Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Alle Konten gehackt, Trojan.Multi.Penguish.b, Trojan.Win32.Hosts.Gen, Fremder zugriff auf PC? (https://www.trojaner-board.de/211287-alle-konten-gehackt-trojan-multi-penguish-b-trojan-win32-hosts-gen-fremder-zugriff-pc.html)

EinsMarcel 14.08.2024 10:27
Alle Konten gehackt, Trojan.Multi.Penguish.b, Trojan.Win32.Hosts.Gen, Fremder zugriff auf PC?
 
Guten Tag Trojan Board community,
Ich denke oder bin mir ziemlich sicher das ich mir ein Trojaner eingefangen habe. Alles hat vor ca. 2 Monaten angefangen als nach und nach auf so ziemlich alle meine Konten Fremde Geräte zugriff hatten oder es zumindest versuchten, nichtmal 2FA hilf dort. Ich hatte natürlich sofort ein Windows Virenscan gemacht aber der findete nichts, also dachte ich das meine Passwörter eben einmal geklaut wurden und damit hat sichs. Gestern hatte ich herausgefunden das es so nicht sein kann, weil die "Hacker" irgendwie die EA Konto 2FA codes von meiner G-Mail auslesen konnten, obwohl kein unbekanntes Gerät zugriff auf dieses hatte. Daraufhin habe ich das Kaspersky Virus Removal Tool runtergeladen um dann einen vollständigen Scan über Nacht zu starten. Als ich dann morgens früh aufgewacht waren, sind mir erstmal sofort 2 kritische Sicherheitswarnungen von zwei meiner Google Konten aufgrund verdächtiger Aktivität ins Auge gesprungen, und diese verdächtige Aktivität kam laut Google von MEINEM Pc aus (Da dies das einzige Gerät war welches automatisch abgemeldet wurde). Kaspersky hatte durch den Scan in C:\Windows\System32\drivers\etc\hosts, C:\Windows\System32\drivers\etc\hosts.tmp, C:\Windows\System32\drivers\etc\hosts.rollback und C:\Users\marce\AppData\Local\Packages\TheDebianProject.DebianGNULinux_76v4gfsz19hv4\LocalState\rootfs\etc\hosts den Trojaner Trojan.Win32.Hosts.gen gefunden und in C:\Users\marce\AppData\Roaming\Hq_Control\SftTree_IX86_U_60.dll hatte es HEUR:Trojan.Multi.Penguish.b gefunden, mittlerweile sind die Hosts Dateien zurückgesetzt und die dll in Quarantäne. (Und noch eine crdownload Datei, aber nach meinem Wissens sind die eh Datenmüll)Ich habe aber Angst das es noch mehr Dateien gibt die der Antivirus nicht gefunden hat, deswegen richte ich mich jetzt en euch. Ich hätte gerne noch die Kaspersky Report Datei angehängt, aber da sie die enc1 Endung hat und die hier bei der Erlaubten Dateierweiterungen nicht aufgeführt wird, konnte ich es leider nicht. Und ein Screenshot davon kann ich leider auch nicht hochladen, da es mir nur diese Fehlermeldung ganz oft anzeigt "PHP User Warning: is_dir(): open_basedir restriction in effect. File(/) is not within the allowed path(s): (/var/www/vhosts/trojaner-board.de/:/tmp/) in ..../includes/functions_file.php on line 60"
Ich muss mein Hilfersuch in mehrere Beiträge aufteilen da die Log Dateien sehr groß sind.


Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08.2024
durchgeführt von marce (Administrator) auf LAPTOP-ATC5R52J (ASUSTeK COMPUTER INC. TUF Gaming FX705DT_FX705DT) (14-08-2024 09:47:51)
Gestartet von C:\Users\marce\Downloads\FRST64.exe
Geladene Profile: marce
Plattform: Microsoft Windows 10 Home Version 22H2 19045.4651 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AO Kaspersky Lab -> AO Kaspersky Lab) C:\Users\marce\AppData\Local\Temp\{a1f18aa8-4dff-4f49-bd35-8c1a16b3f315}\e4881c05.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exeF
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\AlwaysOnTop\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\ColorPicker\PowerToys.ColorPickerUI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\PowerOCR\PowerToys.PowerOCR.exe
(Discord Inc. -> Discord Inc.) C:\Users\marce\AppData\Local\DiscordCanary\app-1.0.431\DiscordCanary.exe <6>
(DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\marce\AppData\Local\Microsoft\OneDrive\24.146.0721.0003\Microsoft.SharePoint.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (SIA AVB Disc Soft -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\Aura Wallpaper Service\AuraWallpaperService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe <2>
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> ) C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_6e87d9907e09ff6b\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SIA AVB Disc Soft -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Virtual Desktop, Inc. -> Virtual Desktop, Inc.) C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe
(services.exe ->) (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2429.10.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ) C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.9.4.0_x64__qmba6cd70vzyy\ArmouryCrate.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <4>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2407.1001.1.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-07-09] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [GaomonTablet] => C:\Users\marce\AppData\Roaming\GaomonTablet\GaomonTablet.exe [2154696 2021-05-11] (GUANZHOU GAOMON ELECTRONIC TECHNOLOGY CO.,LTD . -> Guangzhou Gaomon Technology Co., Ltd.)
HKLM-x32\...\Run: [Skiller PRO+] => C:\Program Files (x86)\Skiller PRO+\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies) [Datei ist nicht signiert]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\RunOnce: [d7a61eef-1cba-464a-923f-acc7191775b4] => "C:\Users\marce\AppData\Local\Temp\{1d3bbcd6-b811-4c5a-8cfe-5fe369d47c17}\d7a61eef-1cba-464a-923f-acc7191775b4.cmd" (Keine Datei) <==== ACHTUNG
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Discord] => C:\Users\marce\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4407656 2024-07-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36729320 2024-08-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\marce\AppData\Local\Microsoft\Teams\Update.exe [2591296 2024-01-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [PreMiD] => C:\Users\marce\AppData\Roaming\PreMiD\PreMiD.exe [126285312 2021-02-21] (GitHub, Inc.) [Datei ist nicht signiert]
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1832968 2024-08-05] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize  (Keine Datei) <==== ACHTUNG
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [DiscordCanary] => C:\Users\marce\AppData\Local\DiscordCanary\Update.exe [1525096 2022-07-14] (Discord Inc. -> GitHub)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Opera GX Stable] => C:\Users\marce\AppData\Local\Programs\Opera GX\launcher.exe [2273696 2024-06-18] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\marce\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46247680 2024-08-04] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [71185664 2024-08-04] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3380840 2024-08-13] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\marce\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2023-09-18] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [MicrosoftEdgeAutoLaunch_6A7EFD9FB16063B23C21C72578A008BC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3814968 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Lunar Client] => C:\Users\marce\AppData\Local\Programs\lunarclient\Lunar Client.exe [176849464 2024-08-10] (Moonsworth, LLC -> Moonsworth LLC)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13991760 2024-04-25] (GOG  sp. z o.o -> GOG.com)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [6021896 2024-06-19] (Tonec Inc. -> Tonec Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482400 2024-06-27] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Microsoft.Lists] => C:\Users\marce\AppData\Local\Microsoft\OneDrive\24.146.0721.0003\Microsoft.SharePoint.exe [1025552 2024-08-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [AF_uuid_2139460] => 216ccfc5-56a2-4254-9ac1-ac0f5d0f2beb (Keine Datei)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [AF_counter_2139460] => 1 (Keine Datei)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\127.0.6533.100\Installer\chrmstp.exe [2024-08-08] (Google LLC -> Google LLC)
AppInit_DLLs: C:\PROGRA~1\VIRTUA~1\VIRTUA~4.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector64.dll [132520 2021-01-09] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
