) E:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{C542C32B-72D2-4B71-9C1E-93093F2D4158}] => (Block) E:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{A9DC459B-2D86-4367-AC9A-8A6E5E22F131}] => (Block) E:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{3F0B1D77-FF6D-484E-8410-8F1D8BD3590C}] => (Allow) LPort=9009 FirewallRules: [{493259DE-AB82-46B5-A433-D5EEF6ACC947}] => (Allow) LPort=9009 FirewallRules: [{1F8EEFB3-476E-4439-91E2-528FB77F1367}] => (Allow) LPort=9009 FirewallRules: [{477E380A-4994-43C3-BB1E-2E45E4645640}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{BF6A27D8-A115-4D95-91C8-66B6C533E48E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{3B3FEE63-9754-4405-8286-9ED5C4450C6E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{57242937-5912-4F1E-B5C8-6548C720F15B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{48D43A04-42A7-4D20-A1F9-62590CCC32CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6432C719-68A1-4AD4-B948-9E844524A148}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{97926956-46A3-4EAB-809B-24FC1C4CDD8B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{63CB6403-D163-44DE-BDFF-A2BFBADCDB0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{624D9773-62D3-4E36-864B-9938419E6565}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{0F1F6A26-C28E-4DFB-9618-9A9E9990F6CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{94362EC4-2AC6-45EB-A630-C637D9389F4D}] => (Allow) LPort=9009 FirewallRules: [{36445865-4734-4336-85D0-F37C9A60ABBC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{18B81276-AD89-47E7-A624-067DB596CA4B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BD9A85D4-48CD-458A-B209-CF8B0ED78365}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{67DF6BD1-31F6-47D6-85CE-050D7A655B05}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{616DBB13-5E5E-4B94-BF49-6197B268240E}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies Aps -> Unity Technologies Inc.) FirewallRules: [UDP Query User{0FE1B937-5FA5-4411-9B39-F8675F1851F2}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies Aps -> Unity Technologies Inc.) FirewallRules: [{C1B1E4A7-620C-4E52-BB71-9ED982338887}] => (Block) C:\program files\unity hub\unity hub.exe (Unity Technologies Aps -> Unity Technologies Inc.) FirewallRules: [{8727241A-76AD-445B-BD5D-560D644A7C44}] => (Block) C:\program files\unity hub\unity hub.exe (Unity Technologies Aps -> Unity Technologies Inc.) FirewallRules: [{41F3BA38-6FC1-41A6-A36E-7AA58A3A95C1}] => (Allow) C:\Program Files (x86)\Overwolf\0.240.0.4\OverwolfBrowser.exe => Keine Datei FirewallRules: [{9D9F23CC-8657-4D8E-8867-BFF1DEC07600}] => (Allow) C:\Program Files (x86)\Overwolf\0.240.0.4\OverwolfBrowser.exe => Keine Datei FirewallRules: [{AE7091AD-7DF8-4A56-83AA-B33F67113CBA}] => (Block) C:\Program Files (x86)\Overwolf\0.240.0.4\OverwolfBrowser.exe => Keine Datei FirewallRules: [{97C8424C-D70B-4BE2-B8C6-CC3C2CCE84E7}] => (Block) C:\Program Files (x86)\Overwolf\0.240.0.4\OverwolfBrowser.exe => Keine Datei FirewallRules: [{4DCD2F17-6AAC-4EAC-8699-6D72820ADB3B}] => (Allow) C:\Program Files (x86)\Overwolf\0.233.1.2\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{B8A8CA1A-2142-4178-9D3F-BA31B1E75D65}] => (Allow) C:\Program Files (x86)\Overwolf\0.233.1.2\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{FA86AFDC-5E82-49E7-A1B2-BB1D40BAF4A8}] => (Block) C:\Program Files (x86)\Overwolf\0.233.1.2\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{9C821371-D9C4-404D-9633-685A1785E1B2}] => (Block) C:\Program Files (x86)\Overwolf\0.233.1.2\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{18D283E0-F8E8-4EA6-A84D-F3BBFBAA2AD4}] => (Allow) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{ED9DBBE2-2450-45C1-AE5D-3C0E1910936D}] => (Allow) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{EE22C7C0-90CE-476A-9E55-171686FAD496}] => (Allow) LPort=9009 FirewallRules: [{512D567C-E9F8-409C-A7CA-8334B32FFDDD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.91\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A56C90BC-BCD2-4FED-813C-4BF885F73C8D}] => (Allow) LPort=9009 FirewallRules: [{73870EDA-EA6A-42CE-9A61-628874BE480B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{662B58A6-AC77-4588-9A3A-19415D9CA931}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23320.3027.2591.1505_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9C6EE3F5-AC48-46FB-B62B-3D70A7B195AF}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23320.3027.2591.1505_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5A478956-1990-41F5-B4A7-34ED7FD12EDD}] => (Allow) LPort=9009 |
02.01.2024, 15:09 | #3 |
| Logs Teil 3Code:
