legendevent | 08.10.2022 16:26 | (Addition Log Teil2) Windows 10 (21H2): Windowsdefender meldet: Trojan:MSIL/Bladabindi.OE!MTB (Log Teil2) Hier der 2. Teil vom Additionlog und danach der FRST Log Code:
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{B055CD66-6E58-421C-9689-1A715B9DC120}C:\users\lucap\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lucap\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A1E52362-8CF1-459D-A85A-3DD89034BA97}C:\users\lucap\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\lucap\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1AE35F62-FC60-47FF-AC33-277333B7DE97}C:\program files\daedalus mainnet\daedalus mainnet.exe] => (Allow) C:\program files\daedalus mainnet\daedalus mainnet.exe (GitHub, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{68C622B7-2A5B-4F9F-8AC1-6A6D64D77509}C:\program files\daedalus mainnet\daedalus mainnet.exe] => (Allow) C:\program files\daedalus mainnet\daedalus mainnet.exe (GitHub, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D4102AF4-482A-493C-B3BC-F449B42CEE21}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [UDP Query User{911A43CD-A386-4534-9947-C31F2774BF8B}C:\users\lucap\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe] => (Allow) C:\users\lucap\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe => Keine Datei
FirewallRules: [TCP Query User{3186B7E1-C803-4DA7-8F56-59E7BDD66B18}C:\users\lucap\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe] => (Allow) C:\users\lucap\appdata\local\programs\nicehash miner\miner_plugins\fa369d10-94eb-11ea-a64d-17be303ea466\bins\15.1\phoenixminer_5.2e_windows\phoenixminer.exe => Keine Datei
FirewallRules: [{50A838E3-1FE8-4E62-8136-92807E5966C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0D5B8BE2-8BEA-4851-8F08-F18DD5D43B37}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B8C5DA5D-9163-4107-AC8C-2B44055563FE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{706E0FB1-CF71-4F62-8BFD-9D4184121E6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A856504B-938F-494F-8952-4267B8EE7864}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{C8EEEFE7-60EC-4496-8E52-4005B75C3313}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{DBBFBB69-6FCA-4814-BDD7-82F0E3755C37}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{4163EC52-B9EC-42E5-A11B-5DB7F46ADCE2}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{4B9F176B-ED9F-4897-AA2D-3E76381B5D70}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{BE0F3533-AFDE-43DB-ABAC-4830B7BAD71E}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{6D2D2A1A-136D-4BE5-98C2-BC062A5C085C}D:\battlenet\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battlenet\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [UDP Query User{6AC11A53-471E-4F88-8171-7B0B4FED3368}D:\battlenet\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battlenet\call of duty modern warfare\modernwarfare.exe => Keine Datei
FirewallRules: [{B1BDDD19-26A0-4CE4-8083-0209AF7BC9AA}] => (Allow) E:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe (Unity Technologies ApS) [Datei ist nicht signiert]
FirewallRules: [{392A9D61-7C90-4FF6-8AB5-3C01EE4B834E}] => (Allow) E:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe (Unity Technologies ApS) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{7528AF07-A512-4AAE-B20D-B4C6F2097F07}C:\users\lucap\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\lucap\appdata\local\gamecenter\gamecenter.exe => Keine Datei
FirewallRules: [UDP Query User{BC484671-BE68-48A8-9493-BE2DF6574840}C:\users\lucap\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\lucap\appdata\local\gamecenter\gamecenter.exe => Keine Datei
FirewallRules: [{B9B2106D-2CFC-47AC-B26C-04A13CAC4591}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{139F9C58-CF73-4AAC-AD70-E248D02EB8ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{D126B0DF-9FF8-484C-911D-79E3C1BA026F}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{9FD1CE5D-13C1-402A-8F15-EA08AF337FA2}C:\program files\java\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_281\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{5D22B059-C16D-4F78-9B25-06AB440C8DAB}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{0FB5E468-B82B-490A-A432-82670F257983}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{F5DFC3F6-CB5B-45A0-9709-4746E31116C2}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{41F38958-2A46-444C-91E1-E3518CBE29D7}] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{FCD57E13-ED76-4861-ACF3-CCC9026A5D47}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [{0A233FB7-3D50-4D26-A7D3-AA137B8F21DF}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Scavengers\Scavengers_Launcher.exe (Epic Games, Inc) [Datei ist nicht signiert]
FirewallRules: [{40F931E0-1FA1-40A7-80A3-4B02F70EC2F9}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Scavengers\Scavengers_Launcher.exe (Epic Games, Inc) [Datei ist nicht signiert]
FirewallRules: [{EB01688F-4A42-4480-AA19-1DD3D0374B9E}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [{E387A6B4-1684-44AE-ABA5-A9C9261EA39A}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [{E045F99A-CBE7-43A2-8012-4661B4125068}] => (Allow) C:\Program Files\Unity\Editor\Unity.exe => Keine Datei
FirewallRules: [{166C57C6-07B7-4F49-AB50-F8CDB5A5B5F6}] => (Block) C:\Program Files\Unity\Editor\Unity.exe => Keine Datei
FirewallRules: [{93702EF5-4211-48A4-A6E2-B0FF88261EBF}] => (Allow) C:\Program Files\Unity\Hub\Editor\2020.3.11f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{B96E94CA-B3A8-4BA9-B502-AFB555A4C5CF}] => (Block) C:\Program Files\Unity\Hub\Editor\2020.3.11f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{25719415-8AD5-4E7C-8BCE-D43229B7E7DF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2D095F1-26FF-4314-AFBB-9ECBC0BEF989}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{307FDA5B-742A-4066-9EFC-DF1F235E9464}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Police Simulator Patrol Officers\Boston.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{E061731D-11B3-4186-9E8E-F0870ABC650E}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Police Simulator Patrol Officers\Boston.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{9F719FDF-B9F9-4416-973D-4431291AB29E}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{77A609ED-531E-46FB-B3FB-8ED634D9DEF1}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{EF59AC6E-EF84-487F-9659-C8A7634FF108}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Back4BloodBeta\Gobi\Binaries\Win64\Back4Blood.exe => Keine Datei
FirewallRules: [{DFE1675B-6718-497D-B6FE-96B1EA308010}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Back4BloodBeta\Gobi\Binaries\Win64\Back4Blood.exe => Keine Datei
FirewallRules: [{558ADEA4-85FE-4703-94E7-72A0029221E0}] => (Allow) C:\Program Files\Unity\Hub\Editor\2021.1.16f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{837BD691-2D10-47E9-A6B5-07C2EA58AE24}] => (Block) C:\Program Files\Unity\Hub\Editor\2021.1.16f1\Editor\Unity.exe => Keine Datei
FirewallRules: [{69F665B3-BD1C-4A79-AECC-72285FB4F5AB}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => Keine Datei
FirewallRules: [{BE4BCCF2-2AC5-40B5-AF0B-D110A220AC9F}] => (Allow) C:\Program Files\Daedalus Mainnet\cardano-node.exe (Input Output HK Limited -> )
FirewallRules: [TCP Query User{C0A47962-166E-4A7D-A592-D7EC32C73B6D}F:\spiele\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [UDP Query User{9050EDC6-5E68-450D-8827-B6141D0E5F21}F:\spiele\steamlibrary\steamapps\common\new world\bin64\newworld.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\new world\bin64\newworld.exe (Amazon.com Services LLC -> Amazon.com, Inc.)
