| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 10: Verdacht auf Crypto-MinerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.01.2024, 21:13
| #31 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Windows 10: Verdacht auf Crypto-Miner Ich glaub spamgourmet hat nen Fehler. Es zeigt mir war an, dass 2 Mails angekommen sind, die sind aber nicht in meinem echten Postfach. Ich hab mal ne neue Mailadresse eingerichtet. Schick mal bitte an tblogs@topmail-files.de
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.01.2024, 21:17
| #32 |
 | Windows 10: Verdacht auf Crypto-Miner ist gesendet...
__________________ |
|
29.01.2024, 21:26
| #33 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Verdacht auf Crypto-Miner Ja ist da. Ich seh mir das Log mal an.
__________________
__________________ |
|
29.01.2024, 21:33
| #34 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Verdacht auf Crypto-Miner Ja da wurde einfach *alles* in ProgramData aufgelistet  Das Relevante hab ich aber schon durchgesehen. Wir brauchen noch einen Fix: Scripting/Repair mit FRST64 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.01.2024, 21:42
| #35 |
| | Windows 10: Verdacht auf Crypto-Miner Was für ein süßer Minilog Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27.01.2024 01
durchgeführt von nils (29-01-2024 21:39:39) Run:2
Gestartet von C:\Users\nils\Desktop\FRST
Geladene Profile: defaultuser0 & js & nils
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
Start::
CloseProcesses:
C:\ProgramData\DP45977C.lfl
C:\ProgramData\goyslgxe.nnn
C:\ProgramData\juutbubq.wrj
C:\ProgramData\mntemp
C:\ProgramData\Application Data\Lavasoft
C:\ProgramData\AVAST Software
C:\ProgramData\zjmdd
emptytemp:
End::
*****************
Prozesse erfolgreich geschlossen.
C:\ProgramData\DP45977C.lfl => erfolgreich verschoben
C:\ProgramData\goyslgxe.nnn => erfolgreich verschoben
C:\ProgramData\juutbubq.wrj => erfolgreich verschoben
C:\ProgramData\mntemp => erfolgreich verschoben
"C:\ProgramData\Application Data\Lavasoft" Ordner verschieben:
C:\ProgramData\Application Data\Lavasoft => erfolgreich verschoben
"C:\ProgramData\AVAST Software" Ordner verschieben:
C:\ProgramData\AVAST Software => erfolgreich verschoben
"C:\ProgramData\zjmdd" Ordner verschieben:
C:\ProgramData\zjmdd => erfolgreich verschoben
=========== EmptyTemp: ==========
FlushDNS => abgeschlossen
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12756727 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 1068548 B
Edge => 0 B
Chrome => 0 B
Brave => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1166 B
defaultuser0 => 1166 B
js => 1166 B
nils => 5090091 B
RecycleBin => 964 B
EmptyTemp: => 18 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 21:39:47 ====
|
|
29.01.2024, 21:43
| #36 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Verdacht auf Crypto-Miner Wenn man nicht nen fetten Ordner auflistet bleibt das auch mini Nun bitte nen neue FRST.txt und Addition.txt
__________________ --> Windows 10: Verdacht auf Crypto-Miner |
|
29.01.2024, 21:48
| #37 |
| | Windows 10: Verdacht auf Crypto-Miner Mal was offtopic... Kann man irgendwas gegen Spam-Mails tun? Also irgendwie aus diesen ranz verteilen raus kommen? Ich bekomme Seit Wochen mehrmals täglich die selbe Spam-Mail... FRST: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2024 01
durchgeführt von nils (Administrator) auf NILS-PC (29-01-2024 21:44:23)
Gestartet von C:\Users\nils\Desktop\FRST\FRST64.exe
Geladene Profile: nils
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) Sprache: Englisch (Vereinigtes Königreich) -> Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(8AB18DA5-65D5-493C-BD78-9F4467A7CDE8 -> Chris Andriessen) C:\Program Files\WindowsApps\40210ChrisAndriessen.FalconX_1.7.8.0_x64__y1dazs5f5wq00\Release\TaskbarX.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdLauncher.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdHelper.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdLauncher.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdHelper.x64.exe
(C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairOsdLauncher.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.241.0.10\OverwolfBrowser.exe <4>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\nils\AppData\Local\Overwolf\ProcessCache\0.241.0.10\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NvVirtualCamera\NVIDIA Broadcast.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Users\nils\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\nils\AppData\Local\Programs\Opera GX\106.0.4998.61\opera_crashreporter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
(explorer.exe ->) (E3B4A0F6-E459-414C-8DFB-ABEAB07C9242 -> Microsoft Corporation) C:\Program Files\WindowsApps\32669SamG.ModernFlyouts_0.9.3.0_x64__pcy8vm99wrpcg\ModernFlyoutsHost.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (EPOS Group A/S -> ) C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuite.exe
(explorer.exe ->) (Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Skutta, Kristjan -> ) D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(G.SKILL International Enterprise Co., Ltd. -> G.SKILL Inc.) C:\Program Files (x86)\G.SKILL\Trident Z Lighting Control\hid.exe
(InnoVISION Multimedia Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\INNO3D TuneIT\Inno3D.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Norway AS -> Opera Software) C:\Users\nils\AppData\Local\Programs\Opera GX\opera.exe <31>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.28\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(services.exe ->) (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (EPOS Group A/S -> ) C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuiteService
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Scarlet.Crush Productions) [Datei ist nicht signiert] C:\Program Files\WiinUSoft\SCP_Driver\ScpService.exe
(services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\iked.exe
(services.exe ->) (Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2311.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2312.7.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071232 2022-08-03] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-12-24] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-12-24] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Spectrum] => C:\Program Files (x86)\G.SKILL\Trident Z Lighting Control\HID.exe [1753104 2020-05-25] (G.SKILL International Enterprise Co., Ltd. -> G.SKILL Inc.)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62636856 2020-11-13] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [Inno3D] => C:\Program Files (x86)\INNO3D TuneIT\Inno3D.exe [24387584 2020-09-28] (InnoVISION Multimedia Ltd.) [Datei ist nicht signiert]
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410728 2021-12-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE [283232 2012-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37277648 2024-01-29] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2024-01-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [45968128 2023-12-11] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [WallpaperEngine] => D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [3223136 2023-10-28] (Skutta, Kristjan -> )
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [Opera GX Browser Assistant] => C:\Users\nils\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70912472 2023-11-02] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Run: [MicrosoftEdgeAutoLaunch_1850AB30EF24BC4C113B74D75C151A3B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {0f23f2bb-2cd9-11ec-bd9e-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {3459cdf0-13ae-11ec-bd9b-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {6f4676a2-b040-11ec-bdc3-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {812634e0-904f-11ee-be35-0492265d3edd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {8c5ee76f-9f6e-11eb-bd72-0492265d3edd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {91727cc2-da62-11ea-bcee-0492265d3edd} - "F:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {91776608-48b0-11ec-bdac-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {91776673-48b0-11ec-bdac-00158313c5dd} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\MountPoints2: {d80afba4-6f01-11eb-bd49-0492265d3edd} - "E:\OnePlus_setup.exe" /s
HKLM\...\Windows x64\Print Processors\OKX055PP: C:\Windows\System32\spool\prtprocs\x64\OKX055PP.DLL [52224 2015-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\EPSON WF-3540 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMJHE.DLL [120320 2011-04-19] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558080 2011-08-30] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Oki Language Monitor v2 x64: C:\WINDOWS\system32\OPPFLM64.DLL [24064 2011-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
Startup: C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2024-01-21]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2021-02-26]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EPOS Gaming Suite.lnk [2022-06-26]
ShortcutTarget: EPOS Gaming Suite.lnk -> C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuite.exe (EPOS Group A/S -> )
BootExecute: autocheck autochk /k:C *
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {D7486F2D-BB18-4E28-B718-83CF6A9FB91F} - System32\Tasks\{B557B444-21B0-41FD-B838-14D7E070A414} => c:\windows\system32\launchwinapp.exe [45056 2023-12-15] (Microsoft Windows -> Microsoft Corporation) -> hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.6.0.106&LastError=404
Task: {5E1CF42E-038C-41ED-9D10-57ADDC87DFDA} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [274912 2022-11-17] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {1CFF092D-CB8C-4697-A22E-C65E98842FAC} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3449150419-271838051-1508037707-1002Core => C:\Users\nils\AppData\Local\BraveSoftware\Update\BraveUpdate.exe /c (Keine Datei)
Task: {AF840AC3-BAA2-43A2-9FF4-E39C018BA346} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-3449150419-271838051-1508037707-1002UA => C:\Users\nils\AppData\Local\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler (Keine Datei)
Task: {708BEC20-0B26-4F36-9C8B-B3DDB92FF7D8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5550856 2023-12-15] (Microsoft Windows -> Microsoft Corporation)
Task: {BC9D7D8A-7218-4CE4-B16D-FC573B007C44} - System32\Tasks\G2MUpdateTask-S-1-5-21-3449150419-271838051-1508037707-1002 => C:\Users\nils\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-06-03] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3C1DF0BC-B120-4C7D-BFA4-9CBFFAD5E8C0} - System32\Tasks\G2MUploadTask-S-1-5-21-3449150419-271838051-1508037707-1002 => C:\Users\nils\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-06-03] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3F10FFE7-CD67-47C7-BEB9-39F2B2A7922A} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [374560 2024-01-21] (Google LLC -> Google LLC)
Task: {A448EED5-27DE-4BDF-837A-18BA2E930140} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-16] (Google Inc -> Google Inc.)
Task: {BDDB2636-5C15-45B7-A849-41EBC891643A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-16] (Google Inc -> Google Inc.)