ATTFilter ==================== Wiederherstellungspunkte ========================= 29-12-2023 15:15:32 Geplanter Prüfpunkt 31-12-2023 13:51:39 Installed DB Browser for SQLite ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (01/01/2024 07:37:22 PM) (Source: .NET Runtime) (EventID: 1000) (User: ) Description: Category: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware EventId: 1 SpanId: d28c0af7eb36dfb7 TraceId: 1b5d450a3d5ef8a44851e96aa23e5377 ParentId: 0000000000000000 ConnectionId: 0HN0AV2NCL6KB RequestId: 0HN0AV2NCL6KB:00000009 RequestPath: /SendNotification An unhandled exception has occurred while executing the request. Exception: System.NotSupportedException: Serialization and deserialization of 'System.IntPtr' instances are not supported. Path: $.TargetSite.MethodHandle.Value. ---> System.NotSupportedException: Serialization and deserialization of 'System.IntPtr' instances are not supported. at System.Text.Json.Serialization.Converters.UnsupportedTypeConverter`1.Write(Utf8JsonWriter writer, T value, JsonSerializerOptions options) at System.Text.Json.Serialization.JsonConverter`1.TryWrite(Utf8JsonWriter writer, T& value, JsonSerializerOptions options, WriteStack& state) at System.Text.Json.Serialization.Metadata.JsonPropertyInfo`1.GetMemberAndWriteJson(Object obj, WriteStack& state, Utf8JsonWriter writer) at System.Text.Json.Serialization.Converters.ObjectDefaultConverter`1.OnTryWrite(Utf8JsonWriter writer, T value, JsonSerializerOptions options, WriteStack& state) at System.Text.Json.Serialization.JsonConverter`1.TryWrite(Utf8JsonWriter writer, T& value, JsonSerializerOptions options, WriteStack& state) at System.Text.Json.Serialization.Metadata.JsonPropertyInfo`1.GetMemberAndWriteJson(Object obj, WriteStack& state, Utf8JsonWriter writer) at System.Text.Json.Serialization.Converters.ObjectDefaultConverter`1.OnTryWrite(Utf8JsonWriter writer, T value, JsonSerializerOptions options, WriteStack& state) at System.Text.Json.Serialization.JsonConverter`1.TryWrite(Utf8JsonWriter writer, T& value, JsonSerializerOptions options, WriteStack& state) at System.Text.Json.Serialization.Metadata.JsonPropertyInfo`1.GetMemberAndWriteJson(Object obj, WriteStack& state, Utf8JsonWriter writer) at System.Text.Json.Serialization.Converters.ObjectDefaultConverter`1.OnTryWrite(Utf8JsonWriter writer, T value, JsonSerializerOptions options, WriteStack& state) at System.Text.Json.Serialization.JsonConverter`1.TryWrite(Utf8JsonWriter writer, T& value, JsonSerializerOptions options, WriteStack& state) at System.Text.Json.Serialization.JsonConverter`1.WriteCore(Utf8JsonWriter writer, T& value, JsonSerializerOptions options, WriteStack& state) --- End of inner exception stack trace --- at System.Text.Json.ThrowHelper.ThrowNotSupportedException(WriteStack& state, NotSupportedException ex) at System.Text.Json.Serialization.JsonConverter`1.WriteCore(Utf8JsonWriter writer, T& value, JsonSerializerOptions options, WriteStack& state) at System.Text.Json.Serialization.JsonConverter`1.WriteCoreAsObject(Utf8JsonWriter writer, Object value, JsonSerializerOptions options, WriteStack& state) at System.Text.Json.JsonSerializer.WriteCore[TValue](JsonConverter jsonConverter, Utf8JsonWriter writer, TValue& value, JsonSerializerOptions options, WriteStack& state) at System.Text.Json.JsonSerializer.WriteStreamAsync[TValue](Stream utf8Json, TValue value, JsonTypeInfo jsonTypeInfo, CancellationToken cancellationToken) at System.Text.Json.JsonSerializer.WriteStreamAsync[TValue](Stream utf8Json, TValue value, JsonTypeInfo jsonTypeInfo, CancellationToken cancellationToken) at System.Text.Json.JsonSerializer.WriteStreamAsync[TValue](Stream utf8Json, TValue value, JsonTypeInfo jsonTypeInfo, CancellationToken cancellationToken) at Microsoft.AspNetCore.Mvc.Formatters.SystemTextJsonOutputFormatter.WriteResponseBodyAsync(OutputFormatterWriteContext context, Encoding selectedEncoding) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResultFilterAsync>g__Awaited|30_0[TFilter,TFilterAsync](ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResultExecutedContextSealed context) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.ResultNext[TFilter,TFilterAsync](State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeResultFilters() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeFilterPipelineAsync>g__Awaited|20_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable scope) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable scope) at Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger) at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext) at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider) at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context) Error: (01/01/2024 06:47:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte erneut optimieren auf PortableBaseLayer (C:\ProgramData\Microsoft\Windows\Containers\BaseImages\4eb25605-4cec-401e-81bc-d1b60a4b1b00\BaseLayer) nicht abschließen. Grund: Fehler beim Verschieben der Datei. (0x89000016) Error: (01/01/2024 06:47:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Die Speicheroptimierung konnte Bereichskonsolidierung auf PortableBaseLayer (C:\ProgramData\Microsoft\Windows\Containers\BaseImages\4eb25605-4cec-401e-81bc-d1b60a4b1b00\BaseLayer) nicht