Servus,

habe vor ein paar Wochen den PUP.Adware.Heuristic auf meinen System entdeckt nachdem ich in meiner Firefox Chronik die Seite "--newtab" gesehen habe und darauf immer die Seite "bcnexum.com" aufgerufen wurde. Hab ihn dann mit AdwCleaner in Quarantäne verschoben und dann gelöscht.Nach ein paar Tagen waren diese Seiten wieder in meinen Verlauf. Jetzt ist mir aufgefallen das die Malware nach jeden Neustart wieder in AdwCleaner gefunden. Die Seiten werden aber erst nach ein paar Tagen ohne Löschung der Malware wieder aufgerufen. Dazu kommt noch das ich mit einen Scan mit Malwarebytes diese Malware nicht finde. Wie kann ich die Malware dauerhaft loswerden? Danke

FRST

Code: Alles auswählenAufklappen

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-02-2025
durchgeführt von krons (Administrator) auf DESKTOP-2V8PTTR (Micro-Star International Co., Ltd. MS-7C96) (11-02-2025 17:50:24)
Gestartet von C:\Users\krons\Desktop\FRST64.exe
Geladene Profile: krons
Plattform: Microsoft Windows 10 Home Version 22H2 19045.5371 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
(C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\QmlRenderer.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming Group Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <6>
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [Datei ist nicht signiert] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe
(explorer.exe ->) (BINARYLABS LIMITED -> Binarylabs LTD) C:\Users\krons\AppData\Roaming\BitCleaner\BitCleaner Tasker.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Wargaming Group Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <25>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe <8>
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618320 2022-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4131544 2024-11-13] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [185384 2022-11-02] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [MSIRegister] => C:\Program Files (x86)\MSI\MSIRegister\MSIRegister.exe [1266864 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2014-10-19] (ROCCAT GmbH) [Datei ist nicht signiert]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2129936 2025-02-10] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4435552 2025-01-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Run: [Gaijin.Net Updater] => C:\Users\krons\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2374376 2020-12-03] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-08] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1848064 2025-01-28] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [22470552 2025-02-04] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [74279960 2025-02-06] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Run: [Opera Browser Assistant] => C:\Users\krons\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3996064 2024-03-04] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Run: [MicrosoftEdgeAutoLaunch_69136D49186DF71052653DBEA2E98395] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3923496 2025-01-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\AppCompatFlags\Custom\Tomb2.exe: [{8d7d3a92-3d88-4564-baf4-8b19e1c317cc}.sdb] -> goggame
HKLM\Software\...\AppCompatFlags\InstalledSDB\{8d7d3a92-3d88-4564-baf4-8b19e1c317cc}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{8d7d3a92-3d88-4564-baf4-8b19e1c317cc}.sdb [2023-07-02]
Startup: C:\Users\krons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitCleaner Tasker.lnk [2024-11-28] <==== ACHTUNG
ShortcutTarget: BitCleaner Tasker.lnk -> C:\Users\krons\AppData\Roaming\BitCleaner\BitCleaner Tasker.exe (BINARYLABS LIMITED -> Binarylabs LTD) <==== ACHTUNG
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm Monitor.lnk [2021-09-14]
ShortcutTarget: ROCCAT Swarm Monitor.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Vivaldi: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {E4A0CBE0-DFE0-41B4-BEF9-19CF905C3D4F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {2CD30D7F-D242-4EB1-93A1-F20FE97E247C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB92A8F8-9D2E-4470-9576-2ADAE129C4A7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117584 2021-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5056C11-36F9-41E4-8FF3-A2729C8B6C50} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117584 2021-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {94A7CF6E-E015-4AAA-82EC-38DAC4FC6506} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [683072 2025-02-07] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {E0BD7312-D001-42C8-9165-C8E904EBD3F5} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2424841526-2556149945-2766575121-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [683072 2025-02-07] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {DC256ED2-7D4D-4B29-9093-A400E5EF7CB5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-02-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {EDF4A529-6FA3-49F3-A92F-5711F6253F3E} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [31904 2019-03-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {74A86681-88FD-4205-8275-CB58CB894058} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {646A2D09-42C4-47B9-B54A-D1D6EA0E43A3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {87984FD4-033D-4C32-A1F3-4FAC68AAFAF1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {FD0BC87F-E7B7-4F93-A969-33E4C2E585E2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {65B76D07-82B2-4CCB-9E6E-FCDAF3597B74} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3208CC8B-EF8C-448D-ABB6-A60323415885} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {973E04C7-9F7A-4626-962C-9A92F64C0219} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4CE5487F-FF3D-4430-80C5-4C13CB18F53B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CEE746F1-9F3F-4C19-9138-1506AD227FDC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37DD33A0-1302-4A69-966F-FACE3202A3C4} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2424841526-2556149945-2766575121-1001 => C:\Users\krons\AppData\Local\Microsoft\OneDrive\25.005.0112.0003\OneDriveLauncher.exe [447032 2025-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE9156EE-E04F-4592-BB1B-D7CDDD83D8A9} - System32\Tasks\Opera scheduled assistant Autoupdate 1631992742 => C:\Users\krons\AppData\Local\Programs\Opera\launcher.exe  -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\krons\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {F47C3386-0226-4553-ABC5-9F87920046F1} - System32\Tasks\Opera scheduled Autoupdate 1631992738 => C:\Users\krons\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5656472 2025-01-28] (Opera Norway AS -> Opera Software)
Task: {CBCD00F1-C4AA-4FA6-9B8F-E292589BA7E9} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2025-01-28] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {65069D3C-523E-4D6A-8808-B8F1F82A96E5} - System32\Tasks\ROCCAT DEVICE SERVICE => C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_dev_service.exe [442888 2021-04-19] (Voyetra Turtle Beach, Inc. -> ROCCAT)
Task: {4FC54773-3B48-47BB-A24F-D1A79830F195} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [121595976 2022-09-01] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\/AUTOHIDE

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{d4094481-5ed0-4df2-ae71-9bfe6b2bfbeb}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{d4094481-5ed0-4df2-ae71-9bfe6b2bfbeb}: [DhcpDomain] speedport.ip

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\krons\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-11]
Edge Extension: (Google Docs Offline) - C:\Users\krons\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-09]
Edge Extension: (Edge relevant text changes) - C:\Users\krons\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]

FireFox:
========
FF DefaultProfile: ba0ozyzv.default
FF ProfilePath: C:\Users\krons\AppData\Roaming\Mozilla\Firefox\Profiles\ba0ozyzv.default [2021-09-14]
FF ProfilePath: C:\Users\krons\AppData\Roaming\Mozilla\Firefox\Profiles\nz4i3unp.default-release [2025-02-11]
FF Extension: (AdGuard Werbeblocker) - C:\Users\krons\AppData\Roaming\Mozilla\Firefox\Profiles\nz4i3unp.default-release\Extensions\adguardadblocker@adguard.com.xpi [2025-02-10]
FF Extension: (BetterTTV) - C:\Users\krons\AppData\Roaming\Mozilla\Firefox\Profiles\nz4i3unp.default-release\Extensions\firefox@betterttv.net.xpi [2025-02-06]
FF Extension: (Privacy Badger) - C:\Users\krons\AppData\Roaming\Mozilla\Firefox\Profiles\nz4i3unp.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2025-02-10]
FF Extension: (Return YouTube Dislike) - C:\Users\krons\AppData\Roaming\Mozilla\Firefox\Profiles\nz4i3unp.default-release\Extensions\{762f9885-5a13-4abd-9c77-433dcd38b8fd}.xpi [2024-10-28]
FF Extension: (7TV) - C:\Users\krons\AppData\Roaming\Mozilla\Firefox\Profiles\nz4i3unp.default-release\Extensions\{7ef0f00c-2ebe-4626-8ed7-3185847fcfad}.xpi [2023-03-22]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-17] (Microsoft Corporation -> Microsoft Corporation)

Opera: 
=======
OPR DefaultProfile: Default

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-12-02] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8945512 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761416 2022-09-01] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
R2 CorsairGamingAudioConfig; C:\Windows\system32\CorsairGamingAudioCfgService64.exe [613968 2022-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [238632 2022-11-02] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [84008 2022-11-02] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S2 CorsairUniwillService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueUniwillService.exe [108072 2022-11-02] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11137128 2023-11-12] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-07-09] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [965872 2024-12-08] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-09] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348000 2023-09-28] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-09-28] (GOG  sp. z o.o -> GOG.com)
R3 iCUEDevicePluginHost; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe [459816 2022-11-02] (Corsair Memory, Inc. -> Corsair)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [15900568 2025-02-04] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2025-02-10] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-02-10] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MSIREGISTER_MR; C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe [2019504 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe [1275568 2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2025-01-28] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1271280 2023-11-08] (Rockstar Games, Inc. -> Rockstar Games)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [371784 2022-09-01] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746728 2022-03-22] (Oracle Corporation -> Oracle Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [13704304 2024-11-13] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 atvi-randgrid; C:\ProgramData\Battle.net_components\randgridauks\randgrid.sys [2786712 2023-10-14] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [280064 2022-10-14] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [147968 2022-04-15] (Microsoft Corporation) [Datei ist nicht signiert]
R3 CorsairGamingAudioService; C:\Windows\system32\DRIVERS\CorsairGamingAudio64.sys [63008 2022-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2022-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47032 2022-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [22968 2022-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz154; C:\Windows\temp\cpuz154\cpuz154_x64.sys [40976 2025-02-11] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ACHTUNG
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 dokan1; C:\Windows\System32\DRIVERS\dokan1.sys [386552 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Dokan Project)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2025-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 KOBRAKAHN; C:\Windows\System32\drivers\KOBRAKAHN.sys [3859376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA Inc.)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44880 2024-09-13] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2022-12-01] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73040 2024-09-13] (Logitech Inc -> Logitech)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [232024 2025-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2025-02-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [201280 2025-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [80448 2025-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2025-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [189776 2025-02-10] (Malwarebytes Inc. -> Malwarebytes)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-06-02] (NVIDIA Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [240704 2022-03-22] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [250608 2022-03-22] (Oracle Corporation -> Oracle Corporation)
R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1046392 2022-03-22] (Oracle Corporation -> Oracle Corporation)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [28900040 2024-11-12] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 HWiNFO_163; \??\C:\Users\krons\AppData\Local\Temp\HWiNFO64A_163.SYS [X] <==== ACHTUNG
S3 wtbt; \??\d:\steamlibrary\steamapps\common\super people playtest\engine\binaries\thirdparty\wondertrust\wtdrv64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-02-11 17:46 - 2025-02-11 17:50 - 000030013 _____ C:\Users\krons\Desktop\FRST.txt
2025-02-11 17:46 - 2025-02-11 17:46 - 000002377 _____ C:\Users\krons\Desktop\AdwCleaner[S09].txt
2025-02-11 17:45 - 2025-02-11 17:45 - 000001427 _____ C:\Users\krons\Desktop\Malwarebytes Scan-Bericht 2025-02-11 164426.txt
2025-02-11 17:37 - 2025-02-11 17:50 - 000000000 ____D C:\FRST
2025-02-11 17:35 - 2025-02-11 17:37 - 002403328 _____ (Farbar) C:\Users\krons\Desktop\FRST64.exe
2025-02-10 23:09 - 2025-02-10 23:09 - 000189776 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2025-02-10 23:03 - 2025-02-11 17:50 - 000000000 ____D C:\Users\krons\AppData\Local\Malwarebytes
2025-02-10 23:03 - 2025-02-10 23:03 - 000002100 _____ C:\Users\krons\Desktop\Malwarebytes.lnk
2025-02-10 23:03 - 2025-02-10 23:03 - 000002088 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-02-10 23:02 - 2025-02-10 23:02 - 002833136 _____ (Malwarebytes) C:\Users\krons\Downloads\MBSetup.exe
2025-02-10 23:02 - 2025-02-10 23:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-02-10 23:02 - 2025-02-10 23:02 - 000000000 ____D C:\Program Files\Malwarebytes
2025-02-09 22:28 - 2025-02-01 20:04 - 001862022 _____ C:\Users\krons\Desktop\20250201_1955_uk-GB148_FV227_Conceiver_34_redshire.wotreplay
2025-02-06 00:52 - 2025-02-06 00:52 - 000000000 ____D C:\Users\krons\AppData\Local\UniCompactView
2025-02-06 00:50 - 2025-02-06 00:52 - 000000000 ____D C:\Users\krons\AppData\Roaming\Netease
2025-02-06 00:50 - 2025-02-06 00:50 - 000000048 ____R C:\Users\krons\AppData\Local\F6561A1F62FA8E4EC38FB7CDF885E29D
2025-02-06 00:50 - 2025-02-06 00:50 - 000000000 ____D C:\Users\krons\AppData\Local\UniSDK_FirstOpen
2025-02-06 00:50 - 2025-02-06 00:50 - 000000000 ____D C:\Users\krons\AppData\Local\NgConsentManager
2025-02-06 00:48 - 2025-02-06 00:52 - 000000000 ____D C:\Users\krons\AppData\Local\Netease
2025-02-06 00:48 - 2025-02-06 00:48 - 000000000 ____D C:\Users\krons\AppData\Roaming\MarvelRivals_Launcher
2025-02-06 00:48 - 2025-02-06 00:48 - 000000000 ____D C:\Users\krons\AppData\Local\UniSDK
2025-02-06 00:48 - 2025-02-06 00:48 - 000000000 ____D C:\Users\krons\AppData\Local\MarvelRivals_Launcher
2025-02-06 00:48 - 2025-02-06 00:48 - 000000000 ____D C:\Users\krons\AppData\Local\Marvel
2025-02-05 23:22 - 2025-02-05 23:22 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2424841526-2556149945-2766575121-1001
2025-02-04 13:07 - 2025-02-04 13:07 - 000000856 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2025-02-04 13:07 - 2025-02-04 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2025-02-04 13:07 - 2025-02-04 13:07 - 000000000 ____D C:\Program Files\LGHUB
2025-02-02 16:42 - 2025-01-26 16:39 - 001502194 _____ C:\Users\krons\Desktop\20250126_1633_japan-J35_Ho_Ri_3_37_caucasus.wotreplay
2025-02-02 13:36 - 2025-02-02 13:36 - 001396589 _____ C:\Users\krons\Downloads\Tickets_9568-8923-3966.pdf
2025-02-02 13:36 - 2025-02-02 13:36 - 000141947 _____ C:\Users\krons\Downloads\RG.pdf
2025-01-30 15:17 - 2025-01-30 15:17 - 000000000 ____D C:\Windows\LastGood.Tmp
2025-01-30 15:13 - 2024-12-04 19:05 - 002060664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2025-01-30 15:13 - 2024-12-04 19:05 - 002060664 _____ C:\Windows\system32\vulkaninfo.exe
2025-01-30 15:13 - 2024-12-04 19:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-01-30 15:13 - 2024-12-04 19:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2025-01-30 15:13 - 2024-12-04 19:05 - 001452432 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2025-01-30 15:13 - 2024-12-04 19:05 - 001452432 _____ C:\Windows\system32\vulkan-1.dll
2025-01-30 15:13 - 2024-12-04 19:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2025-01-30 15:13 - 2024-12-04 19:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1.dll
2025-01-30 15:13 - 2024-12-04 19:05 - 000478384 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2025-01-30 15:13 - 2024-12-04 19:05 - 000374432 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2025-01-30 15:13 - 2024-12-04 19:02 - 001114792 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2025-01-30 15:13 - 2024-12-04 19:02 - 000670352 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2025-01-30 15:13 - 2024-12-04 19:02 - 000505504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2025-01-30 15:13 - 2024-12-04 19:01 - 025450120 _____ C:\Windows\system32\nvidia-pcc.exe
2025-01-30 15:13 - 2024-12-04 19:01 - 001554608 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2025-01-30 15:13 - 2024-12-04 19:01 - 001208992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2025-01-30 15:13 - 2024-12-04 19:01 - 000863888 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2025-01-30 15:13 - 2024-12-04 19:00 - 016811696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2025-01-30 15:13 - 2024-12-04 19:00 - 002185360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2025-01-30 15:13 - 2024-12-04 19:00 - 001634464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2025-01-30 15:13 - 2024-12-04 19:00 - 001042072 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2025-01-30 15:13 - 2024-12-04 19:00 - 000801432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2025-01-30 15:13 - 2024-12-04 19:00 - 000462480 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2025-01-30 15:13 - 2024-12-04 18:59 - 017736840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2025-01-30 15:13 - 2024-12-04 18:59 - 006953104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2025-01-30 15:13 - 2024-12-04 18:59 - 005909664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2025-01-30 15:13 - 2024-12-04 18:59 - 005435544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2025-01-30 15:13 - 2024-12-04 18:59 - 003807888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2025-01-30 15:13 - 2024-12-04 18:59 - 000853680 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2025-01-30 15:13 - 2024-12-04 18:58 - 007158560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2025-01-30 15:13 - 2024-12-04 18:58 - 006236264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2025-01-30 15:13 - 2024-12-04 02:11 - 000132703 _____ C:\Windows\system32\nvinfo.pb
2025-01-30 15:13 - 2024-12-04 02:11 - 000125048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2025-01-23 01:39 - 2025-01-23 01:39 - 011908993 _____ C:\Users\krons\Downloads\mxu150-m.pdf
2025-01-22 13:06 - 2025-02-09 16:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-01-17 13:25 - 2025-01-17 13:25 - 000060917 _____ C:\Users\krons\Downloads\2024-03-18 133505.pdf
2025-01-16 15:19 - 2025-01-16 15:19 - 000000000 ___HD C:\$WinREAgent