Task: {7478992B-7BB6-4BF1-A873-5E111E4C328B} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
Task: {21AD196C-E033-4A17-8AB0-51729310AFC0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation)
Task: {49B6BC26-85D9-47CD-8037-109C0AE32EE9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei)
Task: {D839F23C-264C-4673-8665-4F23FC4CC946} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {96E7643A-2254-4E65-9A40-2B59FC121F71} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0CFFBD7-9683-4F02-BFA9-01A676277A0D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {B99D3737-ED33-4665-8831-79729A69FDDD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {93F0030F-A0C7-48BB-B3D1-0DE1004E37F8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E9CBA2A-B82A-459E-8CA4-56201875FFFF} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4434864 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AFBADC6-5A92-4AD1-B4C6-825820AA6735} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [555616 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {456D73CF-2E82-4BAA-A299-5F55636C433C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {446B1B51-DBBF-4E6C-B75D-F99B4B01EE32} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9FAD07E-94BF-48A0-AB30-A07D6B8519AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7083C3CB-997A-4003-8627-EC98C79F90D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {16EB5C68-D80E-47A9-BCB6-A06F1C9834CC} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s (Keine Datei)
Task: {700349FD-F55C-49D0-8B21-D1D2965DC750} - System32\Tasks\NvBroadcast_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA Broadcast\NVIDIA Broadcast UI.exe [11015736 2023-01-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A684AB9-58B5-481B-A436-DCF2799002A6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {562E738A-A66D-4DC9-8D30-F06EC41365B6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87F4B5C8-F4FE-414B-8C94-0A7EDFEE4C3B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC0B4066-A6CA-47F9-B151-B1A25FD39424} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {960BA1CB-F1AC-4355-B521-4B640B482382} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF4BCE4B-6250-4574-A021-BCECB687CC23} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F651FF1F-17B8-4D55-8BE0-F55CF23F0E36} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A0CD196A-45F3-462C-BCC1-62C4B5885FBD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F599F333-9F30-4F81-9316-26E5FB894AEB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBFD160A-267A-4AC3-B7F9-BCE4026B204F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3449150419-271838051-1508037707-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Keine Datei)
Task: {CD2D41E1-ACCC-4E1B-8AEA-8A21AC5C3BA3} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1614869362 => C:\Users\nils\AppData\Local\Programs\Opera GX\launcher.exe [2294176 2024-01-24] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\nils\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {3A4136F1-CC37-445D-9CE3-43BC4BE89F22} - System32\Tasks\Opera GX scheduled Autoupdate 1593451427 => C:\Users\nils\AppData\Local\Programs\Opera GX\launcher.exe [2294176 2024-01-24] (Opera Norway AS -> Opera Software)
Task: {9755D7FA-2C11-4258-B363-6A045E7D0494} - System32\Tasks\Opera scheduled Autoupdate 1555368081 => C:\Users\nils\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei)
Task: {CC90B01F-54A3-4F48-9A32-4D63DFA4B7B8} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
Task: {46C4D8B0-EF42-4BC5-A2B4-528E8E091BBE} - System32\Tasks\TaskbarX NILS-PCnils => C:\WINDOWS\explorer.exe [5550856 2023-12-15] (Microsoft Windows -> Microsoft Corporation)
Task: {247335EE-A7B9-443A-B7C4-14AD5DACB27E} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [170496 2023-10-13] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3449150419-271838051-1508037707-1002.job => C:\Users\nils\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3449150419-271838051-1508037707-1002.job => C:\Users\nils\AppData\Local\GoToMeeting\19950\g2mupload.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.101
Tcpip\..\Interfaces\{49065b68-8f61-403d-b9dc-f5281de063c8}: [DhcpNameServer] 192.168.178.101
Tcpip\..\Interfaces\{49065b68-8f61-403d-b9dc-f5281de063c8}: [DhcpDomain] local.schu.xyz
Tcpip\..\Interfaces\{6101516c-66f7-4516-8d27-037ec68a3a21}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{6101516c-66f7-4516-8d27-037ec68a3a21}: [DhcpNameServer] 192.168.178.100
Tcpip\..\Interfaces\{d9113418-f92d-4645-ad90-4606c382b8c7}: [NameServer] 141.100.54.53
Edge:
=======
Edge Profile: C:\Users\nils\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-29]
Edge Notifications: Default -> hxxps://web.snapchat.com
Edge Extension: (Google Docs Offline) - C:\Users\nils\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-25]
Edge Extension: (Edge relevant text changes) - C:\Users\nils\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
FireFox:
========
FF DefaultProfile: ncucdlz8.default-1584820434065
FF ProfilePath: C:\Users\nils\AppData\Roaming\Mozilla\Firefox\Profiles\ncucdlz8.default-1584820434065 [2024-01-29]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default [2024-01-28]
CHR Notifications: Default -> hxxps://www.netflix.com
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-21]
CHR Extension: (Metastream Remote) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakegmdomhmegokfomgmkbopjibonfcp [2023-12-19]
CHR Extension: (Bardeen - automatisiere manuelle Arbeit) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihhkmalpkhkoedlmcnilbbhhbhnicjga [2023-12-19]
CHR Extension: (Unpaywall) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplffkdpngmdjhlpjmppncnlhomiipha [2022-07-17]
CHR Extension: (Online Security) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok [2024-01-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-15]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2024-01-21]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKU\S-1-5-21-3449150419-271838051-1508037707-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKU\S-1-5-21-3449150419-271838051-1508037707-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
Opera:
=======
OPR Profile: C:\Users\nils\AppData\Roaming\Opera Software\Opera Stable [2021-02-18]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.de/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
StartMenuInternet: (HKU\S-1-5-21-3449150419-271838051-1508037707-1002) Opera GXStable - "C:\Users\nils\AppData\Local\Programs\Opera GX\Launcher.exe"
Brave:
=======
BRA Profile: C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-02-18]
BRA Extension: (Brave Tracking Protection Updater) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-01-19]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-01-19]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-01-19]
BRA Extension: (Brave Ad Block Updater (DEU: EasyList Germany)) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\jmomcjcilfpbaaklkifaijjcnancamde [2019-01-19]
BRA Extension: (PDF Viewer) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-01-19]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\nils\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-01-19]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2688544 2022-07-06] (PUBG CORPORATION -> )
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.28\atkexComSvc.exe [419264 2019-01-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe [975832 2019-01-19] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2019-01-19] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.28\AsusFanControlService.exe [1919280 2019-01-19] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [Datei ist nicht signiert]
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9880840 2022-12-08] (BattlEye Innovations e.K. -> )
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [422504 2021-12-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [81512 2021-12-23] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 Ds3Service; C:\Program Files\WiinUSoft\SCP_Driver\ScpService.exe [381952 2017-08-12] (Scarlet.Crush Productions) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2022-06-08] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-09-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2128360 2022-09-22] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-09-22] (GOG Sp. z o.o. -> GOG.com)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] (Shrew Soft Inc -> )
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] (Shrew Soft Inc -> )
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10759936 2023-12-11] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-28] (Malwarebytes Inc. -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [30057640 2023-05-19] (My.Com B.V. -> My.com B.V.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-01-19] (NVIDIA Corporation -> NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2199024 2023-05-18] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5084200 2024-01-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10476264 2022-08-03] () [Datei ist nicht signiert]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [12355424 2024-01-10] (KRAFTON, Inc. -> KRAFTON, Inc)
R2 EPOSGamingSuiteService; "C:\Program Files (x86)\EPOS\Gaming Suite\EPOSGamingSuiteService" /start EPOSGamingSuiteService [X]
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [2178912 2022-09-06] (PUBG CORPORATION -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\WINDOWS\system32\drivers\ACE-GAME.sys [914760 2022-09-06] (PUBG CORPORATION -> ANTICHEATEXPERT.COM)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2019-01-19] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2019-01-19] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [33504 2019-01-01] (ASUSTeK Computer Inc. -> )
R1 avm_nwim; C:\WINDOWS\system32\DRIVERS\avmnwim.sys [396088 2017-03-17] (WDKTestCert shuebner,130916460956458304 -> AVM)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-11-17] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-09-15] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R2 CmUpx; C:\WINDOWS\system32\drivers\CmUpx.sys [30184 2021-06-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2021-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2024-01-29] (CPUID S.A.R.L.U. -> CPUID) <==== ACHTUNG
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 EPOSAudio; C:\WINDOWS\System32\drivers\eposaudio.sys [95272 2022-05-20] (EPOS Group A/S -> EPOS Group A/S)
R1 GLCKIO2; C:\WINDOWS\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
S1 googlehaxm; C:\WINDOWS\system32\drivers\GoogleHaxm.sys [200232 2023-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 logi_audio_surround; C:\WINDOWS\system32\drivers\logi_audio_surround.sys [43856 2021-03-17] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-25] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-25] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-25] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-01-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-28] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsle5583279; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1BFCA741-2581-442F-98A8-C7C50F537686}\MpKslDrv.sys [263560 2024-01-29] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [29287768 2023-05-19] (My.Com B.V. -> My.com B.V.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 rawaccel; C:\WINDOWS\system32\drivers\rawaccel.sys [50176 2021-09-24] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2017-08-12] (Bruce James -> Scarlet.Crush Productions)
S3 SennComUSB; C:\WINDOWS\System32\drivers\SennComUSB.sys [61928 2020-11-17] (Sennheiser Communications A/S -> Sennheiser Communications A/S)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2020-09-15] (Microsoft Corporation) [Datei ist nicht signiert]
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R1 vflt; C:\WINDOWS\system32\DRIVERS\vfilter.sys [24064 2013-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8752264 2022-08-03] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vnet; C:\WINDOWS\System32\drivers\virtualnet.sys [17408 2013-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [215864 2024-01-18] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 ALSysIO; \??\C:\Users\nils\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X] <==== ACHTUNG
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-28 21:17 - 2024-01-28 21:17 - 000000000 ___DC C:\Users\nils\Desktop\Urlaub
2024-01-28 21:14 - 2024-01-28 21:14 - 000070960 _____ C:\Users\nils\Downloads\5500003219 (1).pdf
2024-01-28 13:21 - 2024-01-28 13:21 - 008791352 _____ (Malwarebytes) C:\Users\nils\Downloads\adwcleaner(1).exe
2024-01-28 13:15 - 2024-01-28 13:15 - 008791352 _____ (Malwarebytes) C:\Users\nils\Downloads\adwcleaner.exe
2024-01-28 01:34 - 2024-01-29 21:41 - 000000000 ____D C:\Users\nils\AppData\Local\Malwarebytes
2024-01-28 01:34 - 2024-01-28 01:34 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-28 01:34 - 2024-01-28 01:34 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-01-28 01:33 - 2024-01-28 01:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-28 01:33 - 2024-01-28 01:33 - 000000000 ____D C:\Program Files\Malwarebytes
2024-01-28 01:32 - 2024-01-28 01:32 - 002582384 _____ (Malwarebytes) C:\Users\nils\Desktop\MBSetup.exe
2024-01-27 15:42 - 2024-01-27 15:42 - 000000000 ___DC C:\Users\nils\AppData\LocalLow\NVIDIA
2024-01-27 15:42 - 2024-01-27 15:42 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-01-27 15:39 - 2024-01-19 00:25 - 002095360 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-01-27 15:39 - 2024-01-19 00:25 - 002095360 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-01-27 15:39 - 2024-01-19 00:25 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-01-27 15:39 - 2024-01-19 00:25 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-01-27 15:39 - 2024-01-19 00:25 - 001487376 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-01-27 15:39 - 2024-01-19 00:25 - 001434480 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-01-27 15:39 - 2024-01-19 00:25 - 001434480 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-01-27 15:39 - 2024-01-19 00:25 - 001278720 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-01-27 15:39 - 2024-01-19 00:25 - 001278720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-01-27 15:39 - 2024-01-19 00:25 - 001226872 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-01-27 15:39 - 2024-01-19 00:22 - 001040400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-01-27 15:39 - 2024-01-19 00:22 - 000670240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-01-27 15:39 - 2024-01-19 00:22 - 000505992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-01-27 15:39 - 2024-01-19 00:21 - 002173984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-01-27 15:39 - 2024-01-19 00:21 - 001625632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-01-27 15:39 - 2024-01-19 00:21 - 001542280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-01-27 15:39 - 2024-01-19 00:21 - 001199112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-01-27 15:39 - 2024-01-19 00:21 - 000841848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-01-27 15:39 - 2024-01-19 00:20 - 016032888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-01-27 15:39 - 2024-01-19 00:20 - 012928120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-01-27 15:39 - 2024-01-19 00:20 - 006780960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-01-27 15:39 - 2024-01-19 00:20 - 001023608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-01-27 15:39 - 2024-01-19 00:20 - 000787064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-01-27 15:39 - 2024-01-19 00:20 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-01-27 15:39 - 2024-01-19 00:19 - 005907464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-01-27 15:39 - 2024-01-19 00:19 - 005772816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-01-27 15:39 - 2024-01-19 00:18 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-01-27 15:39 - 2024-01-18 12:32 - 000120271 _____ C:\WINDOWS\system32\nvinfo.pb
