DragonBaster | 04.11.2022 11:18 | Addition:FRST Additions Logfile: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-10-2022 02
durchgeführt von Matthias (04-11-2022 10:52:18)
Gestartet von C:\Users\Matthias\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.674 (X64) (2022-10-07 09:12:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-2960260898-141030721-2575920888-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2960260898-141030721-2575920888-503 - Limited - Disabled)
Gast (S-1-5-21-2960260898-141030721-2575920888-501 - Limited - Disabled)
Matthias (S-1-5-21-2960260898-141030721-2575920888-1001 - Administrator - Enabled) => C:\Users\Matthias
WDAGUtilityAccount (S-1-5-21-2960260898-141030721-2575920888-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Capture Utility (HKLM\...\{6FDA64CE-998B-4B08-B0E5-02681C9A008A}) (Version: 1.7.6.4888 - Elgato Systems)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.4 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1851 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{cf77cf6b-71ff-4a71-802d-43adb9b271b7}) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 10.8.10.0 - DivX, LLC)
Elgato Stream Deck (HKLM\...\{D2A26B85-6DA9-40F7-8717-CB8F78E3AFEA}) (Version: 5.3.3.15214 - Elgato Systems GmbH)
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{97f3a665-a91b-4def-91e2-97fec9f22bfa}) (Version: 1.0.9.12 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{5F15891E-8342-47CD-AFFF-89211CFC04D0}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
Facecheck (HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\Overwolf_fiekjlgoffmlmgfmggnoeoljkmfkcapcdmcgcfgm) (Version: 1.0.0.38 - Overwolf app)
FanaLab (HKLM-x32\...\{E46A1E5E-3EDB-4259-BD47-C54CADCEC982}) (Version: 1.63.6 - Endor AG)
FANATEC driver package (HKLM\...\{29DF8CC2-09C3-4CF9-AF42-1D78B0A5FD7C}) (Version: 8.44.9 - Endor AG Fanatec)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.88 - Google LLC)
KeePass Password Safe 2.50 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.50 - Dominik Reichl)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (it-IT) (HKLM-x32\...\{969D900A-3481-4A77-B888-D24160D4D727}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (ja-JP) (HKLM-x32\...\{EDA8693D-9E82-4FD1-98C8-0DC4F9141E0F}) (Version: 11.0.7400.336 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
LOOT Version 0.18.3 (HKLM\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.18.3 - LOOT Team)
MAGIX Speed burnR (HKLM\...\{301EB2C0-9696-47F9-8B8B-5939DB6407D2}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{301EB2C0-9696-47F9-8B8B-5939DB6407D2}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Demo) (HKLM\...\{F8988722-0945-4E70-80DE-8DEC94CCEB12}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Demo) (HKLM\...\MX.{F8988722-0945-4E70-80DE-8DEC94CCEB12}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Designelemente) (HKLM\...\{0E16D946-C81B-415E-8DBB-056D052A9C81}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Designelemente) (HKLM\...\MX.{0E16D946-C81B-415E-8DBB-056D052A9C81}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Filmvorlagen 1) (HKLM\...\{BB9ABEE0-62FA-4BFE-8ADD-25CEA6E78B8A}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Filmvorlagen 1) (HKLM\...\MX.{BB9ABEE0-62FA-4BFE-8ADD-25CEA6E78B8A}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Filmvorlagen 2) (HKLM\...\{69365D37-1707-4370-ACA4-B437E3EBC0ED}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Filmvorlagen 2) (HKLM\...\MX.{69365D37-1707-4370-ACA4-B437E3EBC0ED}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Filmvorlagen 3) (HKLM\...\{C54919DC-840F-4583-A764-3BC23B739C60}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Filmvorlagen 3) (HKLM\...\MX.{C54919DC-840F-4583-A764-3BC23B739C60}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Filmvorlagen 4) (HKLM\...\{F25B76A6-3A41-4CB8-A8A4-62CC8BCD01C8}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Filmvorlagen 4) (HKLM\...\MX.{F25B76A6-3A41-4CB8-A8A4-62CC8BCD01C8}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Filmvorlagen 5) (HKLM\...\{15004B86-AB3C-4D21-9C25-08210709236C}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Filmvorlagen 5) (HKLM\...\MX.{15004B86-AB3C-4D21-9C25-08210709236C}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Filmvorlagen 6) (HKLM\...\{C1AFB926-6EA4-4316-8A2B-4EDADA73BBE9}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Filmvorlagen 6) (HKLM\...\MX.{C1AFB926-6EA4-4316-8A2B-4EDADA73BBE9}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Filmvorlagen 7) (HKLM\...\{DB4DDCD9-C266-422C-ADFC-44D8C40E1A0A}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Filmvorlagen 7) (HKLM\...\MX.{DB4DDCD9-C266-422C-ADFC-44D8C40E1A0A}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Fotoshow Maker-Stile 1) (HKLM\...\{2D1CF0D9-0086-4188-8A85-A44166EFA2D7}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Fotoshow Maker-Stile 1) (HKLM\...\MX.{2D1CF0D9-0086-4188-8A85-A44166EFA2D7}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Fotoshow Maker-Stile 2) (HKLM\...\{50B6E792-8C30-4CC3-A300-FBC0868AC841}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Fotoshow Maker-Stile 2) (HKLM\...\MX.{50B6E792-8C30-4CC3-A300-FBC0868AC841}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (HKLM\...\{DC4FD10F-549C-4B58-8C99-5BAEE5104604}) (Version: 16.0.1.22 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (HKLM\...\MX.{DC4FD10F-549C-4B58-8C99-5BAEE5104604}) (Version: 16.0.1.22 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Individuelle Menüvorlagen) (HKLM\...