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2025-02-11 17:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-02-11 17:37 - 2021-09-14 17:35 - 000000000 ____D C:\Program Files (x86)\Steam
2025-02-11 17:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2025-02-11 17:29 - 2021-05-17 06:45 - 000005810 _____ C:\Windows\system32\PerfStringBackup.INI
2025-02-11 17:29 - 2019-12-07 15:50 - 004116628 _____ C:\Windows\system32\perfh007.dat
2025-02-11 17:29 - 2019-12-07 15:50 - 001121500 _____ C:\Windows\system32\perfc007.dat
2025-02-11 17:25 - 2021-05-17 06:51 - 000000000 ____D C:\ProgramData\NVIDIA
2025-02-11 17:25 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-02-11 17:23 - 2022-02-09 23:15 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-02-11 17:22 - 2022-12-01 12:43 - 000000000 ____D C:\Users\krons\AppData\Local\LGHUB
2025-02-11 17:22 - 2021-05-17 06:39 - 000008192 ___SH C:\DumpStack.log.tmp
2025-02-11 17:22 - 2021-05-17 06:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-02-11 17:22 - 2021-05-17 06:39 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-02-10 23:14 - 2021-09-14 19:06 - 000000000 ____D C:\Users\krons\AppData\Roaming\ProMod
2025-02-10 23:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2025-02-10 23:03 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2025-02-10 22:02 - 2021-10-02 18:01 - 000000000 ____D C:\Program Files (x86)\Overwolf
2025-02-10 21:35 - 2021-12-30 16:59 - 000000000 ____D C:\Users\krons\AppData\Roaming\TS3Client
2025-02-09 16:59 - 2021-09-14 18:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-02-07 18:28 - 2021-10-09 22:07 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-02-07 18:28 - 2021-09-14 18:06 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-02-07 00:51 - 2021-09-14 17:25 - 000000000 ____D C:\Users\krons\AppData\Local\D3DSCache
2025-02-06 00:48 - 2021-05-17 06:43 - 000000000 ____D C:\ProgramData\Package Cache
2025-02-05 23:22 - 2021-12-12 22:29 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2424841526-2556149945-2766575121-1001
2025-02-05 23:22 - 2021-09-14 17:26 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2424841526-2556149945-2766575121-1001
2025-02-05 23:22 - 2021-09-14 17:26 - 000002406 _____ C:\Users\krons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-02-04 23:18 - 2021-09-14 18:24 - 000000000 ____D C:\Users\krons\AppData\Local\CrashDumps
2025-02-04 23:13 - 2021-12-17 01:19 - 000000000 ____D C:\Windows\SystemTemp
2025-02-04 13:22 - 2023-09-01 11:38 - 000000000 ____D C:\Users\krons\AppData\Roaming\G HUB
2025-02-04 13:10 - 2023-01-17 14:47 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-02-04 13:10 - 2021-05-17 06:39 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-02-04 13:07 - 2024-04-23 13:52 - 000000000 ____D C:\Program Files\Logi
2025-02-04 13:07 - 2022-12-01 12:43 - 000000000 ____D C:\Users\krons\AppData\Roaming\LGHUB
2025-02-02 19:23 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2025-01-31 12:57 - 2021-09-18 20:19 - 000004288 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1631992738
2025-01-31 12:57 - 2021-09-18 20:18 - 000001397 _____ C:\Users\krons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2025-01-30 22:47 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2025-01-30 15:17 - 2021-09-14 17:25 - 000000000 ____D C:\Users\krons\AppData\Local\NVIDIA
2025-01-30 15:13 - 2021-05-17 06:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-01-25 20:13 - 2021-09-14 17:37 - 000000000 ____D C:\Users\krons\AppData\Local\Steam
2025-01-16 20:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2025-01-16 20:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-01-16 20:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2025-01-16 20:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2025-01-16 15:25 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2025-01-16 15:24 - 2021-05-17 06:42 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-01-16 15:19 - 2021-09-16 12:03 - 000000000 ____D C:\Windows\system32\MRT
2025-01-16 15:18 - 2021-09-16 12:03 - 206927936 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-01-15 23:29 - 2021-09-14 17:23 - 000000000 ____D C:\Users\krons

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2025-02-06 00:50 - 2025-02-06 00:50 - 000000048 ____R () C:\Users\krons\AppData\Local\F6561A1F62FA8E4EC38FB7CDF885E29D
2022-08-13 02:33 - 2022-12-03 03:58 - 000007614 _____ () C:\Users\krons\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
         

AdwCleaner

Code: Alles auswählenAufklappen

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-10-23.4 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    02-11-2025
# Duration: 00:00:08
# OS:       Windows 10 (Build 19045.5371)
# Scanned:  32107
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic            HKCU\SOFTWARE\438f84b93ab73e6e9ccd233d1abe724b

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1542 octets] - [29/12/2024 16:35:29]
AdwCleaner[C00].txt - [1694 octets] - [29/12/2024 16:36:55]
AdwCleaner[S01].txt - [1542 octets] - [29/12/2024 16:38:15]
AdwCleaner[S02].txt - [1645 octets] - [17/01/2025 13:23:56]
AdwCleaner[C02].txt - [1815 octets] - [17/01/2025 13:26:23]
AdwCleaner[S03].txt - [1767 octets] - [26/01/2025 19:38:57]
AdwCleaner[C03].txt - [1937 octets] - [26/01/2025 19:39:02]
AdwCleaner[S04].txt - [1889 octets] - [02/02/2025 23:37:38]
AdwCleaner[C04].txt - [2059 octets] - [02/02/2025 23:37:41]
AdwCleaner[S05].txt - [2011 octets] - [09/02/2025 22:31:45]
AdwCleaner[C05].txt - [2181 octets] - [09/02/2025 22:31:52]
AdwCleaner[S06].txt - [2133 octets] - [10/02/2025 22:45:38]
AdwCleaner[C06].txt - [2303 octets] - [10/02/2025 22:45:51]
AdwCleaner[S07].txt - [2213 octets] - [10/02/2025 22:47:25]
AdwCleaner[S08].txt - [2316 octets] - [11/02/2025 17:24:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S09].txt ##########
         

Malwarebytes

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 11.02.2025
Scan-Zeit: 17:44
Protokolldatei: 748754fc-e897-11ef-9924-2cf05de4929e.json

-Softwaredaten-
Version: 5.2.5.158
Komponentenversion: 1.0.5135
Version des Aktualisierungspakets: 1.0.95736
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.5371)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-2V8PTTR\krons

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 227138
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 0 Min., 43 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         

Mein Name ist Matthias und ich werde dir bei der Analyse und Bereinigung deines Systems helfen.




FRST erstellt beim Suchlauf zwei Logs.
Bitte poste noch den Inhalt der Datei Addition.txt.

Sorry aufgrund der Aufteilung vergessen.