2024-01-27 13:39 - 2024-01-29 21:44 - 000000000 ____D C:\FRST
2024-01-27 13:38 - 2024-01-29 21:39 - 000000000 ___DC C:\Users\nils\Desktop\FRST
2024-01-22 21:30 - 2024-01-22 21:30 - 034463940 ____C C:\Users\nils\Desktop\0122.mp4
2024-01-22 21:17 - 2024-01-22 21:18 - 072533264 ____C C:\Users\nils\Desktop\HONDA.mp4
2024-01-22 20:14 - 2024-01-22 20:14 - 000000000 ____D C:\Users\nils\AppData\Local\VEDetector
2024-01-22 20:14 - 2024-01-22 20:14 - 000000000 ____D C:\Users\nils\AppData\Local\Bytedance
2024-01-22 20:07 - 2024-01-22 20:12 - 000000000 ____D C:\Users\nils\.openshot_qt
2024-01-22 20:03 - 2024-01-22 21:17 - 000000000 ____D C:\Users\nils\AppData\Local\CapCut
2024-01-22 20:03 - 2024-01-22 20:03 - 000001356 ____C C:\Users\nils\Desktop\CapCut.lnk
2024-01-22 20:03 - 2024-01-22 20:03 - 000000000 ___DC C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CapCut
2024-01-22 19:48 - 2024-01-29 21:40 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2024-01-22 00:02 - 2024-01-22 00:02 - 000000207 ____C C:\Users\nils\Desktop\Urlaubanfrage.txt
2024-01-21 18:16 - 2024-01-21 18:16 - 000002359 ____C C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2024-01-21 13:47 - 2024-01-21 13:47 - 000003868 _____ C:\WINDOWS\system32\Tasks\Google Play Games Notifier
2024-01-21 13:47 - 2024-01-21 13:47 - 000001091 _____ C:\Users\Public\Desktop\Google Play Games beta.lnk
2024-01-21 13:47 - 2024-01-21 13:47 - 000000000 ____D C:\Users\nils\AppData\Local\ToastNotificationManagerCompat
2024-01-21 13:47 - 2024-01-21 13:47 - 000000000 ____D C:\Users\nils\AppData\Local\HPE
2024-01-21 13:47 - 2024-01-21 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Play Games
2024-01-21 13:46 - 2024-01-21 13:46 - 000000000 ____D C:\ProgramData\Google
2024-01-21 13:46 - 2024-01-21 13:46 - 000000000 ____D C:\Program Files\Google
2024-01-21 13:44 - 2024-01-21 13:44 - 010908744 _____ (Google LLC) C:\Users\nils\Downloads\Install-Frost & Flame_ King of Avalon-GooglePlayGames-Beta.exe
2024-01-12 20:17 - 2024-01-12 20:17 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-11 20:47 - 2024-01-11 20:48 - 000000000 ___HD C:\$WinREAgent
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-01-29 21:44 - 2020-09-15 07:57 - 001722792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-29 21:44 - 2020-09-15 00:13 - 000741554 _____ C:\WINDOWS\system32\perfh007.dat
2024-01-29 21:44 - 2020-09-15 00:13 - 000149804 _____ C:\WINDOWS\system32\perfc007.dat
2024-01-29 21:44 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-01-29 21:42 - 2021-12-18 01:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-29 21:42 - 2019-02-16 23:11 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-29 21:41 - 2019-10-27 12:42 - 000000000 ____D C:\Users\nils\AppData\Local\Overwolf
2024-01-29 21:40 - 2020-09-15 07:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-29 21:40 - 2020-09-15 07:52 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-29 21:40 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-29 21:40 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-01-29 21:40 - 2019-01-22 14:43 - 000000000 ____D C:\Intel
2024-01-29 21:40 - 2017-11-02 01:23 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-29 20:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-29 19:58 - 2018-06-28 22:51 - 000000000 ___DC C:\Users\nils\AppData\Local\D3DSCache
2024-01-29 19:25 - 2020-09-15 07:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-29 17:47 - 2021-02-18 21:01 - 000000000 ____D C:\Users\nils\AppData\Local\LGHUB
2024-01-28 20:26 - 2020-09-15 07:53 - 000535888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-28 20:17 - 2020-09-15 07:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-01-28 20:02 - 2023-06-25 13:33 - 000000000 ____D C:\Users\nils\AppData\Roaming\ReasonLabs
2024-01-28 19:36 - 2020-10-12 22:07 - 000000000 ____D C:\Users\nils\AppData\Roaming\discord
2024-01-28 18:39 - 2020-11-13 19:22 - 000000000 ____D C:\Users\nils\AppData\Local\Discord
2024-01-28 01:38 - 2021-02-26 02:32 - 000000000 ____D C:\Program Files (x86)\Steam Customizer
2024-01-28 01:34 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-28 01:01 - 2021-02-01 18:39 - 000000128 _____ C:\Users\nils\AppData\Roaming\winscp.rnd
2024-01-27 20:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-27 15:42 - 2018-07-29 11:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-01-27 15:42 - 2018-06-28 13:09 - 000000000 ___DC C:\Users\nils\AppData\Local\CrashDumps
2024-01-27 15:42 - 2018-06-27 20:26 - 000000000 ___DC C:\Users\nils\AppData\Local\NVIDIA
2024-01-27 15:37 - 2020-12-02 22:11 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2020-12-02 22:11 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2020-12-02 22:11 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2020-12-02 22:11 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2020-12-02 22:11 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2020-12-02 22:11 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2020-12-02 22:11 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:37 - 2017-11-02 01:23 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-01-27 15:37 - 2017-11-02 01:23 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-01-27 15:37 - 2017-11-02 01:23 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-01-27 15:36 - 2020-12-02 22:11 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-27 15:36 - 2020-12-02 22:11 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-25 17:23 - 2022-07-15 20:40 - 000001431 ____C C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2024-01-25 17:23 - 2020-09-15 07:58 - 000004184 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1593451427
2024-01-23 22:16 - 2023-09-01 16:52 - 000000000 ____D C:\Users\nils\AppData\Roaming\EasyAntiCheat
2024-01-22 22:55 - 2018-06-27 19:54 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-22 20:07 - 2020-09-15 00:33 - 000000000 ____D C:\Users\nils
2024-01-22 20:06 - 2018-06-29 12:14 - 000000000 ____D C:\ProgramData\Packages
2024-01-22 20:06 - 2018-06-27 19:45 - 000000000 ___DC C:\Users\nils\AppData\Local\Packages
2024-01-22 20:04 - 2023-09-15 18:31 - 000263672 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll
2024-01-22 20:04 - 2022-10-22 10:51 - 000095736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-01-22 20:04 - 2022-10-22 10:51 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-01-22 20:04 - 2021-11-19 17:01 - 000194040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-01-22 20:04 - 2021-11-07 13:13 - 002754152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-01-22 20:04 - 2021-11-07 13:13 - 000644600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-01-22 20:04 - 2021-11-07 13:13 - 000214632 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-01-22 20:04 - 2021-11-07 13:13 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-01-22 19:45 - 2018-06-29 15:41 - 000000000 ___DC C:\Users\nils\AppData\Local\PlaceholderTileLogoFolder
2024-01-22 15:31 - 2022-11-28 18:37 - 000000000 ____D C:\Users\nils\AppData\Roaming\Microsoft\Teams
2024-01-21 13:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-21 13:44 - 2019-02-16 23:11 - 000000000 ____D C:\Users\nils\AppData\Local\Google
2024-01-21 11:20 - 2023-04-19 17:09 - 000000000 ___DC C:\Users\nils\Desktop\Berufsschule
2024-01-19 21:27 - 2020-09-15 07:58 - 000003926 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2024-01-19 21:27 - 2020-09-15 07:58 - 000003802 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2024-01-19 00:20 - 2020-11-10 13:58 - 003721224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-01-19 00:18 - 2021-04-24 20:29 - 006030584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-01-19 00:18 - 2020-11-10 13:58 - 006942920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-01-18 21:35 - 2020-12-03 16:58 - 000000000 ____D C:\Program Files\Common Files\PUBG
2024-01-18 21:27 - 2021-01-30 01:27 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-01-18 20:01 - 2019-03-20 22:38 - 000215864 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2024-01-16 21:51 - 2021-02-26 02:16 - 000000000 ___DC C:\Users\nils\Desktop\Nintendo
2024-01-14 21:10 - 2018-06-27 19:55 - 000000000 ___DC C:\Users\nils\AppData\Local\Steam
2024-01-13 13:26 - 2023-12-12 01:51 - 000000301 ____C C:\Users\nils\Desktop\Urlaubstage.txt
2024-01-12 21:05 - 2022-08-06 02:37 - 000000000 ____D C:\Users\nils\AppData\Roaming\Vampire_Survivors_377440891
2024-01-12 20:17 - 2019-06-21 23:19 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-12 15:20 - 2019-07-06 12:04 - 000000000 ____D C:\Users\nils\AppData\Roaming\Microsoft\Word
2024-01-12 15:13 - 2019-08-26 13:03 - 000000000 ____D C:\Users\nils\AppData\Roaming\Microsoft\Excel
2024-01-12 14:22 - 2018-06-27 19:45 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-11 20:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-11 20:46 - 2018-06-27 20:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-11 20:44 - 2018-06-27 20:26 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-08 19:17 - 2023-08-31 21:24 - 000000000 ____D C:\Users\nils\AppData\Roaming\G HUB
2024-01-08 19:16 - 2021-02-18 21:01 - 000000000 ____D C:\Users\nils\AppData\Roaming\LGHUB
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-11-12 10:58 - 2021-11-12 10:58 - 115176112 _____ (GitHub, Inc.) C:\Users\nils\GitHubDesktopSetup-x64.exe
2021-11-11 13:53 - 2021-11-11 13:53 - 032151603 _____ (gnuplot development team ) C:\Users\nils\gp542-win64-mingw.exe
2021-11-12 10:52 - 2021-11-12 10:52 - 025387808 _____ (Atlassian) C:\Users\nils\SourceTreeSetup-3.4.6.exe
2020-10-11 02:54 - 2020-10-11 03:01 - 003228672 _____ () C:\Users\nils\AppData\Roaming\ScriptHookV.dll
2021-02-16 12:59 - 2021-02-18 15:53 - 000000578 _____ () C:\Users\nils\AppData\Roaming\WiinUSoft_prefs.config
2021-02-01 18:39 - 2024-01-28 01:01 - 000000128 _____ () C:\Users\nils\AppData\Roaming\winscp.rnd
2022-05-06 17:54 - 2022-05-06 17:54 - 000002923 _____ () C:\Users\nils\AppData\Local\recently-used.xbel
2019-02-19 20:35 - 2023-10-12 23:53 - 000007607 _____ () C:\Users\nils\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Addition folgt. |
|
29.01.2024, 21:49
| #38 |
| | Windows 10: Verdacht auf Crypto-Miner Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27.01.2024 01
durchgeführt von nils (29-01-2024 21:46:02)
Gestartet von C:\Users\nils\Desktop\FRST
Microsoft Windows 10 Pro Version 22H2 19045.3930 (X64) (2020-09-15 06:58:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-3449150419-271838051-1508037707-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3449150419-271838051-1508037707-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3449150419-271838051-1508037707-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3449150419-271838051-1508037707-501 - Limited - Disabled)
js (S-1-5-21-3449150419-271838051-1508037707-1001 - Administrator - Enabled) => C:\Users\js
nils (S-1-5-21-3449150419-271838051-1508037707-1002 - Administrator - Enabled) => C:\Users\nils
WDAGUtilityAccount (S-1-5-21-3449150419-271838051-1508037707-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Ai2 Starter version 4.3 (HKLM-x32\...\{519B03FD-CB1D-40BB-81AD-B49E93312283}}_is1) (Version: 4.3 - Yutthana Meanphon)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{71667bbb-81ab-429c-aeb4-e43c31e8fe14}) (Version: 2.2.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{36aa03d4-9606-4f04-bf3e-a70ebe6650f3}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.9 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{2d85b111-aee4-468b-874b-a9272712f69b}) (Version: 1.0.9 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.1.16 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{ac3dc320-7e5e-4f22-9572-4c2119fcdf85}) (Version: 1.1.16 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.31 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{b31aaf98-0562-411d-a962-0c3d16a3527a}) (Version: 1.0.31 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{a29279dc-f417-4442-8225-4db77f7d35b5}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.1.7 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{4f18ae01-4390-4b41-be3a-54ef4eacdd91}) (Version: 0.0.1.7 - ASUSTek COMPUTER INC. ) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{2914BAB6-CA16-4B5A-BF41-2466656C7040}) (Version: 2.0.3.1 - ASUSTek COMPUTER INC.)
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.27 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{210cdd08-c947-43a2-9378-bc288f651e41}) (Version: 1.0.27 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{3e9b91eb-5bb0-4272-8670-f88d353eb68b}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{add3bacc-578f-4bf9-97e3-a0f0c3ae3323}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.0.6 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{cc37f609-4db9-4ce3-9e37-9cb1b432452e}) (Version: 1.0.0.6 - ASUSTek COMPUTER INC.) Hidden
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.26 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{dded177f-c7b2-4212-9c64-74884f3fd53b}) (Version: 1.0.26 - ASUS) Hidden
AusweisApp2 (HKLM\...\{8DF88014-8948-483D-907C-84D3833E4A16}) (Version: 1.26.3 - Governikus GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.9.410.1001 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\BlueStacks X) (Version: 0.18.52.1 - BlueStack Systems, Inc.)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CapCut (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\CapCut) (Version: 3.3.0.1161 - Bytedance Pte. Ltd.)
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.6 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{da7ebf10-b0be-494e-a79d-568546795a51}) (Version: 1.0.6 - CORSAIR COMPONENTS INC.) Hidden
CORSAIR iCUE Software (HKLM-x32\...\{5A44EF1D-12EE-43D7-9CAB-535F377C8D46}) (Version: 3.38.88 - Corsair)
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
CPUID HWMonitor 1.42 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.42 - CPUID, Inc.)
CrystalDiskInfo 8.17.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.4 - Crystal Dew World)
CrystalDiskMark 8.0.4b (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4b - Crystal Dew World)
CurseForge (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.244.1.1 - Overwolf app)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.6 - GOG.com)
Discord (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
ENE RGB HAL (HKLM\...\{8DA1B230-D82E-4A24-9237-363E2E1E2695}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{bb670f8d-3d66-4f36-8e60-02b71bb0a4e9}) (Version: 1.0.21.0 - Ene Tech.) Hidden
Epic Games Launcher (HKLM-x32\...\{42ECB1DB-6B44-4AEC-B112-98ECFF460EF6}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
EPOS Gaming Suite (HKLM\...\{0FDABEB9-30C5-42BA-8022-4470D3FD8EE3}) (Version: 1.10.0.926 - EPOS Group A/S)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.46.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Fraps (HKLM-x32\...\Fraps) (Version: - )
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.4.1 - AVM Berlin)
Geeks3D FurMark 1.20.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Play Games beta (HKLM\...\GooglePlayGames) (Version: 23.11.1397.6 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{7659273F-0EB6-4ECB-BC7D-5889F3FD3075}) (Version: 1.0.562 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2699.0 - Rockstar Games)
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.176 - Riot Games, Inc.)