FirewallRules: [TCP Query User{BCA289C6-CAA7-4C3C-BF00-A28F684FD58A}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [UDP Query User{441AF1A6-6E29-4745-9EF9-2E9D51D5DCB1}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [{8E01B8E0-E189-42F6-B6CB-39716C595B57}] => (Block) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [{66478A40-FBC1-49C1-A915-C582A8F155DF}] => (Block) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [TCP Query User{737394C3-53A5-40D0-8CD0-0627DB9DCCE9}C:\program files\java\jdk-17.0.1\bin\javaw.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\javaw.exe
FirewallRules: [UDP Query User{88DD6837-1624-46F2-A4FF-11AD3952DE59}C:\program files\java\jdk-17.0.1\bin\javaw.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\javaw.exe
FirewallRules: [{DD823069-F27D-43C1-B1D2-9A2FF2CF7D8F}] => (Block) C:\program files\java\jdk-17.0.1\bin\javaw.exe
FirewallRules: [{45BA234D-0242-498A-A30F-E59B00C7DAD2}] => (Block) C:\program files\java\jdk-17.0.1\bin\javaw.exe
FirewallRules: [TCP Query User{D1DA5D7E-0525-4ADD-817C-F3E6B3222913}C:\program files\java\jdk-17.0.1\bin\java.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [UDP Query User{34B01248-7CBB-4162-9863-8E84F04F3C4D}C:\program files\java\jdk-17.0.1\bin\java.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [{6F7C6BAF-2095-4F2E-9EC6-D2F043234DD7}] => (Block) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [{F4AC9896-E2A6-4E54-A6AB-8381945C22DA}] => (Block) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [TCP Query User{93987B60-318F-4237-B227-CAE224486B52}C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe
FirewallRules: [UDP Query User{D6984EA7-CB63-4FE9-A9A9-9AC9C66C558A}C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe
FirewallRules: [{3FE6117E-CD69-4EC5-B4A9-FBC09F6C70C4}] => (Block) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe
FirewallRules: [{A2FDE404-11DE-48D5-8C71-854FE8ACA7D6}] => (Block) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe
FirewallRules: [TCP Query User{8D16BE4E-CE80-437F-9C2F-ED95379B923E}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{930E237A-89C5-44EB-8B49-4019D456C512}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{437B7E93-0B86-47E5-B415-D440862E26A4}] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{5060D30D-E5DA-4759-BC3B-EA91F7FCA27A}] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{6673FE6F-1386-4460-82D4-EDD4485A2EE2}C:\program files\java\jre1.8.0_311\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_311\bin\java.exe => Keine Datei
FirewallRules: [UDP Query User{5875C373-FD26-4B95-9B71-1A56A875D08B}C:\program files\java\jre1.8.0_311\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_311\bin\java.exe => Keine Datei
FirewallRules: [{17830A47-3CA0-4C41-8DFE-7C5FD2C118F7}] => (Block) C:\program files\java\jre1.8.0_311\bin\java.exe => Keine Datei
FirewallRules: [{72059373-C071-4E14-BE6E-39C57A40D014}] => (Block) C:\program files\java\jre1.8.0_311\bin\java.exe => Keine Datei
FirewallRules: [TCP Query User{699B7CC1-44B8-47AA-8F38-02505DBF4A16}C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{77DBCCBC-D06A-4892-94FF-0A7BB3809ED3}C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{24C452F0-C820-40AC-B7B1-994493370F4A}] => (Block) C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{365D501F-3B7D-4E1E-8D48-ED1D5EBB00D5}] => (Block) C:\users\lucap\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{17E62ECE-4E95-47FC-81C9-7218DF7035EF}C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{22102CE2-5763-45DF-A0DE-9B2F8D9D2F3C}C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{CD77AFA6-684A-45D1-9A9F-9A9620DB631F}] => (Block) C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [{73CAC0DD-3524-4C10-A59B-09A6D9C0CCDB}] => (Block) C:\users\lucap\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [TCP Query User{F4A9DBA8-CAC5-4956-A908-5B998134BC90}F:\spiele\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe => Keine Datei
FirewallRules: [UDP Query User{FB02D43E-06CA-451C-8114-227B54D3B52D}F:\spiele\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe => Keine Datei
FirewallRules: [TCP Query User{1896F537-C6AD-4200-8CC5-DA440CF9FABE}F:\battlefield2042\battlefield 2042\bf2042.exe] => (Allow) F:\battlefield2042\battlefield 2042\bf2042.exe => Keine Datei
FirewallRules: [UDP Query User{AC9B4935-4DF9-4571-AFFC-22DCD7140D05}F:\battlefield2042\battlefield 2042\bf2042.exe] => (Allow) F:\battlefield2042\battlefield 2042\bf2042.exe => Keine Datei
FirewallRules: [{1F4633A3-EAC3-4DF3-BF00-6F7B61614AAF}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe => Keine Datei
FirewallRules: [{5FA054FD-65E7-4413-A46F-6923A001A764}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe => Keine Datei
FirewallRules: [{C30359CA-B904-420E-BC92-E1B571E04C76}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe => Keine Datei
FirewallRules: [{8A6C56E0-FCB7-4F3E-BB01-3CA1686FC9B0}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe => Keine Datei
FirewallRules: [TCP Query User{0192CD57-CB68-4E5A-94FD-307849245684}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Keine Datei
FirewallRules: [UDP Query User{834189CB-CB43-4CFE-9CB9-422A29717A51}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => Keine Datei
FirewallRules: [TCP Query User{3B78FFFD-4FB2-4254-9DF3-B1B72BDF95F4}F:\spiele\riot games\riot client\riotclientservices.exe] => (Allow) F:\spiele\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{2719E38A-59AA-4A70-B8C7-265700BACCAD}F:\spiele\riot games\riot client\riotclientservices.exe] => (Allow) F:\spiele\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{EB58D4DC-655C-4A68-8F88-526BF58DA41E}F:\spiele\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe => Keine Datei
FirewallRules: [UDP Query User{498F12DF-6B0D-49A7-B5A7-3347DCBF2F1E}F:\spiele\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe => Keine Datei
FirewallRules: [TCP Query User{D87B8B17-18B3-4CE5-9D00-E8B3165D14F9}C:\program files\jetbrains\pycharm community edition 2021.3.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2021.3.1\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{876C2405-4AE4-42A1-836C-EEED4D10E361}C:\program files\jetbrains\pycharm community edition 2021.3.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2021.3.1\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{D82947DF-6D10-4184-B867-B90BCDE230CC}] => (Allow) F:\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{9B8ECDA9-B8F3-42E1-A678-8D353D384CA7}] => (Allow) F:\Tom Clancy's Rainbow Six Siege\rainbowsix_be.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{B14D4F6D-91A4-414C-B68C-3CECB7DF9C4B}] => (Allow) F:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{46126EC3-C382-4618-82D7-F6490A34F14F}] => (Allow) F:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{ABC6390E-8360-46BD-B335-F0D6D4ADFFBD}F:\spiele\steamlibrary\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{F9037371-3110-4E3E-962C-6FCFA6AB3D8B}F:\spiele\steamlibrary\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [Datei ist nicht signiert]
FirewallRules: [{6F64AE58-95EA-4BFE-AAF5-5DD0CFDFB20D}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{493E56C8-8CEA-4500-9186-2EF521F129C6}G:\visual studio\2022\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe] => (Allow) G:\visual studio\2022\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B77F7B39-2D43-4530-9D5A-5716E396A6D7}G:\visual studio\2022\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe] => (Allow) G:\visual studio\2022\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{623FD68D-0B24-4BAC-8F2B-C5EA6F6D084B}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{2E5CF565-0E00-4231-A101-232E41862224}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{36C2551E-C59B-4567-8BE0-3C82091FD0F2}F:\spiele\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [UDP Query User{CDEB9012-DA93-481D-87DE-A0EE9166910F}F:\spiele\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Keine Datei