\{5A8804A5-69FB-4B32-9FD7-8F6C1A868D53}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Individuelle Menüvorlagen) (HKLM\...\MX.{5A8804A5-69FB-4B32-9FD7-8F6C1A868D53}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Menüvorlagen 1) (HKLM\...\{58F9F8BB-7E28-41FB-9FB7-19FADAB56C16}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Menüvorlagen 1) (HKLM\...\MX.{58F9F8BB-7E28-41FB-9FB7-19FADAB56C16}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Menüvorlagen 2) (HKLM\...\{3AD510A7-7232-4551-9774-5D7869F2CB9C}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Menüvorlagen 2) (HKLM\...\MX.{3AD510A7-7232-4551-9774-5D7869F2CB9C}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Soundtrack Maker-Stile) (HKLM\...\{C2E8A858-40B2-4378-BE26-32E73D2FC64F}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Soundtrack Maker-Stile) (HKLM\...\MX.{C2E8A858-40B2-4378-BE26-32E73D2FC64F}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Titeleffekte) (HKLM\...\{C3261ADD-9A16-4E79-B329-5A33CF970AC8}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Titeleffekte) (HKLM\...\MX.{C3261ADD-9A16-4E79-B329-5A33CF970AC8}) (Version: 16.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe Plus (Überblendeffekte) (HKLM\...\{24F0F9C1-5CE4-4B78-9CF7-1A424E8CF5DB}) (Version: 16.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe Plus (Überblendeffekte) (HKLM\...\MX.{24F0F9C1-5CE4-4B78-9CF7-1A424E8CF5DB}) (Version: 16.0.0.0 - MAGIX Software GmbH)
Malwarebytes version 4.5.16.217 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.16.217 - Malwarebytes)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.15726.20174 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.26 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.26 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.212.1009.0004 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ru-RU) (HKLM-x32\...\{9419B7EA-6A4B-4A57-8E2A-3BDD4676118F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30135 (HKLM-x32\...\{77EB1EA9-8E1B-459D-8CDC-1984D0FF15B6}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30135 (HKLM-x32\...\{36A1E79B-581A-4FE5-843D-84C2D3C9431E}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2021.1126.01 - MSI)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Grafiktreiber 526.47 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 526.47 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.15726.20096 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.204.2.2 - Overwolf Ltd.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 10.3.7.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.1015.100615 - Razer Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9257.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.051.0811.2021 - Realtek)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.59.842 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.3.7 - Rockstar Games)
Safer Web (HKLM\...\SaferWeb) (Version: 2.3.0 - Reason Cybersecurity Inc.)
Sky X 22.7.1.0 (HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\com.bskyb.skyxplayer_is1) (Version: 22.7.1.0 - Sky)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 24.0.0 (HKLM\...\SteelSeries GG) (Version: 24.0.0 - SteelSeries ApS)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamSpeak Overlay (HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
Tower of Fantasy (HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\tof_launcher) (Version: - Hotta Studio)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
win-capture-audio version 2.2.2 (HKLM-x32\...\{406FD363-BC38-47EE-AF53-7F6FB4D56ECE}_is1) (Version: 2.2.2 - bozbez)
WinRAR 6.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
XtremeTuner (HKLM-x32\...\XtremeTuner) (Version: 1.0.6.6 - Galaxy Microsystems Ltd.)
Packages:
=========
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.1.0_neutral__yxz26nhyzhsrt [2022-10-25] (Microsoft Corp.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.41.5.0_x64__6rarf9sa4v8jt [2022-11-03] (Disney)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-04-14] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-10-25] (Microsoft Studios) [MS Ad]
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_1.0.61.0_x64__kzh8wxbdkxb8p [2022-10-25] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-09] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2022-11-02] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-07] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-11-02] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2022-10-07] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0 [2022-10-30] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-10-12] (Microsoft Windows)
WinRAR -> C:\Program Files\WinRAR [2022-08-10] (0)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2022-01-23] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2022-01-23] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> Keine Datei
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ade64cd54ec2f9ed\nvshext.dll [2022-10-26] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-02] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2022-09-29 13:11 - 2022-09-29 13:11 - 000038400 _____ () [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\giflib5.dll
2022-09-29 13:11 - 2022-09-29 13:11 - 000098816 _____ () [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\QtZeroConf.dll
2022-09-29 13:11 - 2022-09-29 13:11 - 000720384 _____ () [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\turbojpeg.dll