INNO3D TuneIT version 3.02 (HKLM-x32\...\INNO3D TuneIT_is1) (Version: 3.02 - )
inst (HKLM-x32\...\{F818E3E8-4C16-4D3B-894B-D8805F56D7DB}) (Version: 1.0.0.0 - Creative Software Solutions GmbH)
Intel(R) Computing Improvement Program (HKLM\...\{44C40B2E-7285-4A9F-A9BC-DF433772AAEE}) (Version: 2.4.05929 - Intel Corporation)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.9 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{d6cac989-7570-43fd-b147-e31d6280a3a6}) (Version: 1.0.9 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.10.493254 - Logitech)
Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.83 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3449150419-271838051-1508037707-1001\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Teams) (Version: 1.6.00.29964 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.76.2 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 81.0.1 (x64 de) (HKLM\...\Mozilla Firefox 81.0.1 (x64 de)) (Version: 81.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.4 - Notepad++ Team)
NVIDIA Broadcast 1.4.0.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIABroadcast) (Version: 1.4.0.28 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 551.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
Opera GX Stable 106.0.4998.61 (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Opera GX 106.0.4998.61) (Version: 106.0.4998.61 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.122.52971 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.241.0.10 - Overwolf Ltd.)
Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.05 - Patriot Memory) Hidden
PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc)
Qt (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\{c0f9f073-2e4f-4da6-b2a4-f2946ed58882}) (Version: %MAINTENANCE_TOOL_VERSION% - The Qt Company Ltd)
Qt (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\{cbacdf10-6dc8-4db1-8d98-0a42ef6fd54d}) (Version: %MAINTENANCE_TOOL_VERSION% - The Qt Company Ltd)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.4 beta r3433 - Rainmeter)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.72.1513 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.8.4 - Rockstar Games)
Shotcut (HKLM\...\Shotcut) (Version: 21.06.29 - Meltytech, LLC)
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Snapchat (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\6bfb3a0f5367b360172921dcb033ecb8) (Version: 1.0 - Snapchat)
Sparialo (HKLM-x32\...\{3D581B7A-5251-4E7E-B381-ED890B068F04}) (Version: 1.0.0.0 - Sparialo)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SSDlife Free (HKLM-x32\...\{18302BF2-AA3C-46E3-B039-996FD0DB5639}) (Version: 2.5.82 - BinarySense Inc.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steam Customizer (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Steam Customizer) (Version: 1.0.1.0 - Blumont)
Streamlabs OBS 0.27.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.27.1 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TreeSize Free V4.4.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.1 - JAM Software)
Trident Z Lighting Control (HKLM-x32\...\{97CD7AFC-0ED3-41B8-9CCD-22717E8631D0}_is1) (Version: 1.00.18 - ENG)
Twitch (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{A7B60FC9-A750-43C7-B7EC-892CD09147C7}) (Version: 1.18.0.0 - Microsoft Corporation) Hidden
VALORANT (HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
WiinUSoft version 3.4 (HKLM\...\{1BFC4F9F-BB85-4CE3-AC22-0CBFF78D5EE4}_is1) (Version: 3.4 - Justin Keys)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows*11-Installationsassistent (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1610 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{4254C1AD-B9B0-4020-A4B1-D8B61D12142A}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{AD47C6B2-6C72-4F0E-B66F-7685C28ACDFD}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows-Treiberpaket - Corsair Components, Inc. (SIUSBXP) USB (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.)
X64 Debuggers And Tools (HKLM\...\{66B288E6-3354-AB0F-920D-909DDAA653FF}) (Version: 10.1.17763.132 - Microsoft Corporation)
X86 Debuggers And Tools (HKLM-x32\...\{A80F4302-E354-EFCD-3802-3CB0572D4FD1}) (Version: 10.1.17763.132 - Microsoft Corporation)
Packages:
=========
Angry Birds 2 -> C:\Program Files\WindowsApps\1ED5AEA5.4160926B82DB_3.13.5.0_x64__p2gbknwb5d8r2 [2023-12-21] (Rovio Entertainment Oyj)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Epson Print and Scan -> C:\Program Files\WindowsApps\SEIKOEPSONCORPORATION.EpsonPrintandScan_1.1.0.0_x64__ezaqdwkaef94e [2019-07-23] (SEIKO EPSON CORPORATION)
Files -> C:\Program Files\WindowsApps\49306atecsolution.FilesUWP_3.1.1.0_x64__et10x9a9vyk8t [2024-01-12] (Yair A) [Startup Task]
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2023-12-16] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-18] (INTEL CORP)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-23] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21001.0_x64__8wekyb3d8bbwe [2024-01-08] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10829.535.0_x64__8wekyb3d8bbwe [2023-09-28] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.5101.0_x64__8wekyb3d8bbwe [2023-12-16] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2023-12-21] (Microsoft Studios)
ModernFlyouts (Preview) -> C:\Program Files\WindowsApps\32669SamG.ModernFlyouts_0.9.3.0_x64__pcy8vm99wrpcg [2024-01-28] (Sam G) [Startup Task]
Movie Maker - Video Editor -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.6.42.0_x64__bzg06mxvgh4fa [2024-01-22] (V3TApps)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-18] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-01-27] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-06] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0 [2024-01-28] (Spotify AB) [Startup Task]
TaskbarX -> C:\Program Files\WindowsApps\40210ChrisAndriessen.FalconX_1.7.8.0_x64__y1dazs5f5wq00 [2022-10-05] (Chris Andriessen)
Video Editor Max -> C:\Program Files\WindowsApps\36059XiaoyaStudio.54454B0A7F4E6_2.0.7.0_x64__ngh7ertwt50re [2024-01-22] (Xiaoya Lab)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2022-09-26] (VideoLAN)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.4.0_x64__cv1g1gvanyjgm [2024-01-27] (WhatsApp Inc.) [Startup Task]
Xbox Insider Hub -> C:\Program Files\WindowsApps\Microsoft.FlightDashboard_477.2102.26001.0_x64__8wekyb3d8bbwe [2021-04-10] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3449150419-271838051-1508037707-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\nils\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23270.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3449150419-271838051-1508037707-1002_Classes\CLSID\{6a27a1a9-7be8-1491-04ca-ee68a211c258}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3449150419-271838051-1508037707-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\nils\AppData\Local\GoToMeeting\18962\G2MOutlookAddin64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3449150419-271838051-1508037707-1002_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\nils\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\FileCoAuth.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-3449150419-271838051-1508037707-1002_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\nils\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-07-15] (Notepad++ -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-28] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\nvshext.dll [2024-01-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-28] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\6.2.0\MinGW 8.1.0 (64-bit)\Qt 6.2.0 (MinGW 8.1.0 64-bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K D:\Qt\6.2.0\mingw81_64\bin\qtenv2.bat
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2019-01-19 00:31 - 2019-01-19 00:30 - 006065152 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.28\libprotobufd.dll
2021-12-23 18:30 - 2021-12-23 18:30 - 000209408 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll
2021-12-23 18:29 - 2021-12-23 18:29 - 000101376 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 001845760 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\AgentUtil.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 000428544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\blhost.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 003586560 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\ConfigManager.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 000812544 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\cpprest_2_10.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 001692672 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\CxAudioHidDll32.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 004457472 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\Restclient.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 001601024 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\RestExecutor.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 000077312 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\zlib1.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000017920 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 000022016 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000628224 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000116736 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 000018432 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000013312 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000029184 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000035840 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000039936 _____ () [Datei ist nicht signiert] C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2019-01-19 00:31 - 2019-01-19 00:30 - 000108544 _____ (ASUS) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AAHM\1.00.31\ASACPI.DLL
2019-01-11 16:49 - 2024-01-29 21:40 - 000035120 _____ (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AXSP\4.00.28\PEbiosinterface32.dll
2020-04-19 17:37 - 2020-04-19 17:37 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-19 17:37 - 2020-04-19 17:37 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 000164864 _____ (QTIL) [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\EngineFrameworkCpp.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000095744 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\EbpD4Fax.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000212992 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUADRFIL.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000278528 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCFG.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000438272 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCSR.DLL
2017-11-02 00:46 - 2013-12-24 01:00 - 000385024 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXLDB.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000536576 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXTIF.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000421888 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUIMGCDC.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000274432 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FULEPP.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSTMMSG.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000327680 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSVCCLT.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000065536 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUUSBHLP.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000253952 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\FUVERDLG.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000069632 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDEVCOM.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000135168 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDRVUTL.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000339968 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUPRBDEV.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUSNMPUT.dll
2017-11-02 00:46 - 2013-12-23 17:00 - 000081920 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUCMNMSG.dll
2017-11-02 00:46 - 2013-12-23 17:00 - 000090112 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXCFGRes.dll
2017-11-02 00:46 - 2013-12-23 17:00 - 000241664 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXRCV.dll
2017-11-02 00:46 - 2013-12-23 17:00 - 000110592 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXSTM.dll
2017-11-02 00:46 - 2013-12-23 17:00 - 000022016 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FULEPPRes.dll
2017-11-02 00:46 - 2013-12-23 17:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUPRBDEVRes.dll
2017-11-02 00:46 - 2011-08-30 13:38 - 000558080 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\enppmon.dll
2017-11-02 00:46 - 2011-08-01 18:24 - 000250880 _____ (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\enpres.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000786432 _____ (SEIKO EPSON) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENCM.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000278528 _____ (SEIKO EPSON) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENNW.dll
2017-11-02 00:46 - 2013-12-24 01:00 - 000299008 _____ (SEIKO EPSON) [Datei ist nicht signiert] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENUTIL.dll
2020-12-16 08:26 - 2020-12-16 08:26 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2020-06-16 16:28 - 2020-06-16 16:28 - 001918464 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2020-11-19 01:51 - 2020-11-19 01:50 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-11-19 01:51 - 2020-11-19 01:50 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2021-12-23 18:29 - 2021-12-23 18:29 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll
2021-12-23 18:29 - 2021-12-23 18:29 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll
2022-05-20 03:16 - 2022-05-20 03:16 - 002584064 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\EPOS\Gaming Suite\libcrypto-1_1.dll
2020-11-19 01:51 - 2020-11-19 01:50 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2023-03-15 14:35 - 2020-11-19 01:50 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2023-03-15 14:35 - 2020-11-19 01:50 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2023-03-15 14:35 - 2020-11-19 01:50 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2023-03-15 14:35 - 2020-11-19 01:50 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2023-03-15 14:35 - 2020-11-19 01:50 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2023-03-15 14:35 - 2020-11-19 01:50 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\sharepoint.com -> hxxps://flsmannheim-files.sharepoint.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 12:47 - 2021-02-20 11:10 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3449150419-271838051-1508037707-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3449150419-271838051-1508037707-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\Control Panel\Desktop\\Wallpaper -> c:\users\nils\pictures\hintergründe\feuerzeug.jpg
DNS Servers: 192.168.178.101
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
ist aktiviert.