FirewallRules: [{6F50DB18-63D4-444A-94A7-F9CE53ACC79D}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{85FF5C82-A422-421C-AFA0-E78D5958EF89}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [{2BBA24EC-CA88-4FFE-BC32-E6489566E631}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{D1753862-5580-469A-AE25-1CAF9D2A9D7F}F:\spiele\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{1B34FDE8-10AF-456F-921B-288131AD2317}F:\spiele\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [{C74578E8-8DF1-41CA-B006-4DCDB273F43E}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Hydroneer\Mining.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D95A059F-9CCB-4FF4-A6FC-D353914D500B}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Hydroneer\Mining.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{268248C2-F75A-4018-9F27-F90A9704CF48}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{28CD5A59-F0A5-4FB4-B6E6-22E14B6DD5BA}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{DB4DAC25-0B2A-4ECA-AFF7-4465774A9573}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{AC4C275F-AD7D-4319-9CCD-C1958756B3F1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{F06BA117-1824-4AC1-8034-8602CD719F10}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe => Keine Datei
FirewallRules: [{95CC9589-F13A-4786-A1A6-5C94FCEA4A66}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\PAYDAY 2\payday2_win32_release.exe => Keine Datei
FirewallRules: [TCP Query User{7852ADD3-EF3C-4EB3-8587-69F4C57D5220}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9A1AA7F5-E34E-42C2-AC65-75445139E2AC}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{87E5A834-F205-4B1C-BEDB-82DBCDB10079}F:\spiele\steamlibrary\steamapps\common\arma reforger\armareforgersteam.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\arma reforger\armareforgersteam.exe => Keine Datei
FirewallRules: [UDP Query User{BEA55C9C-DB24-4CF6-A621-6458D67A3660}F:\spiele\steamlibrary\steamapps\common\arma reforger\armareforgersteam.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\arma reforger\armareforgersteam.exe => Keine Datei
FirewallRules: [{8555DB45-A979-4A50-8411-87AA5D59B266}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{E70546CD-62EA-483C-8175-A8FCE85943C0}C:\program files\ultimaker cura 5.0.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.0.0\ultimaker-cura.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4E78B0F4-1867-4C01-84FF-B3AFAA6A1D68}C:\program files\ultimaker cura 5.0.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.0.0\ultimaker-cura.exe () [Datei ist nicht signiert]
FirewallRules: [{0CC070C7-10B6-47C6-8ED1-A17B5F4AB320}] => (Allow) F:\AssassinsCreedOrigins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{57A46265-9A7F-42B3-951A-1EC892F41BAC}] => (Allow) F:\AssassinsCreedOrigins\ACOrigins_plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{EB3EA712-4F35-48D5-9E8A-F3EDDD4514B6}] => (Allow) D:\SteamLibrary\steamapps\common\The Cycle\Prospect_BE.exe => Keine Datei
FirewallRules: [{5398AC86-7029-4EF6-BC3F-C920940BC8AF}] => (Allow) D:\SteamLibrary\steamapps\common\The Cycle\Prospect_BE.exe => Keine Datei
FirewallRules: [{56EAEAA8-A6D6-4BF2-A6D1-AB0386EAC701}] => (Allow) D:\SteamLibrary\steamapps\common\Tales of Arise Demo Version\Arise\Binaries\Win64\Tales of Arise.exe => Keine Datei
FirewallRules: [{CB4C5C87-EEFE-49E7-952B-0BD31113ADF8}] => (Allow) D:\SteamLibrary\steamapps\common\Tales of Arise Demo Version\Arise\Binaries\Win64\Tales of Arise.exe => Keine Datei
FirewallRules: [TCP Query User{21B320B5-F904-4BAA-8B54-EE9EA37E7E7A}C:\users\lucap\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\lucap\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{AC3E93D8-9931-4CF0-AEAC-AE05000AB27D}C:\users\lucap\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\lucap\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{A56E9D8F-52A9-49CE-A570-EEEE12EDEE98}D:\rockstar\grand theft auto v\gta5.exe] => (Allow) D:\rockstar\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{C1C3CBA6-81D8-4187-97BE-018BA94F1B32}D:\rockstar\grand theft auto v\gta5.exe] => (Allow) D:\rockstar\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{117A9D67-0985-4FFA-BADB-8F96899322A7}] => (Allow) G:\VMware\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{0E30DB09-77B9-49C8-842E-570C8EE69EF1}] => (Allow) G:\VMware\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{972AE3AA-089C-4E1D-8F02-FBFA154D9907}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40E27852-6E2E-4612-A565-F9C0902EE6CA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9358E5D-F93E-4922-A2BB-AA588ECA44EC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{41B79784-1A75-43F3-8658-F9AD37E6CF26}] => (Allow) F:\Grand\GrandRP Launcher\RAGEMP\ragemp_v.exe => Keine Datei
FirewallRules: [{05AB3C4F-3398-424C-BA3D-0C387CC9318A}] => (Allow) F:\Grand\GrandRP Launcher\RAGEMP\ragemp_v.exe => Keine Datei
FirewallRules: [TCP Query User{E2624B3C-B63A-4E3D-B7CB-3B746EF367B2}F:\grand\grandrp launcher\ragemp\cef\ragemp_game_ui.exe] => (Allow) F:\grand\grandrp launcher\ragemp\cef\ragemp_game_ui.exe => Keine Datei
FirewallRules: [UDP Query User{3534449D-83F5-42D2-AFC8-1FF4F2140B78}F:\grand\grandrp launcher\ragemp\cef\ragemp_game_ui.exe] => (Allow) F:\grand\grandrp launcher\ragemp\cef\ragemp_game_ui.exe => Keine Datei
FirewallRules: [{A6CB9AF2-C1BD-4C58-85F0-72122A13071D}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert]
FirewallRules: [{A6BA0C1E-4589-4641-8221-B83D3A7189F3}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Aim Lab\AimLab_tb.exe () [Datei ist nicht signiert]
FirewallRules: [{06DDCE8D-1D35-4E5C-BD26-6EC0C1190E8E}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{F1D043C6-AF09-420E-BCF8-574308AC55E5}] => (Allow) D:\NosTale\DYNZEN\DZLauncher.exe => Keine Datei
FirewallRules: [TCP Query User{DFE0B60F-0C34-4B3E-95DF-A98403813AD2}F:\spiele\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{8E7DEAE5-29E0-40B7-9B00-26CDAFDBAFDD}F:\spiele\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{3815DCB4-4591-4FF0-B3C2-8E628E0E7602}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Ready Or Not\ReadyOrNot.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{E2CFB573-1990-4340-A0CC-B2AF5AEF9F96}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Ready Or Not\ReadyOrNot.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{EA9903D6-2FEB-40AF-9153-5BC9E2F2CD4A}] => (Allow) C:\Users\lucap\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{7F4A241C-CD04-4433-8BA0-FA2F0E15B097}] => (Allow) C:\Users\lucap\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{45CAE728-35C2-4D15-A3B2-0EBEB3AF420A}] => (Allow) F:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe () [Datei ist nicht signiert]
FirewallRules: [{EA6B7BE8-FB02-4B2E-8C5C-4652CD5AE9FD}] => (Allow) F:\Tower Of Fantasy\Launcher\intl_service\intl_service.exe (PROXIMA BETA PTE. LIMITED -> PROXIMA BETA PTE. LIMITED)
FirewallRules: [TCP Query User{A8DF2F81-EDE1-4ECA-AA92-2DC2B127920C}C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe (BUREL VINCENT -> VB-AUDIO Software)
FirewallRules: [UDP Query User{2057F51F-E21F-4D1E-B60D-CEDE15D222AE}C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\voicemeeterpro.exe (BUREL VINCENT -> VB-AUDIO Software)
FirewallRules: [{692A2D6E-857F-459E-9B18-4C2B4D83B15B}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{81340C5E-4264-4EC2-B18D-439718F5D19B}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [Datei ist nicht signiert]