Startup: C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-11-28]
ShortcutTarget: Twitch.lnk -> C:\Users\marce\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {111E9450-D29A-4936-B036-BBB5D7EBFA6D} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusHotkey.exe [324960 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {AC43ECFE-A103-45D2-96A4-52DA6DF57432} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusUpdateChecker.exe [792296 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {34BBEF4F-D3EB-497B-8BE2-495560998244} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [313192 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {A4120DC2-72F5-4ACA-A917-54A5476A4D44} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1898344 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {CBC06814-F46D-4C73-BA22-68934E6D7BA5} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d66fb738d40797 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-08-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {84D11694-9BBB-42D1-88C9-38C6B4909D1B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-08-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {AFA59341-1E23-4DC4-A27E-196D304A6398} - System32\Tasks\ASUS\Aura Wallpaper Service => C:\Program Files\ASUS\Aura Wallpaper Service\Aura Wallpaper Service.exe [2103408 2023-05-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {301A9B7B-89BA-4686-9C02-B8431BD06142} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2023-07-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {297A174C-824B-42C8-AE45-FF596F7AD52E} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (Keine Datei)
Task: {4ABCDE3B-7E71-4564-A944-F6950F5C97A3} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe [5097936 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B31FA52E-C1E3-4F1E-97D9-B448A8F1C2A5} - System32\Tasks\DSB Notification => C:\Program Files\ASUS\DSB Notification\DSBNotification.exe [782216 2019-01-28] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {2A30ED9B-F45F-4FFF-A27C-BF574326F4ED} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{C6F48DCB-FF55-497E-9162-04B454445745} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC)
Task: {4063069A-7DCA-4D8B-9A2F-92257D26A05B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28584424 2024-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E32B778-03E7-4E2F-8693-661A4C1FB402} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28584424 2024-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {1515B75C-2CB7-43A8-84EB-811A773B7BB6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312288 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DC887E4-27F2-4659-B772-9336A118E2C8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312288 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {57004B5F-3F6D-4C61-A507-76A7B5413A45} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [182240 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {797E53C3-1FC1-45E9-AB78-BE80BBE2B5D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {701AF646-EBF7-4A74-A4DD-B2D407394953} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F7E01F17-D0CB-4FEC-A402-45A9123598CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0D14F71C-E9CE-4C86-A68F-E772803EDA91} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2390B1B9-0CFC-474A-8E8B-E07600BC1B5F} - System32\Tasks\nefarius_HidHide_Updater => C:\Program Files\Nefarius Software Solutions\HidHide\x64\nefarius_HidHide_Updater.exe  --background --log-level info (Keine Datei)
Task: {FDE915FB-96FC-4984-8251-464C3591F69B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {62C0AF75-084C-4486-BE18-FEDECCBAFD04} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BE53276-A64C-4716-ABD5-F2B555DD669E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {DE6A011A-13FD-4269-BE91-E60D612A8771} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {058E972B-0F02-4959-AFFB-F7C947EB7789} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81CB18A6-35DD-41D2-ACB1-9B4DC3C51E4C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A72DCB3-45C1-41B4-B986-77BC77A87535} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {41C816BA-A8E5-410F-922E-E0C7D541B59F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F8CC03F-FB42-4418-8ED9-73ED8D98BE65} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BACF90A-FE8C-40A7-BB44-FB8C15A1A0D4} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1665594722 => C:\Users\marce\AppData\Local\Programs\Opera GX\launcher.exe [2273696 2024-06-18] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\marce\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {317010CE-1626-48E3-8E42-E9437DE905D5} - System32\Tasks\Opera GX scheduled Autoupdate 1664471426 => C:\Users\marce\AppData\Local\Programs\Opera GX\launcher.exe [2273696 2024-06-18] (Opera Norway AS -> Opera Software)