Network Binding:
=============
Ethernet 2: AVM VPN NDIS 6 Driver -> avm_nwim (enabled)
Ethernet 2: Shrew Soft Lightweight Filter -> vflt (enabled)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
MSCONFIG\Services: OverwolfUpdater => 3
HKU\S-1-5-21-3449150419-271838051-1508037707-1002\...\StartupApproved\Run: => "RiotClient"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{EC468066-6BDB-4FCF-AF52-EA95A7571FD5}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{0B3E8262-EE89-49CB-8A64-25FCBBE49790}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{82BB0DDE-66E1-4A65-91D4-2177D6945DDC}C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei
FirewallRules: [UDP Query User{FAFD95A1-BC3E-4A8E-82F6-22D1B0D7A038}C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei
FirewallRules: [TCP Query User{F4BE1069-2099-42A4-A1C8-CD1FC7DB6ECA}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{B139368A-7ACF-44B8-A69E-4F30854AE5D6}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{51DE2A25-91EC-48E2-8874-49C5B87574D5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3B040D6D-68A1-4645-8C4D-50C775FAA8F4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{1825D03A-C8E4-412B-9ED5-0E9B79756079}C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei
FirewallRules: [UDP Query User{EF78B3B7-A78F-4413-B25B-DB8E6613AA9D}C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.152.687.0_x86__zpdnekdrzrea0\spotify.exe => Keine Datei
FirewallRules: [TCP Query User{D9732541-C39F-4EC0-B53B-250F2B3E7B62}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{21190C22-B01E-462C-AD8B-56E87C2516FB}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{40F82BBD-4E71-4573-A3F3-366BF6C53A81}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => Keine Datei
FirewallRules: [UDP Query User{E53FAE61-7C28-4B54-A8F1-7BBF8CF27326}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.400\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.400\opera.exe => Keine Datei
FirewallRules: [TCP Query User{4319FA76-820C-42D1-8741-BE520B55D865}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{8ACA883E-404C-4DF0-A09B-1D367C2736DB}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{9CD98EDD-B3CB-4994-94FF-D83EED85EB34}] => (Allow) D:\Steam\steamapps\common\Destiny 2\destiny2.exe => Keine Datei
FirewallRules: [{D3216BB0-D77A-4585-A7F8-4943A29235D7}] => (Allow) D:\Steam\steamapps\common\Destiny 2\destiny2.exe => Keine Datei
FirewallRules: [{098B6464-5E72-47EC-85CE-178CD5FEA518}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{236F0730-8110-47B1-BB07-AE2D19FC0EB5}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query User{C24BB531-5B2D-4686-B19B-DF898A6108B4}C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{420E2E8E-3779-4CB4-95EB-FBEDB2109E11}C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{EEBCF92F-9FEB-45C2-8C16-555C88FD7F13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BC04C5E6-7E8E-4E0D-AED6-31D038E0EBDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{14AD2BCE-9D64-4AB1-8BD5-29651370F510}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [{D8590094-7B2F-431C-8B06-3785E76EA794}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{301DD506-A44F-4856-BDE4-9E7E894E15CA}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.408\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.408\opera.exe => Keine Datei
FirewallRules: [UDP Query User{E6E258F7-F6F3-418B-89A6-601F80D06F06}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.408\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.408\opera.exe => Keine Datei
FirewallRules: [{80FE9FE3-06A5-4969-9FFD-BEC5E0181953}] => (Allow) D:\Steam\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert]
FirewallRules: [{56360E82-051B-4707-8075-6734490224A0}] => (Allow) D:\Steam\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{57E6B2A4-BFBD-4605-B94B-8F157868C911}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.415\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.415\opera.exe => Keine Datei
FirewallRules: [UDP Query User{C16F0282-C3CE-4FA7-AD5A-DC4FEBFC2974}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.415\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.415\opera.exe => Keine Datei
FirewallRules: [TCP Query User{8FF7CCE5-45D9-4BE2-9BF4-0B9C9F429751}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{55FDECEE-77A6-4BD2-A704-3825508C57F6}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{2243F366-3CC8-4443-9B53-04888E094ADF}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{74D4C5D0-A97B-45D4-8B88-752627AEDE1C}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{78070716-58D2-4CEF-BD41-79D273AED995}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{4406735B-95BE-4B5C-B8AA-55D26494AE33}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{3A837DFE-C395-447F-A77F-C3E0ADABF2A1}C:\program files (x86)\common files\oracle\java\javapath_target_631877109\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_631877109\java.exe => Keine Datei
FirewallRules: [UDP Query User{D524889C-A454-4CE3-B2B9-7ACD534FD876}C:\program files (x86)\common files\oracle\java\javapath_target_631877109\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_631877109\java.exe => Keine Datei
FirewallRules: [TCP Query User{E016464E-AC9C-4335-A4EA-66315636FD83}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{41D58B2B-4A63-40F7-BEFC-60B77EEE3541}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{47BA71EC-5859-409C-8B09-76776416A862}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.421\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.421\opera.exe => Keine Datei
FirewallRules: [UDP Query User{72DE7540-6421-48D5-8444-A80A68D4DCD3}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.421\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.421\opera.exe => Keine Datei
FirewallRules: [TCP Query User{6F8B1AE4-A9B2-4809-B574-A402D4807CE2}D:\ubisoft\forhonor\forhonor.exe] => (Allow) D:\ubisoft\forhonor\forhonor.exe => Keine Datei
FirewallRules: [UDP Query User{558DAB6A-C0FE-4EBD-9390-541F39B146BC}D:\ubisoft\forhonor\forhonor.exe] => (Allow) D:\ubisoft\forhonor\forhonor.exe => Keine Datei
FirewallRules: [{939955E8-A45B-4474-AEE3-1325039BD4F5}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [Datei ist nicht signiert]
FirewallRules: [{71EAA418-EB90-4D45-A95B-FF39995B5DCE}] => (Allow) D:\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{AF21DFA5-04C9-4E5D-A674-EBBAB2818244}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.424\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.424\opera.exe => Keine Datei
FirewallRules: [UDP Query User{671BAFAA-BE34-49E6-A7F5-BEE526DA31FC}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.424\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.424\opera.exe => Keine Datei
FirewallRules: [TCP Query User{E389631B-BCC4-4163-A177-5CFFDC56FA4A}D:\uplay\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) D:\uplay\tom clancy's rainbow six siege\rainbowsix_vulkan.exe => Keine Datei
FirewallRules: [UDP Query User{4C99750C-9C11-4A67-AE43-04AF9DE4ACBD}D:\uplay\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) D:\uplay\tom clancy's rainbow six siege\rainbowsix_vulkan.exe => Keine Datei
FirewallRules: [TCP Query User{575AD171-A61D-4451-B807-D8636D88E735}D:\uplay\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) D:\uplay\tom clancy's rainbow six siege\rainbowsix.exe => Keine Datei
FirewallRules: [UDP Query User{365DD66C-95D5-4330-9C6B-082A0011CA53}D:\uplay\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) D:\uplay\tom clancy's rainbow six siege\rainbowsix.exe => Keine Datei
FirewallRules: [TCP Query User{8D6FF879-AB1A-4B0E-9B05-E892CCB1B4B0}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.427\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.427\opera.exe => Keine Datei
FirewallRules: [UDP Query User{F58D078B-99DC-4F77-ADA6-F1E33B830CF9}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.427\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.427\opera.exe => Keine Datei
FirewallRules: [{E1F9D83E-7C4F-4401-BDAA-ECBD3973965C}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{293EA6CC-142B-4D36-9D60-A517A9A4DBBA}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{13E981F9-6BA5-4438-9B0F-4ED74A7DF4BB}D:\steam\steamapps\common\ittakestwo\nuts\binaries\win64\ittakestwo.exe] => (Allow) D:\steam\steamapps\common\ittakestwo\nuts\binaries\win64\ittakestwo.exe (Hazelight Studios AB -> Hazelight Studios)
FirewallRules: [UDP Query User{E5C17ACB-37CE-46B0-850D-2655A4CEE2B9}D:\steam\steamapps\common\ittakestwo\nuts\binaries\win64\ittakestwo.exe] => (Allow) D:\steam\steamapps\common\ittakestwo\nuts\binaries\win64\ittakestwo.exe (Hazelight Studios AB -> Hazelight Studios)
FirewallRules: [TCP Query User{57144AFE-F44F-4EE7-9A46-ABDA9F7C3A19}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.438\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.438\opera.exe => Keine Datei
FirewallRules: [UDP Query User{1D6FD0A1-5105-4208-ADDC-A7F0999AA57A}C:\users\nils\appdata\local\programs\opera gx\73.0.3856.438\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\73.0.3856.438\opera.exe => Keine Datei
FirewallRules: [TCP Query User{C6FF115F-29BD-40B7-8A42-3BE9F3EA10DC}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.259\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.259\opera.exe => Keine Datei
FirewallRules: [UDP Query User{9E8EF3F3-DD9D-432E-A956-A5687BA9D1EB}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.259\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.259\opera.exe => Keine Datei
FirewallRules: [TCP Query User{BBC874C6-36B4-4B5A-BCE7-7EDC7D32AB36}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.267\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.267\opera.exe => Keine Datei
FirewallRules: [UDP Query User{89213033-21D6-4246-ACE1-350F0FA196FE}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.267\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.267\opera.exe => Keine Datei
FirewallRules: [{BBCD0ABB-B7F3-44A1-9721-506BF55FCE8E}] => (Allow) D:\Steam\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{183E20F2-DA31-46F0-AE63-52D4223C86D5}] => (Allow) D:\Steam\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [TCP Query User{D67AD3A8-1B2A-44A7-B184-6F4B0FC37B45}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.279\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.279\opera.exe => Keine Datei
FirewallRules: [UDP Query User{E07D6BE8-6C27-4E4E-89F8-7C51AF2B97A7}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.279\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.279\opera.exe => Keine Datei
FirewallRules: [TCP Query User{2412D2E3-FD17-42DF-B9CC-073AA54C09FA}D:\steam\steamapps\common\biomutant\biomutant\binaries\win64\biomutant-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\biomutant\biomutant\binaries\win64\biomutant-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{5726C949-869F-4A81-814B-B24DBF3C1F11}D:\steam\steamapps\common\biomutant\biomutant\binaries\win64\biomutant-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\biomutant\biomutant\binaries\win64\biomutant-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{C21D225F-0257-46B5-AF68-CEA46E38CC9F}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.282\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.282\opera.exe => Keine Datei
FirewallRules: [UDP Query User{97D2906F-50AE-49E8-827A-FA4513D0D2C8}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.282\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.282\opera.exe => Keine Datei
FirewallRules: [{189477CF-9AB1-4FEC-895F-6FF6402F5360}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{8D9C7A6F-445A-43BA-A9F9-83F9089216D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{A93283BD-750C-41DF-ACAC-E7B456A4705E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{D6B04A3C-E4FA-4389-8679-DA44502CB1C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{C5C12C99-CD76-47BE-B978-B4F5C93D488D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{21B30609-3B1F-4190-AD47-C49483519E29}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{81280270-2742-4CD2-B3DB-A460ED8D3BD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{F4BAE828-86F3-4009-BF96-F6ED04EA926E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [TCP Query User{476815B6-28DF-4E10-9913-DFF5FE8D14C8}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.285\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.285\opera.exe => Keine Datei