2022-04-13 07:54 - 2018-11-15 13:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\MSI Center\Mystic Light\IcMSIDll.dll
2022-04-13 07:54 - 2018-08-31 06:26 - 000053760 _____ (MS) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\MSI Center\Mystic Light\MsIo32_Galax.dll
2022-09-29 13:11 - 2022-09-29 13:11 - 001742848 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\sqlite3.dll
2022-07-01 15:55 - 2022-07-01 15:55 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-07-01 15:55 - 2022-07-01 15:55 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2022-04-15 12:45 - 2020-04-26 13:10 - 003000832 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Users\Matthias\AppData\Roaming\Elgato\StreamDeck\Plugins\net.voicemod.windowsdesktop.sdPlugin\libcrypto-1_1-x64.dll
2022-09-29 13:11 - 2022-09-29 13:11 - 002696704 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\libcrypto-1_1-x64.dll
2022-09-29 13:11 - 2022-09-29 13:11 - 000642560 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Elgato\StreamDeck\libssl-1_1-x64.dll
2022-07-01 15:55 - 2022-07-01 15:55 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-08-12 08:29 - 2022-07-01 15:55 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-08-12 08:29 - 2022-07-01 15:55 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-08-12 08:29 - 2022-07-01 15:55 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-08-12 08:29 - 2022-07-01 15:55 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-08-12 08:29 - 2022-07-01 15:55 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-08-12 08:29 - 2022-07-01 15:55 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
2022-04-13 07:54 - 2016-10-04 03:43 - 000399872 _____ (TODO: <公司名稱>) [Datei ist nicht signiert] C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\SDKDLL.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.eu.lnk:4CECF3C42D [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FanaLab.lnk:55111C87F9 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fanatec Control Panel.lnk:FE5F516C8E [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.30.lnk:8495649500 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk:CF2917E869 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOOT.lnk:B021ADA33C [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [4306]
AlternateDataStreams: C:\Users\Matthias\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Matthias\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\DivX Shared\DesktopService
HKU\S-1-5-21-2960260898-141030721-2575920888-1001\Control Panel\Desktop\\Wallpaper -> D:\Privat\Wallpaper\Anime\Kirishima.Touka.600.1830065.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: on)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run: => "nwiz"
HKLM\...\StartupApproved\Run: => "SteelSeriesGG"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\StartupApproved\Run: => "FanaLab"
HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_CF3A0B5AD32FE1AD6A7C3F142C8929DE"
HKU\S-1-5-21-2960260898-141030721-2575920888-1001\...\StartupApproved\Run: => "EADM"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{6179286E-93B1-419C-8334-A90142CDEB1F}] => (Allow) F:\SteamLibrary\steamapps\common\Perfect Heist 2\PerfectHeist2.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{71CD10D4-0143-4D6D-ABDF-4C5ADD2DEEAE}] => (Allow) F:\SteamLibrary\steamapps\common\Perfect Heist 2\PerfectHeist2.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{C970FF67-86ED-4D8C-8308-009DBA0D9A83}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75E25704-14AB-49B9-A1FE-A4C09A6EB8FA}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{899B0219-536F-4E10-93EB-1B6B0A178032}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.2.2\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{3EC8D003-6A4E-483F-87F3-0D41A7073B8A}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.2.2\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{229B7B70-97DA-4467-A5C9-EAA58A774006}] => (Block) C:\Program Files (x86)\Overwolf\0.195.0.18\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{B67C6E92-1185-4E2C-A496-B84A9FE2F5E1}] => (Block) C:\Program Files (x86)\Overwolf\0.195.0.18\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{BF780E29-3E98-4E2D-A952-ACF2E0013769}] => (Allow) C:\Program Files (x86)\Overwolf\0.195.0.18\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{855CDAEE-678B-4EF4-A940-E5FF3A57622F}] => (Allow) C:\Program Files (x86)\Overwolf\0.195.0.18\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{523ED26C-A163-4770-A8F2-91A9CC3A1FA9}] => (Allow) C:\Program Files\obs-studio\bin\64bit\obs64.exe (Hugh Bailey -> OBS)
FirewallRules: [{6164CC86-0086-4C74-92B1-E096426D578A}] => (Allow) C:\Program Files\Elgato\StreamDeck\StreamDeck.exe (Corsair Memory, Inc. -> Corsair Memory, Inc)
FirewallRules: [{B7726D0A-1406-494B-A7B1-A3DCA0E16CBE}] => (Allow) F:\SteamLibrary\steamapps\common\Joggernauts\joggernauts.exe () [Datei ist nicht signiert]
FirewallRules: [{0FE3D92B-7185-4E4A-A4FF-21214504892C}] => (Allow) F:\SteamLibrary\steamapps\common\Joggernauts\joggernauts.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{9BBD3102-2BFD-455E-81A1-F496C8897389}F:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{379B5095-0E83-416F-BB4A-BCF2B35976D7}F:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)
FirewallRules: [{6612BF86-AE1A-464D-A85C-F73DA5330CB3}] => (Allow) F:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [{553636CB-F1CA-424D-BE1C-03F3488FCFD3}] => (Allow) F:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.)