Task: {E60DE1E9-628C-4DF5-8569-39322BCFDB38} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2370056 2024-08-05] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {265D324F-C874-4852-9D4A-EC824D4FA62A} - System32\Tasks\PowerToys\Autorun for marce => C:\Program Files\PowerToys\PowerToys.exe [1087936 2023-01-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A3D1E78-F43F-4F42-9052-2224BC879AA1} - System32\Tasks\RtkAudUService64_BG => C:\Windows\system32\RtkAudUService64.exe [862192 2019-02-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0553770d-67ed-47e7-b31c-e215500dfcb2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0553770d-67ed-47e7-b31c-e215500dfcb2}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\64259445A51224F6870273539303024585: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\64259445A51224F6870273539303024585: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\64259445A51224F6870273539303024585: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\75C414E40225943484142544027574: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\75C414E40225943484142544027574: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\75C414E40225943484142544027574: [DhcpDomain] fritz.box

Edge:
=======
Edge Profile: C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-18]
Edge Extension: (PreMiD) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\agjnjboanicjcpenljmaaigopkgdnihi [2024-07-18]
Edge Extension: (AutoDraw for skribbl.io) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bpnefockcbbpkbahgkkacjmebfheacjb [2023-05-14]
Edge Extension: (FrankerFaceZ) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2021-12-21]
Edge Extension: (Return YouTube Dislike) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2024-04-24]
Edge Extension: (Google Docs Offline) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-01]
Edge Extension: (BetterTTV) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2024-06-24]
Edge Extension: (Netflix Party is now Teleparty) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\igbncjcgfkfnfgbaieiimpfkobabmkce [2024-07-06]
Edge Extension: (Edge relevant text changes) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-03]
Edge Extension: (Video DownloadHelper) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmkaglaafmhbcpleggkmaliipiilhldn [2024-06-24]
Edge Extension: (IDM Integration Module) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2024-07-18]
Edge Extension: (VidSync) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\magpalppgpekmbgkamakkiiafbldipne [2021-12-21]
Edge Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-07-18]
Edge Extension: (Ears: Bass Boost, EQ Any Audio!) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nfdfiepdkbnoanddpianalelglmfooik [2023-05-14]
Edge HKU\S-1-5-21-136319151-2595665921-3748062372-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2024-06-19]

FireFox:
========
FF HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\marce\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\marce\AppData\Roaming\IDM\idmmzcc5 [2024-06-24] [] [ist nicht signiert]
FF HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-19] []
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default [2024-08-14]
CHR DownloadDir: C:\Users\marce\Downloads
CHR Notifications: Default -> hxxps://aternos.org; hxxps://community.citra-emu.org; hxxps://play.geforcenow.com; hxxps://web.telegram.org
CHR Extension: (PreMiD) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\agjnjboanicjcpenljmaaigopkgdnihi [2024-07-26]
CHR Extension: (BetterTTV) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-06-18]
CHR Extension: (Videochat Extension - IP Locator for Omegle) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\alchldmijhnnapijdmchpkdeikibjgoi [2024-08-05]
CHR Extension: (AutoDraw for skribbl.io) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpnefockcbbpkbahgkkacjmebfheacjb [2024-07-26]
CHR Extension: (uBlock Origin) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-08-05]
CHR Extension: (FrankerFaceZ) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-11-26]
CHR Extension: (Return YouTube Dislike) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2024-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-24]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-08-07]
CHR Extension: (Behind The Overlay) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljipkdpcjbmhkdjjmbbaggebcednbbme [2024-01-06]
CHR Extension: (Video DownloadHelper) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2024-08-09]
CHR Extension: (VidSync) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\magpalppgpekmbgkamakkiiafbldipne [2020-11-26]
CHR Extension: (Ears: Bass Boost, EQ Any Audio!) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfdfiepdkbnoanddpianalelglmfooik [2023-04-26]
CHR Extension: (IDM Integration Module) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-08-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2024-08-04]
CHR Profile: C:\Users\marce\AppData\Local\Google\Chrome\User Data\System Profile [2024-08-13]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-06-19]