FirewallRules: [UDP Query User{A9524BF0-DAB3-4C03-9024-2861014D0C3E}C:\users\nils\appdata\local\programs\opera gx\75.0.3969.285\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\75.0.3969.285\opera.exe => Keine Datei
FirewallRules: [TCP Query User{E05266DB-971F-4BBD-8BCC-26D8A6C43ACD}C:\users\nils\appdata\local\programs\opera gx\76.0.4017.205\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\76.0.4017.205\opera.exe => Keine Datei
FirewallRules: [UDP Query User{90F8AE23-81EF-4A79-91A9-4774838688DE}C:\users\nils\appdata\local\programs\opera gx\76.0.4017.205\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\76.0.4017.205\opera.exe => Keine Datei
FirewallRules: [TCP Query User{FB6CCBF3-2720-4498-A024-E3B4EDA5386D}C:\users\nils\appdata\local\programs\opera gx\76.0.4017.208\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\76.0.4017.208\opera.exe => Keine Datei
FirewallRules: [UDP Query User{79719A19-8115-4C63-97A2-A1D8ABFBEAF4}C:\users\nils\appdata\local\programs\opera gx\76.0.4017.208\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\76.0.4017.208\opera.exe => Keine Datei
FirewallRules: [TCP Query User{CEC10170-D440-4F10-9498-8A056F2C7F4A}C:\users\nils\appdata\local\programs\opera gx\76.0.4017.227\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\76.0.4017.227\opera.exe => Keine Datei
FirewallRules: [UDP Query User{D0434488-D480-4B97-B6D1-A5C10BF3B9F5}C:\users\nils\appdata\local\programs\opera gx\76.0.4017.227\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\76.0.4017.227\opera.exe => Keine Datei
FirewallRules: [TCP Query User{86F6C23C-E734-4024-BA76-DBB6927A28B4}C:\users\nils\appdata\local\programs\opera gx\77.0.4054.257\opera.exe] => (Block) C:\users\nils\appdata\local\programs\opera gx\77.0.4054.257\opera.exe => Keine Datei
FirewallRules: [UDP Query User{BA8AC1B5-E120-494F-B570-D06B2DAE55CD}C:\users\nils\appdata\local\programs\opera gx\77.0.4054.257\opera.exe] => (Block) C:\users\nils\appdata\local\programs\opera gx\77.0.4054.257\opera.exe => Keine Datei
FirewallRules: [TCP Query User{2ABAB9C0-2759-4A56-991B-A37F0F2E1BDC}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{018831AE-EF1F-4D73-B854-C05CB934D817}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{923136CD-F1CB-4363-9BCA-F50B51521B19}C:\users\nils\appdata\local\programs\opera gx\77.0.4054.275\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\77.0.4054.275\opera.exe => Keine Datei
FirewallRules: [UDP Query User{A519566A-52FD-48FF-BF88-A59D517579FC}C:\users\nils\appdata\local\programs\opera gx\77.0.4054.275\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\77.0.4054.275\opera.exe => Keine Datei
FirewallRules: [TCP Query User{BE738B96-6006-4E9A-AE32-F910B924FFE1}C:\program files (x86)\epic games\defensegrid\defensegrid.exe] => (Allow) C:\program files (x86)\epic games\defensegrid\defensegrid.exe => Keine Datei
FirewallRules: [UDP Query User{0BDAC37C-CC13-4AE0-833F-FCD6403AF74B}C:\program files (x86)\epic games\defensegrid\defensegrid.exe] => (Allow) C:\program files (x86)\epic games\defensegrid\defensegrid.exe => Keine Datei
FirewallRules: [TCP Query User{CFE8461D-803D-4E2D-A703-1E5628C26134}C:\users\nils\appdata\local\programs\opera gx\77.0.4054.298\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\77.0.4054.298\opera.exe => Keine Datei
FirewallRules: [UDP Query User{16D35CB2-D72A-46D4-89D6-7B25D3C77746}C:\users\nils\appdata\local\programs\opera gx\77.0.4054.298\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\77.0.4054.298\opera.exe => Keine Datei
FirewallRules: [TCP Query User{832B201B-244A-4083-80AE-D4C12EE2D02A}C:\users\nils\appdata\local\programs\opera gx\78.0.4093.153\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\78.0.4093.153\opera.exe => Keine Datei
FirewallRules: [UDP Query User{8739D01C-122D-4CDC-8EFF-58F343035D9B}C:\users\nils\appdata\local\programs\opera gx\78.0.4093.153\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\78.0.4093.153\opera.exe => Keine Datei
FirewallRules: [TCP Query User{C681058B-13AD-4642-B316-8CCAEE8A0874}C:\users\nils\appdata\local\programs\opera gx\78.0.4093.186\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\78.0.4093.186\opera.exe => Keine Datei
FirewallRules: [UDP Query User{1BEDFD7C-69B8-4DA1-9BCA-FB34B3A014D4}C:\users\nils\appdata\local\programs\opera gx\78.0.4093.186\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\78.0.4093.186\opera.exe => Keine Datei
FirewallRules: [TCP Query User{A3AA8614-9765-4FE9-8C8D-73D3100E0B4E}D:\epicgames\satisfactoryearlyaccess\engine\binaries\win64\factorygame-win64-shipping.exe] => (Allow) D:\epicgames\satisfactoryearlyaccess\engine\binaries\win64\factorygame-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{3BEB6284-E845-4AF2-B5C5-3F7F5C91CD75}D:\epicgames\satisfactoryearlyaccess\engine\binaries\win64\factorygame-win64-shipping.exe] => (Allow) D:\epicgames\satisfactoryearlyaccess\engine\binaries\win64\factorygame-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{A389F974-C5DF-499D-A79D-422D23092C38}C:\users\nils\appdata\local\programs\opera gx\78.0.4093.214\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\78.0.4093.214\opera.exe => Keine Datei
FirewallRules: [UDP Query User{0A147AD2-B88D-44AE-9291-D2E9B79CA0B9}C:\users\nils\appdata\local\programs\opera gx\78.0.4093.214\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\78.0.4093.214\opera.exe => Keine Datei
FirewallRules: [TCP Query User{1949779F-85F6-4C09-A5F0-8B6DC8E1A67B}C:\users\nils\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{65AB902A-71F2-4D34-B4B9-C560850CDB8A}C:\users\nils\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{DA8977AB-A18F-42B7-9C67-CBE8E38759DE}] => (Allow) C:\Users\nils\AppData\Roaming\Zoom\bin\Zoom.exe => Keine Datei
FirewallRules: [{94CD7528-E02F-49C7-865F-6C5CFFC30378}] => (Allow) C:\Users\nils\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{7997A2D0-5904-44C5-AFE0-138136172888}] => (Allow) C:\Users\nils\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [TCP Query User{020EA194-6077-420A-95A7-5B83B22F4346}C:\users\nils\appdata\local\temp\scoped_dir13200_195269716\kodularstarter_windows.exe] => (Allow) C:\users\nils\appdata\local\temp\scoped_dir13200_195269716\kodularstarter_windows.exe => Keine Datei
FirewallRules: [UDP Query User{376E8E66-826D-4D26-BE55-3293BC28B953}C:\users\nils\appdata\local\temp\scoped_dir13200_195269716\kodularstarter_windows.exe] => (Allow) C:\users\nils\appdata\local\temp\scoped_dir13200_195269716\kodularstarter_windows.exe => Keine Datei
FirewallRules: [TCP Query User{29854527-5178-4B96-97C2-1D5BDD2ACAF5}C:\users\nils\desktop\kodularstarter_windows.exe] => (Allow) C:\users\nils\desktop\kodularstarter_windows.exe => Keine Datei
FirewallRules: [UDP Query User{D75A483C-0F2D-47FB-B298-B90D7155E451}C:\users\nils\desktop\kodularstarter_windows.exe] => (Allow) C:\users\nils\desktop\kodularstarter_windows.exe => Keine Datei
FirewallRules: [TCP Query User{E08B60BF-AEE0-4CA2-9C6E-FB85BF38D945}C:\users\nils\desktop\kodular\kodularstarter_windows.exe] => (Allow) C:\users\nils\desktop\kodular\kodularstarter_windows.exe => Keine Datei
FirewallRules: [UDP Query User{5C982ED6-8A73-44A4-81AA-CB66258682E8}C:\users\nils\desktop\kodular\kodularstarter_windows.exe] => (Allow) C:\users\nils\desktop\kodular\kodularstarter_windows.exe => Keine Datei
FirewallRules: [TCP Query User{8BAEBB13-BA63-43A3-81D0-6AFF40802F07}C:\users\nils\desktop\pummel party\pummelparty.exe] => (Allow) C:\users\nils\desktop\pummel party\pummelparty.exe => Keine Datei
FirewallRules: [UDP Query User{34E36611-47B7-42A7-A582-86B9E3E17A2F}C:\users\nils\desktop\pummel party\pummelparty.exe] => (Allow) C:\users\nils\desktop\pummel party\pummelparty.exe => Keine Datei
FirewallRules: [TCP Query User{E3A8CDB1-EF8A-4EB5-8B73-B1C9825EC42A}C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{7DF6FEF8-412C-408B-9A25-886E57791964}C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\nils\twitch\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{31550B3F-326A-41E5-840E-98AA972C50DA}] => (Allow) D:\Steam\steamapps\common\Noita\noita.exe () [Datei ist nicht signiert]
FirewallRules: [{8F1A86EA-160C-48A3-A10F-D20D5B2AB944}] => (Allow) D:\Steam\steamapps\common\Noita\noita.exe () [Datei ist nicht signiert]
FirewallRules: [{1C6832EE-9B06-4E05-B41A-4C95335F6D52}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{9DBD0A44-4D01-4B44-AA5B-A6D0AC19A5CF}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{3FBF7EF3-98CC-44AB-A37E-25245FBBC527}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [UDP Query User{30B9ADE7-1EAB-4F65-9089-CC2B34D11B8C}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{610CBE92-D3AF-4652-8F3F-2B909D4A7489}C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{52E61968-1552-4CA8-969B-A56085339510}C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{CADDFB49-90C0-4A8E-A744-0F42063192C5}C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{19A4C695-B0EF-411C-946C-79DD8CAF4273}C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\nils\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{18776FA0-C4AA-4590-9083-D9CA7F0FEA39}] => (Allow) D:\Steam\steamapps\common\Crab Game\Crab Game.exe () [Datei ist nicht signiert]
FirewallRules: [{DB8CE3C8-681B-42C1-B140-4C484F233E54}] => (Allow) D:\Steam\steamapps\common\Crab Game\Crab Game.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{387073A1-17D8-4AAB-9CDB-4AE26D355AA8}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3E0ED02B-3286-4AD3-92C1-1FC16E0691C5}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{3156134D-0073-4F12-9A67-72E21C09A850}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{DF871CAD-79C9-4670-A635-978ACA2DFDC3}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{F2620380-C1DC-4D53-898E-4B9C9F1F9701}] => (Allow) D:\Steam\steamapps\common\Foundation\foundation.exe (Polymorph Games) [Datei ist nicht signiert]
FirewallRules: [{F63F71FE-B9D0-43BE-8112-91086E25DBC1}] => (Allow) D:\Steam\steamapps\common\Foundation\foundation.exe (Polymorph Games) [Datei ist nicht signiert]
FirewallRules: [{62B80037-13D7-444F-B135-4EB3B6C9ED3E}] => (Allow) D:\Steam\steamapps\common\Vampire Survivors\VampireSurvivors.exe () [Datei ist nicht signiert]
FirewallRules: [{4CF67B4D-182B-42DF-8479-AE458F59AD5B}] => (Allow) D:\Steam\steamapps\common\Vampire Survivors\VampireSurvivors.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C49CCA75-2D5D-4490-A6E2-9307E594D692}C:\users\nils\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{B421E713-4139-41D0-B957-1286FD298811}C:\users\nils\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\nils\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{E94EDFDA-5C3D-4F02-AFC4-239C4AF44A8A}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{E84D073F-4795-4655-BB1A-EC35F60605DC}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{737EBC00-D539-464F-8C90-8BF4646C6920}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{BD99D834-533B-4FBC-9290-3E6F4A07FB40}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{FFE40C35-BA5A-4D69-B932-A63D50A9BF70}] => (Allow) D:\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{FA7749D2-F744-47EA-98FA-75DB4AE9C8E5}] => (Allow) D:\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{120F6350-5349-4350-B509-B7FF8EC5A36B}] => (Allow) D:\Steam\steamapps\common\Taur\Taur.exe () [Datei ist nicht signiert]
FirewallRules: [{C7D6FE1C-DD5E-44B7-9A95-1B2AA2373567}] => (Allow) D:\Steam\steamapps\common\Taur\Taur.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{35D4B01A-AEAC-44C8-8032-EE36918977EE}D:\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe => Keine Datei