Addition

Code: Alles auswählenAufklappen

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-02-2025
durchgeführt von krons (11-02-2025 17:51:16)
Gestartet von C:\Users\krons\Desktop
Microsoft Windows 10 Home Version 22H2 19045.5371 (X64) (2021-09-14 16:21:15)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2424841526-2556149945-2766575121-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2424841526-2556149945-2766575121-503 - Limited - Disabled)
Gast (S-1-5-21-2424841526-2556149945-2766575121-501 - Limited - Disabled)
krons (S-1-5-21-2424841526-2556149945-2766575121-1001 - Administrator - Enabled) => C:\Users\krons
WDAGUtilityAccount (S-1-5-21-2424841526-2556149945-2766575121-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: BullGuard Antivirus (Disabled - Out of date) {0C5A09FB-657F-B94D-DF1B-BB843C6EE0E4}
FW: BullGuard Firewall (Enabled) {346188DE-2F10-B815-F444-12B1C2BDA79F}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.13.27.501 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.82 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 4.13.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 6.0.0.9 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver Alpha (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{40c19864-e557-4855-95ee-075689dfcf8e}) (Version: 2.13.27.501 - Advanced Micro Devices, Inc.) Hidden
Anno 1800 (HKLM-x32\...\Uplay Install 4553) (Version:  - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version:  - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestate Games Launcher 12.12.3.1964 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 12.12.3.1964 - Battlestate Games)
BitCleaner (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\BitCleaner) (Version: 2.0.0.0 - BinaryLabs LTD) <==== ACHTUNG
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - Blizzard Entertainment)
CapCut (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\CapCut) (Version: 4.1.0.1647 - Bytedance Pte. Ltd.)
CivCity - Rome (HKLM-x32\...\1367477034_is1) (Version: 2.0.0.3 - GOG.com)
CORSAIR iCUE 4 Software (HKLM\...\{F9F55E69-03D0-444B-ADC2-B73BE7657F14}) (Version: 4.30.162 - Corsair)
CPUID CPU-Z 1.97 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.97 - CPUID, Inc.)
CrystalDiskInfo 8.17.11 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.11 - Crystal Dew World)
CurseForge (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.220.2.9362 - Overwolf app)
Dokan Library 1.5.1.1000 (x64) (HKLM\...\{65A3A964-3DC3-0105-0001-211126123627}) (Version: 1.5.1.1000 - Dokany Project) Hidden
Dokan Library 1.5.1.1000 Bundle (HKLM-x32\...\{05c046de-f751-48c8-b8d3-77259ea88eb7}) (Version: 1.5.1.1000 - Dokany Project)
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
Dungeon Keeper Gold (HKLM-x32\...\1207658934_is1) (Version: 1.01 - GOG.com)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.63.0.5576 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{3a884fa0-0591-4b54-9aa2-442b4172ec32}) (Version: 13.63.0.5576 - Electronic Arts)
Enlisted Launcher 1.0.3.71 (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\{5fcad5a5-d0d8-4edf-a5ba-040b397eac31}}_is1) (Version:  - Gaijin Network)
Epic Games Launcher (HKLM-x32\...\{2DFD5B26-4543-4112-8780-2F48DB87333A}) (Version: 1.2.35.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.13.0.1.21523 - Battlestate Games)
FTB App (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Overwolf_cmogmmciplgmocnhikmphehmeecmpaggknkjlbag) (Version: 1.23.220.1726 - Overwolf app)
Geeks3D FurMark 1.27.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.27.0.0 - Geeks3D)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.71.2 - GOG.com)
goggame (HKLM\...\{8d7d3a92-3d88-4564-baf4-8b19e1c317cc}.sdb) (Version:  - )
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.3028.0 - Rockstar Games)
Hanword HWP document converter for Microsoft Word (x64) (HKLM\...\{90160000-200B-0409-1000-0000000FF1CE}) (Version: 16.0.4288.1000 - Microsoft Corporation)
K-Lite Codec Pack 16.0.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.0.5 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2025.1.673329 - Logitech)
Malwarebytes version 5.2.5.158 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.5.158 - Malwarebytes)
Microsoft .NET Host - 6.0.10 (x64) (HKLM\...\{0222FFF1-57A3-48A6-9AD2-0D6B5D0172B3}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x64) (HKLM\...\{A93C4E12-1BAB-4CFB-ADBC-9CE0B93176FF}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x64) (HKLM\...\{A2A39CB9-677D-4299-8537-C00B99F3D4A4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.13231.20390 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13231.20390 - Microsoft Corporation)
Microsoft 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.13231.20390 - Microsoft Corporation)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.13231.20390 - Microsoft Corporation)
Microsoft 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.13231.20390 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 132.0.2957.140 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 132.0.2957.140 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\OneDriveSetup.exe) (Version: 25.005.0112.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM\...\{3EC7701F-54F2-491D-AFD1-0395F465BC5A}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM-x32\...\{ff748137-9c9a-4056-be0a-48c7e465453c}) (Version: 6.0.10.31726 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 135.0 (x64 de)) (Version: 135.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 92.0 - Mozilla)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.22 - MSI)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Grafiktreiber 566.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.36 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.2.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0410-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Opera Stable 116.0.5366.71 (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Opera 116.0.5366.71) (Version: 116.0.5366.71 - Opera Software)
Oracle VM VirtualBox 6.1.34 (HKLM\...\{82203831-4C0F-4395-A290-3B261734C0C1}) (Version: 6.1.34 - Oracle Corporation)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.266.132.44 - Overwolf Ltd.)
PROJECT CW (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\4071288237) (Version:  - Wargaming.net)
PROJECT CW LODESTAR (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\550370411) (Version:  - Wargaming.net)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.42.526.2020 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
ROCCAT  KoneXTD Driver (HKLM\...\{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.21.001 - Roccat GmbH) Hidden
ROCCAT  KoneXTD Driver (HKLM-x32\...\InstallShield_{48725548-E470-4816-99DD-6667EABAB982}) (Version: 1.21.001 - Roccat GmbH)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version:  - Roccat GmbH)
ROCCAT Swarm (HKLM-x32\...\{9D12397F-45AF-4517-B492-1D1E2FA475EE}) (Version: 1.93.960 - ROCCAT GmbH) Hidden
ROCCAT Swarm (HKLM-x32\...\InstallShield_{9D12397F-45AF-4517-B492-1D1E2FA475EE}) (Version: 1.93.960 - ROCCAT GmbH)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.80.1666 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.2.2 - Rockstar Games)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 4.0.0.19 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.2.0.930 - Samsung Electronics)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 6.0.0.1 - ASCOMP Software GmbH)
STAR WARS Battlefront II (HKLM-x32\...\1421404701_is1) (Version: 1.1 multiplayer update 2 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steel Hunters (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\2362602305) (Version:  - Wargaming.net)
TeamSpeak 3 Client (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios)
tomato.gg Version 2024.08.18.1 (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\{F0A2ADC1-0B7F-4356-8B40-F54F40BD1134}_is1) (Version: 2024.08.18.1 - poliroid)
Tomb Raider 1 (HKLM-x32\...\1207663463_is1) (Version: 20180105 - GOG.com)
Tomb Raider 2 (HKLM-x32\...\1207663483_is1) (Version: 20180108 - GOG.com)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 125.1.10585 - Ubisoft)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
Wargaming.net Game Center (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\Wargaming.net Game Center) (Version: 24.8.1.8231 - Wargaming.net)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.10.0 - win.rar GmbH)
World of Tanks Common Test (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\WOT.CT.PRODUCTION) (Version:  - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\2314027414) (Version:  - Wargaming.net)
World_of_Warplanes (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\4254632731) (Version:  - Wargaming.net)
World_of_Warships (HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\1527964767) (Version:  - Wargaming.net)

Packages:
=========
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-31] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-24] (NVIDIA Corp.)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.171.0_x64__pwbj9vvecjh7j [2025-01-04] (Amazon Development Centre (London) Ltd)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.38.277.0_x64__dt26b99r8h8gj [2023-03-28] (Realtek Semiconductor Corp)
Spotify – Musik und Podcasts -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0 [2025-01-31] (Spotify AB) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2021-09-14] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2021-02-07] (ASCOMP Software GmbH -> ASCOMP Software GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-10] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-04-06] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\nvshext.dll [2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-10] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-04-06] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2021-02-07] (ASCOMP Software GmbH -> ASCOMP Software GmbH)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2024-11-06 20:06 - 2024-12-03 21:40 - 005378048 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Steam\libavcodec-61.dll
2024-11-06 20:06 - 2024-12-03 21:40 - 000875008 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Steam\libavfilter-10.dll
2024-11-06 20:06 - 2024-12-03 21:40 - 001674240 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Steam\libavformat-61.dll
2024-11-06 20:06 - 2024-12-03 21:40 - 001640960 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Steam\libavutil-59.dll
2024-11-06 20:06 - 2024-12-03 21:40 - 000630272 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Steam\libswresample-5.dll
2024-11-06 20:06 - 2024-12-03 21:40 - 001092608 _____ (FFmpeg Project) [Datei ist nicht signiert] C:\Program Files (x86)\Steam\libswscale-8.dll
2022-02-14 15:46 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
2022-10-26 14:13 - 2022-10-26 14:13 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files\Corsair\CORSAIR iCUE 4 Software\SiUSBXp.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [10]
AlternateDataStreams: C:\Users\krons\Desktop\FRST64.exe:MBAM.Zone.Identifier [225]
AlternateDataStreams: C:\Users\krons\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2696]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com/?pc=SBJB
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com/?pc=SBJB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
VirtualBox Host-Only Network: VirtualBox Host-Only Ethernet Adapter -> VBoxNetAdp6.sys