abschließen. Grund: Der Bereichskonsolidierungsvorgang wurde abgebrochen, da nur eine unzureichende Anzahl von Bereichen freigegeben werden konnte (auf Grundlage der in der Registrierung angegebenen Grenzwerte). (0x89000028) Error: (01/01/2024 05:26:26 PM) (Source: .NET Runtime) (EventID: 1000) (User: ) Description: Category: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware EventId: 1 SpanId: 78151a9f2ef86bbf TraceId: 2f6c20ea99caf24fab04ef9a32b9505d ParentId: 0000000000000000 ConnectionId: 0HN0ASPJ7RFKC RequestId: 0HN0ASPJ7RFKC:00000007 RequestPath: /swagger/v1/swagger.json An unhandled exception has occurred while executing the request. Exception: Swashbuckle.AspNetCore.SwaggerGen.SwaggerGeneratorException: Ambiguous HTTP method for action - Bewerb_Aufgabe_SB.Controllers.NotificationController.CreateNotification (Bewerb_Aufgabe_SB). Actions require an explicit HttpMethod binding for Swagger/OpenAPI 3.0 at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GenerateOperations(IEnumerable`1 apiDescriptions, SchemaRepository schemaRepository) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GeneratePaths(IEnumerable`1 apiDescriptions, SchemaRepository schemaRepository) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GetSwaggerDocumentWithoutFilters(String documentName, String host, String basePath) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GetSwaggerAsync(String documentName, String host, String basePath) at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider) at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context) Error: (01/01/2024 05:23:17 PM) (Source: .NET Runtime) (EventID: 1000) (User: ) Description: Category: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware EventId: 1 SpanId: 529264e5e73ac054 TraceId: 67158a519b93a2607fb6381f0748d92a ParentId: 0000000000000000 ConnectionId: 0HN0ASNQTN821 RequestId: 0HN0ASNQTN821:00000007 RequestPath: /swagger/v1/swagger.json An unhandled exception has occurred while executing the request. Exception: Swashbuckle.AspNetCore.SwaggerGen.SwaggerGeneratorException: Conflicting method/path combination "POST {id}" for actions - Bewerb_Aufgabe_SB.Controllers.NotificationController.CreateNotification (Bewerb_Aufgabe_SB),Bewerb_Aufgabe_SB.Controllers.StatusCodeController.GetStatusByID (Bewerb_Aufgabe_SB). Actions require a unique method/path combination for Swagger/OpenAPI 3.0. Use ConflictingActionsResolver as a workaround at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GenerateOperations(IEnumerable`1 apiDescriptions, SchemaRepository schemaRepository) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GeneratePaths(IEnumerable`1 apiDescriptions, SchemaRepository schemaRepository) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GetSwaggerDocumentWithoutFilters(String documentName, String host, String basePath) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GetSwaggerAsync(String documentName, String host, String basePath) at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider) at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context) Error: (01/01/2024 05:21:18 PM) (Source: .NET Runtime) (EventID: 1000) (User: ) Description: Category: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware EventId: 1 SpanId: ca8b1240ead37fd4 TraceId: e0e8f44929c363d481fe9a5f600f0b84 ParentId: 0000000000000000 ConnectionId: 0HN0ASMNCG4N7 RequestId: 0HN0ASMNCG4N7:00000007 RequestPath: /swagger/v1/swagger.json An unhandled exception has occurred while executing the request. Exception: Swashbuckle.AspNetCore.SwaggerGen.SwaggerGeneratorException: Conflicting method/path combination "POST {id}" for actions - Bewerb_Aufgabe_SB.Controllers.NotificationController.CreateNotification (Bewerb_Aufgabe_SB),Bewerb_Aufgabe_SB.Controllers.StatusCodeController.GetStatusByID (Bewerb_Aufgabe_SB). Actions require a unique method/path combination for Swagger/OpenAPI 3.0. Use ConflictingActionsResolver as a workaround at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GenerateOperations(IEnumerable`1 apiDescriptions, SchemaRepository schemaRepository) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GeneratePaths(IEnumerable`1 apiDescriptions, SchemaRepository schemaRepository) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GetSwaggerDocumentWithoutFilters(String documentName, String host, String basePath) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GetSwaggerAsync(String documentName, String host, String basePath) at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider) at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context) Error: (01/01/2024 05:17:19 PM) (Source: .NET Runtime) (EventID: 1000) (User: ) Description: Category: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware EventId: 1 SpanId: c5c29e2b2641afea TraceId: a4adba971f9b984dc5407d082399a9bf ParentId: 0000000000000000 ConnectionId: 0HN0ASKG1LMGO RequestId: 0HN0ASKG1LMGO:00000007 