FirewallRules: [UDP Query User{BEA49126-B4EF-45DD-9450-C6BCB9F47DFF}D:\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\epicgames\borderlands3\oakgame\binaries\win64\borderlands3.exe => Keine Datei
FirewallRules: [{9439775A-A347-4BCE-A7B8-33DF87ADFF2C}] => (Allow) D:\Steam\steamapps\common\Project Lazarus\Project Lazarus.exe () [Datei ist nicht signiert]
FirewallRules: [{E93F9A9D-E49A-4455-8376-0A399908A874}] => (Allow) D:\Steam\steamapps\common\Project Lazarus\Project Lazarus.exe () [Datei ist nicht signiert]
FirewallRules: [{EDA00A6B-8E39-4218-9B05-5FA7E8370D1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D9A92D05-4A96-4E88-9D94-63629EF829C0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5E3F4625-862C-47B4-8085-C15A86DEE536}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D7A1D399-C477-4BD5-A682-8E335DB85CCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F3A9CBC5-96A7-4DEA-98E6-5282AFBFA2FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{57D6F14F-5229-48E6-9E90-CEECB844102A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{23758528-2E42-4688-877E-F59A622A9D3D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{68BE591E-6A3D-4419-9F4B-60AF75E63541}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C52660B2-B862-46D6-9583-014DEEB7749A}] => (Allow) D:\Steam\steamapps\common\Hunter Survivors\HunterSurvivors.exe () [Datei ist nicht signiert]
FirewallRules: [{EAA4BAD1-EC99-4429-95B6-2268D78D7CC3}] => (Allow) D:\Steam\steamapps\common\Hunter Survivors\HunterSurvivors.exe () [Datei ist nicht signiert]
FirewallRules: [{5143556D-E429-44D3-9CDF-E41F4D4FB5F5}] => (Allow) D:\Steam\steamapps\common\RISK Global Domination\RISK.exe () [Datei ist nicht signiert]
FirewallRules: [{BBF6403E-7F9E-428A-ADA2-1C33698E38CB}] => (Allow) D:\Steam\steamapps\common\RISK Global Domination\RISK.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{420BA7F6-5463-43B1-9330-C3D0F40F0615}D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [UDP Query User{8496D73E-3969-45A8-9678-EC1ACA89FC3D}D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [TCP Query User{C14342A2-692B-4E89-A3E1-4AACAB1400AD}D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [UDP Query User{F4DF355A-04DD-425B-B82F-357D77C495EE}D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\gog\cyberpunk\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [TCP Query User{B3816CDE-97E3-4463-996E-4ACF6C923275}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{0A39DE3A-1D70-45D2-B4C5-370F8690950B}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{081FBD28-5B75-4F18-BC76-4532635C45EE}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{325F68D1-4B8C-4FBE-BC2C-41328D76A971}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{4982B4AC-6C98-4B13-8016-F0606F97CA3A}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{FB48B2F6-0C37-4C3F-AC30-332A343ED370}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{5709C70D-1614-490A-B713-71E8DCBE9AB6}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [TCP Query User{410E3EE7-2E5F-4ECB-8979-91F06FC7009D}C:\users\nils\appdata\local\discord\app-1.0.9007\discord.exe] => (Allow) C:\users\nils\appdata\local\discord\app-1.0.9007\discord.exe => Keine Datei
FirewallRules: [UDP Query User{6E3170FC-77FC-4953-8419-DB6D0EDC5329}C:\users\nils\appdata\local\discord\app-1.0.9007\discord.exe] => (Allow) C:\users\nils\appdata\local\discord\app-1.0.9007\discord.exe => Keine Datei
FirewallRules: [TCP Query User{D7B76614-3630-4ED2-B3BF-F3E1C588D072}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{B9F377A5-A6E9-4EAA-9F59-FDE573698604}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => Keine Datei
FirewallRules: [{FFB2FDE4-018C-45D2-8192-76263A410243}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => Keine Datei
FirewallRules: [{CAB098C8-D3D6-4A70-8681-CE6B3A9711F3}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => Keine Datei
FirewallRules: [TCP Query User{10CFC94F-E5F4-44F6-A091-9D7487C2207A}C:\users\nils\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\nils\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{F7BBBD02-5D35-4BCC-ADA3-6B88EE2F7C64}C:\users\nils\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\nils\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{333F6A54-B0AC-481B-828B-0EC3F43DD442}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{0E96152F-9308-4274-9B98-0DCB6110E61E}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{535B9A2A-15BC-4211-9494-E10234074A81}] => (Allow) D:\Steam\steamapps\common\FLERP\FLERP.exe () [Datei ist nicht signiert]
FirewallRules: [{E99E7E51-7D55-42FC-8279-44F75F948CA2}] => (Allow) D:\Steam\steamapps\common\FLERP\FLERP.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{507C0146-836A-4E8B-8271-33F5BBA0DEFD}C:\users\nils\twitch\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\nils\twitch\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{51CA4EB0-D9B9-4B80-B40D-342CE2BE932B}C:\users\nils\twitch\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\nils\twitch\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{C1ED4499-7333-4690-B8CB-CBEACCB88157}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{FE4C3FDF-8212-4176-86ED-4C8BEF3E9C13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{32F3A288-A683-442F-AB15-C8287703D95F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{116DA4BA-DA7E-4D78-8B46-557350B046CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{9CB11874-972E-4FF9-8B22-021F857815C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{8DD042AC-6209-4F53-A15E-42233AD46350}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{91517E0E-F6A5-4BD9-ABBE-26C29FE5768D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{45975058-02A2-4D24-A01F-E17757FBFA2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [TCP Query User{E0C91D6B-57DA-4888-88F9-3152FC52583E}D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe] => (Allow) D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe (MY.GAMES B.V. -> MY.GAMES B.V.)
FirewallRules: [UDP Query User{EF5ED747-F426-4ABF-ABD0-B63C654B6A63}D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe] => (Allow) D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe (MY.GAMES B.V. -> MY.GAMES B.V.)
FirewallRules: [TCP Query User{C68D37DE-A70C-46A1-AF0A-C766244F1186}D:\steam\steamapps\common\world war 3\13_2002999\ww3\binaries\win64\ww3-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\world war 3\13_2002999\ww3\binaries\win64\ww3-win64-shipping.exe (AC World War 3 -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E461A6D6-8308-4600-872D-C2E6A6919FBE}D:\steam\steamapps\common\world war 3\13_2002999\ww3\binaries\win64\ww3-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\world war 3\13_2002999\ww3\binaries\win64\ww3-win64-shipping.exe (AC World War 3 -> Epic Games, Inc.)
FirewallRules: [{CAB85C53-EA48-4999-846A-4CB609F4B403}] => (Allow) D:\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe (G=Barrel Roll Games) [Datei ist nicht signiert]
FirewallRules: [{E6A34E56-D7B3-4B26-B0E0-AB4659D9AA4B}] => (Allow) D:\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe (G=Barrel Roll Games) [Datei ist nicht signiert]
FirewallRules: [{9CC089AB-6F25-453C-96B4-E41EE80AE685}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{03974C1D-D900-46B3-82E5-B544E67B68A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{6AB005F8-F330-48C6-A4F0-93B046C8BE84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{DABA6719-746A-4337-B630-9C825BB3FD10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{A8147ABB-907E-491C-861E-5839C732069F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{F8904BE1-B78F-40C6-BE1A-7187DBAC4BCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{4B039DFC-D9F4-4CFE-87F6-3EE007032005}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{228C7D5E-9DAF-4B77-A7D6-390F9F5EFF71}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.206.863.0_x86__zpdnekdrzrea0\Spotify.exe => Keine Datei
FirewallRules: [{E0358883-0369-46C3-9D62-88A929539857}] => (Allow) D:\Steam\steamapps\common\Project Lazarus\Experimental\Project Lazarus.exe => Keine Datei
FirewallRules: [{80783167-8618-4A45-9801-29CCB698F2CC}] => (Allow) D:\Steam\steamapps\common\Project Lazarus\Experimental\Project Lazarus.exe => Keine Datei
FirewallRules: [{FA9ED5C3-5D66-4633-8800-FDEBBA317660}] => (Allow) C:\Program Files\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files\AusweisApp2\AusweisApp2.exe (Governikus GmbH & Co. KG -> Governikus GmbH & Co. KG)
FirewallRules: [TCP Query User{38B4E4AC-9D3E-490A-AD4D-96CCFBD52213}C:\users\nils\desktop\tachy\tachyons a0835\jre\bin\javaw.exe] => (Allow) C:\users\nils\desktop\tachy\tachyons a0835\jre\bin\javaw.exe
FirewallRules: [UDP Query User{CAE28733-27C9-4FD9-8CEB-218F6DDF43C9}C:\users\nils\desktop\tachy\tachyons a0835\jre\bin\javaw.exe] => (Allow) C:\users\nils\desktop\tachy\tachyons a0835\jre\bin\javaw.exe
FirewallRules: [TCP Query User{A9423EB7-94E3-46BE-9201-37DF5039B6A7}C:\users\nils\desktop\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\nils\desktop\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{4F686205-EB7F-4EBF-AB8B-0E757FFCD5AB}C:\users\nils\desktop\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\nils\desktop\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => Keine Datei
FirewallRules: [{9D299F5C-5F0F-4E00-A89C-27C07833B184}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{609D181B-3547-47FC-9097-E8218C7FE6B6}C:\users\nils\desktop\tachy backup\tachyons a0835\jre\bin\javaw.exe] => (Allow) C:\users\nils\desktop\tachy backup\tachyons a0835\jre\bin\javaw.exe
FirewallRules: [UDP Query User{9AE20C0C-918D-4457-926A-9477AFBB2CD5}C:\users\nils\desktop\tachy backup\tachyons a0835\jre\bin\javaw.exe] => (Allow) C:\users\nils\desktop\tachy backup\tachyons a0835\jre\bin\javaw.exe
FirewallRules: [{7757091D-C43B-4AD6-A270-667177F5FB87}] => (Allow) D:\Steam\steamapps\common\War Robots\WarRobots.exe () [Datei ist nicht signiert]
FirewallRules: [{93D5E406-D737-43E7-B196-50F33ED92540}] => (Allow) D:\Steam\steamapps\common\War Robots\WarRobots.exe () [Datei ist nicht signiert]
FirewallRules: [{09AC865D-8F36-4C13-A72B-32E50BEE9F10}] => (Allow) D:\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert]
FirewallRules: [{9933D73A-2BBD-4C6F-9E3D-01AE2EC31CC4}] => (Allow) D:\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{6B7166FB-036B-40FA-AC64-52092970EF52}D:\epicgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epicgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{258FCF7F-046F-4285-B469-3D2012C95DC1}D:\epicgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epicgames\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{6629D939-8D47-4B68-88CA-BBC8D4376824}] => (Allow) D:\Steam\steamapps\common\To The Core\ToTheCore\ToTheCore.exe => Keine Datei
FirewallRules: [{8B65BFBB-95F9-47AE-A549-2CE064363A40}] => (Allow) D:\Steam\steamapps\common\To The Core\ToTheCore\ToTheCore.exe => Keine Datei
FirewallRules: [{B1A89D08-CB25-422C-916B-B783943A6865}] => (Allow) D:\Steam\steamapps\common\MagicraftDemo\Magicraft.exe () [Datei ist nicht signiert]
FirewallRules: [{22901151-5DCA-44D6-9D56-AAB16951313B}] => (Allow) D:\Steam\steamapps\common\MagicraftDemo\Magicraft.exe () [Datei ist nicht signiert]
FirewallRules: [{B90E0F5B-D07B-478C-A56D-A31453FE79CA}] => (Allow) D:\Steam\steamapps\common\Magicraft\Magicraft.exe () [Datei ist nicht signiert]
FirewallRules: [{34310CD0-2CF3-49CD-8EBD-05B8E31FFF7F}] => (Allow) D:\Steam\steamapps\common\Magicraft\Magicraft.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C445F3BA-0110-4768-8519-5EC9DFBA1DFF}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [UDP Query User{D5E0402D-40DC-4CCE-A0AD-E49E5C9C55F6}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{AE16D52F-7C06-41B9-9643-5ABE1D9691BC}D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe] => (Allow) D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe (MY.GAMES B.V. -> MY.GAMES B.V.)
FirewallRules: [UDP Query User{7383812F-5A79-4D1E-8092-999215326603}D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe] => (Allow) D:\steam\steamapps\common\world war 3\sglauncherww3\sglww3.exe (MY.GAMES B.V. -> MY.GAMES B.V.)