FirewallRules: [{469990AC-9611-48A0-95FF-4835A05A8A29}] => (Allow) F:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland S.A. -> Techland)
FirewallRules: [{BEEFD967-494D-47A5-AE34-5643D0288181}] => (Allow) F:\SteamLibrary\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe (Techland S.A. -> Techland)
FirewallRules: [{AA123B78-63A4-45E1-BA3C-1E495F03BA5F}] => (Allow) F:\SteamLibrary\steamapps\common\The Isle\TheIsle.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{BF7C521E-E2DA-4D8D-A8A4-4C905E842C5E}] => (Allow) F:\SteamLibrary\steamapps\common\The Isle\TheIsle.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{9AD65CEA-C764-47D8-A098-763C5DDD40F3}] => (Allow) F:\SteamLibrary\steamapps\common\INSIDE\INSIDE.exe () [Datei ist nicht signiert]
FirewallRules: [{084DC416-1C80-4965-BDBD-84D04E62406F}] => (Allow) F:\SteamLibrary\steamapps\common\INSIDE\INSIDE.exe () [Datei ist nicht signiert]
FirewallRules: [{CC1357D3-5094-4EA8-B533-B200D8BD62CA}] => (Allow) F:\SteamLibrary\steamapps\common\Roosevelt\Morkredd.exe () [Datei ist nicht signiert]
FirewallRules: [{BD54C259-D7A2-4979-A145-90E4BABDD2C9}] => (Allow) F:\SteamLibrary\steamapps\common\Roosevelt\Morkredd.exe () [Datei ist nicht signiert]
FirewallRules: [{9ED880B8-5A97-44EB-84F5-F4A0983573BA}] => (Allow) F:\SteamLibrary\steamapps\common\Uno\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{530B47AE-8494-4476-87D2-3E567413632E}] => (Allow) F:\SteamLibrary\steamapps\common\Uno\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{F3967CD7-887E-4EDB-BCAE-91C84BF959B0}] => (Allow) G:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe () [Datei ist nicht signiert]
FirewallRules: [{A4449AAA-AA04-460F-AF6E-BB572D31878E}] => (Allow) F:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [Datei ist nicht signiert]
FirewallRules: [{AAC23F92-5AF3-4436-8AD8-5212B4D571C7}] => (Allow) F:\SteamLibrary\steamapps\common\Brawlhalla\Brawlhalla.exe (Blue Mammoth Games) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{E2CFA284-E787-4333-B0A2-B055469FE129}F:\steamlibrary\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe] => (Allow) F:\steamlibrary\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{AD8D88E0-BD35-4977-B6F2-90C030A081C7}F:\steamlibrary\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe] => (Allow) F:\steamlibrary\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D3465993-7E60-4F40-907D-1DD6E1C275F2}] => (Allow) F:\SteamLibrary\steamapps\common\Ben and Ed - Blood Party\BaEBloodParty.exe () [Datei ist nicht signiert]
FirewallRules: [{06B2A721-8287-48DD-BD84-30D27B6490A0}] => (Allow) F:\SteamLibrary\steamapps\common\Ben and Ed - Blood Party\BaEBloodParty.exe () [Datei ist nicht signiert]
FirewallRules: [{F5B4EC25-586F-49BB-AD01-FE5E4B97987C}] => (Allow) F:\SteamLibrary\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert]
FirewallRules: [{4E3E69B4-C5ED-47E5-B359-757EBF61DCC5}] => (Allow) F:\SteamLibrary\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert]
FirewallRules: [{F7921328-D006-4316-ABBC-3A7E2298EA78}] => (Allow) F:\SteamLibrary\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [{75B9FA39-F05D-4938-ADBC-B6567287233D}] => (Allow) F:\SteamLibrary\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [{D3FE4607-EBD4-4F7B-A3C1-5D6B6776DA7C}] => (Allow) F:\SteamLibrary\steamapps\common\Ghost Watchers\Ghost Watchers.exe () [Datei ist nicht signiert]
FirewallRules: [{9A8B35AE-F86C-49B3-A471-89EFA7EF97FB}] => (Allow) F:\SteamLibrary\steamapps\common\Ghost Watchers\Ghost Watchers.exe () [Datei ist nicht signiert]
FirewallRules: [{0283B379-4234-4E95-B286-CA661D0E09FB}] => (Allow) F:\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe (Techland S.A. -> Techland)
FirewallRules: [{73650B33-12E6-4901-A6E3-0233A4B81733}] => (Allow) F:\SteamLibrary\steamapps\common\Dying Light\DyingLightGame.exe (Techland S.A. -> Techland)
FirewallRules: [{4A68670A-4088-4598-AC74-06549D01DD6B}] => (Allow) C:\Users\Matthias\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{2CCD2093-92A2-46F7-A941-984A0DA8A694}] => (Allow) C:\Users\Matthias\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{0E3372F6-C7AE-490E-9076-188825448E36}] => (Allow) F:\SteamLibrary\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert]
FirewallRules: [{7B714CA2-04D9-41DE-B631-5FD936D03B91}] => (Allow) F:\SteamLibrary\steamapps\common\skyrim\skse_steam_boot.exe () [Datei ist nicht signiert]
FirewallRules: [{EF7F0DD6-5BF5-40C2-8F0E-E263F1033159}] => (Allow) F:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [{A19518B2-7D35-491C-9B21-0EB947EB20E5}] => (Allow) F:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{DF6886E9-745D-49D4-A266-BDFB16CA8313}F:\steamlibrary\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Allow) F:\steamlibrary\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe (Kunos Simulazioni) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{077A455D-D7E3-41F2-AC57-0B432186034B}F:\steamlibrary\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Allow) F:\steamlibrary\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe (Kunos Simulazioni) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{FA8EA282-C5DF-4393-BEFB-4B946B543D6D}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe (DIVX LLC -> DivX, LLC)