RequestPath: /swagger/v1/swagger.json An unhandled exception has occurred while executing the request. Exception: Swashbuckle.AspNetCore.SwaggerGen.SwaggerGeneratorException: Conflicting method/path combination "POST {id}" for actions - Bewerb_Aufgabe_SB.Controllers.CreateNotificationController.CreateNotification (Bewerb_Aufgabe_SB),Bewerb_Aufgabe_SB.Controllers.StatusCodeController.GetStatusByID (Bewerb_Aufgabe_SB). Actions require a unique method/path combination for Swagger/OpenAPI 3.0. Use ConflictingActionsResolver as a workaround at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GenerateOperations(IEnumerable`1 apiDescriptions, SchemaRepository schemaRepository) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GeneratePaths(IEnumerable`1 apiDescriptions, SchemaRepository schemaRepository) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GetSwaggerDocumentWithoutFilters(String documentName, String host, String basePath) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GetSwaggerAsync(String documentName, String host, String basePath) at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider) at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context) Error: (01/01/2024 03:55:31 PM) (Source: .NET Runtime) (EventID: 1000) (User: ) Description: Category: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware EventId: 1 SpanId: e03a2a0a61408333 TraceId: 7b4604eded6e31eafbeeffa879bca6c0 ParentId: 0000000000000000 ConnectionId: 0HN0AR6PMO3UK RequestId: 0HN0AR6PMO3UK:00000007 RequestPath: /swagger/v1/swagger.json An unhandled exception has occurred while executing the request. Exception: Swashbuckle.AspNetCore.SwaggerGen.SwaggerGeneratorException: Ambiguous HTTP method for action - Bewerb_Aufgabe_SB.Controllers.NotificationController.Index (Bewerb_Aufgabe_SB). Actions require an explicit HttpMethod binding for Swagger/OpenAPI 3.0 at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GenerateOperations(IEnumerable`1 apiDescriptions, SchemaRepository schemaRepository) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GeneratePaths(IEnumerable`1 apiDescriptions, SchemaRepository schemaRepository) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GetSwaggerDocumentWithoutFilters(String documentName, String host, String basePath) at Swashbuckle.AspNetCore.SwaggerGen.SwaggerGenerator.GetSwaggerAsync(String documentName, String host, String basePath) at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider) at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context) Systemfehler: ============= Error: (01/02/2024 11:40:39 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5Q9M6SE) Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/02/2024 12:59:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5Q9M6SE) Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/01/2024 11:42:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5Q9M6SE) Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/01/2024 11:08:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5Q9M6SE) Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/01/2024 11:00:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5Q9M6SE) Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/01/2024 10:06:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5Q9M6SE) Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/01/2024 08:42:06 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5Q9M6SE) Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (01/01/2024 08:37:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5Q9M6SE) Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Windows Defender: ================ Date: 2024-01-02 14:32:40 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0 Name: Trojan:Script/Wacatac.B!ml Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\soere\Downloads\hp_bar.zip Erkennungsursprung: Lokaler Computer Erkennungstype: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: DESKTOP-5Q9M6SE\soere Prozessname: C:\Windows\explorer.exe Sicherheitsversion: AV: 1.403.1519.0, AS: 1.403.1519.0, NIS: 1.403.1519.0 Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 Date: 2024-01-02 14:32:21 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0 Name: Trojan:Script/Wacatac.B!ml Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\soere\Downloads\hp_bar.zip Erkennungsursprung: Lokaler Computer Erkennungstype: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: DESKTOP-5Q9M6SE\soere Prozessname: C:\Windows\explorer.exe Sicherheitsversion: AV: 1.403.1519.0, AS: 1.403.1519.0, NIS: 1.403.1519.0 Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 Date: 2024-01-02 14:32:12 Description: Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt. Weitere Informationen: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.B!ml&threatid=2147735503&enterprise=0 Name: Trojan:Script/Wacatac.B!ml Schweregrad: Schwerwiegend Kategorie: Trojaner Pfad: file:_C:\Users\soere\Downloads\hp_bar.zip