FirewallRules: [{2979D2D5-73A0-447C-90BF-9F8A3BFF5CC6}] => (Allow) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{8D84A8F9-330D-41BF-919F-4D4CE541EE00}] => (Allow) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{D6CD7AF1-5328-43D5-80FD-C50B67D645CB}] => (Block) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{28F38B0F-7917-4A6F-95E4-21F4128219C5}] => (Block) C:\Program Files (x86)\Overwolf\0.240.0.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{1E8C5D0E-B4E7-4E89-9D2D-94621ACA0F44}] => (Allow) C:\Program Files (x86)\Overwolf\0.241.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2043F6FA-21B7-467B-ABC6-25C47BD17A2C}] => (Allow) C:\Program Files (x86)\Overwolf\0.241.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{52BDDF06-ACE7-4E12-AC75-DBCB6FEA32A1}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7651BD89-2F99-44E2-A7C6-D438E70F5CE0}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{8605A762-92F2-4637-9D0C-6030691365D1}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [TCP Query User{9083E793-263B-46DE-AE8B-2DA3D60566C5}C:\program files\windowsapps\36059xiaoyastudio.54454b0a7f4e6_2.0.7.0_x64__ngh7ertwt50re\vfs\programfilesx86\xiaoya\video editor max\openshot-qt.exe] => (Allow) C:\program files\windowsapps\36059xiaoyastudio.54454b0a7f4e6_2.0.7.0_x64__ngh7ertwt50re\vfs\programfilesx86\xiaoya\video editor max\openshot-qt.exe (FB8EA4B3-3627-4C79-8231-7558717B7C95 -> Xiaoya Lab)
FirewallRules: [UDP Query User{A6102B8E-675E-4A19-A86A-FA34D2F1B982}C:\program files\windowsapps\36059xiaoyastudio.54454b0a7f4e6_2.0.7.0_x64__ngh7ertwt50re\vfs\programfilesx86\xiaoya\video editor max\openshot-qt.exe] => (Allow) C:\program files\windowsapps\36059xiaoyastudio.54454b0a7f4e6_2.0.7.0_x64__ngh7ertwt50re\vfs\programfilesx86\xiaoya\video editor max\openshot-qt.exe (FB8EA4B3-3627-4C79-8231-7558717B7C95 -> Xiaoya Lab)
FirewallRules: [{CFAA04B9-89DF-454D-8B5E-39E10DCE28E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2B875B1D-AEA4-4AB9-BDEA-5804A8EE4429}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C9981E92-F74F-4C3E-AFA8-67ABAF7A5882}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6BF7146E-950B-4C5F-B824-1F4543464478}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4F6D600F-FFFE-4D9C-A54C-BE51616FA910}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C766BDBD-1799-48FA-8116-D985C8AD8E77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{99FAFAA0-2285-40D5-B22E-DDD81C9D3DC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6C53A464-4CE0-463E-968D-16C247907854}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A1B7F14D-18FC-4B37-A3E7-4879501A7922}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{376FD162-DFA6-4926-9A3A-9957FC21DA06}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BFB44741-1173-49AB-8CDD-F6DCBCA1F22E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{25D11863-08BE-4633-AA5A-A4C2690D7973}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AC6D4F99-ADE5-48D4-87E0-0FA667B177D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D560EFBF-E3EA-499D-8A4D-07E46FA236B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
==================== Wiederherstellungspunkte =========================
20-01-2024 14:57:13 Scheduled Checkpoint
28-01-2024 00:57:57 Removed Java 8 Update 301 (64-bit)
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (01/29/2024 05:48:16 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NILS-PC)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (01/29/2024 05:47:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\nils\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_a863d714867441db.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_60b6a03d71f818d5.manifest.
Error: (01/28/2024 09:16:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\nils\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_a863d714867441db.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_60b6a03d71f818d5.manifest.
Error: (01/28/2024 08:17:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\nils\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_a863d714867441db.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_60b6a03d71f818d5.manifest.
Error: (01/28/2024 08:17:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBroadcast.Container.exe, Version: 1.37.3103.4323, Zeitstempel: 0x621dbda6
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.19041.3636, Zeitstempel: 0x9b64aa6f
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ff349
ID des fehlerhaften Prozesses: 0x1a08
Startzeit der fehlerhaften Anwendung: 0x01da51868bed9a50
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvBroadcast.NvContainer\NvBroadcast.Container.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 43113f5d-3ee2-4693-9042-250c3f50e63f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/28/2024 08:02:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\nils\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_a863d714867441db.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_60b6a03d71f818d5.manifest.
Error: (01/28/2024 10:13:53 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NILS-PC)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (01/28/2024 10:12:21 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\nils\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_a863d714867441db.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_60b6a03d71f818d5.manifest.
Systemfehler:
=============
Error: (01/29/2024 09:41:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) SUR QC Software Asset Manager erreicht.
Error: (01/29/2024 09:40:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "GameInput Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Restart the service.
Error: (01/29/2024 09:40:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "GameInput Service" wurde mit folgendem Fehler beendet:
Die Verbunddatei "GameInput Service" wurde mit einer neueren Version erstellt.
Error: (01/29/2024 09:40:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee WebAdvisor" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (01/29/2024 09:40:24 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: Beim Gerätetreiber für das Trusted Platform Module (TPM) ist ein nicht behebbarer Fehler in der TPM-Hardware aufgetreten, der die Verwendung der TPM-Dienste (z. B. Datenverschlüsselung) verhindert. Wenden Sie sich an den Computerhersteller, um weitere Hilfe zu erhalten.
Error: (01/29/2024 09:40:23 PM) (Source: googlehaxm) (EventID: 3) (User: )
Description: Event-ID 3
Error: (01/29/2024 09:40:23 PM) (Source: googlehaxm) (EventID: 6) (User: )
Description: Event-ID 6
Error: (01/29/2024 09:40:23 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: C:\Device\HarddiskVolume33
Windows Defender:
================
Date: 2024-01-29 19:59:33
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {3FBDC309-72E6-4C75-902B-8129914C34E4}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
Date: 2024-01-27 14:03:21
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5A1CA95A-8E69-46E9-B327-83AB68B4BC12}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
Date: 2024-01-26 12:49:03
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {EDA0F66A-7EC0-4447-8913-3FE9EE80010D}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
Date: 2024-01-25 18:55:01
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {4971DEF9-06EE-4687-B4C3-19B2358F6567}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
Date: 2024-01-22 18:03:58
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {E4BF3ACA-0DD3-4D22-97E7-FD43495CD95A}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Quick Scan
Benutzer: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2023-11-24 20:58:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-10-14 22:17:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-09-17 10:36:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-08-28 21:10:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 0411 09/21/2018
Hauptplatine: ASUSTeK COMPUTER INC. PRIME Z370-P II
Prozessor: Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 16313.16 MB
Verfügbarer physikalischer RAM: 8342.09 MB
Summe virtueller Speicher: 22969.16 MB
Verfügbarer virtueller Speicher: 10414.04 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:464.44 GB) (Free:70.17 GB) (Model: Samsung SSD 860 EVO 500GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:221.54 GB) (Model: CT1000P1SSD8) NTFS
\\?\Volume{52079eb2-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.47 GB) (Free:0.43 GB) NTFS
\\?\Volume{ef4dd45f-2481-7b8a-dd00-1f0b10522788}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{52079eb2-0000-0000-0000-101e00000000}\ (Volume) (Fixed) (Total:0.02 GB) (Free:0.01 GB) NTFS
\\?\Volume{52079eb2-0000-0000-0060-603b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.23 GB) NTFS
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 52079EB2)
Partition 1: (Active) - (Size=479 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=21 MB) - (Type=05)
Partition 3: (Not Active) - (Size=464.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=852 MB) - (Type=27)
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 2FE87EA9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== Ende von Addition.txt =======================
|
|
29.01.2024, 22:06
| #39 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Verdacht auf Crypto-Miner Nein, da gibt es keine Möglichkeit. Einmal bekannt, wirst du von den Spammern immer wieder belöffelt. Es gibt diverse Techniken, aber die müssen von den großen Mailanbietern umgesetzt werden. Du könntest die Reißleine ziehen und diese Mailadresse löschen und dann ne neue anlegen. Vllt in Zukunft auf mehrere Adressen setzen und für einmalige Geschichten mehr auf Wegwerfadressen setzen. Kontrollscans mit MBAM und RK Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.01.2024, 22:25
| #40 |
| | Windows 10: Verdacht auf Crypto-Miner MBAM: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 29.01.24
Scan-Zeit: 22:07
Protokolldatei: 719502c6-beea-11ee-8c85-0492265d3edd.json
-Softwaredaten-
Version: 4.6.8.311
Komponentenversion: 1.0.2249
Version des Aktualisierungspakets: 1.0.80260
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.3930)
CPU: x64
Dateisystem: NTFS
Benutzer: nils-pc\nils
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 350002
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 2 Min., 39 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Program : RogueKiller Anti-Malware
Version : 15.14.0.0
x64 : Yes
Program Date : Jan 17 2024
Location : C:\Users\nils\AppData\Local\Temp\scoped_dir1000_1272632243\RogueKiller_portable64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19045) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : nils
User is Admin : Yes
Date : 2024/01/29 21:22:34
Type : Removal
Aborted : No
Scan Mode : Standard
Duration : 487
Found items : 6
Total scanned : 125314
Signatures Version : 20240126_094718
Truesight Driver : Yes
Updates Count : 43
************************* Warnings *************************
************************* Removal *************************
[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-3449150419-271838051-1508037707-1001\Software\APN PIP -- -> Gelöscht
[+] scan_what : 2
[+] vendors : PUP.Gen1
[+] Name : HKEY_USERS\S-1-5-21-3449150419-271838051-1508037707-1001\Software\APN PIP
[+] Type : Registry
[+] file_vtscore : 0
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 0
[+] status : 3
[+] status_str : Gelöscht
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1
[PUP.MailRU (Potenziell bösartig)] HKEY_USERS\S-1-5-21-3449150419-271838051-1508037707-1002\Software\GameCenter -- -> Gelöscht
[+] scan_what : 2
[+] vendors : PUP.MailRU
[+] Name : HKEY_USERS\S-1-5-21-3449150419-271838051-1508037707-1002\Software\GameCenter
[+] Type : Registry
[+] file_vtscore : 0
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 1
[+] status : 3
[+] status_str : Gelöscht
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1
[PUP.Gen1 (Potenziell bösartig)] HKEY_USERS\S-1-5-21-3449150419-271838051-1508037707-1002\Software\OCS -- -> Gelöscht
[+] scan_what : 2
[+] vendors : PUP.Gen1
[+] Name : HKEY_USERS\S-1-5-21-3449150419-271838051-1508037707-1002\Software\OCS
[+] Type : Registry
[+] file_vtscore : 0
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 2
[+] status : 3
[+] status_str : Gelöscht
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1
[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{020EA194-6077-420A-95A7-5B83B22F4346}C:\users\nils\appdata\local\temp\scoped_dir13200_195269716\kodularstarter_windows.exe -- [%localappdata%\temp\scoped_dir13200_195269716\kodularstarter_windows.exe] -> Gelöscht
[+] scan_what : 1
[+] vendors : Suspicious.Path
[+] Name : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{020EA194-6077-420A-95A7-5B83B22F4346}C:\users\nils\appdata\local\temp\scoped_dir13200_195269716\kodularstarter_windows.exe
[+] value : [%localappdata%\temp\scoped_dir13200_195269716\kodularstarter_windows.exe]
[+] Type : Registry
[+] file_vtscore : 0
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 3
[+] status : 3
[+] status_str : Gelöscht
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1
[Suspicious.Path (Potenziell bösartig)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{376E8E66-826D-4D26-BE55-3293BC28B953}C:\users\nils\appdata\local\temp\scoped_dir13200_195269716\kodularstarter_windows.exe -- [%localappdata%\temp\scoped_dir13200_195269716\kodularstarter_windows.exe] -> Gelöscht
[+] scan_what : 1
[+] vendors : Suspicious.Path
[+] Name : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{376E8E66-826D-4D26-BE55-3293BC28B953}C:\users\nils\appdata\local\temp\scoped_dir13200_195269716\kodularstarter_windows.exe
[+] value : [%localappdata%\temp\scoped_dir13200_195269716\kodularstarter_windows.exe]
[+] Type : Registry
[+] file_vtscore : 0
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 3
[+] id : 4
[+] status : 3
[+] status_str : Gelöscht
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1
[PUM.Policies (Potenziell bösartig)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Ersetzt (2)
[+] scan_what : 1
[+] vendors : PUM.Policies
[+] Name : HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin
[+] Type : Registry
[+] file_vtscore : 0
[+] file_vttotal : 0
[+] is_malicious : Yes
[+] detection_level : 4
[+] id : 5
[+] status : 3
[+] status_str : Ersetzt (2)
[+] removed : Yes
[+] status_choice : 2
[+] malpe_score : -1
|
|
29.01.2024, 23:02
| #41 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: Verdacht auf Crypto-Miner Da waren nur noch Reste in der Registry. Dann wären wir durch! Wenn Du möchtest, kannst Du das Forum mit einer kleinen Spende  unterstützen.Abschließend unbedingt unsere Sicherheitsmaßnahmen lesen und umsetzen - beides ist in folgendem Lesestoff verlinkt:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.01.2024, 16:48
| #42 |
| | Windows 10: Verdacht auf Crypto-Miner Vielen Dank für deine Hilfe! Ich halte mal die Augen offen ob diese eigenartigen GPU-Auslastungen noch auftreten. Ne kleine Spende gabs natürlich auch  |
|
30.01.2024, 18:56
| #43 |
| /// TB-Ausbilder | Windows 10: Verdacht auf Crypto-Miner Vielen Dank für die Spende. Sie dient zur Erhaltung des Forums. Wir sind froh, dass wir helfen konnten  Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
|
| Themen zu Windows 10: Verdacht auf Crypto-Miner |
| 100%, administrator, avast, computer, crypto-miner, desktop, error, fehlermeldung, google, internet, maus, mozilla, nvidia, performance, programm, prozesse, realtek, registry, scan, services.exe, software, svchost.exe, system, taskmanager, temp, windows |
Linear-Darstellung