oracle_VBoxNetLwf: VirtualBox NDIS6 Bridged Networking Driver

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "ROCCAT Swarm Monitor.lnk"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKLM\...\StartupApproved\Run32: => "RoccatKoneXTD"
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\...\StartupApproved\Run: => "Overwolf"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{DE243CD3-9314-46B9-9990-A7F8F938599E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{FF7983D7-79A6-43ED-B827-40CC1197BDA1}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{97E805E6-6C69-4D0E-9F86-F80531F346AF}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{E99A3654-7BB5-4045-9F94-17C366593346}] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{FF71EC00-7878-4ECD-9CC5-6A5836D511E9}] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{3FEEAA04-9883-498E-876E-2CE3C2E083AD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3660C7D3-EA94-498B-B063-D7951C74B817}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3D57CD35-C77A-4ED4-B6D6-A6CFDA450E69}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CEEAA735-3126-41E4-A447-4711F7957080}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E2EF895B-07E7-4F27-B738-F79EEFE80598}] => (Allow) D:\SteamLibrary\steamapps\common\ALTF4\ALTF4.exe => Keine Datei
FirewallRules: [{F7E5E076-030D-40A4-9E52-F002583BC0CB}] => (Allow) D:\SteamLibrary\steamapps\common\ALTF4\ALTF4.exe => Keine Datei
FirewallRules: [{70FA05A6-76C0-498D-8344-00BDDC2D4875}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D7AC033D-D97A-47FF-82D1-E6C69CF17525}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{7401B05F-5B04-4858-94D0-F4DC3DFC219B}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{AD2243B7-3CA8-4442-9BE6-3DC01172EAFD}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{53DE9E99-D025-4274-ACF6-BF8FE586C734}] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{FED787BE-9738-4BDA-B6F9-90F3CC5248F3}] => (Block) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{BEA7D68E-B4BA-41DB-9822-8CEB760915BD}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei
FirewallRules: [{B795153F-CAF7-41E3-B06E-7283A58301B5}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Keine Datei
FirewallRules: [{15C4F956-987B-42E3-AD4F-52AC90E9889A}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe => Keine Datei
FirewallRules: [{60877431-3949-463A-A330-BD564E50135A}] => (Allow) D:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe => Keine Datei
FirewallRules: [TCP Query User{B987F348-0472-4438-8464-999AA6A02162}C:\users\krons\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\krons\appdata\local\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{33F75842-BCD7-4429-8636-F7E0665F9EF8}C:\users\krons\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\krons\appdata\local\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{78C27CA9-63F0-4201-8AED-7DB997EB5190}] => (Block) C:\users\krons\appdata\local\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{49497561-169D-487A-BDC8-31D7195CF51E}] => (Block) C:\users\krons\appdata\local\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [TCP Query User{8D1CCC10-33D9-4C75-A008-304483DF8BF3}C:\users\krons\appdata\local\enlisted\win64\enlisted.exe] => (Allow) C:\users\krons\appdata\local\enlisted\win64\enlisted.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{2B08C393-F6DB-4AE9-8D9B-A47CB4561E08}C:\users\krons\appdata\local\enlisted\win64\enlisted.exe] => (Allow) C:\users\krons\appdata\local\enlisted\win64\enlisted.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{99578157-AD10-403A-9190-378372F6C527}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [UDP Query User{01A9B69B-1BA7-46B5-BEC7-FB8E0229CB42}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [{CB6117AD-43FC-4672-B9CE-124F82B11918}] => (Block) D:\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [{16C53698-2F11-486A-A9BF-62FCF99CDA79}] => (Block) D:\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [TCP Query User{F35CD2AE-A39F-494A-AFCC-04A326B17C3A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{4927203B-0E1E-48BB-8AD7-23AA73E05AFA}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8E7F2115-D4CE-48FE-9953-826A0F56BAB7}] => (Allow) D:\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe => Keine Datei
FirewallRules: [{B121E1D9-8437-45EE-B323-EBFF4664ECF0}] => (Allow) D:\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe => Keine Datei
FirewallRules: [TCP Query User{53D37EE2-49DB-4141-86B2-FE1C3C9739E3}D:\overwatch\_retail_\overwatch.exe] => (Allow) D:\overwatch\_retail_\overwatch.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{45A5F5D8-BBF0-4ECF-B520-C9AD958F6310}D:\overwatch\_retail_\overwatch.exe] => (Allow) D:\overwatch\_retail_\overwatch.exe () [Datei ist nicht signiert]
FirewallRules: [{0FE0D6FB-9159-4BE2-A526-2E6EE7FBA50B}] => (Block) D:\overwatch\_retail_\overwatch.exe () [Datei ist nicht signiert]
FirewallRules: [{86E3A5E2-26C8-4420-945B-0A9FFD05C5DF}] => (Block) D:\overwatch\_retail_\overwatch.exe () [Datei ist nicht signiert]
FirewallRules: [{91678FB7-0885-4A79-8C8E-DC0CA9FFDAA7}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Entertainment) [Datei ist nicht signiert]
FirewallRules: [{3951161E-A287-47A9-9F8B-5B259DF6AE08}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Entertainment) [Datei ist nicht signiert]
FirewallRules: [{8D7EAB40-DF8F-4A79-A742-1262A6E6F132}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [{73050E5D-057A-46B7-820D-714ED06BD93F}] => (Allow) D:\SteamLibrary\steamapps\common\War Thunder\launcher.exe (GAIJIN NETWORK LTD -> Gaijin)
FirewallRules: [{CBF0B757-5687-4CAB-B81D-9E153F11C8DF}] => (Allow) D:\SteamLibrary\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{36CB0D91-20AE-42E8-8D7E-7B9B84D937ED}] => (Allow) D:\SteamLibrary\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{34EDB7ED-958F-4CDF-A95E-41F4596C3798}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe => Keine Datei
FirewallRules: [{800756B7-686E-466F-8A7E-04AF477AFEA5}] => (Allow) D:\SteamLibrary\steamapps\common\The Witcher 3\bin\x64\witcher3.exe => Keine Datei
FirewallRules: [TCP Query User{C35CD708-4387-4806-B0FD-37D1BE34A28D}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [UDP Query User{58BC8935-323D-49CD-A1CB-D8E62C33D91F}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{D03DDFE3-0F42-495F-81EB-8C8B65159988}] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{74CA0A07-F7A8-44DC-8189-D2EFE153DF58}] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [TCP Query User{BB68E3A9-6778-4057-8889-E784F01B25AC}D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [UDP Query User{CA195548-C5DC-4831-BED2-D35280DD6358}D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{254A2498-EA74-4DC6-A699-0BF121EB9C17}] => (Block) D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{87FA2F75-582C-450F-AD53-D843997187BF}] => (Block) D:\steamlibrary\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{4028C811-FE22-41DE-BAE7-CA66F4BD7255}] => (Allow) D:\Anno 1800\Bin\Win64\Anno1800.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{B64BA6D1-5B1E-4D5D-AAA6-4C6DC3C8552F}] => (Allow) D:\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc.)
FirewallRules: [{FB2B032A-0025-4B59-96BF-9CEA24235F79}] => (Allow) D:\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6ED196F3-3BDF-4196-B209-CFCF63F04001}D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [UDP Query User{C026AF00-4F06-4124-863D-A19AABF02B60}D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [TCP Query User{F1C0E682-2B45-4FE8-8841-2DE33571F308}C:\users\krons\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\krons\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{DC27AAA6-CA80-42F2-9080-78E16F0C7535}C:\users\krons\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\krons\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{9C985F2D-E122-4A9C-B1AF-899A9BFB20A2}D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Block) D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [UDP Query User{FA872EDD-176E-4416-BA45-3FCBF87BD4CF}D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Block) D:\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [TCP Query User{9711C0F9-DAB5-4F16-B2B1-67334542611B}C:\users\krons\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\krons\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{AF42A2A9-1F74-452E-8E41-0AF8AE6386B7}C:\users\krons\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\users\krons\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{416F08F4-CAFA-4E0B-9FBA-3849678BA4F5}] => (Allow) D:\SteamLibrary\steamapps\common\World of Tanks Blitz\wotblitz.exe (Wargaming.net) [Datei ist nicht signiert]
FirewallRules: [{63A1366C-D118-4AC0-AE37-B593847A680E}] => (Allow) D:\SteamLibrary\steamapps\common\World of Tanks Blitz\wotblitz.exe (Wargaming.net) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{4AFB85BA-F424-4674-84D3-361D08520D2E}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{594F4600-C21B-4E14-891D-175195913089}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [{1B0CBE98-3BE0-4A92-9347-0D4B2C67806A}] => (Allow) D:\SteamLibrary\steamapps\common\ALTF4\ALTF4_F.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{C4B2776C-6541-4877-9BB7-08F9057E577B}] => (Allow) D:\SteamLibrary\steamapps\common\ALTF4\ALTF4_F.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{984A8B3A-91EA-469D-83FE-B0D2E8A89DA1}C:\games\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{6DD7F05D-5271-4F4F-AB0D-72B19575841D}C:\games\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{8477DFA0-A9A8-4F67-BA61-0366E2331E6A}] => (Block) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{95FFF633-3AB9-405F-9FC3-12E3A63E137D}] => (Block) C:\games\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{BF91D440-1F31-47A9-B5D4-276E4C27EDF7}D:\steamlibrary\steamapps\common\armored warfare\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\armored warfare\gamecenter\gamecenter.exe => Keine Datei
FirewallRules: [UDP Query User{3934BE39-0B3D-48BC-B884-965FB71B4720}D:\steamlibrary\steamapps\common\armored warfare\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\armored warfare\gamecenter\gamecenter.exe => Keine Datei
FirewallRules: [{A0B4150D-41B0-4006-AFD0-15C1607AB0CF}] => (Block) D:\steamlibrary\steamapps\common\armored warfare\gamecenter\gamecenter.exe => Keine Datei
FirewallRules: [{A2627DFD-FD19-45F3-BAE6-A22D58B6DE66}] => (Block) D:\steamlibrary\steamapps\common\armored warfare\gamecenter\gamecenter.exe => Keine Datei
FirewallRules: [TCP Query User{D48B0585-BAD8-415B-8B9F-E24DB66EA9B8}C:\program files (x86)\manycam\manycam.exe] => (Allow) C:\program files (x86)\manycam\manycam.exe => Keine Datei
FirewallRules: [UDP Query User{F2EE39B2-E73D-41D5-9F2F-279D9BC85270}C:\program files (x86)\manycam\manycam.exe] => (Allow) C:\program files (x86)\manycam\manycam.exe => Keine Datei
FirewallRules: [{276827E9-33EE-453E-A94A-B0B6ED0BDC6B}] => (Block) C:\program files (x86)\manycam\manycam.exe => Keine Datei
FirewallRules: [{A59EA67D-AC8C-41FD-8861-85A36CE6E8E5}] => (Block) C:\program files (x86)\manycam\manycam.exe => Keine Datei
FirewallRules: [TCP Query User{700DE49F-3129-4450-BD4B-85D5E3BA5FCF}C:\program files\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe] => (Allow) C:\program files\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe => Keine Datei
FirewallRules: [UDP Query User{9931F245-7797-4971-B489-13D6D96AB015}C:\program files\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe] => (Allow) C:\program files\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe => Keine Datei
FirewallRules: [{4E7FB199-20B9-48D2-A18C-3416BDFF193F}] => (Block) C:\program files\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe => Keine Datei
FirewallRules: [{DA7C09A9-CF98-4089-887A-2C20133ACCC8}] => (Block) C:\program files\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe => Keine Datei
FirewallRules: [{54D97184-2BFE-41AF-89EE-37266AE2EE94}] => (Allow) D:\SteamLibrary\steamapps\common\Bloons TD Battles 2\btdb2_game.exe (Ninja Kiwi Ltd.) [Datei ist nicht signiert]
FirewallRules: [{F4AC1DBE-C03D-40B9-9627-148A9F22EFF2}] => (Allow) D:\SteamLibrary\steamapps\common\Bloons TD Battles 2\btdb2_game.exe (Ninja Kiwi Ltd.) [Datei ist nicht signiert]
FirewallRules: [{5E22D8EC-D771-4F3C-A519-FB7F86C2AC37}] => (Allow) D:\SteamLibrary\steamapps\common\SUPER PEOPLE Playtest\geegeerun.exe => Keine Datei
FirewallRules: [{B49B9FB5-90D8-4033-9B2B-E91D6209F261}] => (Allow) D:\SteamLibrary\steamapps\common\SUPER PEOPLE Playtest\geegeerun.exe => Keine Datei
FirewallRules: [TCP Query User{CFBDD61B-E704-4E4D-B1CD-CC456CC69CC3}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{1B19FE0B-C199-4AEE-950B-13CA9D8D786A}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{ED57A1AA-01A2-4EAA-BDB6-364E0230B195}] => (Block) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{8E28FBD2-6EBB-4715-8EB7-DF167ACACE46}] => (Block) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{1BB08C9B-13B5-4C37-A442-5649B8AAAF27}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Block) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{238C9D38-9B09-473F-A42B-64101A6B6C56}D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Block) D:\steamlibrary\steamapps\common\war thunder\win64\aces.exe (GAIJIN NETWORK LTD -> Gaijin Entertainment)
FirewallRules: [{D0EADEF8-9DD5-4E82-ACC1-95B84B971D04}] => (Allow) D:\SteamLibrary\steamapps\common\Lost Ark\Binaries\Win64\Launch_Game.exe => Keine Datei
FirewallRules: [{546FE385-A97B-4EBF-9CDA-F70E514BE253}] => (Allow) D:\SteamLibrary\steamapps\common\Lost Ark\Binaries\Win64\Launch_Game.exe => Keine Datei
FirewallRules: [TCP Query User{1296476C-78BB-4DAB-8830-6642C3A7C21C}C:\users\krons\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\krons\appdata\roaming\utorrent\utorrent.exe => Keine Datei
FirewallRules: [UDP Query User{C1380D35-9B1A-4B43-AA4B-F5785199FB8A}C:\users\krons\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\krons\appdata\roaming\utorrent\utorrent.exe => Keine Datei
FirewallRules: [TCP Query User{3F29C407-D142-408D-A142-FB7C3E50A41C}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E4FAA419-B202-4BF6-8807-6798D4CB85DE}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{B7C3B274-924F-4CD5-A5A2-0713AAFC23BA}] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{66561DF2-1D6F-4641-8E76-82ED5D22934D}] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{37565347-4784-4F28-8BDA-61A0FDEB9E0E}] => (Allow) D:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [Datei ist nicht signiert]
FirewallRules: [{D50AF88E-B097-4B5F-9E78-44F54BBC2014}] => (Allow) D:\SteamLibrary\steamapps\common\BloonsTD6\BloonsTD6.exe () [Datei ist nicht signiert]
FirewallRules: [{6F59DAB8-3F3D-436A-A0C4-3CBF14C3EDB6}] => (Allow) LPort=57209
FirewallRules: [{E18F771A-9684-4506-8991-83BEB71635B6}] => (Allow) LPort=57210
FirewallRules: [{FEB0706F-3EE4-4770-9D38-42FA8ADC51B1}] => (Allow) LPort=57211
FirewallRules: [{9F2350E7-DD2B-40D4-9A70-8B648E2431A7}] => (Allow) LPort=57212
FirewallRules: [{5C429AE5-A819-4142-8C0E-D1AAE16C5FF5}] => (Allow) LPort=57213
FirewallRules: [{E6556573-3C50-484E-9E9A-2AB926CC11F0}] => (Allow) LPort=57214
FirewallRules: [{29ED259B-77AB-44BA-B2A1-CC15B77047F3}] => (Allow) LPort=57215
FirewallRules: [{ADBE6288-A436-49F3-BDA3-61846204FFC2}] => (Allow) LPort=57216
FirewallRules: [{9DE7C685-75EA-4856-B166-651055F59D5E}] => (Allow) LPort=57217
FirewallRules: [{908AA965-DAF8-4E6A-AA4D-3A2D28FE0CB5}] => (Allow) LPort=57218
FirewallRules: [{DD05359B-1AC7-40AD-AB5C-063AA30C74D9}] => (Allow) LPort=57209
FirewallRules: [{83261DC8-22E9-452B-9EF0-174A96618220}] => (Allow) LPort=57210
FirewallRules: [{3AD2061E-A45F-4703-9457-972CC87ECDC1}] => (Allow) LPort=57211
FirewallRules: [{00BF8847-B79E-4EE2-AE6F-56E8312D95CC}] => (Allow) LPort=57212
FirewallRules: [{D5F432E7-C2AD-4E57-B107-AD37D889A458}] => (Allow) LPort=57213
FirewallRules: [{B9536734-05D0-44B9-BC85-A5523D0411DD}] => (Allow) LPort=57214
FirewallRules: [{296D52B5-78A3-4A2D-923D-781B142C9A18}] => (Allow) LPort=57215
FirewallRules: [{603A5866-CE8F-4782-9AD8-68B8D0EF4118}] => (Allow) LPort=57216
FirewallRules: [{D80E45E5-02D9-41B2-A48A-2B21901DE726}] => (Allow) LPort=57217
FirewallRules: [{B5581E55-4EBC-4312-A2C3-F7C67C0CD668}] => (Allow) LPort=57218
FirewallRules: [{D11B7F18-7B83-4552-BD07-A86D8DEBEA43}] => (Allow) LPort=23007
FirewallRules: [{639942C9-5216-4766-A7F4-991CBCD080CB}] => (Allow) LPort=23008
FirewallRules: [{2E334110-3BC8-4974-B288-068CD59F6918}] => (Allow) LPort=33009
FirewallRules: [{AF792CE6-D504-43AB-9111-AD23B66B16A6}] => (Allow) LPort=33010
FirewallRules: [{E5DCC63C-65F5-4238-BA6B-7B21295B5918}] => (Allow) LPort=33011
FirewallRules: [{6FFCB183-7FB0-4FD4-BA7C-B363EF942086}] => (Allow) LPort=43012
FirewallRules: [{A4548A37-E305-40AB-A327-0EF4464DC7F0}] => (Allow) LPort=43013
FirewallRules: [{17FDFC5B-32A9-472D-B3C4-6B81B540420A}] => (Allow) LPort=53014
FirewallRules: [{231729E4-064F-46FF-B1CF-18F394E3BAE8}] => (Allow) LPort=53015
FirewallRules: [{BC0F2C8D-732D-472B-BDE9-444C22B602AE}] => (Allow) LPort=53016
FirewallRules: [{9C89BB09-8680-463A-A6A7-6241FEBA14CF}] => (Allow) LPort=23007
FirewallRules: [{D44AA27B-EEED-49C2-9B56-AD7CE1C4CF2F}] => (Allow) LPort=23008
FirewallRules: [{954819F7-C81D-41FC-B565-98819218DD74}] => (Allow) LPort=33009
FirewallRules: [{B2F3CD57-B93E-424C-B1B1-31FA001EF0B4}] => (Allow) LPort=33010
FirewallRules: [{CB651E1B-B3FD-46E1-AF9B-F03DF671EA2B}] => (Allow) LPort=33011
FirewallRules: [{8F35B74C-17E8-4A7A-B3F4-E8B62062BD6F}] => (Allow) LPort=43012
FirewallRules: [{EAA88A65-325E-4B19-9913-2EBAD40D54CB}] => (Allow) LPort=43013
FirewallRules: [{38A88613-CE73-4847-ACCC-E36CAFDE52B9}] => (Allow) LPort=53014
FirewallRules: [{E12FF9E9-83E2-4301-A434-DDC511BF255B}] => (Allow) LPort=53015
FirewallRules: [{0B573903-3395-4B5E-838A-B69BA2F035C2}] => (Allow) LPort=53016
FirewallRules: [{CC29725D-998E-44AE-AA5D-F757F7A980E0}] => (Allow) LPort=50053
FirewallRules: [{323B8BE9-18D8-4F85-B8AF-560093DDE158}] => (Allow) LPort=50053
FirewallRules: [{33B7596E-2C32-4604-BC59-E3D87388EE5B}] => (Allow) D:\SteamLibrary\steamapps\common\Plants Vs Zombies\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{FF750AB4-75D0-4DA9-A09D-54B6D316F42C}] => (Allow) D:\SteamLibrary\steamapps\common\Plants Vs Zombies\PlantsVsZombies.exe (PopCap Games -> )
FirewallRules: [{26BD7283-EAE7-4D13-BF65-021E8D457695}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{A5D5DB2B-F926-4F29-9CD5-34F60E57617B}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{19864311-BEDE-4040-B553-66EFB027DF02}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{27614B7D-411B-436A-B66D-CD53F202FB41}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{7FBB5187-5860-4A27-8D08-8F7D9D788641}] => (Allow) D:\SteamLibrary\steamapps\common\R.U.S.E\Ruse.exe (Eugen Systems) [Datei ist nicht signiert]
FirewallRules: [{EB3DE07C-45FA-4538-B4BA-E2F1416667D1}] => (Allow) D:\SteamLibrary\steamapps\common\R.U.S.E\Ruse.exe (Eugen Systems) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{E4577853-F457-45EA-BC8D-51B7092DD7D5}C:\games\road rash\roadrash.exe] => (Block) C:\games\road rash\roadrash.exe => Keine Datei
FirewallRules: [UDP Query User{8BF06A89-01D0-40AB-A5C9-357727BAAEBC}C:\games\road rash\roadrash.exe] => (Block) C:\games\road rash\roadrash.exe => Keine Datei
FirewallRules: [{97C6064C-6C1B-4DB5-9B50-E8A2EB44EB59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grounded\Grounded.exe (Obsidian Entertainment, Inc. -> Epic Games, Inc.)
FirewallRules: [{B1FD9C46-BFC6-445B-AF5E-7CFC3A432BFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grounded\Grounded.exe (Obsidian Entertainment, Inc. -> Epic Games, Inc.)
FirewallRules: [{51CC7105-87CB-4F98-BA46-3346F3CF870C}] => (Allow) LPort=57209
FirewallRules: [{0559F2DF-CF89-4ADF-9555-A7FE652FC56E}] => (Allow) LPort=57210
FirewallRules: [{95556F23-8C16-4F4B-A603-075CD718D468}] => (Allow) LPort=57211
FirewallRules: [{6806ACE9-C005-4D4B-B79C-56A3959EDE90}] => (Allow) LPort=57212
FirewallRules: [{14B8C209-1E89-4C23-8E1A-7666504AEDAA}] => (Allow) LPort=57213
FirewallRules: [{0B3F993C-35DE-4D50-B701-B827CF315D28}] => (Allow) LPort=57214
FirewallRules: [{3551CC0E-3535-4114-8D16-08FA007FEF04}] => (Allow) LPort=57215