FirewallRules: [{DFA2ACAE-EE2B-4B5C-8F0D-2403DE2D045F}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{237EC99F-5B57-441D-84D4-351E223149EE}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{DBE8CF1D-C974-4FDB-9E59-8FE49B7EE7ED}C:\program files (x86)\vb\voicemeeter\vban2midi.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\vban2midi.exe (BUREL VINCENT -> Audio Mechanic & Sound Breeder)
FirewallRules: [UDP Query User{6D1DB665-ADAF-408B-9D9D-ADC9365FB024}C:\program files (x86)\vb\voicemeeter\vban2midi.exe] => (Allow) C:\program files (x86)\vb\voicemeeter\vban2midi.exe (BUREL VINCENT -> Audio Mechanic & Sound Breeder)
FirewallRules: [{951CF11F-8391-477F-B041-0CBE5DD78EA0}] => (Allow) C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{88BE0DBC-ECCC-42EB-9D96-F47C86F8F6E3}C:\program files\windowsapps\60992midimixer.midimixer_2.7.1.0_x64__crf4gtfkaz836\app\midi mixer.exe] => (Allow) C:\program files\windowsapps\60992midimixer.midimixer_2.7.1.0_x64__crf4gtfkaz836\app\midi mixer.exe => Keine Datei
FirewallRules: [UDP Query User{3AF61B7E-292A-499F-88DB-4255490489D1}C:\program files\windowsapps\60992midimixer.midimixer_2.7.1.0_x64__crf4gtfkaz836\app\midi mixer.exe] => (Allow) C:\program files\windowsapps\60992midimixer.midimixer_2.7.1.0_x64__crf4gtfkaz836\app\midi mixer.exe => Keine Datei
FirewallRules: [TCP Query User{5911571C-C5B4-4DC8-B670-2D8AD377B5B4}C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{EC2BF018-F76E-462D-BAF7-0F979E59CEFB}C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.1.0\ultimaker-cura.exe () [Datei ist nicht signiert]
FirewallRules: [{7D86D7D0-4C87-41C1-A047-5794AF31A2B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5ECA1D9E-3903-4707-9DCD-FD1E333AF14F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D659C383-BFFB-441C-8578-0C5A8D5462B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E8B52B02-B037-48CF-80AB-2C95F4AC9360}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1A15F107-105B-4831-9C53-1443DF4C4F1B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4C0CCBF6-B597-4AA2-A0FC-DB5378670302}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => Keine Datei
FirewallRules: [{D8DDB4DC-83D9-40F4-8B6F-5EC24F6B73CD}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\starbound.exe => Keine Datei
FirewallRules: [{6F3BA182-78F5-482C-A49F-C511B0FBAE3A}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => Keine Datei
FirewallRules: [{97EBFA5D-86AF-4F8E-B842-B2AFFC05EADD}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\starbound_server.exe => Keine Datei
FirewallRules: [{D70BA585-9F18-486A-867C-DD5FCDCA7495}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => Keine Datei
FirewallRules: [{40C71959-665F-42D5-98EC-8297C8E97B34}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win64\mod_uploader.exe => Keine Datei
FirewallRules: [{BE341D90-900D-4492-941C-858650DB7025}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => Keine Datei
FirewallRules: [{92DAC700-1482-48B5-B808-0EDB4D8EB6D5}] => (Allow) E:\SteamLibrary\steamapps\common\Starbound\win32\starbound.exe => Keine Datei
FirewallRules: [TCP Query User{3C792DFA-6126-4549-A900-BE7941F66F15}F:\fallguys\fallguys_client_game.exe] => (Allow) F:\fallguys\fallguys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{BDFC7BB3-7868-4C6B-BD8C-046AD421F6FB}F:\fallguys\fallguys_client_game.exe] => (Allow) F:\fallguys\fallguys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{B6E08354-F876-494F-96B3-03781414CFFB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7417C2D0-90D5-48DA-9103-D1255EABAA72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F1B334B-4F1C-447E-9A14-C20BF51C7A25}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{56EBA9CA-9C21-4D60-B927-1E0400E9A663}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{2379138D-3C4D-4301-9DFB-773D433E0FC5}F:\spiele\steamlibrary\steamapps\common\need for speed heat\needforspeedheat.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\need for speed heat\needforspeedheat.exe (Electronic Arts) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{C69606C5-3333-446C-A9E7-E3B6F6598601}F:\spiele\steamlibrary\steamapps\common\need for speed heat\needforspeedheat.exe] => (Allow) F:\spiele\steamlibrary\steamapps\common\need for speed heat\needforspeedheat.exe (Electronic Arts) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{646CDBDC-F055-40B7-8FD4-EEBF8FCC7CD7}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{B22FCC24-3317-4657-BF24-FCE63EB75AAA}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{2C4FA44B-BD01-4553-B419-40CCEE0FFEC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3FCF19E3-141E-4FE9-A3DC-1CE7BA71B22A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E93DFDFC-4B44-4C20-AB6B-015169ECAE94}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B17FD12C-6EC7-4FDF-AF8B-E2170BF9DEE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{93559D56-70AE-43EC-B1C6-80F72CAC6058}C:\program files\windowsapps\60992midimixer.midimixer_2.7.2.0_x64__crf4gtfkaz836\app\midi mixer.exe] => (Block) C:\program files\windowsapps\60992midimixer.midimixer_2.7.2.0_x64__crf4gtfkaz836\app\midi mixer.exe => Keine Datei
FirewallRules: [UDP Query User{8A4E43D8-AF77-414D-9CF3-C243950AA9D3}C:\program files\windowsapps\60992midimixer.midimixer_2.7.2.0_x64__crf4gtfkaz836\app\midi mixer.exe] => (Block) C:\program files\windowsapps\60992midimixer.midimixer_2.7.2.0_x64__crf4gtfkaz836\app\midi mixer.exe => Keine Datei
FirewallRules: [{7DB580C6-1B2F-43DA-A737-93E1F63F6589}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34F00B60-ABD5-4103-81C2-1889EEBB07DE}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc)
FirewallRules: [{B05183D0-8D14-4D26-B17E-3CD2CA80799A}] => (Allow) F:\Spiele\SteamLibrary\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> Epic Games, Inc)
FirewallRules: [{644DD8B7-084E-460B-9CCC-83065184042D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{62618D68-3EDF-4A8F-80CD-98387333B5DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AEAAEC2B-B850-4C56-A07C-28E888B37252}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{59FB57F8-F023-45C0-BB36-809F0D8F8528}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{36B14B7B-E050-48B4-80A4-4D12457652B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{051FC682-B9B8-4327-BCEE-45005D045A9B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0320B9D-14DB-4031-8931-4D2EABDE44B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D18ABDFC-8E97-4DC2-A6BD-403923FFC6A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Wiederherstellungspunkte =========================
08-10-2022 14:46:07 Removed DB Browser for SQLite
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (10/08/2022 04:13:23 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (10/08/2022 03:56:05 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (10/08/2022 03:47:39 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (10/08/2022 03:38:40 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (10/08/2022 03:33:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT-AUTORITÄT)
Description: Die Registrierungsdatei konnte nicht entladen werden. Der für die Registrierung verwendete Arbeitsspeicher wurde nicht freigegeben. Dieses wird oft durch Dienste verursacht, die unter einem Benutzerkonto ausgeführt werden. Versuchen Sie die Dienste entweder unter dem Konto "LocalService" oder "NetworkService" auszuführen.
Details - Zugriff verweigert
Error: (10/08/2022 03:33:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT-AUTORITÄT)
Description: Die Registrierungsdatei konnte nicht entladen werden. Der für die Registrierung verwendete Arbeitsspeicher wurde nicht freigegeben. Dieses wird oft durch Dienste verursacht, die unter einem Benutzerkonto ausgeführt werden. Versuchen Sie die Dienste entweder unter dem Konto "LocalService" oder "NetworkService" auszuführen.