Erkennungsursprung: Lokaler Computer Erkennungstype: FastPath Erkennungsquelle: Echtzeitschutz Benutzer: DESKTOP-5Q9M6SE\soere Prozessname: C:\Windows\explorer.exe Sicherheitsversion: AV: 1.403.1519.0, AS: 1.403.1519.0, NIS: 1.403.1519.0 Modulversion: AM: 1.1.23110.2, NIS: 1.1.23110.2 Date: 2024-01-01 19:23:41 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {C9DFDF7A-FBAE-463F-9101-4F7B8C9353A5} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2024-01-01 18:48:00 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {7751EF65-5651-4E0E-BCD9-74CF2210757D} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Event[0]: Date: 2023-09-02 18:53:45 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren. Security Intelligence versucht: Aktuell Fehlercode: 0x80501102 Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support". Security Intelligence-Version: 1.397.225.0;1.397.225.0 Modulversion: 1.1.23080.2005 CodeIntegrity: =============== Date: 2024-01-02 14:58:49 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends International, LLC. F15 09/13/2022 Hauptplatine: Gigabyte Technology Co., Ltd. B550 GAMING X V2 Prozessor: AMD Ryzen 9 5900X 12-Core Processor Prozentuale Nutzung des RAM: 15% Installierter physikalischer RAM: 65438.59 MB Verfügbarer physikalischer RAM: 55506.39 MB Summe virtueller Speicher: 75166.59 MB Verfügbarer virtueller Speicher: 62096.95 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:930.88 GB) (Free:173.01 GB) (Model: KINGSTON SNV2S1000G) NTFS Drive d: (System-reserviert) (Fixed) (Total:0.57 GB) (Free:0.53 GB) (Model: Samsung SSD 860 EVO 1TB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: () (Fixed) (Total:930.41 GB) (Free:219.78 GB) (Model: Samsung SSD 860 EVO 1TB) NTFS Drive f: (Volume) (Fixed) (Total:1863 GB) (Free:1533 GB) (Model: Samsung SSD 970 EVO Plus 2TB) NTFS \\?\Volume{c131664c-b246-442f-ba69-a9c4279fe7be}\ (Wiederherstellung) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS \\?\Volume{629458e4-0000-0000-0000-010000000000}\ (PortableBaseLayer) (Fixed) (Total:8 GB) (Free:7.49 GB) NTFS \\?\Volume{2ceb1926-0000-0000-0000-70bee8000000}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS \\?\Volume{5680c753-ad76-48f0-9780-e1142faa5fbc}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2CEB1926) Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=930.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=548 MB) - (Type=27) ========================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 8 GB) (Disk ID: 629458E4) Partition 1: (Not Active) - (Size=8 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ======================= |
02.01.2024, 15:13 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows10: Windows Defender meldet Wacatac.B!ml Trojaner System aufräumen: unnötige und veraltete Programme deinstallieren Bitte über Programme und Features (appwiz.cpl) deinstallieren:
__________________ Logfiles bitte immer in CODE-Tags posten |
02.01.2024, 15:18 | #5 |
| Windows10: Windows Defender meldet Wacatac.B!ml Trojaner Alles klar habe ich gemacht. Soll ich nochmal neue Logs erstellen? |
02.01.2024, 15:21 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows10: Windows Defender meldet Wacatac.B!ml Trojaner adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ --> Windows10: Windows Defender meldet Wacatac.B!ml Trojaner |
02.01.2024, 15:26 | #7 |
| Windows10: Windows Defender meldet Wacatac.B!ml Trojaner Alles klar danke! Es wurde wohl noch ein Überbleibsel vom OpenOffice Updater gefunden. Die zweite Prüfung gab keine Treffer LogDateien 1: Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2023-07-19.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 01-02-2024 # Duration: 00:00:05 # OS: Windows 10 (Build 19045.3803) # Scanned: 32106 # Detected: 1 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Fake.OpenOfficeUpdater HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|OpenOffice Updater ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2023-07-19.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 01-02-2024 # Duration: 00:00:00 # OS: Windows 10 (Build 19045.3803) # Cleaned: 1 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|OpenOffice Updater ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1514 octets] - [02/01/2024 15:23:30] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2023-07-19.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 01-02-2024 # Duration: 00:00:05 # OS: Windows 10 (Build 19045.3803) # Scanned: 32105 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. AdwCleaner[S00].txt - [1514 octets] - [02/01/2024 15:23:30] AdwCleaner[C00].txt - [1680 octets] - [02/01/2024 15:23:41] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ########## |
02.01.2024, 15:30 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows10: Windows Defender meldet Wacatac.B!ml Trojaner Kontrollscans mit MBAM und RK Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.