FirewallRules: [{4B85A5BD-FCEF-4D1C-B6B3-3964A053A2FB}] => (Allow) LPort=57216
FirewallRules: [{C2E7CBF1-F2F8-467A-8712-BECB171A6BB5}] => (Allow) LPort=57217
FirewallRules: [{458554AB-3811-4C7A-BF9E-125D261DD1C3}] => (Allow) LPort=57218
FirewallRules: [{FC96F247-56B7-48AD-805D-CDE017BFCFA1}] => (Allow) LPort=57209
FirewallRules: [{AD5D58EF-5E41-4C34-84DB-1E769C3D1FB1}] => (Allow) LPort=57210
FirewallRules: [{F2310640-6310-46B3-B189-C2FF64B5974A}] => (Allow) LPort=57211
FirewallRules: [{01EF0E72-89FF-410A-9491-46A5D410D8C5}] => (Allow) LPort=57212
FirewallRules: [{4AF3AC22-16C7-4056-89D0-1E16B6EF7622}] => (Allow) LPort=57213
FirewallRules: [{A855E19E-1B3E-42FB-A12B-C10DA8CF5ABA}] => (Allow) LPort=57214
FirewallRules: [{B463534C-CA50-44CE-92CB-04B4DEC7ED6B}] => (Allow) LPort=57215
FirewallRules: [{AAA3F8D9-C0C9-4B8F-B6B6-01495AA20832}] => (Allow) LPort=57216
FirewallRules: [{0E16637F-647A-469A-A65C-D9DC9F143555}] => (Allow) LPort=57217
FirewallRules: [{4A40CF1B-CC43-49AE-9C39-36EAD708E55B}] => (Allow) LPort=57218
FirewallRules: [{307BA307-CA1D-4DE0-A3FA-CB5B55C128AD}] => (Allow) LPort=23007
FirewallRules: [{254CA823-110A-462B-BA0C-D7608B77AE25}] => (Allow) LPort=23008
FirewallRules: [{10EDEF38-DACD-489E-B1EA-6CD091C053A7}] => (Allow) LPort=33009
FirewallRules: [{5CAA4916-A5DA-404F-A075-44227D3DCB81}] => (Allow) LPort=33010
FirewallRules: [{016835EB-22AB-49D8-8CC9-2EA41BCA64E2}] => (Allow) LPort=33011
FirewallRules: [{06993F6A-C704-490E-9253-1648A9232541}] => (Allow) LPort=43012
FirewallRules: [{9ECA0053-A312-41A6-B459-6D6073DEBAFE}] => (Allow) LPort=43013
FirewallRules: [{1DADB7DD-1F27-4319-AFD2-D7893535E589}] => (Allow) LPort=53014
FirewallRules: [{75AAC05E-C19A-486E-B601-23E44DFE9F9E}] => (Allow) LPort=53015
FirewallRules: [{7DEF848F-84EF-435C-AB14-AFEE981A489E}] => (Allow) LPort=53016
FirewallRules: [{982FD0AE-7092-41D3-9D9C-B3733EA3F777}] => (Allow) LPort=23007
FirewallRules: [{4FC53F8E-60EF-4D48-944A-7C4E70E9465F}] => (Allow) LPort=23008
FirewallRules: [{A4C67231-2A9F-4A81-A7D9-7A37CE401FFD}] => (Allow) LPort=33009
FirewallRules: [{39485319-811A-43EA-8A58-94D54874EFB4}] => (Allow) LPort=33010
FirewallRules: [{3D5577E6-C895-4CDB-980F-A46BB91EDF4D}] => (Allow) LPort=33011
FirewallRules: [{96422DFF-6449-43B7-8952-60E339846C13}] => (Allow) LPort=43012
FirewallRules: [{0B96374B-C712-412B-A588-93F5AB1BEDA2}] => (Allow) LPort=43013
FirewallRules: [{8F65894F-5EF2-4E8A-A191-0FA20AF02032}] => (Allow) LPort=53014
FirewallRules: [{C2E54EF4-A42A-465C-9E72-9161C1C8151B}] => (Allow) LPort=53015
FirewallRules: [{EC7B1CFA-3748-4B28-A01A-822E423BC657}] => (Allow) LPort=53016
FirewallRules: [{7ACDE0ED-EE18-4787-B358-B829144DCB4D}] => (Allow) LPort=50053
FirewallRules: [{804D289F-B650-42C9-A8E0-A6BEF39D47DC}] => (Allow) LPort=50053
FirewallRules: [TCP Query User{1CCEC6E8-80C2-46EE-9ABC-3C0A379A27C6}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe => Keine Datei
FirewallRules: [UDP Query User{24909557-1644-4292-8C2C-452D69FCB2F9}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe => Keine Datei
FirewallRules: [{58E2E3ED-3C61-42D0-89B6-149995EE0023}] => (Block) C:\games\world_of_tanks_eu\win32\worldoftanks.exe => Keine Datei
FirewallRules: [{95555897-5AD7-4208-9E9B-E43176007A06}] => (Block) C:\games\world_of_tanks_eu\win32\worldoftanks.exe => Keine Datei
FirewallRules: [{632E317F-0B40-454C-8BF0-1F084B5799C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe => Keine Datei
FirewallRules: [{1E870912-2667-4997-BC6C-5857CA418EED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe => Keine Datei
FirewallRules: [TCP Query User{F23A4168-72EC-4B37-B49E-4E1CDB62E312}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => Keine Datei
FirewallRules: [UDP Query User{83E70537-4720-46B7-B574-19D9BC0943DE}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => Keine Datei
FirewallRules: [{26193E20-055C-477F-B371-897056004BDB}] => (Block) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => Keine Datei
FirewallRules: [{B393E140-A9D3-4068-8C07-193B5B1BC34D}] => (Block) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => Keine Datei
FirewallRules: [TCP Query User{E455ABB0-D346-497F-88D8-67F247CFCC2B}D:\call of duty\_retail_\cod.exe] => (Allow) D:\call of duty\_retail_\cod.exe => Keine Datei
FirewallRules: [UDP Query User{066F078C-3DC5-455F-9AF3-78EDDA13EF8D}D:\call of duty\_retail_\cod.exe] => (Allow) D:\call of duty\_retail_\cod.exe => Keine Datei
FirewallRules: [{DBE11289-2799-4D7E-9306-14F3F8929611}] => (Block) D:\call of duty\_retail_\cod.exe => Keine Datei
FirewallRules: [{0D3D3975-67B3-4CEE-9CB6-43B32B258EC0}] => (Block) D:\call of duty\_retail_\cod.exe => Keine Datei
FirewallRules: [TCP Query User{53D9848C-A79A-4AB1-9279-151EB8010D05}C:\call of duty\_retail_\cod.exe] => (Allow) C:\call of duty\_retail_\cod.exe => Keine Datei
FirewallRules: [UDP Query User{C7D9E463-63C7-4757-B39F-AC23DBFAA133}C:\call of duty\_retail_\cod.exe] => (Allow) C:\call of duty\_retail_\cod.exe => Keine Datei
FirewallRules: [{706D53EC-1ADA-4311-84CC-23E3AB04D85E}] => (Block) C:\call of duty\_retail_\cod.exe => Keine Datei
FirewallRules: [{6E278002-5359-4F84-8E61-D4EBE268CA76}] => (Block) C:\call of duty\_retail_\cod.exe => Keine Datei
FirewallRules: [{51C64F2D-EFFA-4B3E-B938-C76E31849FC0}] => (Allow) F:\SteamLibrary\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd)
FirewallRules: [{43FFBF35-5CCD-4E10-9FD6-D6B3B37A54E8}] => (Allow) F:\SteamLibrary\steamapps\common\Batman Arkham Asylum GOTY\Binaries\BmLauncher.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd)
FirewallRules: [{198C29A6-5C56-4CFF-AA63-50658903CC7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Satisfactory\FactoryGame.exe => Keine Datei
FirewallRules: [{43BACCBB-EBD4-4627-91FE-8AF26D2A993E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Satisfactory\FactoryGame.exe => Keine Datei
FirewallRules: [TCP Query User{F207E29B-8705-4C8A-BD1E-6DED6301F280}C:\users\krons\appdata\local\programs\opera\opera.exe] => (Block) C:\users\krons\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{3476E36D-5C81-4C46-9AE1-2A697B0A4748}C:\users\krons\appdata\local\programs\opera\opera.exe] => (Block) C:\users\krons\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{B241B895-F83B-4522-8D56-0017DDEF7AE4}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{7B63430C-B938-495D-8940-8546A88B7CF6}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{816FDC15-E8CA-4051-BE9B-7122AE312A57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [Datei ist nicht signiert]
FirewallRules: [{3DB545E9-25ED-4B58-B9FF-BEA9649BD29A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{7BD12772-8E53-4227-B0CA-5AC2139B902A}C:\users\krons\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.220.1726\jdk-17.0.1+12-minimal\bin\java.exe] => (Allow) C:\users\krons\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.220.1726\jdk-17.0.1+12-minimal\bin\java.exe
FirewallRules: [UDP Query User{CA614B1A-157B-466A-AB58-3CFA7B4D14EC}C:\users\krons\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.220.1726\jdk-17.0.1+12-minimal\bin\java.exe] => (Allow) C:\users\krons\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.220.1726\jdk-17.0.1+12-minimal\bin\java.exe
FirewallRules: [{7F9FDA6F-1CBB-4DE4-8E21-26052E564E8B}] => (Block) C:\users\krons\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.220.1726\jdk-17.0.1+12-minimal\bin\java.exe
FirewallRules: [{927D87CB-D3A4-413C-A858-6D139E1FCD26}] => (Block) C:\users\krons\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.220.1726\jdk-17.0.1+12-minimal\bin\java.exe
FirewallRules: [TCP Query User{4737F0BA-96AA-41FB-9921-676A33577C77}C:\users\krons\appdata\local\.ftba\bin\runtime\jdk-17.0.2+8-jre\bin\javaw.exe] => (Block) C:\users\krons\appdata\local\.ftba\bin\runtime\jdk-17.0.2+8-jre\bin\javaw.exe
FirewallRules: [UDP Query User{F5E088A2-E7AA-4AB7-8F89-F89E76EC4552}C:\users\krons\appdata\local\.ftba\bin\runtime\jdk-17.0.2+8-jre\bin\javaw.exe] => (Block) C:\users\krons\appdata\local\.ftba\bin\runtime\jdk-17.0.2+8-jre\bin\javaw.exe
FirewallRules: [TCP Query User{C085A097-BCAA-44EE-B76D-36E9CFC59D62}C:\users\krons\appdata\local\.ftba\bin\runtime\jdk8u312-b07-jre\bin\javaw.exe] => (Block) C:\users\krons\appdata\local\.ftba\bin\runtime\jdk8u312-b07-jre\bin\javaw.exe
FirewallRules: [UDP Query User{59203C28-19EE-47B1-B9C9-0A609B733405}C:\users\krons\appdata\local\.ftba\bin\runtime\jdk8u312-b07-jre\bin\javaw.exe] => (Block) C:\users\krons\appdata\local\.ftba\bin\runtime\jdk8u312-b07-jre\bin\javaw.exe
FirewallRules: [{FCDAA8DC-6292-4B71-B256-A41AE03D5C38}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E1E01188-9458-490F-9CC4-D80160837C42}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B72E10BA-29CF-41A5-A7D9-FF95D8F8ADBE}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D790B36B-A0FF-4F31-8F27-0A6F687B6778}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{BAB6B0A3-12F3-4626-9DC4-3956366E3177}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{00ADFB68-7223-4F64-B32B-27F678CB3A24}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E4D4EFB2-4145-4618-A839-56986E6BCA34}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{41A6303C-A9E4-4856-BC52-A8C3389CA842}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6BEEA5E2-665C-42B5-8741-C44E0535215C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{812F8411-4459-46AA-B959-6219F2D63219}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5EC0154B-E002-4CEA-927D-1DDA2F34FF40}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{BACE0349-C9A6-49DD-8B11-C403B56C3A4A}] => (Allow) D:\Anno 2205\Bin\Win64\Anno2205.exe (Blue Byte GmbH -> Ubisoft)
FirewallRules: [{D133BBDE-CEB9-45C9-A18B-72D0FA29871A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Industry Giant\giant.exe () [Datei ist nicht signiert]
FirewallRules: [{22024675-A85A-4F9B-BF28-8EA522DE4DA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Industry Giant\giant.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{D744C9D4-2BE6-4132-BBEC-405C98FC1E8C}D:\railwayempire\railwayempire.exe] => (Allow) D:\railwayempire\railwayempire.exe => Keine Datei
FirewallRules: [UDP Query User{2A37AE22-66C1-445F-9B25-72C89DD0E40C}D:\railwayempire\railwayempire.exe] => (Allow) D:\railwayempire\railwayempire.exe => Keine Datei
FirewallRules: [{72B596F0-6B1C-4672-BE64-1952FCD7A5BA}] => (Block) D:\railwayempire\railwayempire.exe => Keine Datei
FirewallRules: [{4AAC33D0-1714-469E-90C4-EA92EA6CC2A1}] => (Block) D:\railwayempire\railwayempire.exe => Keine Datei
FirewallRules: [{564ED9B0-DFB1-4423-A40C-1C3B6DCBA0AB}] => (Allow) C:\Program Files\EA Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe (Electronic Arts -> DOSBox Team)
FirewallRules: [{C0401D1B-62E5-492A-B728-0B3007FDEE1D}] => (Allow) C:\Program Files\EA Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe (Electronic Arts -> DOSBox Team)
FirewallRules: [{DB454C6F-60F6-4318-A57E-649CA168BC7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CnCRemastered\ClientLauncherG.exe (Petroglyph Games, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{2511046A-D85F-411A-82ED-B60594235207}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CnCRemastered\ClientLauncherG.exe (Petroglyph Games, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{B1EE7789-7C7E-486A-9717-F90E18A3CC46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CnCRemastered\ClientG.exe (Petroglyph Games, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{B419D4CF-AAB3-4C18-8441-0FD1349BCA0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CnCRemastered\ClientG.exe (Petroglyph Games, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{11ACD7B4-DC10-4FBC-953B-741C3F04A551}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CnCRemastered\InstanceServerG.exe (Petroglyph Games, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{4F2FD027-97F2-4C8A-8F60-17D77688A513}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CnCRemastered\InstanceServerG.exe (Petroglyph Games, Inc. -> Petroglyph Games Inc.)
FirewallRules: [TCP Query User{86792E62-07BD-4445-8A2A-99CD0D55B30D}C:\call of duty\_retail_\mp23\mp23-cod.exe] => (Allow) C:\call of duty\_retail_\mp23\mp23-cod.exe => Keine Datei
FirewallRules: [UDP Query User{3D1FF0AE-512B-40A8-B7CF-AD3923007DBA}C:\call of duty\_retail_\mp23\mp23-cod.exe] => (Allow) C:\call of duty\_retail_\mp23\mp23-cod.exe => Keine Datei
FirewallRules: [{8C91FE2C-DD1C-40A7-988C-126C17C743CC}] => (Block) C:\call of duty\_retail_\mp23\mp23-cod.exe => Keine Datei
FirewallRules: [{37F2F62D-1B4D-437A-8773-46928F3FD503}] => (Block) C:\call of duty\_retail_\mp23\mp23-cod.exe => Keine Datei
FirewallRules: [TCP Query User{82338996-4E73-4572-B18D-D6FB6358C8F0}C:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe => Keine Datei
FirewallRules: [UDP Query User{ECA75197-9D17-412E-A2FF-8B973997B5FE}C:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe => Keine Datei
FirewallRules: [TCP Query User{8C2F2328-30D4-4FA6-B263-C67188DF99D4}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{96B9C5C6-9675-41E9-A426-06BAD2E9A28E}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{E929C342-AC18-47FF-8325-59543E9509C0}C:\games\cw\bin\engine_launcher.exe] => (Allow) C:\games\cw\bin\engine_launcher.exe (Wargaming Group Limited -> )
FirewallRules: [UDP Query User{01E90F63-BC7D-43B7-B8BC-0954B8D9B173}C:\games\cw\bin\engine_launcher.exe] => (Allow) C:\games\cw\bin\engine_launcher.exe (Wargaming Group Limited -> )
FirewallRules: [{6E45C4D3-A41E-4756-9197-F26CE8D2D35D}] => (Block) C:\games\cw\bin\engine_launcher.exe (Wargaming Group Limited -> )
FirewallRules: [{128013F8-8710-4B7F-B475-1559E380C917}] => (Block) C:\games\cw\bin\engine_launcher.exe (Wargaming Group Limited -> )
FirewallRules: [{242727AB-8C92-4D6A-8594-2F8A069FD59A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wreckfest\Wreckfest_x64.exe () [Datei ist nicht signiert]
FirewallRules: [{F214E84F-F4AB-4417-B0BE-87422CD94DAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wreckfest\Wreckfest_x64.exe () [Datei ist nicht signiert]
FirewallRules: [{D8F95C46-4085-4B18-ADFD-5703DA77B5AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wreckfest\Wreckfest.exe () [Datei ist nicht signiert]
FirewallRules: [{614C1DF7-9D50-4716-9B02-810FC2934CB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wreckfest\Wreckfest.exe () [Datei ist nicht signiert]
FirewallRules: [{9DAAAAC2-739D-4919-8AA8-329F8F432DA6}] => (Allow) F:\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert]
FirewallRules: [{45AE1D8A-A347-4CAE-B7B0-AC64C01D6E9A}] => (Allow) F:\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{7D9DCFFE-4666-4892-9681-58A4ADE70B34}C:\games\cwlodestar\bin\engine_launcher.exe] => (Allow) C:\games\cwlodestar\bin\engine_launcher.exe (Wargaming Group Limited -> )
FirewallRules: [UDP Query User{10010318-F2A2-4A79-BAAD-6538681C72F4}C:\games\cwlodestar\bin\engine_launcher.exe] => (Allow) C:\games\cwlodestar\bin\engine_launcher.exe (Wargaming Group Limited -> )
FirewallRules: [{4C3FD47F-B0AB-4C81-A2C2-327E228C6553}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{090D325C-3C7D-408B-AB2C-077B2B6D1AE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B30BDE6-AE85-4A87-981C-582E79F9CF71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C79134C6-628C-4C40-9136-90CBF585C6B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{98330B00-AAE1-4F43-92E9-41FC447FA8F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D06FD7E2-F83A-474A-81EA-71D04EB5E1D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{988FB121-951F-4F03-A332-3F67128FFD79}C:\users\krons\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\krons\appdata\roaming\utorrent\utorrent.exe => Keine Datei
FirewallRules: [UDP Query User{5E2C3B9F-F639-4989-B5AE-6BFC6D1402A7}C:\users\krons\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\krons\appdata\roaming\utorrent\utorrent.exe => Keine Datei
FirewallRules: [TCP Query User{56D39F5A-9F77-4BE0-AE44-7044C82299BD}C:\program files (x86)\steam\steamapps\common\team fortress 2\tf_win64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\team fortress 2\tf_win64.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{339A894D-F8AC-429A-9C26-AEB26DD6E4B7}C:\program files (x86)\steam\steamapps\common\team fortress 2\tf_win64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\team fortress 2\tf_win64.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{6946956D-67B7-44E9-872B-10BA9DFF1D25}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{ADEFCE64-6B9C-4F9B-A59E-DF547F434B39}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{6F117EB3-5620-4E0F-9C2B-B33E0D383B73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MarvelRivals\MarvelRivals_Launcher.exe (NetEase (Hangzhou) Network Co., Ltd -> )
FirewallRules: [{C986E4D1-FB77-45C9-87A3-07C08AED9B8C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MarvelRivals\MarvelRivals_Launcher.exe (NetEase (Hangzhou) Network Co., Ltd -> )
FirewallRules: [{B040DB7B-9FFD-4949-8ED8-F5CF99615DDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{82D36504-5CFF-4C4A-A147-91A30A542A96}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{89A4CC69-93A8-4AE7-9A09-950832EA7B1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{33020715-A025-4C09-8F71-018409515380}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{58D0E674-471B-485F-A27D-1492A8E2ABFC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DAB353B5-6AB7-46BE-9639-1114720B3E2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AC71A780-0023-4220-8E3D-6750B9310486}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A3F35EAA-EBFA-4DD8-ACEF-956AA4C23502}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DDB7863D-7B16-4DBC-8460-B08B9BC26A57}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{885D9EE1-81CA-4E8A-A415-00C2099B50F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.256.502.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{861528C8-AB88-4533-A222-CD5D3A197120}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.140\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D2147B48-B866-449C-A896-FEDD92FE83A4}C:\program files (x86)\steam\steamapps\common\marvelrivals\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\marvelrivals\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe (NetEase (Hangzhou) Network Co., Ltd -> Netease Games)
FirewallRules: [UDP Query User{F8556427-C339-413B-ACD1-85EDF7BA70F2}C:\program files (x86)\steam\steamapps\common\marvelrivals\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\marvelrivals\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe (NetEase (Hangzhou) Network Co., Ltd -> Netease Games)
FirewallRules: [{14756685-7146-49CD-953B-8EED87029647}] => (Block) C:\program files (x86)\steam\steamapps\common\marvelrivals\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe (NetEase (Hangzhou) Network Co., Ltd -> Netease Games)
FirewallRules: [{9BE288C7-368F-43BF-84CC-045266D59F47}] => (Block) C:\program files (x86)\steam\steamapps\common\marvelrivals\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe (NetEase (Hangzhou) Network Co., Ltd -> Netease Games)
FirewallRules: [{66918178-80F0-4ABB-885E-04967F2854CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F2092DE-9B4D-4A86-AAAE-754ED1296E57}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F963971A-0333-4FDC-B6D2-CD96E2280390}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F6276F84-9864-49F7-B882-E619CD72420F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BD1C146B-EDE9-4385-BA0F-BA8AFF384E6B}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.131.43\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{AA0F6B29-1A94-4E90-9B0B-5F7EB90A475F}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.131.43\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{EDD4DD36-AAB3-4D96-B704-27D5CB79C351}] => (Block) C:\Program Files (x86)\Overwolf\0.266.131.43\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{9421D52D-6F03-474F-8C21-CEDFD66E28BA}] => (Block) C:\Program Files (x86)\Overwolf\0.266.131.43\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DED944A3-010F-4AAC-B8D0-CF0E88F0E909}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.132.44\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{42443AC0-0EB8-41B8-86E3-473CF900E5AF}] => (Allow) C:\Program Files (x86)\Overwolf\0.266.132.44\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager ============