Details - Zugriff verweigert
Error: (10/08/2022 03:10:16 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (10/08/2022 03:04:09 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-N6Q3QEM)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Systemfehler:
=============
Error: (10/08/2022 04:08:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/08/2022 04:08:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N6Q3QEM)
Description: Der Server "{3EEF301F-B596-4C0B-BD92-013BEAFCE793}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/08/2022 04:08:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N6Q3QEM)
Description: Der Server "{9AA46009-3CE0-458A-A354-715610A075E6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/08/2022 04:08:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N6Q3QEM)
Description: Der Server "{3EEF301F-B596-4C0B-BD92-013BEAFCE793}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/08/2022 03:47:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Energy Server Service queencreek" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/08/2022 03:05:11 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N6Q3QEM)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (10/08/2022 02:36:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ElevationService" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Windows Defender:
================
Date: 2022-10-08 16:10:26
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1750.0, AS: 1.375.1750.0, NIS: 1.375.1750.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3
Date: 2022-10-08 16:10:06
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1750.0, AS: 1.375.1750.0, NIS: 1.375.1750.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3
Date: 2022-10-08 15:53:05
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1748.0, AS: 1.375.1748.0, NIS: 1.375.1748.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3
Date: 2022-10-08 15:52:40
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1748.0, AS: 1.375.1748.0, NIS: 1.375.1748.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3
Date: 2022-10-08 15:35:49
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Bladabindi.OE!MTB&threatid=2147782142&enterprise=0
Name: Trojan:MSIL/Bladabindi.OE!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Local\Temp\Server.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Google Chrome.exe; amsi:_\Device\HarddiskVolume2\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java update.exe
Erkennungsursprung: Unbekannt
Erkennungstype: Konkret
Erkennungsquelle: System
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: Unknown
Sicherheitsversion: AV: 1.375.1748.0, AS: 1.375.1748.0, NIS: 1.375.1748.0
Modulversion: AM: 1.1.19600.3, NIS: 1.1.19600.3
CodeIntegrity:
===============
Date: 2022-10-08 16:09:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-10-08 13:58:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 1302 03/15/2018
Hauptplatine: ASUSTeK COMPUTER INC. PRIME Z270-A
Prozessor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 32634.62 MB
Verfügbarer physikalischer RAM: 23974.25 MB
Summe virtueller Speicher: 37498.62 MB
Verfügbarer virtueller Speicher: 26247.6 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.34 GB) (Free:19.17 GB) (Model: WDC WDS250G1B0A-00H9H0) NTFS
Drive d: (NOS SCRIPTS ETC) (Fixed) (Total:232.87 GB) (Free:58.65 GB) (Model: WDC WDS250G2B0A-00SM50) NTFS
Drive e: (Spiele) (Fixed) (Total:111.77 GB) (Free:90.55 GB) (Model: Samsung SSD 850 EVO 120GB) NTFS
Drive f: (SPIELE) (Fixed) (Total:953.75 GB) (Free:429.95 GB) (Model: NVMe INTEL SSDPEKNW01) NTFS
Drive g: (Volume) (Fixed) (Total:3726.01 GB) (Free:3399.85 GB) (Model: Intel Raid 5 Volume) NTFS
\\?\Volume{fee8127b-0287-4419-ab72-623081b28278}\ () (Fixed) (Total:0.53 GB) (Free:0.07 GB) NTFS
\\?\Volume{81bd91a3-ae1c-46fa-b246-6053b52b7a21}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 10891089)
Partition: GPT.
==========================================================
Disk: 2 (Size: 111.8 GB) (Disk ID: 5E962306)
Partition: GPT.
==========================================================
Disk: 3 (Size: 953.9 GB) (Disk ID: 424CFB2F)
Partition: GPT.
==========================================================
Disk: 4 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ======================= FRST: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-10-2022 01
durchgeführt von lucap (Administrator) auf DESKTOP-N6Q3QEM (08-10-2022 16:25:58)
Gestartet von C:\Users\lucap\OneDrive\Downloads
Geladene Profile: lucap
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.2006 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(BUREL VINCENT -> VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxEM.exe
(explorer.exe ->) (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.) C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <24>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Voicemod Sociedad Limitada -> Voicemod) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(MIDIOX Computing) [Datei ist nicht signiert] C:\Program Files (x86)\MIDIOX\midiox.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Audio\dts_apo_service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert] C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_a9a8972288e9f3b5\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) G:\VMware\vmware-authd.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\lucap\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1940_none_7dd80d767cb5c7b0\TiWorker.exe
(Tobias Erichsen -> Tobias Erichsen) C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071192 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3190384 2021-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusrite\Drivers\Focusrite Notifier.exe [767552 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering, Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2022-08-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Discord] => C:\Users\lucap\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234088 2022-10-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3536912 2022-08-30] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-10-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [MicrosoftEdgeAutoLaunch_B6C3CFB90E847814C26F519221487FC3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852200 2022-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7395712 2022-07-15] (Voicemod Sociedad Limitada -> Voicemod)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\Run: [loopMIDI] => C:\Program Files (x86)\Tobias Erichsen\loopMIDI\loopMIDI.exe [5516048 2019-12-14] (Tobias Erichsen -> Tobias Erichsen)
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {240be0e0-4410-11ec-86c1-107b4449e208} - "H:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {7601382e-d761-11eb-86a5-107b4449e208} - "H:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {c16004ab-d64c-11eb-86a4-107b4449e208} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3740623257-3560467387-1776860099-1001\...\MountPoints2: {c16004d9-d64c-11eb-86a4-107b4449e208} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3536912 2022-08-30] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DTS Audio.lnk [2022-08-26]
ShortcutTarget: DTS Audio.lnk -> C:\Program Files (x86)\DTS, Inc\DTS Audio\APO3GUI.exe (DTS, Inc. -> DTS, Inc.)