CHR HKU\S-1-5-21-136319151-2595665921-3748062372-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-06-19]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-06-19]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-136319151-2595665921-3748062372-1001) Opera GXStable - "C:\Users\marce\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2704864 2024-05-26] (PROXIMA BETA PTE. LIMITED -> ANTICHEATEXPERT.COM)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-06-28] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-08-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\AsusAppService\AsusAppService.exe [1199464 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [502120 2023-11-22] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-08-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe [563152 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe [1377744 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSwitch\AsusSwitch.exe [650704 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe [5097936 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [865744 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 Aura Wallpaper Service; C:\Program Files\ASUS\Aura Wallpaper Service\AuraWallpaperService.exe [735856 2023-05-29] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 BandaiNamcoLauncherService; C:\Program Files (x86)\BandaiNamcoLauncher\Launcher\BridgeService\BandaiNamcoLauncherService.exe [150240 2023-11-08] (BANDAI NAMCO Online Inc. -> BNO)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2568840 2024-07-25] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2024-06-15] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13995624 2024-07-31] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4937312 2024-06-27] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
R2 DTSAPO3Service; C:\WINDOWS\System32\DTS\PC\APO3x\DTSAPO3Service.exe [223640 2019-09-03] (DTS, Inc. -> )
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [13772392 2024-08-13] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2024-06-11] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [960752 2024-07-14] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [8459408 2021-12-31] (Int3 Software AB -> Int3 Software AB)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348880 2024-04-25] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178064 2024-04-25] (GOG  sp. z o.o -> GOG.com)
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [635968 2023-03-21] (Gameforge 4D GmbH -> )
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [720568 2022-06-21] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [229568 2022-06-21] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-08-07] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11193088 2024-08-04] (Logitech Inc -> Logitech, Inc.)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-07-11] (The Document Foundation -> The Document Foundation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-29] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_6e87d9907e09ff6b\Display.NvContainer\NVDisplay.Container.exe [1274888 2024-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2370056 2024-08-05] (Overwolf Ltd -> Overwolf LTD)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [146688 2024-08-04] (Facebook Technologies, LLC -> Facebook Technologies, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [418048 2024-08-04] (Facebook Technologies, LLC -> Facebook Technologies, LLC)
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.2.11\ProtonVPNService.exe [474824 2024-03-27] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.2.11\ProtonVPN.WireGuardService.exe [474312 2024-03-27] (Proton AG -> ProtonVPN)
S2 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [40672 2021-09-10] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek Computer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [6792176 2024-07-07] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2065880 2024-06-14] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 ucldr_blueprotocol_jp; C:\Program Files\Common Files\Wellbia.com\ucldr_blueprotocol_jp.exe [5552168 2023-06-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 Updater; C:\Program Files\Virtual Desktop Streamer\Updater.exe [1122216 2021-01-09] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9730864 2024-07-09] (Riot Games, Inc. -> Riot Games, Inc.)
R2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [1962920 2020-12-01] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
S2 HidHideWatchdog.exe; "C:\Program Files\Nefarius Software Solutions\HidHide\x64\HidHideWatchdog.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1896736 2024-05-27] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [59344 2023-11-22] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSAIO.sys [49208 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusWmiAcpi.sys [49064 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 BadlionAnticheat; C:\Windows\system32\drivers\BadlionAnticheat.sys [1178120 2023-06-01] (Microsoft Windows Hardware Compatibility Publisher -> <Turtle Entertainment>)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2024-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2024-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EQU8_HELPER_19; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [38032 2021-10-02] (Int3 Software AB -> )
U3 f8b263be; C:\WINDOWS\System32\Drivers\f8b263be.sys [377392 2024-08-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2022-05-18] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 HidHide; C:\WINDOWS\System32\drivers\HidHide.sys [59088 2023-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 HoYoProtect; C:\WINDOWS\system32\HoYoKProtect.sys [3686568 2024-07-05] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
R2 IDMWFP; C:\WINDOWS\System32\drivers\idmwfp.sys [173736 2023-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Tonec Inc.)