==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (02/10/2025 11:03:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\krons\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_a865f0c28672571c.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_60b8b9eb71f62e16.manifest.

Error: (02/10/2025 11:03:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\krons\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_a865f0c28672571c.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_60b8b9eb71f62e16.manifest.

Error: (02/09/2025 10:34:56 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\krons\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_a865f0c28672571c.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_60b8b9eb71f62e16.manifest.

Error: (02/09/2025 07:02:17 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005).

Error: (02/09/2025 12:04:54 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\krons\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_a865f0c28672571c.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_60b8b9eb71f62e16.manifest.

Error: (02/09/2025 12:04:54 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\krons\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_a865f0c28672571c.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_60b8b9eb71f62e16.manifest.

Error: (02/09/2025 12:04:21 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\krons\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_a865f0c28672571c.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_60b8b9eb71f62e16.manifest.

Error: (02/09/2025 12:04:21 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\krons\AppData\Local\CapCut\Apps\CapCut.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_a865f0c28672571c.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_60b8b9eb71f62e16.manifest.


Systemfehler:
=============
Error: (02/11/2025 05:37:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NMPJ99VJBWV-Microsoft.YourPhone

Error: (02/11/2025 05:25:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NMPJ99VJBWV-Microsoft.YourPhone

Error: (02/11/2025 05:25:16 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Das Secure Boot-Update konnte eine Secure Boot-Variable mit dem Fehler (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.) nicht aktualisieren. Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931

Error: (02/11/2025 05:24:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Broker für Laufzeitüberwachung der Systemüberwachung" wurde mit folgendem Fehler beendet: 
%%3489660935

Error: (02/11/2025 05:24:17 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT-AUTORITÄT)
Description: Das Secure Boot-Update konnte eine Secure Boot-Variable mit dem Fehler (-2147020471 = Sicheres Starten ist auf diesem Computer nicht aktiviert.) nicht aktualisieren. Weitere Informationen finden Sie unter https://go.microsoft.com/fwlink/?linkid=2169931

Error: (02/11/2025 05:22:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GameInput Service" wurde unerwartet beendet. Dies ist bereits 6 Mal passiert.