__________________ Logfiles bitte immer in CODE-Tags posten |
02.01.2024, 15:59 | #9 |
| Windows10: Windows Defender meldet Wacatac.B!ml Trojaner Malwarebytes Logs: Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 02.01.24 Scan-Zeit: 15:34 Protokolldatei: 11d7331e-a97c-11ee-aa6e-74563c36bd6b.json -Softwaredaten- Version: 4.6.7.301 Komponentenversion: 1.0.2222 Version des Aktualisierungspakets: 1.0.79169 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 10 (Build 19045.3803) CPU: x64 Dateisystem: NTFS Benutzer: DESKTOP-5Q9M6SE\soere -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 395961 Erkannte Bedrohungen: 1 In die Quarantäne verschobene Bedrohungen: 1 Abgelaufene Zeit: 4 Min., 8 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 0 (keine bösartigen Elemente erkannt) Modul: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswert: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Datei: 1 Crypt.Trojan.Malicious.DDS, C:\USERS\SOERE\APPDATA\LOCAL\TEMP\OPENOFFICE-UPDATE-4114-1-DE.EXE, In Quarantäne, 1000002, 0, 1.0.79169, 8877BFBD2263874CCBFB5AE6, dds, 02631690, 174D9287E66BF6271DDDCDB5795ADF1A, 73C93863E5C2D33491E454890F8733488C6A84F20D9DDDFD406F52B10CB7B71A Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Program : RogueKiller Anti-Malware Version : 15.13.1.0 x64 : Yes Program Date : Dec 5 2023 Location : C:\Users\soere\Downloads\RogueKiller_portable64.exe Premium : No Company : Adlice Software Website : https://www.adlice.com/ Contact : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 10 (10.0.19045) 64-bit 64-bit OS : Yes Startup : 0 WindowsPE : No User : soere User is Admin : Yes Date : 2024/01/02 14:55:29 Type : Scan Aborted : No Scan Mode : Standard Duration : 730 Found items : 7 Total scanned : 154348 Signatures Version : 20231228_090058 Truesight Driver : Yes Updates Count : 40 ************************* Warnings ************************* ************************* Updates ************************* CPUID HWMonitor 1.48 (64-bit), version 1.48 [+] Available Version : 1.52 [+] Size : 3,41 MB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\CPUID\HWMonitor\ Git (64-bit), version 2.41.0 [+] Available Version : 2.43.0 [+] Size : 314 MB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\Git\ PDF24 Creator 11.12.1 (64-bit), version 11.12.1 [+] Available Version : 11.15.2 [+] Size : 782 MB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\PDF24\ OBS Studio (32-bit), version 28.1.2 [+] Available Version : 30.0.2 [+] Wow6432 : Yes [+] Portable : No Ubisoft Connect (32-bit), version 145.1.0.10933 [+] Available Version : 148.2.0.10984 [+] Wow6432 : Yes [+] Portable : No [+] update_location : C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ Wireshark 4.0.5 64-bit (32-bit), version 4.0.5 [+] Available Version : 4.2.0 [+] Size : 203 MB [+] Wow6432 : Yes [+] Portable : No [+] update_location : C:\Program Files\Wireshark Zotero (32-bit), version 6.0.26 [+] Available Version : 6.0.30 [+] Size : 119 MB [+] Wow6432 : Yes [+] Portable : No [+] update_location : C:\Program Files (x86)\Zotero FileZilla 3.66.1 (64-bit), version 3.66.1 [+] Available Version : 3.66.4 [+] Size : 42,9 MB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\FileZilla FTP Client Audacity 3.2.4 (64-bit), version 3.2.4 [+] Available Version : 3.4.2 [+] Size : 66,8 MB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\Audacity\ iVCam 7.0 (64-bit), version 7.0.4 [+] Available Version : 7.3.2 [+] Size : 56,4 MB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\e2eSoft\iVCam\ Microsoft 365 Apps for Enterprise - de-de (64-bit), version 16.0.17029.20068 [+] Available Version : 16.0.17204.20000 [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\Microsoft Office Shotcut (64-bit), version 23.05.07 [+] Available Version : 23.9.29.0 [+] Wow6432 : No [+] Portable : No SteelSeries GG 36.0.0 (64-bit), version 36.0.0 [+] Available Version : 53.0.0 [+] Wow6432 : No [+] Portable : No TeXstudio - TeXstudio is a fully featured LaTeX editor. (64-bit), version 4.5.1 [+] Available Version : 4.7.2 [+] Wow6432 : No [+] Portable : No [+] update_location : "C:\Program Files\texstudio" VSDC Free Video Editor Version 8.1.3.459 (64-bit), version 8.1.3.459 [+] Available Version : 8.3.9.514 [+] Size : 399 MB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\FlashIntegro\ IBM SPSS Statistics (64-bit), version 29.0.0.0 [+] Available Version : 29.0.1.0 [+] Size : 1,70 GB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\IBM\SPSS Statistics\ IIS 10.0 Express (64-bit), version 10.0.08009 [+] Available Version : 10.0.08412 [+] Size : 53,2 MB [+] Wow6432 : No [+] Portable : No iCloud Outlook (64-bit), version 14.1.0.108 [+] Available Version : 14.2.0.122 [+] Size : 3,86 MB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\ProgramData\Apple Inc\iCloud\Outlook\ Microsoft Visual Studio Installer (64-bit), version 3.8.2112.61926 [+] Available Version : 3.9.1136.48274 [+] Wow6432 : No [+] Portable : No [+] update_location : "C:\Program Files (x86)\Microsoft Visual Studio\Installer" Microsoft ODBC Driver 17 for SQL Server (64-bit), version 17.7.2.1 [+] Available Version : 18.3.2.1 [+] Size : 7,76 MB [+] Wow6432 : No [+] Portable : No Adobe Acrobat (64-bit) (64-bit), version 23.006.20380 [+] Available Version : 23.008.20421 [+] Size : 1,19 GB [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\Adobe\Acrobat DC\ NVIDIA Grafiktreiber 537.42 (64-bit), version 537.42 [+] Available Version : 550.09 [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{75746D3A-8871-49E8-8469-62CB60F7C000} Modrinth App (64-bit), version 0.6.1 [+] Available Version : 0.6.3 [+] Size : 12,0 MB [+] Wow6432 : No [+] Portable : No [+] update_location : F:\Modrinth\ Lightworks (64-bit), version 2023.1.139219 [+] Available Version : 2023.2.143744 [+] Wow6432 : No [+] Portable : No Node.js (64-bit), version 18.16.0 [+] Available Version : 21.5.0 [+] Size : 83,9 MB [+] Wow6432 : No [+] Portable : No Unity Hub 2.4.4 (64-bit), version 2.4.4 [+] Available Version : 3.7.0 [+] Size : 201 MB [+] Wow6432 : No [+] Portable : No Visual Studio Community 2022 (32-bit), version 17.7.4 [+] Available Version : 17.8.3 [+] Wow6432 : Yes [+] Portable : No [+] update_location : C:\Program Files\Microsoft Visual Studio\2022\Community Adobe Creative Cloud (32-bit), version 5.11.0.522.1 [+] Available Version : 6.1.0.587 [+] Size : 698 MB [+] Wow6432 : Yes [+] Portable : No Cisco AnyConnect Secure Mobility Client (32-bit), version 4.10.06079 [+] Available Version : 4.10.07073 [+] Size : 5,85 MB [+] Wow6432 : Yes [+] Portable : No jamovi 2.3.21.0 (32-bit), version 2.3.21.0 [+] Available Version : 2.4.11.0 [+] Wow6432 : Yes [+] Portable : No Microsoft Edge (32-bit), version 120.0.2210.91 [+] Available Version : 121.0.2277.4 [+] Wow6432 : Yes [+] Portable : No [+] update_location : C:\Program Files (x86)\Microsoft\Edge\Application Parsec (32-bit), version 150-86h [+] Available Version : 150.91.a [+] Size : 5,09 MB [+] Wow6432 : Yes [+] Portable : No [+] update_location : C:\Program Files\Parsec Amazon Send to Kindle (32-bit), version 1.1.0.254 [+] Available Version : 1.1.1.255 [+] Wow6432 : Yes [+] Portable : No Epic Online Services (32-bit), version 2.0.42.0 [+] Available Version : 2.0.44.0 [+] Size : 304 MB [+] Wow6432 : Yes [+] Portable : No Teams Machine-Wide Installer (32-bit), version 1.5.0.8070 [+] Available Version : 1.6.0.33567 [+] Size : 120 MB [+] Wow6432 : Yes [+] Portable : No Epic Games Launcher (32-bit), version 1.3.80.0 [+] Available Version : 1.3.93.0 [+] Size : 237 MB [+] Wow6432 : Yes [+] Portable : No [+] update_location : C:\Program Files (x86)\Epic Games\ Smart Backup (x64) (32-bit), version 3.21.0326.1 [+] Available Version : 3.22.0826.1 [+] Wow6432 : Yes [+] Portable : No [+] update_location : C:\Program Files (x86)\GIGABYTE\Smart Backup CurseForge 0.237.1-14012 (64-bit), version 0.237.1-14012 [+] Available Version : 0.241.1.15351 [+] Size : 255 MB [+] Wow6432 : No [+] Portable : No MiKTeX (64-bit), version 22.10 [+] Available Version : 23.10.12 [+] Wow6432 : No [+] Portable : No [+] update_location : C:\Users\soere\AppData\Local\Programs\MiKTeX FTB App (64-bit), version 1.23.829.1248 [+] Available Version : 1.23.1206.2219 [+] Wow6432 : No [+] Portable : No ************************* Processes ************************* ************************* Modules ************************* ************************* Services ************************* ************************* Scheduled Tasks ************************* ************************* Registry ************************* >>>>>> O87 - Firewall ├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{A5A6D4D1-9903-4FF4-8F6A-CB4712E066C5}C:\users\soere\appdata\local\enlisted\launcher.