Startup: C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2022-08-25]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {12E73802-EFFC-44D4-A369-4DFFE7B10DEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C85745B-1881-4798-BC3F-4F3C6B878ECD} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Audio\dts_apo_task.exe [18872 2017-10-12] (DTS, Inc. -> )
Task: {311DDC7D-7673-402F-86C8-88A19A21F812} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-04] (Google LLC -> Google LLC)
Task: {36EF88C9-F743-4AC7-B31F-65BD4E2D2A86} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {687E1730-DB71-4A88-9B02-547DDDC51837} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {68CFA4DA-810E-48FF-A650-499BBFCE5CD0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {698AD474-4843-4F2C-8198-6399FE7095C3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7203C8CE-0ACA-433B-99A1-4746CB58FC8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {765AD24E-41C0-4C9F-B7A9-38BA76E2DCD0} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AE912EF-283C-438A-A0FE-05A61DBB6D35} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {816FD7A4-7A4A-4CF1-B822-5EA0E149D882} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {867E1E2D-2A4A-4EC4-A147-942B921F80BB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {93258BEB-042B-4725-8629-8D9E008577D6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9A4E5566-26EC-46E0-918E-800547AA7C1F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C89A927-106E-401A-801B-A4F33D531CDF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A2C56940-5125-4D38-B4D7-6452E189E235} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A3853235-82B5-4580-9B42-4A2FE3EE29FC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {A576DCD2-E365-4610-95C2-2821E34CF238} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {A74D69AE-9E3A-4B5D-B0E6-3FD358E630D1} - System32\Tasks\start midi-oz => C:\Windows\System32\cmd.exe /c "C:\temp\startup.cmd" <==== ACHTUNG
Task: {AA16FBE1-3E3F-4A01-AED7-9A909D1561F9} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {AC920503-EBED-46A3-84ED-98FD216164C2} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [66472 2022-02-23] (Microsoft Corporation -> Microsoft)
Task: {AF4438FC-F219-45C7-AC13-68B99DB0ABC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {BDC6789C-60F1-4E6B-8905-EC208695834D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CED268C7-6920-4CB5-A868-5A9D010DB262} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {D023164B-2C3C-40F7-A782-88FE00901BA2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E1A6ACE0-6CFE-4C42-AB35-FF61BBA682F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E6A7B228-6E3C-4323-AE3F-CC1A76CE24ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E97B96C3-427D-4D22-8923-45BC8E1C3940} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-04] (Google LLC -> Google LLC)
Task: {EE5C9847-8EA2-435B-8B27-8D23D8941A9F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FD6AE452-F296-4990-9EA8-C491BBE741FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [44128 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [44128 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [48224 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [48224 2021-08-16] (VMware, Inc. -> VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8b5c4eb8-24db-4e98-b000-80fb2575bb5a}: [NameServer] 8.8.8.8,1.1.1.1
Tcpip\..\Interfaces\{8b5c4eb8-24db-4e98-b000-80fb2575bb5a}: [DhcpNameServer] 192.168.0.1
Edge:
=======
DownloadDir: C:\Users\lucap\Downloads
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-08]
Edge DownloadDir: Default -> C:\Users\lucap\OneDrive\Downloads
Edge Notifications: Default -> hxxp://127.0.0.1
Edge Extension: (Honey: Automatische Coupons & Prämien) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2022-08-17]
Edge Extension: (WooCommerce AliExpress Dropshipping Extension) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\egamhjcccjiflajhhinondgonlldjgba [2022-10-06]
Edge Extension: (Binance Wallet) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2022-09-02]
Edge Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-08-29]
Edge Extension: (BetterTTV) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2022-10-01]
Edge Extension: (Netflix Party is now Teleparty) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\igbncjcgfkfnfgbaieiimpfkobabmkce [2022-10-03]
Edge Extension: (Twitch Adblock) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljhnljhabgjcihjoihakgdiicdjncpkd [2022-09-13]
Edge Extension: (MetaMask) - C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-10-03]
Edge Profile: C:\Users\lucap\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-08-17]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-07-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default [2022-08-29]
CHR Extension: (MEGA) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2022-08-26]
CHR Extension: (Social Blade) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2022-06-02] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ACHTUNG
CHR Extension: (uBlock Origin) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-08-26]
CHR Extension: (Trusted Shops-Erweiterung für Google Chrome) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcpnemckonbbmnoakbjgjkgokkbaeo [2021-03-31]
CHR Extension: (Google Docs Offline) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-30]
CHR Extension: (UltraWide Video) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\lngfncacljheahfpahadgipefkbagpdl [2021-10-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\lucap\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-08-05] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477392 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Audio\dts_apo_service.exe [26560 2017-10-12] (DTS, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-10-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-07-07] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-08-21] (Epic Games Inc. -> Epic Games, Inc.)
R2 Focusrite Control Server; C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [1449472 2022-05-26] (Focusrite Audio Engineering Ltd.) [Datei ist nicht signiert]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2021-12-09] (FUTUREMARK INC -> Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2128360 2022-09-05] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-09-05] (GOG Sp. z o.o. -> GOG.com)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [116840 2021-12-20] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-12-20] (Proton Technologies AG -> )
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2021-12-20] (Proton Technologies AG -> )
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2032048 2022-08-16] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [480176 2022-08-16] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354232 2022-06-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300560 2022-08-29] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; D:\Rockstar\RockstarService.exe [2579840 2022-09-06] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-08-12] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14802240 2022-09-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [6020336 2022-05-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10420944 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VMAuthdService; G:\VMware\vmware-authd.exe [83224 2022-02-18] (VMware, Inc. -> VMware, Inc.)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [9280816 2022-05-11] (PUBG CORPORATION -> KRAFTON, Inc)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 CEDRIVER60; G:\CheatEngine\dbk64.sys [111800 2020-09-05] (Cheat Engine -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 FocusritePCIeSwRoot; C:\WINDOWS\System32\drivers\FocusritePCIeSwRoot.sys [105192 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsb; C:\WINDOWS\System32\drivers\FocusriteUsb.sys [197280 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUsbAudio; C:\WINDOWS\System32\drivers\FocusriteUsbAudio.sys [97952 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
R3 FocusriteusbSwRoot; C:\WINDOWS\System32\drivers\FocusriteusbSwRoot.sys [110864 2022-05-20] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
S3 Focusriteusb_AUDIO; C:\WINDOWS\system32\drivers\FocusriteusbAudio.sys [97952 2022-05-20] (Focusrite Audio Engineering Ltd -> Focusrite Audio Engineering Ltd.)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-13] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
S3 MpKsl10600fd0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{727F338F-8EC6-4024-9249-352339F9561D}\MpKslDrv.sys [228600 2022-09-20] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl1a3e5c53; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4D2203E7-D469-4F14-BC4E-145A3E4FA34A}\MpKslDrv.sys [228600 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl33c2747f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{727F338F-8EC6-4024-9249-352339F9561D}\MpKslDrv.sys [228600 2022-09-20] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl56a2ee45; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9E68D640-E16F-43CE-AC7C-3E603598ECB0}\MpKslDrv.sys [228600 2022-10-07] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl691e1757; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF5C65BD-5A4A-41FD-8654-4F2CF32F0910}\MpKslDrv.sys [228600 2022-09-10] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl843bb538; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BF9914C-43C2-4F11-97F5-536185762338}\MpKslDrv.sys [228600 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
R3 MpKslc2077d2e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F2C27C39-8865-4134-9FD6-64FAFB5160CF}\MpKslDrv.sys [228600 2022-10-08] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsld211921d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BF9914C-43C2-4F11-97F5-536185762338}\MpKslDrv.sys [228600 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsldf989437; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C21986D5-1A4F-441E-816D-C0B37322DF85}\MpKslDrv.sys [228600 2022-09-15] (Microsoft Windows -> Microsoft Corporation)
S1 muoxrych; C:\WINDOWS\system32\drivers\muoxrych.sys [52472 2022-10-08] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [55128 2021-06-10] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0085; C:\WINDOWS\System32\drivers\RzDev_0085.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0221; C:\WINDOWS\System32\drivers\RzDev_0221.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 teVirtualMIDI64; C:\WINDOWS\System32\drivers\teVirtualMIDI64.sys [53120 2019-12-07] (Tobias Erichsen -> Tobias Erichsen)
R3 VBAudio101WDMCableCMME; C:\WINDOWS\System32\drivers\vbaudio_cablec64_win10.sys [69832 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudio102WDMCableDMME; C:\WINDOWS\System32\drivers\vbaudio_cabled64_win10.sys [69616 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACAMME; C:\WINDOWS\System32\drivers\vbaudio_cablea64_win7.sys [41144 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACBMME; C:\WINDOWS\System32\drivers\vbaudio_cableb64_win7.sys [41144 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2022-08-20] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2022-08-20] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2022-08-20] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8736232 2022-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [60344 2022-01-12] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2022-02-18] (VMware, Inc. -> VMware, Inc.)