FirewallRules: [TCP Query User{82DCE184-1906-4C75-AE1E-C06D90452529}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe (DIVX LLC -> DivX, LLC)
FirewallRules: [UDP Query User{AA1F3158-5F2F-4303-A4BA-EA3FA9935729}F:\steamlibrary\steamapps\common\videohorrorsociety\game\binaries\win64\game-win64-shipping.exe] => (Allow) F:\steamlibrary\steamapps\common\videohorrorsociety\game\binaries\win64\game-win64-shipping.exe (Hellbent Games) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F9346D1D-D9EF-44AA-B495-AAF5C68FFC51}F:\steamlibrary\steamapps\common\videohorrorsociety\game\binaries\win64\game-win64-shipping.exe] => (Allow) F:\steamlibrary\steamapps\common\videohorrorsociety\game\binaries\win64\game-win64-shipping.exe (Hellbent Games) [Datei ist nicht signiert]
FirewallRules: [{55BEE47D-A23F-423A-B8F2-224DD5EDE52F}] => (Allow) F:\SteamLibrary\steamapps\common\VideoHorrorSociety\VideoHorrorSociety.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{0342A386-40BA-47A3-87D0-180D04618524}] => (Allow) F:\SteamLibrary\steamapps\common\VideoHorrorSociety\VideoHorrorSociety.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{E7C341A0-2A11-4070-B6B6-29F23F402090}] => (Allow) F:\SteamLibrary\steamapps\common\Dinkum\Dinkum.exe () [Datei ist nicht signiert]
FirewallRules: [{EBAF88B4-3455-4FDD-B8A7-2F43D1F8C7B8}] => (Allow) F:\SteamLibrary\steamapps\common\Dinkum\Dinkum.exe () [Datei ist nicht signiert]
FirewallRules: [{5BD7644C-12A5-4654-930B-33F4D6C1F632}] => (Allow) F:\SteamLibrary\steamapps\common\Assetto Corsa Competizione\acc.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{50009D16-925C-4CFC-BDB8-3F54106F8039}] => (Allow) F:\SteamLibrary\steamapps\common\Assetto Corsa Competizione\acc.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{CBCD6EF4-9C25-41DC-ACFB-C72F8C589109}] => (Allow) F:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{23353BB4-969C-4A7D-8278-0849EEEBF2B5}] => (Allow) F:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{E7A9B4DC-C24B-41C0-A941-2432ECF04137}] => (Allow) F:\SteamLibrary\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{257F6A2A-EE92-446A-BD69-4C123EA6D7C1}] => (Allow) F:\SteamLibrary\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{6E64C554-C63B-4C55-96F6-39CEFFDF1935}] => (Allow) F:\SteamLibrary\steamapps\common\Scribble It!\ScribbleIt\Binaries\Win64\ScribbleIt-Win64-Shipping.exe (Detach Entertainment) [Datei ist nicht signiert]
FirewallRules: [{BB256346-19AA-41D1-B732-3E61DF485982}] => (Allow) F:\SteamLibrary\steamapps\common\Scribble It!\ScribbleIt\Binaries\Win64\ScribbleIt-Win64-Shipping.exe (Detach Entertainment) [Datei ist nicht signiert]
FirewallRules: [{BD4419F1-DC95-47F0-9C22-C6C1423676FC}] => (Allow) F:\SteamLibrary\steamapps\common\Scribble It!\ScribbleIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{A7B7CDF3-603E-4D7B-8CBE-E5CDDA92655A}] => (Allow) F:\SteamLibrary\steamapps\common\Scribble It!\ScribbleIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{3C485AC9-A822-4CFC-BFF0-8D5CD8CA70E7}] => (Allow) F:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [Datei ist nicht signiert]
FirewallRules: [{68412994-9757-488A-9829-89F86E7932B1}] => (Allow) F:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [Datei ist nicht signiert]
FirewallRules: [{FF6AA093-481E-48B0-8BCE-A3ABD33C51AD}] => (Allow) F:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Datei ist nicht signiert]
FirewallRules: [{30DA3163-9A47-49F2-B578-EF996065BAF3}] => (Allow) F:\SteamLibrary\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Datei ist nicht signiert]
FirewallRules: [{13CB71FC-8815-4A9E-B847-8BFF59580192}] => (Allow) F:\SteamLibrary\steamapps\common\Goose Goose Duck\Goose Goose Duck.exe (Gaggle Studios, Inc -> )
FirewallRules: [{09B75B0D-D5F0-4F85-82DE-22B2761B55CF}] => (Allow) F:\SteamLibrary\steamapps\common\Goose Goose Duck\Goose Goose Duck.exe (Gaggle Studios, Inc -> )
FirewallRules: [{62599DFF-A5D0-468D-898D-1B237BD31FC6}] => (Allow) F:\SteamLibrary\steamapps\common\We Were Here Together\We Were Here Together.exe () [Datei ist nicht signiert]
FirewallRules: [{F0D35C8F-02DB-45A7-A09E-39DC06C0FDF1}] => (Allow) F:\SteamLibrary\steamapps\common\We Were Here Together\We Were Here Together.exe () [Datei ist nicht signiert]
FirewallRules: [{28FA898D-FFE1-4299-9B94-999731A85C1A}] => (Allow) F:\SteamLibrary\steamapps\common\For The King\FTK.exe () [Datei ist nicht signiert]
FirewallRules: [{E4E44682-D548-4C09-A554-46678648360D}] => (Allow) F:\SteamLibrary\steamapps\common\For The King\FTK.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{EF73462A-13B9-437B-84A5-339A4B99EA0C}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{FD4E0AB3-09F9-43DA-8E57-2640C616BB54}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9B2D6E77-9557-4EA0-8448-8AB744589BCA}F:\steamlibrary\steamapps\common\satisfactory\engine\binaries\win64\factorygame-win64-shipping.exe] => (Allow) F:\steamlibrary\steamapps\common\satisfactory\engine\binaries\win64\factorygame-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{3FF6010C-62B6-43A1-8042-F7B7BAFC10BC}F:\steamlibrary\steamapps\common\satisfactory\engine\binaries\win64\factorygame-win64-shipping.exe] => (Allow) F:\steamlibrary\steamapps\common\satisfactory\engine\binaries\win64\factorygame-win64-shipping.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{49156577-B8B5-43C6-927E-EEAEED2F29BC}] => (Allow) F:\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D1EFCFE9-6385-400B-90FD-0B78B14C171E}] => (Allow) F:\SteamLibrary\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{33D1D8B9-92B3-4313-B3AD-F31C22F798D8}] => (Allow) F:\SteamLibrary\steamapps\common\Ring of Pain\Ring Of Pain.exe () [Datei ist nicht signiert]