Error: (02/11/2025 05:22:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "GameInput Service" wurde mit folgendem Fehler beendet: 
Die Verbunddatei "GameInput Service" wurde mit einer neueren Version erstellt.

Error: (02/11/2025 05:22:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "GameInput Service" wurde unerwartet beendet. Dies ist bereits 5 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.


Windows Defender:
================
Date: 2025-02-07 21:39:13
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {2FF3666B-1550-4B0D-BB27-F2969700FAD8}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2025-02-07 21:12:54
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {DC664EB8-5D6D-4000-AC03-69CAD745D296}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2025-01-27 23:10:43
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {DC744DFC-7BE2-4743-AF73-24D7A281C0D7}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2025-01-18 15:10:24
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {A2E0D835-E31C-4104-8000-996ABDC61EFA}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2025-01-16 15:41:16
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {A8AFD9F0-397D-4B7C-AB0A-B72BF7BE3EBC}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Event[0]:

Date: 2025-01-15 18:08:22
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Sicherung
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 
Security Intelligence-Version: 1.421.1361.0;1.421.1361.0
Modulversion: 1.1.24090.11

Date: 2025-01-15 18:08:22
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Aktuell
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 
Security Intelligence-Version: 1.421.1374.0;1.421.1374.0
Modulversion: 1.1.24090.11

Date: 2025-01-02 14:48:59
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Aktuell
Fehlercode: 0x80501102
Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support". 
Security Intelligence-Version: 1.421.1137.0;1.421.1137.0
Modulversion: 1.1.24090.11

Date: 2024-10-25 21:20:02
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Sicherung
Fehlercode: 0x80004004
Fehlerbeschreibung: Vorgang abgebrochen 
Security Intelligence-Version: 1.419.688.0;1.419.688.0
Modulversion: 1.1.24080.9

Date: 2024-10-25 21:20:02
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Aktuell
Fehlercode: 0x80501102
Fehlerbeschreibung: Unerwartetes Problem. Installieren Sie bei Bedarf verfügbare Updates, und starten Sie das Programm dann erneut. Informationen zum Installieren von Updates finden Sie unter "Hilfe und Support". 
Security Intelligence-Version: 1.419.704.0;1.419.704.0
Modulversion: 1.1.24080.9

CodeIntegrity:
===============
Date: 2025-02-11 17:37:38
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.

Date: 2025-02-11 17:37:06
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 1.30 11/20/2020
Hauptplatine: Micro-Star International Co., Ltd. A520M-A PRO (MS-7C96)
Prozessor: AMD Ryzen 5 5600X 6-Core Processor 
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 16310.23 MB
Verfügbarer physikalischer RAM: 7495.55 MB
Summe virtueller Speicher: 21430.23 MB
Verfügbarer virtueller Speicher: 8856.55 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:1861.93 GB) (Free:771.71 GB) (Model: Samsung SSD 980 PRO 2TB) NTFS
Drive d: (Volume) (Fixed) (Total:931.5 GB) (Free:125.71 GB) (Model: TOSHIBA HDWD110) NTFS
Drive f: (Volume 2TB) (Fixed) (Total:1863 GB) (Free:0.02 GB) (Model: ST2000DM008-2FR102) NTFS

\\?\Volume{ef7eb77c-6a70-11ed-a0b3-2cf05de4929e}\ (Recovery tools) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{ef7eb77d-6a70-11ed-a0b3-2cf05de4929e}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 486AFFFF)

Partition: GPT.

==================== Ende von Addition.txt =======================
         

Danke für die Logdatei.


Starte den Rechner neu und führe danach die folgende Reparatur mit FRST aus.





Reparatur mit FRST
HINWEIS AN ALLE MITLESER:
Dieses FRST-Skript ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System verwendet werden!

• Speichere deine Arbeiten und schließe alle offenen Programme, damit keine Daten verloren gehen.
• Markiere den gesamten Inhalt der folgenden Code-Box mit der Maus und kopiere ihn (gleichzeitiges Drücken der beiden Tasten "STRG" + "C"):
  
  Code: Alles auswählenAufklappen

  ATTFilter

  Start::
  CreateRestorePoint:
  CloseProcesses:
  CMD: reg query "HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitCleaner" /S
  DeleteKey: HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitCleaner
  AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
  AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [10]
  AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
  AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
  AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [10]
  AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [10]
  AlternateDataStreams: C:\Users\krons\Desktop\FRST64.exe:MBAM.Zone.Identifier [225]
  AlternateDataStreams: C:\Users\krons\AppData\Local\Temp:$DATA​ [16]
  AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2696]
  CMD: reg query "HKCU\SOFTWARE\438f84b93ab73e6e9ccd233d1abe724b" /S
  DeleteKey: HKCU\SOFTWARE\438f84b93ab73e6e9ccd233d1abe724b
  CMD: reg query "HKCU\SOFTWARE"
  Startup: C:\Users\krons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitCleaner Tasker.lnk [2024-11-28] <==== ACHTUNG
  Unlock: C:\Users\krons\AppData\Roaming\BitCleaner
  Folder: C:\Users\krons\AppData\Roaming\BitCleaner
  File: C:\Users\krons\AppData\Roaming\BitCleaner\BitCleaner Tasker.exe
  C:\Users\krons\AppData\Roaming\BitCleaner
  CMD: type "C:\ProgramData\NTUSER.pol"
  CMD: reg query "HKLM\SOFTWARE\Policies\Mozilla" /S
  CMD: reg query "HKLM\SOFTWARE\Policies\Google" /S
  CMD: reg query "HKLM\SOFTWARE\Policies\Vivaldi" /S
  GroupPolicy: Beschränkung ? <==== ACHTUNG
  Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
  HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
  HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
  HKLM\SOFTWARE\Policies\Vivaldi: Beschränkung <==== ACHTUNG
  S3 HWiNFO_163; \??\C:\Users\krons\AppData\Local\Temp\HWiNFO64A_163.SYS [X] <==== ACHTUNG
  S3 wtbt; \??\d:\steamlibrary\steamapps\common\super people playtest\engine\binaries\thirdparty\wondertrust\wtdrv64.sys [X]
  AV: BullGuard Antivirus (Disabled - Out of date) {0C5A09FB-657F-B94D-DF1B-BB843C6EE0E4}
  FW: BullGuard Firewall (Enabled) {346188DE-2F10-B815-F444-12B1C2BDA79F}
  CMD: cscript /nologo %systemroot%\System32\slmgr.vbs /dlv
  CMD: netsh winsock reset
  CMD: netsh advfirewall reset
  CMD: netsh advfirewall set allprofiles state ON
  CMD: netsh winhttp reset proxy
  CMD: Bitsadmin /Reset /Allusers
  CMD: Winmgmt /salvagerepository 
  CMD: Winmgmt /verifyrepository
  CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
  CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
  CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
  CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
  Hosts:
  RemoveProxy:
  EmptyTemp:
  End::
           

• Starte nun FRST und klicke direkt auf den Button Reparieren.
  Wichtig: Du brauchst den Inhalt der Code-Box nirgends einfügen, da sich FRST den Code aus der Zwischenablage holt!
• Das Tool führt die gewünschten Schritte aus und erstellt die Datei fixlog.txt im selben Verzeichnis, in dem sich FRST befindet.
• Zum Abschluss wird das System neu gestartet.
• Poste mir den Inhalt der Datei fixlog.txt mit deiner nächsten Antwort.

Hab während der Ausführung von der Reparatur kurz Firefox geöffnet da es für ein paar Minuten gefreezt ("keine Rückmeldung") ist. Lief aber danach von selbst wieder weiter.

FixLog

Code: Alles auswählenAufklappen

ATTFilter

Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-02-2025
durchgeführt von krons (11-02-2025 23:41:17) Run:1
Gestartet von C:\Users\krons\Desktop
Geladene Profile: krons
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Start::
CreateRestorePoint:
CloseProcesses:
CMD: reg query "HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitCleaner" /S
DeleteKey: HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitCleaner
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [10]
AlternateDataStreams: C:\Users\krons\Desktop\FRST64.exe:MBAM.Zone.Identifier [225]
AlternateDataStreams: C:\Users\krons\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2696]
CMD: reg query "HKCU\SOFTWARE\438f84b93ab73e6e9ccd233d1abe724b" /S
DeleteKey: HKCU\SOFTWARE\438f84b93ab73e6e9ccd233d1abe724b
CMD: reg query "HKCU\SOFTWARE"
Startup: C:\Users\krons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitCleaner Tasker.lnk [2024-11-28] <==== ACHTUNG
Unlock: C:\Users\krons\AppData\Roaming\BitCleaner
Folder: C:\Users\krons\AppData\Roaming\BitCleaner
File: C:\Users\krons\AppData\Roaming\BitCleaner\BitCleaner Tasker.exe
C:\Users\krons\AppData\Roaming\BitCleaner
CMD: type "C:\ProgramData\NTUSER.pol"
CMD: reg query "HKLM\SOFTWARE\Policies\Mozilla" /S
CMD: reg query "HKLM\SOFTWARE\Policies\Google" /S
CMD: reg query "HKLM\SOFTWARE\Policies\Vivaldi" /S
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Vivaldi: Beschränkung <==== ACHTUNG
S3 HWiNFO_163; \??\C:\Users\krons\AppData\Local\Temp\HWiNFO64A_163.SYS [X] <==== ACHTUNG
S3 wtbt; \??\d:\steamlibrary\steamapps\common\super people playtest\engine\binaries\thirdparty\wondertrust\wtdrv64.sys [X]
AV: BullGuard Antivirus (Disabled - Out of date) {0C5A09FB-657F-B94D-DF1B-BB843C6EE0E4}
FW: BullGuard Firewall (Enabled) {346188DE-2F10-B815-F444-12B1C2BDA79F}
CMD: cscript /nologo %systemroot%\System32\slmgr.vbs /dlv
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winhttp reset proxy
CMD: Bitsadmin /Reset /Allusers
CMD: Winmgmt /salvagerepository 
CMD: Winmgmt /verifyrepository
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
Hosts:
RemoveProxy:
EmptyTemp:
End::
*****************

Wiederherstellungspunkt wurde erfolgreich erstellt.
Prozesse erfolgreich geschlossen.

========= reg query "HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitCleaner" /S =========


HKEY_USERS\S-1-5-21-2424841526-2556149945-2766575121-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitCleaner
    DisplayName    REG_SZ    BitCleaner
    DisplayVersion    REG_SZ    2.0.0.0
    Publisher    REG_SZ    BinaryLabs LTD
    VersionMajor    REG_SZ    2
    VersionMinor    REG_SZ    0
    Version    REG_SZ    2.0.0.0
    InstallDate    REG_BINARY    AC74C6890147E640
    DisplayIcon    REG_SZ    C:\Users\krons\AppData\Roaming\BitCleaner\uninstall.exe
    UninstallString    REG_SZ    "C:\Users\krons\AppData\Roaming\BitCleaner\uninstall.exe" iid=604945_31214828



========= Ende von CMD: =========

HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitCleaner => erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk => ":A1B76439FE" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk => ":B96E9B8455" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk => ":60EC9648C0" ADS erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk => ":1DC1525F34" ADS erfolgreich entfernt
C:\Users\krons\Desktop\FRST64.exe => ":MBAM.Zone.Identifier" ADS erfolgreich entfernt
C:\Users\krons\AppData\Local\Temp => ":$DATA​" ADS erfolgreich entfernt
C:\Users\Public\Shared Files => ":VersionCache" ADS erfolgreich entfernt

========= reg query "HKCU\SOFTWARE\438f84b93ab73e6e9ccd233d1abe724b" /S =========


HKEY_CURRENT_USER\SOFTWARE\438f84b93ab73e6e9ccd233d1abe724b
    0800fc577294c34e0b28ad2839435945    REG_SZ    E15135C3F04EAE1F41EEE2FC03243A1A3349A203B4F103BC5B5B773A785AB2B7989F3D5E9E0D2396F0117010F1356C94071D64FD1A47DCDD2D029