R3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\mvvad.sys [48144 2022-07-04] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2021-08-16] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-01-31] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [1431256 2022-05-28] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S1 oerkaavk; \??\C:\WINDOWS\system32\drivers\oerkaavk.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-10-08 16:25 - 2022-10-08 16:26 - 000000000 ____D C:\FRST
2022-10-08 14:32 - 2022-10-08 16:09 - 000000000 ____D C:\Intel
2022-10-08 14:32 - 2022-10-08 14:32 - 000000000 ____D C:\WINDOWS\Panther
2022-10-08 14:31 - 2022-10-08 14:31 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000045-000000.txt
2022-10-08 03:09 - 2022-10-08 03:09 - 000000000 ____D C:\Users\lucap\AppData\Local\Manager_V2
2022-10-08 02:54 - 2022-10-08 02:55 - 000000000 ____D C:\Users\lucap\AppData\Roaming\dll 2.0
2022-10-08 02:53 - 2022-10-08 02:53 - 000000000 ____D C:\Users\lucap\AppData\Roaming\1337
2022-10-06 01:00 - 2022-10-06 01:01 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-10-06 00:58 - 2022-09-22 17:12 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001905928 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001478384 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-10-06 00:58 - 2022-09-22 17:12 - 001472000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001432328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001432328 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-10-06 00:58 - 2022-09-22 17:12 - 001145608 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 001536504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 001182712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 000865784 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 000771584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-10-06 00:58 - 2022-09-22 17:08 - 000714728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-10-06 00:58 - 2022-09-22 17:08 - 000687616 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 002127864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 001607672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 001059320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 000845304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-10-06 00:58 - 2022-09-22 17:07 - 000456184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-10-06 00:58 - 2022-09-22 17:06 - 010270208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 008803832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 005751288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 005362680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-10-06 00:58 - 2022-09-22 17:06 - 003066872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-10-06 00:58 - 2022-09-22 17:05 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-10-06 00:58 - 2022-09-22 17:04 - 006367384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-10-06 00:58 - 2022-09-22 02:35 - 000093312 _____ C:\WINDOWS\system32\nvinfo.pb
2022-10-06 00:58 - 2022-09-22 02:35 - 000042536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-10-05 20:56 - 2022-10-05 20:57 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2022-10-05 20:56 - 2022-10-05 20:56 - 000001211 _____ C:\Users\Public\Desktop\GOG GALAXY.lnk
2022-10-05 20:56 - 2022-10-05 20:56 - 000001211 _____ C:\ProgramData\Desktop\GOG GALAXY.lnk
2022-10-05 20:56 - 2022-10-05 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2022-10-05 20:56 - 2022-10-05 20:56 - 000000000 ____D C:\ProgramData\GOG.com
2022-10-03 13:18 - 2022-10-03 13:18 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000044-000000.txt
2022-10-02 19:17 - 2022-10-02 19:18 - 000000000 ____D C:\Users\lucap\OneDrive\Dokumente\Need for Speed Heat
2022-09-30 21:06 - 2022-09-30 21:06 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000043-000000.txt
2022-09-27 21:51 - 2022-09-27 21:51 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000042-000000.txt
2022-09-24 17:16 - 2022-09-24 17:16 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000041-000000.txt
2022-09-20 20:01 - 2022-09-20 20:01 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000040-000000.txt
2022-09-18 18:00 - 2022-09-18 18:00 - 000001434 _____ C:\WINDOWS\system32\default_error_stack-000039-000000.txt
2022-09-17 14:03 - 2022-09-17 14:03 - 000000848 _____ C:\Users\Public\Desktop\PrusaSlicer 2.5.0.lnk
2022-09-17 14:03 - 2022-09-17 14:03 - 000000848 _____ C:\ProgramData\Desktop\PrusaSlicer 2.5.0.lnk
2022-09-17 14:03 - 2022-09-17 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2022-09-17 14:03 - 2022-09-17 14:03 - 000000000 ____D C:\Program Files\Prusa3D
2022-09-14 09:05 - 2022-09-14 09:05 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-14 09:02 - 2022-09-14 09:02 - 000000000 ___HD C:\$WinREAgent
2022-09-10 14:17 - 2022-09-10 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimaker Cura
2022-09-10 14:16 - 2022-09-10 14:17 - 000000000 ____D C:\Program Files\Ultimaker Cura 5.1.0
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-10-08 16:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-08 16:24 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-08 16:13 - 2021-07-12 16:58 - 000798412 _____ C:\WINDOWS\system32\perfh019.dat
2022-10-08 16:13 - 2021-07-12 16:58 - 000168616 _____ C:\WINDOWS\system32\perfc019.dat
2022-10-08 16:13 - 2021-03-04 22:58 - 002817182 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-08 16:13 - 2019-12-07 16:51 - 000790272 _____ C:\WINDOWS\system32\perfh007.dat
2022-10-08 16:13 - 2019-12-07 16:51 - 000170120 _____ C:\WINDOWS\system32\perfc007.dat
2022-10-08 16:13 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-08 16:11 - 2021-03-04 14:41 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 16:10 - 2022-01-30 04:10 - 000000000 ____D C:\ProgramData\Voicemod
2022-10-08 16:09 - 2022-08-09 20:31 - 000000000 __SHD C:\Users\lucap\IntelGraphicsProfiles
2022-10-08 16:09 - 2021-07-18 10:52 - 000000000 ____D C:\ProgramData\VMware
2022-10-08 16:09 - 2021-03-28 21:22 - 000000000 ____D C:\ProgramData\NVIDIA
2022-10-08 16:09 - 2021-03-04 22:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-08 16:09 - 2021-03-04 22:48 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-08 16:09 - 2021-03-03 09:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-10-08 16:09 - 2021-03-03 01:47 - 000000000 ___RD C:\Users\lucap\OneDrive
2022-10-08 16:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-10-08 16:08 - 2022-08-20 15:17 - 000043136 _____ C:\Users\lucap\AppData\Roaming\VoiceMeeterBananaDefault.xml
2022-10-08 16:08 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-10-08 15:41 - 2021-03-20 03:20 - 000000000 ____D C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2022-10-08 15:41 - 2021-03-03 02:05 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-08 15:41 - 2021-03-03 01:46 - 000000000 ____D C:\Users\lucap\AppData\Local\Packages
2022-10-08 15:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-08 15:40 - 2022-08-26 12:28 - 000000000 ____D C:\Program Files\Common Files\VST3
2022-10-08 15:40 - 2022-06-26 18:11 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-10-08 15:33 - 2021-03-04 22:08 - 000000000 ____D C:\Users\lucap
2022-10-08 15:00 - 2021-03-10 00:48 - 000000000 ____D C:\Users\lucap\AppData\Local\CrashDumps
2022-10-08 14:59 - 2022-08-09 20:03 - 000000000 ____D C:\ProgramData\Logitech
2022-10-08 14:46 - 2022-08-09 20:03 - 000000000 ____D C:\Program Files (x86)\Logitech
2022-10-08 14:05 - 2021-03-03 02:04 - 000000000 ____D C:\Users\lucap\AppData\Local\D3DSCache
2022-10-08 14:02 - 2021-03-04 22:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-08 13:49 - 2021-03-04 14:02 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-08 13:49 - 2021-03-04 14:02 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-10-08 13:49 - 2021-03-04 14:02 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2022-10-08 03:42 - 2021-03-03 21:24 - 000000000 ____D C:\Users\lucap\AppData\Roaming\discord
2022-10-08 03:28 - 2021-06-08 20:43 - 000000000 ____D C:\Users\lucap\AppData\Local\.IdentityService
2022-10-08 02:48 - 2021-03-03 21:24 - 000000000 ____D C:\Users\lucap\AppData\Local\Discord