FirewallRules: [{D741703C-49D6-4E66-B92C-6F33F4DA9FF0}] => (Allow) F:\SteamLibrary\steamapps\common\Ring of Pain\Ring Of Pain.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{267ADD05-215B-419A-B2FA-F35F5A82559D}C:\program files (x86)\pokerstars.eu\br\pokerstarsbr.exe] => (Allow) C:\program files (x86)\pokerstars.eu\br\pokerstarsbr.exe (TSG INTERACTIVE SERVICES LIMITED -> Flutter Entertainment plc)
FirewallRules: [TCP Query User{F491200F-660B-418D-8B2D-8CAB5E312E5F}C:\program files (x86)\pokerstars.eu\br\pokerstarsbr.exe] => (Allow) C:\program files (x86)\pokerstars.eu\br\pokerstarsbr.exe (TSG INTERACTIVE SERVICES LIMITED -> Flutter Entertainment plc)
FirewallRules: [UDP Query User{7C12B751-9E62-4074-A763-36536CA8A4A1}F:\steamlibrary\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) F:\steamlibrary\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe (Crytek GmbH) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{8076011A-B804-401F-876E-F0E1820E680A}F:\steamlibrary\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe] => (Allow) F:\steamlibrary\steamapps\common\hunt showdown\bin\win_x64\huntgame.exe (Crytek GmbH) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{BF723347-93C3-486F-93FC-7A2979C561C7}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{4138699C-7FC6-4784-A8B4-092522260D90}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{EC7A79C1-5EDD-492D-BA75-EAEDF6DE0B90}] => (Allow) F:\SteamLibrary\steamapps\common\Hunt Showdown\hunt.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{813C30B4-3704-49FB-B0CD-1D8825222F84}] => (Allow) F:\SteamLibrary\steamapps\common\Hunt Showdown\hunt.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{46D8C8EB-C521-4004-B320-AA64368EEF3B}] => (Allow) F:\SteamLibrary\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5E08D09-6016-4E18-83A4-779CE6771E9F}] => (Allow) F:\SteamLibrary\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F42F6A7-065B-4806-B1E3-73ECFB5564D7}] => (Allow) C:\Program Files\Elgato\4KCaptureUtility\4KCaptureUtility.exe (Corsair Memory, Inc. -> Elgato Systems)
FirewallRules: [{E99D9D26-E062-46D9-8876-2D0B331514E3}] => (Allow) C:\Program Files\MAGIX\Video deluxe Plus\2017\Videodeluxe.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{62FB9B0D-8D5B-48FB-9812-82F596F38D40}] => (Allow) F:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{186840AE-111C-4C8D-B7AC-55CD3F9DE2C7}] => (Allow) F:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{32F3EB0A-169F-4A49-B7ED-3E4D23E40DDD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BB0406EF-AB54-419A-A81E-F1DE0B5A1B37}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{53ED69F3-0D5D-4CAC-A5F9-A553B0B839E4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2F87AF7B-D5DB-48EC-95A2-FFCA5CE7AD53}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{4781688D-2840-4FFD-827D-3943CDAD5CE3}C:\program files (x86)\xtremetuner\xtremetuner\xtreme tuner.exe] => (Allow) C:\program files (x86)\xtremetuner\xtremetuner\xtreme tuner.exe (Galaxy Microsystems Ltd) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{D98088B5-30CB-40E4-A06A-FCE176438819}C:\program files (x86)\xtremetuner\xtremetuner\xtreme tuner.exe] => (Allow) C:\program files (x86)\xtremetuner\xtremetuner\xtreme tuner.exe (Galaxy Microsystems Ltd) [Datei ist nicht signiert]
FirewallRules: [{889F7A54-FBDF-44EC-9157-A00A4A997468}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5A66BC57-BE9B-475A-BE5B-EC9A31AAC1D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9BB5097B-ACEC-4375-98C4-0DC9A36678B3}] => (Allow) F:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{6BDECB43-D809-4787-9BC4-9D736D46D72C}] => (Allow) F:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{89944FA5-7BEA-4286-89C8-7F99A332925E}G:\battlenet\overwatch\_retail_\overwatch.exe] => (Allow) G:\battlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{249C9CBC-F5A1-4C49-9CFF-492C0285B7DD}G:\battlenet\overwatch\_retail_\overwatch.exe] => (Allow) G:\battlenet\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{2469E286-4247-4277-B2BA-11911DF08398}] => (Allow) F:\SteamLibrary\steamapps\common\Inside The Backrooms\Inside the Backrooms.exe (Unity Technologies ApS) [Datei ist nicht signiert]
FirewallRules: [{2E566F06-CBC4-4660-AF06-EE5D75487754}] => (Allow) F:\SteamLibrary\steamapps\common\Inside The Backrooms\Inside the Backrooms.exe (Unity Technologies ApS) [Datei ist nicht signiert]