R0 klupd_f8b263bea_arkmon; C:\WINDOWS\System32\Drivers\klupd_f8b263bea_arkmon.sys [396040 2024-08-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_f8b263bea_klark; C:\WINDOWS\System32\Drivers\klupd_f8b263bea_klark.sys [362464 2024-08-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_f8b263bea_klbg; C:\WINDOWS\System32\Drivers\klupd_f8b263bea_klbg.sys [198720 2024-08-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_f8b263bea_mark; C:\WINDOWS\System32\Drivers\klupd_f8b263bea_mark.sys [265416 2024-08-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-30] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2024-02-09] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R3 logi_audio_surround; C:\WINDOWS\System32\DriverStore\FileRepository\logi_audio.inf_amd64_ef292d87e6baed60\logi_audio_surround.sys [44200 2024-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-03-06] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-23] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-03-06] (Logitech Inc -> Logitech)
S1 lsibuoug; C:\WINDOWS\system32\drivers\lsibuoug.sys [52512 2024-08-14] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [75280 2022-01-02] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2022-01-02] (Oculus VR, LLC -> Facebook Inc.)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.2.11\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R2 SignalRgbDriver; C:\WINDOWS\System32\Drivers\SignalRgbDriver.sys [19984 2024-01-11] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2022-04-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 vdvad_WaveExtensible; C:\WINDOWS\System32\drivers\vdvad.sys [41072 2020-10-02] (Virtual Desktop, Inc. -> Virtual Desktop)
R3 vdvge; C:\WINDOWS\System32\drivers\vdvge.sys [77864 2020-10-02] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [39676808 2024-07-09] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [249400 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [19600 2021-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2021-08-12] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-08-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602504 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29592 2024-06-24] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [215864 2024-03-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 equ8_helper; \??\C:\WINDOWS\system32\DRIVERS\equ8_helper.sys [X]
S3 NEProtect; \??\D:\SteamLibrary\steamapps\common\Once Human\NEProtect.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-08-14 09:47 - 2024-08-14 09:50 - 000052493 _____ C:\Users\marce\Downloads\FRST.txt
2024-08-14 09:47 - 2024-08-14 09:49 - 000000000 ____D C:\FRST
2024-08-14 09:46 - 2024-08-14 09:46 - 002397184 _____ (Farbar) C:\Users\marce\Downloads\FRST64.exe
2024-08-13 20:40 - 2024-08-13 21:03 - 000000000 ____D C:\KVRT2020_Data
2024-08-13 20:38 - 2024-08-13 20:39 - 111720816 _____ (AO Kaspersky Lab) C:\Users\marce\Downloads\KVRT.exe
2024-08-13 19:49 - 2024-08-13 19:49 - 000000000 _____ C:\Users\marce\OneDrive\Desktop\Neues Textdokument (2).txt
2024-08-10 21:19 - 2024-08-10 21:19 - 001204704 _____ C:\Users\marce\Downloads\InventoryProfilesNext-fabric-1.21-2.0.4.jar
2024-08-10 21:17 - 2024-08-10 21:17 - 000084190 _____ C:\Users\marce\Downloads\justenoughbreeding-fabric-1.21-1.2.4.jar
2024-08-10 21:13 - 2024-08-10 21:13 - 000006188 _____ C:\Users\marce\Downloads\clientcrafting-fabric-1.21-1.8.jar
2024-08-07 22:46 - 2024-08-07 22:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-08-07 15:43 - 2024-08-07 15:43 - 000000000 ____D C:\Users\marce\AppData\Local\UniCompactView