========= Ende von CMD: =========

HKCU\SOFTWARE\438f84b93ab73e6e9ccd233d1abe724b => erfolgreich entfernt

========= reg query "HKCU\SOFTWARE" =========


HKEY_CURRENT_USER\SOFTWARE\508 Software, LLC
HKEY_CURRENT_USER\SOFTWARE\7-Zip
HKEY_CURRENT_USER\SOFTWARE\Activision
HKEY_CURRENT_USER\SOFTWARE\Alienware
HKEY_CURRENT_USER\SOFTWARE\Amazon Game Studios
HKEY_CURRENT_USER\SOFTWARE\AppDataLow
HKEY_CURRENT_USER\SOFTWARE\ASCOMP
HKEY_CURRENT_USER\SOFTWARE\Battlestate Games
HKEY_CURRENT_USER\SOFTWARE\BitTorrentPersist
HKEY_CURRENT_USER\SOFTWARE\Blizzard Entertainment
HKEY_CURRENT_USER\SOFTWARE\BugSplat
HKEY_CURRENT_USER\SOFTWARE\Bytedance
HKEY_CURRENT_USER\SOFTWARE\C-Media
HKEY_CURRENT_USER\SOFTWARE\CapCut
HKEY_CURRENT_USER\SOFTWARE\Chromium
HKEY_CURRENT_USER\SOFTWARE\CleverFiles
HKEY_CURRENT_USER\SOFTWARE\Clients
HKEY_CURRENT_USER\SOFTWARE\Coffee Stain Studios
HKEY_CURRENT_USER\SOFTWARE\Core Design
HKEY_CURRENT_USER\SOFTWARE\Corsair
HKEY_CURRENT_USER\SOFTWARE\DeviceInfo
HKEY_CURRENT_USER\SOFTWARE\DiskInternals
HKEY_CURRENT_USER\SOFTWARE\Electronic Arts
HKEY_CURRENT_USER\SOFTWARE\Epic Games
HKEY_CURRENT_USER\SOFTWARE\Error Monitor
HKEY_CURRENT_USER\SOFTWARE\FoneLab
HKEY_CURRENT_USER\SOFTWARE\Gabest
HKEY_CURRENT_USER\SOFTWARE\Gaijin
HKEY_CURRENT_USER\SOFTWARE\GameCenter
HKEY_CURRENT_USER\SOFTWARE\GOG.com
HKEY_CURRENT_USER\SOFTWARE\Google
HKEY_CURRENT_USER\SOFTWARE\HNC
HKEY_CURRENT_USER\SOFTWARE\HWiNFO64
HKEY_CURRENT_USER\SOFTWARE\Icaros
HKEY_CURRENT_USER\SOFTWARE\JavaSoft
HKEY_CURRENT_USER\SOFTWARE\Khronos
HKEY_CURRENT_USER\SOFTWARE\Kitka Games
HKEY_CURRENT_USER\SOFTWARE\Logitech
HKEY_CURRENT_USER\SOFTWARE\Malwarebytes
HKEY_CURRENT_USER\SOFTWARE\ManyCam
HKEY_CURRENT_USER\SOFTWARE\Mechanistry
HKEY_CURRENT_USER\SOFTWARE\Mediatonic
HKEY_CURRENT_USER\SOFTWARE\Meltytech
HKEY_CURRENT_USER\SOFTWARE\Microsoft
HKEY_CURRENT_USER\SOFTWARE\MiniTool Software Limited
HKEY_CURRENT_USER\SOFTWARE\MiniTool Solution Ltd.
HKEY_CURRENT_USER\SOFTWARE\Mojang
HKEY_CURRENT_USER\SOFTWARE\Mozilla
HKEY_CURRENT_USER\SOFTWARE\Netscape
HKEY_CURRENT_USER\SOFTWARE\Ninja Kiwi
HKEY_CURRENT_USER\SOFTWARE\NinjaKiwi
HKEY_CURRENT_USER\SOFTWARE\NVIDIA Corporation
HKEY_CURRENT_USER\SOFTWARE\ODBC
HKEY_CURRENT_USER\SOFTWARE\Opera Software
HKEY_CURRENT_USER\SOFTWARE\Oracle
HKEY_CURRENT_USER\SOFTWARE\Overwolf
HKEY_CURRENT_USER\SOFTWARE\Petroglyph
HKEY_CURRENT_USER\SOFTWARE\Piriform
HKEY_CURRENT_USER\SOFTWARE\Policies
HKEY_CURRENT_USER\SOFTWARE\QtProject
HKEY_CURRENT_USER\SOFTWARE\Realtek
HKEY_CURRENT_USER\SOFTWARE\RegisteredApplications
HKEY_CURRENT_USER\SOFTWARE\ROCCAT
HKEY_CURRENT_USER\SOFTWARE\Rockstar Games
HKEY_CURRENT_USER\SOFTWARE\SteamPopCap
HKEY_CURRENT_USER\SOFTWARE\SyncEngines
HKEY_CURRENT_USER\SOFTWARE\TeamSpeak 3 Client
HKEY_CURRENT_USER\SOFTWARE\TelegramDesktop
HKEY_CURRENT_USER\SOFTWARE\Ubisoft
HKEY_CURRENT_USER\SOFTWARE\Valve
HKEY_CURRENT_USER\SOFTWARE\Visicom Media
HKEY_CURRENT_USER\SOFTWARE\Wargaming.net
HKEY_CURRENT_USER\SOFTWARE\WinRAR
HKEY_CURRENT_USER\SOFTWARE\WinRAR SFX
HKEY_CURRENT_USER\SOFTWARE\Wondershare
HKEY_CURRENT_USER\SOFTWARE\Wow6432Node
HKEY_CURRENT_USER\SOFTWARE\Youthcat Studio
HKEY_CURRENT_USER\SOFTWARE\Classes


========= Ende von CMD: =========

C:\Users\krons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BitCleaner Tasker.lnk => erfolgreich verschoben
"C:\Users\krons\AppData\Roaming\BitCleaner" => wurde entsperrt

========================= Folder: C:\Users\krons\AppData\Roaming\BitCleaner ========================

2024-11-28 01:09 - 2024-11-28 01:09 - 000000015 ____A [D46E955272A6922FFA6670F49EDB3B60] () C:\Users\krons\AppData\Roaming\BitCleaner\BitCleaner Tasker.dat
2024-11-28 01:09 - 2024-11-28 01:09 - 011163168 ____A [7169C7BBE92018EE7DA18B1994CE6763] (BINARYLABS LIMITED -> Binarylabs LTD) C:\Users\krons\AppData\Roaming\BitCleaner\BitCleaner Tasker.exe
2024-11-28 01:09 - 2024-11-28 01:09 - 000000047 ____A [FA674B12E9CD78EDAF24D686D2EB3C1C] () C:\Users\krons\AppData\Roaming\BitCleaner\BitCleaner Tasker.res
2024-11-28 01:09 - 2024-11-28 01:09 - 005486624 ____A [CD7B828CE03C4FB1BD83F3433CC96B09] (BINARYLABS LIMITED -> Binarylabs LTD) C:\Users\krons\AppData\Roaming\BitCleaner\BitCleaner.exe
2024-11-28 01:09 - 2024-11-28 01:09 - 000012046 ____A [F972DF2A5E021D442E7F56B6202E6BD8] () C:\Users\krons\AppData\Roaming\BitCleaner\license.rtf
2024-11-28 01:09 - 2024-11-28 01:09 - 001033728 ____A [D96CF32292A0389BBBDA0704077780E1] () [Datei ist nicht signiert] C:\Users\krons\AppData\Roaming\BitCleaner\sqlite3.dll
2024-11-28 01:09 - 2024-11-28 01:09 - 026636320 ____A [D954A00AA6E0576A83220EF8199695B9] (BINARYLABS LIMITED -> Binarylabs LTD) C:\Users\krons\AppData\Roaming\BitCleaner\uninstall.exe

====== Ende von Folder: ======


========================= File: C:\Users\krons\AppData\Roaming\BitCleaner\BitCleaner Tasker.exe ========================

C:\Users\krons\AppData\Roaming\BitCleaner\BitCleaner Tasker.exe
Datei ist digital signiert
MD5: 7169C7BBE92018EE7DA18B1994CE6763
Erstellungs- und Änderungsdatum: 2024-11-28 01:09 - 2024-11-28 01:09
Größe: 011163168
Attribute: ----A
Firmenname: BINARYLABS LIMITED -> Binarylabs LTD 

Interne Name: 
Original Name: 
Produkt: BitCleaner
Beschreibung: BitCleaner Tasker
Datei Version: 2.0.0.0
Produkt Version: 2.0.0.0
Urheberrecht: Copyright (C) 2023 Binarylabs LTD
Virusscan: https://virusscan.jotti.org/filescanjob/scgnadug05

====== Ende von File: ======


"C:\Users\krons\AppData\Roaming\BitCleaner" Ordner verschieben:

Konnte nicht verschoben werden "C:\Users\krons\AppData\Roaming\BitCleaner" => ist geplant bei Neustart verschoben zu werden.


========= type "C:\ProgramData\NTUSER.pol" =========

0x500052006500670001000000000000005B000000530000006F0000006600000074000000770000006100000072000000650000005C000000500000006F0000006C00000069000000630000006900000065000000730000005C0000004D0000006900000063000000720000006F000000730000006F00000066000000740000005C00000057000000690000006E000000640000006F00000077000000730000005C00000047000000720000006F000000750000007000000020000000500000006F0000006C000000690000006300000079000000200000004F000000620000006A000000650000006300000074000000730000005C00000052000000690000006300000068000000740000006C000000690000006E00000069000000650000006E00000020000000640000006500000072000000200000006C0000006F0000006B000000610000006C000000650000006E00000020000000470000007200000075000000700000007000000065000000000000003B0000002A0000002A000000430000006F0000006D0000006D000000650000006E000000740000003A00000047000000500000004F000000200000004E000000610000006D000000650000003A0000002000000052000000690000006300000068000000740000006C000000690000006E00000069000000650000006E00000020000000640000006500000072000000200000006C0000006F0000006B000000610000006C000000650000006E00000020000000470000007200000075000000700000007000000065000000000000003B00000001000000000000003B00000000000000000000003B0000005D000000

========= Ende von CMD: =========


========= reg query "HKLM\SOFTWARE\Policies\Mozilla" /S =========


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox
    QuicAllowed    REG_DWORD    0x0

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\Certificates
    ImportEnterpriseRoots    REG_DWORD    0x1



========= Ende von CMD: =========


========= reg query "HKLM\SOFTWARE\Policies\Google" /S =========


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome
    QuicAllowed    REG_DWORD    0x0



========= Ende von CMD: =========


========= reg query "HKLM\SOFTWARE\Policies\Vivaldi" /S =========


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Vivaldi
    QuicAllowed    REG_DWORD    0x0



========= Ende von CMD: =========


"C:\Windows\system32\GroupPolicy\Machine" Ordner verschieben:

C:\Windows\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\Windows\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\ProgramData\NTUSER.pol => erfolgreich verschoben
HKLM\SOFTWARE\Policies\Mozilla => erfolgreich entfernt
HKLM\SOFTWARE\Policies\Google => erfolgreich entfernt
HKLM\SOFTWARE\Policies\Vivaldi => erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\HWiNFO_163 => erfolgreich entfernt
HWiNFO_163 => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\wtbt => erfolgreich entfernt
wtbt => Dienst erfolgreich entfernt
"AV: BullGuard Antivirus (Disabled - Out of date) {0C5A09FB-657F-B94D-DF1B-BB843C6EE0E4}" => erfolgreich entfernt
"FW: BullGuard Firewall (Enabled) {346188DE-2F10-B815-F444-12B1C2BDA79F}" => erfolgreich entfernt

========= cscript /nologo %systemroot%\System32\slmgr.vbs /dlv =========

Softwarelizenzierungsdienst-Version: 10.0.19041.5369

Name: Windows(R), Core edition
Beschreibung: Windows(R) Operating System, RETAIL channel
Aktivierungs-ID: 2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8
Anwendungs-ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Erweiterte PID: 03612-03261-000-000000-00-1031-19043.0000-1372021
Product Key-Kanal: Retail
Installations-ID: 612943308076541914972498245691858261741125034679523888055453761
Lizenz-URL verwenden: https://activation-v2.sls.microsoft.com/SLActivateProduct/SLActivateProduct.asmx?configextension=Retail
URL f�r die šberpr�fung: https://validation-v2.sls.microsoft.com/SLWGA/slwga.asmx
Teil-Product Key: 8HVX7
Lizenzstatus: Lizenziert
Verbleibende Windows Rearm-Anzahl: 999
Verbleibende SKU Rearm-Anzahl: 999
Vertrauensw�rdige Zeit: 11.02.2025 23:41:40




========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlieáen.



========= Ende von CMD: =========


========= netsh advfirewall reset =========

OK.



========= Ende von CMD: =========


========= netsh advfirewall set allprofiles state ON =========

OK.



========= Ende von CMD: =========


========= netsh winhttp reset proxy =========


Aktuelle WinHTTP-Proxyeinstellungen:

    DirectAccess (kein Proxyserver).



========= Ende von CMD: =========


========= Bitsadmin /Reset /Allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.


========= Ende von CMD: =========


========= Winmgmt /salvagerepository =========

Das WMI-Repository ist konsistent.


========= Ende von CMD: =========


========= Winmgmt /verifyrepository =========

Das WMI-Repository ist konsistent.


========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Fehler: Die Leistungsindikatoreinstellung konnte nicht aus dem Systemsicherungsspeicher neu erstellt werden. Fehlercode: 2.

========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.

========= Ende von CMD: =========


========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.

========= Ende von CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Die Leistungsindikatoreinstellung konnte erfolgreich aus dem Systemsicherungsspeicher neu erstellt werden.

========= Ende von CMD: =========

C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.

========= RemoveProxy: =========

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt
"HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => erfolgreich entfernt
"HKU\S-1-5-21-2424841526-2556149945-2766575121-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========== EmptyTemp: ==========

FlushDNS => abgeschlossen
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1624221315 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 696604674 B
Windows/system/drivers => 138874547 B
Edge => 0 B
Firefox => 2040845120 B
Opera => 374088055 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 149202158 B
systemprofile32 => 149202476 B
LocalService => 149233322 B
NetworkService => 150840528 B
krons => 414981622 B

RecycleBin => 6627312230 B
EmptyTemp: => 11.7 GB temporäre Dateien entfernt.

================================

Ergebnis der geplanten Datei-Verschiebungen (Start-Modus: Normal) (Datum&Uhrzeit: 11-02-2025 23:48:05)

C:\Users\krons\AppData\Roaming\BitCleaner => ist erfolgreich verschoben

==== Ende vom Fixlog 23:48:05 ====