FirewallRules: [{2F7E21F8-AEA4-45DB-871B-4DDC57BD228B}] => (Allow) F:\SteamLibrary\steamapps\common\Farming Simulator 22\x64\FarmingSimulator2022Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{8F66D2DC-F9C9-4357-87EB-E784D4B111D1}] => (Allow) F:\SteamLibrary\steamapps\common\Farming Simulator 22\x64\FarmingSimulator2022Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{C8B70F83-1B9D-47EC-A344-C01AA7043F1B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{258C1E36-863B-483B-ABD1-56371D0CCDD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B80B9B4-A430-461B-B8B5-7DF912919038}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{17EC7AB2-0A3D-4944-AC46-DAF10FC5369F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0A6F3D83-71E5-49A4-8C7C-ED156B0B5D09}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FF1B3AC5-58B4-4306-AC60-6CE5CCDF5AE6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{61FB624E-D9C2-491F-B22F-519664A68C81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3685969A-527B-49E2-BD57-B0DE43F017BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FDD62B7A-FDFD-4BD6-A219-54049CD87E27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6427DC8A-F71F-4EC0-B413-A2DE21286AAB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.26\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D59315B3-1932-4EE8-92B2-6FE5C0AD179D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{099D2FD5-BAF3-44E6-A595-213558CB60A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{41E7E96C-D3E6-4A9C-A7D7-8C5102747E93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D60FA637-5841-4431-81A1-DED917BA2F88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{AB63F4CC-130E-4B54-9925-A3DC1CFDB0A0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{78FA1C59-E434-417C-BB0C-88C0F9243A64}] => (Allow) LPort=32682
FirewallRules: [{685BFB57-D812-4CBD-8F47-90DD5543AC13}] => (Allow) LPort=26822
==================== Wiederherstellungspunkte =========================
30-10-2022 19:27:47 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664
02-11-2022 22:46:17 TotalAV-Installation
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (11/04/2022 10:37:01 AM) (Source: Application Error) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Name der fehlerhaften Anwendung: SecurityHealthService.exe, Version: 10.0.22621.608, Zeitstempel: 0x45a7fb3f
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.22621.608, Zeitstempel: 0xf5fc15a3
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000007f61e
ID des fehlerhaften Prozesses: 0x0x42e4
Startzeit der fehlerhaften Anwendung: 0x0x1d8ef177e2b6439
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\SecurityHealthService.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ucrtbase.dll
Berichtskennung: 3bcc6171-b69a-47fc-84cc-c81bee822a86
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/03/2022 01:01:51 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-V6D1Q80$ über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 03 Nov 2022 00:01:50 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 58106c33-dd21-4d6e-81df-e32ee0eb3605
Methode: GET(219ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (11/03/2022 01:01:51 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 03 Nov 2022 00:01:49 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 32d8bbce-ef78-456f-97f0-d8b07b184c45
Methode: GET(437ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (11/03/2022 12:59:23 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-V6D1Q80$ über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 02 Nov 2022 23:59:21 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ac774fcc-482f-4484-a6aa-908195109c92
Methode: GET(250ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (11/03/2022 12:59:22 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 02 Nov 2022 23:59:21 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 653a12ca-9fcb-425c-8931-c0c4c1ac911e
Methode: GET(516ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (11/03/2022 12:58:00 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-V6D1Q80$ über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 02 Nov 2022 23:57:59 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7b0d9e27-0619-4740-a3b3-9d2efa830f82
Methode: GET(234ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (11/03/2022 12:58:00 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 02 Nov 2022 23:57:58 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: de841058-a0c4-4966-be16-c5afdfb6e106
Methode: GET(406ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (11/02/2022 11:58:13 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-V6D1Q80$ über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 02 Nov 2022 22:58:12 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 52145711-fa6c-4b82-ab42-ce9dbeef7980
Methode: GET(250ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Systemfehler:
=============
Error: (11/04/2022 10:37:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Sicherheitsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/04/2022 09:51:28 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-V6D1Q80)
Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/03/2022 11:06:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/03/2022 11:06:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Matthias\AppData\Local\Temp\ehdrv.sys
Error: (11/03/2022 11:06:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/03/2022 11:06:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Matthias\AppData\Local\Temp\ehdrv.sys