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\soere\appdata\local\enlisted\launcher.exe|Name=launcher.exe|Desc=launcher.exe| (missing) -> Gefunden ├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{8C9F2E1D-4FD4-4BB0-8FA3-7B80245D5D27}C:\users\soere\appdata\local\enlisted\win64\enlisted.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\soere\appdata\local\enlisted\win64\enlisted.exe|Name=enlisted.exe|Desc=enlisted.exe|Defer=User| (missing) -> Gefunden ├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{12EB76D2-E3D5-4942-B865-632D0C14433E}C:\users\soere\appdata\local\enlisted\launcher.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\soere\appdata\local\enlisted\launcher.exe|Name=launcher.exe|Desc=launcher.exe| (missing) -> Gefunden ├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{EC6CFA0D-C6A6-48E2-A04B-B1FA58CF7BCE}C:\users\soere\appdata\local\enlisted\win64\enlisted.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\soere\appdata\local\enlisted\win64\enlisted.exe|Name=enlisted.exe|Desc=enlisted.exe|Defer=User| (missing) -> Gefunden ├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{B479886B-5BE7-4972-88C8-89D510CAADCB}C:\users\soere\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.812.1236\jdk-17.0.1+12-minimal\bin\java.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\soere\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.812.1236\jdk-17.0.1+12-minimal\bin\java.exe|Name=java|Desc=java|Defer=User| (missing) -> Gefunden └── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{8E62A50A-02E9-4F51-A615-235A527ABC8F}C:\users\soere\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.812.1236\jdk-17.0.1+12-minimal\bin\java.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\soere\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.812.1236\jdk-17.0.1+12-minimal\bin\java.exe|Name=java|Desc=java|Defer=User| (missing) -> Gefunden ************************* WMI ************************* ************************* Hosts File ************************* is_too_big : No hosts_file_path : C:\Windows\System32\drivers\etc\hosts ************************* Filesystem ************************* [PUP.OnlineIO (Potenziell bösartig)] (folder) AdvinstAnalytics -- C:\Users\soere\AppData\Local\AdvinstAnalytics -> Gefunden ************************* Web Browsers ************************* ************************* Antirootkit ************************* |
02.01.2024, 16:33 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows10: Windows Defender meldet Wacatac.B!ml Trojaner Dein System ist schlecht gepflegt. Schau dir mal das RK-Log an, da wird aufgelistet, welche Updates für die bei die installierten Programme verfügbar sind.
__________________ Logfiles bitte immer in CODE-Tags posten |
02.01.2024, 16:37 | #11 |
| Windows10: Windows Defender meldet Wacatac.B!ml Trojaner Ja da gebe ich dir Recht. Relativ viele Programme die ich mal benutzt habe bzw. nur sporadisch benutze. Außer meinem Graka Treiber ist aber nicht wirklich was bedenkliches dabei oder? Die Programme haben ja erstmal nichts mehr gefunden wenn ich das richtig verstanden habe |
02.01.2024, 16:45 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows10: Windows Defender meldet Wacatac.B!ml Trojaner Dann wären wir durch! Wenn Du möchtest, kannst Du das Forum mit einer kleinen Spende unterstützen. Abschließend unbedingt unsere Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:
__________________ Logfiles bitte immer in CODE-Tags posten |
02.01.2024, 16:47 | #13 |
| Windows10: Windows Defender meldet Wacatac.B!ml Trojaner Ich danke dir für deine Zeit. Was auch immer das war was Windows Defender gefunden hat |
02.01.2024, 17:09 | #14 | |
/// TB-Ausbilder | Windows10: Windows Defender meldet Wacatac.B!ml TrojanerZitat:
Wir sind froh, dass wir helfen konnten Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
Themen zu Windows10: Windows Defender meldet Wacatac.B!ml Trojaner |
administrator, adobe, bonjour, defender, download, geforce, google, internet, microsoft, mozilla, nvidia, opera, ordner, pdf, performance, port, prozesse, registry, scan, secure, server, software, svchost.exe, trojaner, windows |