2024-08-07 15:37 - 2024-08-07 15:37 - 000000000 ____D C:\Users\marce\AppData\Roaming\Netease
2024-08-07 15:30 - 2024-08-07 15:30 - 000000000 ____D C:\Users\marce\AppData\Roaming\CC
2024-08-07 15:29 - 2024-08-07 15:29 - 000000000 ____D C:\Users\marce\AppData\Local\UniSDK_FirstOpen
2024-08-07 15:09 - 2024-08-07 15:09 - 000000000 ____D C:\Users\marce\AppData\Local\UniSDK
2024-08-07 00:44 - 2024-08-07 00:44 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-08-07 00:43 - 2024-08-07 00:43 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (Preview).lnk
2024-08-05 17:41 - 2024-08-05 17:41 - 000000223 _____ C:\Users\marce\OneDrive\Desktop\Overwatch® 2.url
2024-08-04 16:05 - 2024-08-04 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-08-04 16:05 - 2024-08-04 16:05 - 000000000 ____D C:\Program Files\LGHUB
2024-07-26 21:55 - 2024-07-26 21:55 - 000000000 ____D C:\WINDOWS\system32\compatrel
2024-07-26 21:42 - 2024-07-26 21:42 - 000000000 ____D C:\Users\marce\AppData\LocalLow\sokpop
2024-07-26 21:37 - 2024-07-26 21:40 - 000000000 ____D C:\Users\marce\Downloads\Compressed
2024-07-26 18:02 - 2024-07-26 18:02 - 000000223 _____ C:\Users\marce\OneDrive\Desktop\Once Human.url
2024-07-25 00:24 - 2024-07-25 00:24 - 000000000 ____D C:\ProgramData\Battle.net_components
2024-07-18 18:16 - 2024-07-18 18:15 - 012188099 _____ C:\Users\marce\OneDrive\Desktop\Portfolio Marcel ***** Latein.pdf
2024-07-18 18:15 - 2024-07-18 18:15 - 012188099 _____ C:\Users\marce\Downloads\Portfolio mit Bilder (1).pdf
2024-07-18 18:13 - 2024-07-18 18:13 - 012181765 _____ C:\Users\marce\Downloads\Portfolio mit Bilder.pdf
2024-07-18 18:08 - 2024-07-18 18:08 - 017681985 _____ C:\Users\marce\OneDrive\Dokumente\Portfolio Marcel *****.odt
2024-07-18 18:08 - 2024-07-18 18:08 - 000393549 _____ C:\Users\marce\OneDrive\Dokumente\Portfolio Marcel ***** PDF.pdf
2024-07-18 16:31 - 2024-07-18 18:04 - 017681967 _____ C:\Users\marce\OneDrive\Dokumente\Unbenannt 1.odt
2024-07-18 16:21 - 2024-07-18 16:21 - 001076952 _____ C:\Users\marce\Downloads\Gescanntes Dokument 2024-07-18 um 16.20.20.pdf
2024-07-18 15:27 - 2024-07-18 15:27 - 000000000 ____D C:\Users\marce\AppData\LocalLow\Temp
2024-07-18 15:26 - 2024-07-18 15:26 - 012005255 _____ C:\Users\marce\Downloads\portfolio bilder.pdf
2024-07-18 15:10 - 2024-07-18 15:10 - 000000000 ____D C:\Users\marce\AppData\Roaming\LibreOffice
2024-07-18 15:10 - 2024-07-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 24.2
2024-07-18 15:09 - 2024-07-18 15:09 - 000000000 ____D C:\Program Files\LibreOffice
2024-07-18 15:07 - 2024-07-18 15:09 - 364859392 _____ C:\Users\marce\Downloads\LibreOffice_24.2.5_Win_x86-64.msi
2024-07-18 15:06 - 2024-07-18 15:06 - 012284295 _____ C:\Users\marce\Downloads\B5  ŁRKUNDUN  - DAS WILL ICHkk.docx.pdf
2024-07-16 18:47 - 2024-07-16 18:47 - 000000000 ____D C:\Users\marce\AppData\LocalLow\biggaming
2024-07-16 18:21 - 2024-07-16 18:21 - 000000223 _____ C:\Users\marce\OneDrive\Desktop\Contingency Plan.url

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-08-14 09:52 - 2020-11-26 06:50 - 000000000 ____D C:\Users\marce\AppData\Local\D3DSCache
2024-08-14 09:42 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-14 09:18 - 2022-07-18 18:25 - 000000000 ____D C:\Users\marce\AppData\Roaming\discordcanary
2024-08-14 09:16 - 2022-07-18 18:25 - 000002341 _____ C:\Users\marce\OneDrive\Desktop\Discord Canary.lnk
2024-08-14 09:16 - 2022-07-18 18:25 - 000000000 ____D C:\Users\marce\AppData\Local\DiscordCanary