Error: (11/03/2022 11:06:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/03/2022 11:06:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Matthias\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2022-11-03 13:28:55
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {18D95231-4B76-4860-827E-7BA8BAE7F586}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2022-11-02 22:35:04
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0
Name: Trojan:Script/Wacatac.H!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Matthias\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\Attachments\Amazon-Service-Center[2083].docx
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Benutzer
Benutzer: DESKTOP-V6D1Q80\Matthias
Prozessname: Unknown
Sicherheitsversion: AV: 1.377.1208.0, AS: 1.377.1208.0, NIS: 1.377.1208.0
Modulversion: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-11-02 18:00:52
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {B4274816-859D-40EA-83AA-49A34DD890E6}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2022-10-31 23:57:52
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {E182AB9F-57E5-494D-99DD-B74871E43F5D}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2022-10-31 22:00:31
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:XML/Phish.J!eml&threatid=2147745319&enterprise=0
Name: Trojan:XML/Phish.J!eml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Matthias\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\4\Attachments\Amazon-Service-Center[2083].docx
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Benutzer
Benutzer: DESKTOP-V6D1Q80\Matthias
Prozessname: Unknown
Sicherheitsversion: AV: 1.377.1037.0, AS: 1.377.1037.0, NIS: 1.377.1037.0
Modulversion: AM: 1.1.19700.3, NIS: 1.1.19700.3
CodeIntegrity:
===============
Date: 2022-11-04 10:52:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends International, LLC. A.F0 12/16/2021
Hauptplatine: Micro-Star International Co., Ltd. MPG X570 GAMING PLUS (MS-7C37)
Prozessor: AMD Ryzen 9 5900X 12-Core Processor
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 32689.01 MB
Verfügbarer physikalischer RAM: 23140.9 MB
Summe virtueller Speicher: 34737.01 MB
Verfügbarer virtueller Speicher: 22654.45 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:465.05 GB) (Free:165.84 GB) (Model: KIOXIA-EXCERIA SSD) NTFS
Drive d: (Daten) (Fixed) (Total:927.49 GB) (Free:840.15 GB) (Model: TOSHIBA HDWD110) NTFS
Drive e: (HI-TECH Treiber) (Fixed) (Total:4 GB) (Free:2.2 GB) (Model: TOSHIBA HDWD110) NTFS
Drive f: (Games) (Fixed) (Total:931.5 GB) (Free:198.19 GB) (Model: CT1000MX500SSD1) NTFS
Drive g: (Games 2) (Fixed) (Total:931.02 GB) (Free:844.47 GB) (Model: CT1000MX500SSD1) NTFS
\\?\Volume{4a1d83a8-a8d4-4c38-9a98-3b3d2f653224}\ (Wiederherstellung) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{3c21b2b5-63e0-41e4-b414-23a746633e5e}\ () (Fixed) (Total:0.59 GB) (Free:0.06 GB) NTFS
\\?\Volume{75719950-ca3e-4fc8-9563-11283dbf2d84}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 52A1EBBD)
Partition: GPT.
==========================================================
Disk: 3 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ======================= --- --- ---
Mit Malwarebytes hatte ich auch 2 Läufe, wo etwas gefunden wurde: Code:
Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 02.11.22
Scan-Zeit: 20:56
Protokolldatei: 7aa9a9dc-5ae8-11ed-9cc2-2cf05d9ca228.json
-Softwaredaten-
Version: 4.5.16.217
Komponentenversion: 1.0.1792
Version des Aktualisierungspakets: 1.0.61808
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 11 (Build 22621.674)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-V6D1Q80\Matthias
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 303310
Erkannte Bedrohungen: 1
In die Quarantäne verschobene Bedrohungen: 1
Abgelaufene Zeit: 1 Min., 13 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 1
PUP.Optional.DotSetupIo, C:\USERS\MATTHIAS\APPDATA\LOCAL\TEMP\DXA93D9.TMP\DXA93DA.TMP, In Quarantäne, 841, 1016023, 1.0.61808, , ame, , 784324F3CA8C6AAEE99632BF7842B8A9, C6CB0A91CB433BBA19A5486B03E437FD83EAE05DBC2E10B45236777046B62AD7
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end) Lauf 2: Code:
Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 02.11.22
Scan-Zeit: 23:48
Protokolldatei: 79da223b-5b00-11ed-9c45-2cf05d9ca228.json
-Softwaredaten-
Version: 4.5.16.217
Komponentenversion: 1.0.1792
Version des Aktualisierungspakets: 1.0.61814
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 11 (Build 22621.674)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-V6D1Q80\Matthias
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 304548
Erkannte Bedrohungen: 2
In die Quarantäne verschobene Bedrohungen: 2
Abgelaufene Zeit: 0 Min., 35 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 2
PUP.Optional.TotalAV, C:\USERS\PUBLIC\DESKTOP\TOTALAV.LNK, In Quarantäne, 9128, 795103, 1.0.61814, , ame, , CBB87048DE8B8CCBED1C9F63616E1880, 473B283098BBDD5C9D2049EB49C20FFAA8C32273B21CCFA9DD407D048E419E88
PUP.Optional.TotalAV, C:\PROGRAM FILES (X86)\TOTALAV\PASSWORDEXTENSION.WIN.EXE, In Quarantäne, 9128, 849702, 1.0.61814, , ame, , 1FBB99353646E27091C024992441FA3C, B6A82791FB9E11D06B9F1F467F1A5930676AB4CFCB2C973E6B985BAE64E68534
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end) Jeder weitere Lauf war ohne Bedrohung.
Hoffe ich hab nichts vergessen. |