2022-10-08 02:09 - 2022-01-26 22:06 - 000000000 _____ C:\WINDOWS\ftoken.txt
2022-10-08 00:55 - 2022-06-04 13:32 - 000002833 _____ C:\Users\lucap\.snapmaker-luban.json
2022-10-08 00:55 - 2022-06-04 13:32 - 000000000 ____D C:\Users\lucap\AppData\Roaming\snapmaker-luban
2022-10-07 23:01 - 2021-03-05 00:05 - 000000000 ____D C:\WINDOWS\Minidump
2022-10-07 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-07 04:44 - 2021-03-09 22:08 - 000000000 ____D C:\Program Files (x86)\Steam
2022-10-07 01:29 - 2022-01-30 04:10 - 000000000 ____D C:\Users\lucap\AppData\Local\Voicemod
2022-10-06 16:48 - 2022-07-07 23:33 - 000000000 ____D C:\Users\lucap\AppData\Roaming\EasyAntiCheat
2022-10-06 15:08 - 2021-11-20 21:32 - 000153064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 002835944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000447976 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-10-06 15:08 - 2021-11-07 19:48 - 000067048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-10-06 15:05 - 2021-04-04 22:06 - 000000000 ____D C:\Users\lucap\AppData\Local\NVIDIA
2022-10-06 15:02 - 2021-03-04 22:48 - 000465432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-06 15:01 - 2021-06-13 22:58 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2022-10-06 02:50 - 2022-07-09 12:37 - 000000000 ____D C:\Users\lucap\AppData\Roaming\legacy-games-launcher
2022-10-06 00:57 - 2021-03-28 21:22 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-06 00:57 - 2021-03-28 21:22 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2022-10-06 00:57 - 2021-03-28 21:22 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2022-10-06 00:57 - 2021-03-03 01:57 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-10-06 00:57 - 2021-03-03 01:46 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-06 00:57 - 2021-03-03 01:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-10-06 00:53 - 2022-08-26 18:10 - 000000000 ____D C:\Users\lucap\AppData\Roaming\obs-studio
2022-10-05 21:16 - 2022-06-29 22:15 - 000000000 ____D C:\Users\lucap\AppData\Local\DigitalEntitlements
2022-10-05 21:16 - 2022-06-29 22:14 - 000000000 ____D C:\Users\lucap\AppData\Local\FiveM
2022-10-05 14:32 - 2022-01-26 15:22 - 000000000 ____D C:\Users\lucap\AppData\Roaming\GitHub Desktop
2022-10-05 13:15 - 2022-08-26 09:08 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2022-10-05 13:15 - 2022-08-08 19:38 - 000000865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2022-10-05 13:15 - 2022-02-24 05:02 - 000001800 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk
2022-10-05 13:15 - 2022-02-24 00:17 - 000001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2022.lnk
2022-10-05 13:15 - 2021-06-28 17:31 - 000000016 _____ C:\ProgramData\mntemp
2022-10-05 13:15 - 2021-03-20 05:14 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-10-05 13:15 - 2021-03-04 16:23 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2022-10-05 13:14 - 2021-05-22 21:37 - 000000000 ____D C:\ProgramData\Riot Games
2022-10-05 13:11 - 2021-06-13 22:51 - 000000000 ____D C:\Program Files\Riot Vanguard
2022-10-05 02:00 - 2021-12-11 18:46 - 000000000 ____D C:\Users\lucap\AppData\Roaming\Origin
2022-10-05 02:00 - 2021-12-11 18:46 - 000000000 ____D C:\ProgramData\Origin
2022-10-05 01:52 - 2021-12-11 18:46 - 000000000 ____D C:\Users\lucap\AppData\Local\Origin
2022-10-03 22:47 - 2021-12-11 00:38 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3740623257-3560467387-1776860099-1001
2022-10-03 22:47 - 2021-03-04 22:53 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3740623257-3560467387-1776860099-1001
2022-10-03 22:47 - 2021-03-04 22:08 - 000002399 _____ C:\Users\lucap\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-02 19:16 - 2021-12-11 18:47 - 000000000 ____D C:\Program Files (x86)\Origin
2022-10-02 05:06 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-01 22:15 - 2022-06-04 14:21 - 000000000 ____D C:\Users\lucap\AppData\Local\Autodesk
2022-10-01 00:02 - 2021-03-20 05:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-09-30 21:12 - 2021-03-04 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-09-30 21:12 - 2021-03-04 16:20 - 000000000 ____D C:\Program Files\Microsoft Office
2022-09-25 21:16 - 2022-08-31 01:46 - 000043136 _____ C:\Users\lucap\OneDrive\Dokumente\voicemeeter_v3_streaming_midi_control_2022-08-31.xml
2022-09-22 20:46 - 2022-08-21 12:38 - 000000000 ____D C:\Users\lucap\AppData\Roaming\PrusaSlicer
2022-09-22 17:12 - 2022-07-02 22:58 - 001213416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-09-22 17:04 - 2021-12-30 00:09 - 007483880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-09-22 02:35 - 2021-03-03 01:56 - 000129576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-09-21 10:49 - 2022-06-04 13:25 - 000002068 _____ C:\Users\Public\Desktop\Snapmaker Luban.lnk
2022-09-21 10:49 - 2022-06-04 13:25 - 000002068 _____ C:\ProgramData\Desktop\Snapmaker Luban.lnk
2022-09-21 10:49 - 2022-06-04 13:25 - 000000000 ____D C:\Program Files\Snapmaker Luban
2022-09-17 12:03 - 2021-03-03 01:46 - 000000000 ___RD C:\Users\lucap\3D Objects
2022-09-16 15:10 - 2021-03-04 14:42 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-16 15:10 - 2021-03-04 14:42 - 000002198 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-16 15:10 - 2021-03-04 14:42 - 000002198 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2022-09-15 12:03 - 2021-03-09 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-09-15 12:02 - 2021-03-09 18:47 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2022-09-15 00:27 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-09-15 00:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-15 00:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-14 09:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-14 09:05 - 2021-03-04 22:51 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-14 09:02 - 2021-03-03 04:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-14 08:59 - 2021-03-03 04:09 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-14 00:45 - 2021-11-16 09:47 - 000000000 ____D C:\Users\lucap\AppData\Roaming\Telegram Desktop
2022-09-12 07:07 - 2021-03-28 21:22 - 002884648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2022-09-12 07:07 - 2021-03-28 21:22 - 002220072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2022-09-12 07:07 - 2021-03-28 21:22 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2022-09-11 14:13 - 2022-01-01 14:29 - 000000000 ____D C:\Users\lucap\AppData\Local\ElevatedDiagnostics
2022-09-10 14:17 - 2022-06-04 14:41 - 000000000 ____D C:\Users\lucap\AppData\Roaming\cura
2022-09-10 14:17 - 2022-06-04 14:41 - 000000000 ____D C:\Users\lucap\AppData\Local\cura
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2021-05-23 01:27 - 2021-11-17 19:52 - 000000032 _____ () C:\Users\lucap\AppData\Roaming\.machineId
2021-08-22 22:27 - 2021-08-26 08:27 - 000000203 _____ () C:\Users\lucap\AppData\Roaming\jjv5conf.json
2022-08-13 13:08 - 2022-08-13 13:08 - 000001004 _____ () C:\Users\lucap\AppData\Roaming\tof_launcher.reg
2022-08-20 15:17 - 2022-10-08 16:08 - 000043136 _____ () C:\Users\lucap\AppData\Roaming\VoiceMeeterBananaDefault.xml
2022-08-20 15:47 - 2022-08-28 23:07 - 000007444 _____ () C:\Users\lucap\AppData\Roaming\VoiceMeeterDefault.xml
2022-01-05 20:26 - 2022-02-24 05:30 - 000000128 _____ () C:\Users\lucap\AppData\Roaming\winscp.rnd
2022-01-14 01:50 - 2022-02-24 14:52 - 000000128 _____ () C:\Users\lucap\AppData\Local\PUTTY.RND
2021-03-21 00:11 - 2021-03-21 00:11 - 000000001 _____ () C:\Users\lucap\AppData\Local\RawCopy.1.10.agreement
2021-03-21 00:11 - 2021-03-21 01:37 - 000000057 _____ () C:\Users\lucap\AppData\Local\RawCopy.opendialog.dir
2021-03-21 00:11 - 2021-03-21 01:37 - 000000001 _____ () C:\Users\lucap\AppData\Local\RawCopy.opendialog.filterindex
2021-03-21 00:11 - 2021-03-21 01:37 - 000000090 _____ () C:\Users\lucap\AppData\Local\RawCopy.sourcedisk.filepath
2021-03-21 00:11 - 2021-03-21 01:37 - 000000001 _____ () C:\Users\lucap\AppData\Local\RawCopy.sourcedisk.index
2022-02-23 15:34 - 2022-02-23 15:34 - 000000869 _____ () C:\Users\lucap\AppData\Local\recently-used.xbel
2021-10-19 10:44 - 2021-10-19 11:28 - 000007610 _____ () C:\Users\lucap\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== |