2024-08-14 09:13 - 2020-12-31 22:00 - 000000000 ____D C:\Users\marce\AppData\Local\ElevatedDiagnostics
2024-08-14 08:50 - 2024-06-27 19:17 - 000000000 ____D C:\Users\marce\AppData\Roaming\Hq_Control
2024-08-14 08:50 - 2021-04-16 00:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-08-14 00:09 - 2021-04-16 00:12 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2024-08-13 21:14 - 2024-03-04 18:09 - 000000000 ____D C:\Users\marce\AppData\Local\LGHUB
2024-08-13 21:14 - 2023-09-09 10:02 - 000000000 ____D C:\Users\marce\AppData\Roaming\G HUB
2024-08-13 21:10 - 2021-04-16 00:49 - 000478006 _____ C:\WINDOWS\system32\perfh011.dat
2024-08-13 21:10 - 2021-04-16 00:49 - 000132884 _____ C:\WINDOWS\system32\perfc011.dat
2024-08-13 21:10 - 2021-04-16 00:12 - 002333496 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-08-13 21:10 - 2019-12-07 16:50 - 000744968 _____ C:\WINDOWS\system32\perfh007.dat
2024-08-13 21:10 - 2019-12-07 16:50 - 000150354 _____ C:\WINDOWS\system32\perfc007.dat
2024-08-13 21:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-08-13 21:05 - 2021-01-12 18:03 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-08-13 21:05 - 2020-08-11 10:10 - 000000000 ____D C:\Program Files\ASUS
2024-08-13 21:03 - 2023-09-22 18:52 - 000000000 ____D C:\Users\marce\AppData\Roaming\asus_framework
2024-08-13 21:03 - 2023-01-19 23:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2024-08-13 21:03 - 2021-01-15 14:55 - 000000000 ____D C:\Users\marce\AppData\Local\Oculus
2024-08-13 21:03 - 2020-11-26 06:50 - 000000000 ____D C:\Users\marce\AppData\Local\CrashDumps
2024-08-13 21:03 - 2020-08-11 10:06 - 000000000 ____D C:\ProgramData\NVIDIA
2024-08-13 21:02 - 2021-04-16 00:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-08-13 21:02 - 2021-04-16 00:04 - 000008192 ___SH C:\DumpStack.log.tmp
2024-08-13 21:02 - 2020-11-26 07:06 - 000000000 ____D C:\Program Files (x86)\Steam
2024-08-13 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-08-13 21:02 - 2019-12-07 11:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2024-08-13 20:24 - 2020-11-26 06:51 - 000000000 ____D C:\Users\marce\AppData\Local\NVIDIA Corporation
2024-08-13 19:13 - 2021-11-28 14:31 - 000000000 ____D C:\ProgramData\EA Desktop
2024-08-13 16:43 - 2020-11-29 21:11 - 000000000 ____D C:\Users\marce\AppData\Roaming\.minecraft
2024-08-13 16:39 - 2021-04-29 22:06 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-08-13 16:35 - 2023-02-04 13:55 - 000002325 _____ C:\Users\marce\OneDrive\Desktop\FTB App.lnk
2024-08-13 16:35 - 2022-07-15 18:57 - 000002325 _____ C:\Users\marce\OneDrive\Desktop\CurseForge.lnk
2024-08-13 16:35 - 2022-05-12 19:38 - 000002325 _____ C:\Users\marce\OneDrive\Desktop\Valorant Tracker.lnk
2024-08-13 16:35 - 2022-04-26 16:51 - 000002325 _____ C:\Users\marce\OneDrive\Desktop\ValoPlant.lnk
2024-08-13 16:34 - 2021-04-29 22:05 - 000000000 ____D C:\Users\marce\AppData\Local\Overwolf
2024-08-13 16:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-08-12 21:44 - 2021-10-16 12:04 - 000000000 ____D C:\Users\marce\AppData\Roaming\lunarclient
2024-08-10 20:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-08-10 18:28 - 2024-06-01 19:43 - 000001399 _____ C:\Users\marce\OneDrive\Desktop\Roblox Player.lnk
2024-08-10 18:28 - 2022-12-26 15:46 - 000001227 _____ C:\Users\marce\OneDrive\Desktop\Roblox Studio.lnk
2024-08-10 18:28 - 2022-12-26 15:46 - 000000000 ____D C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-08-10 17:13 - 2021-12-13 18:57 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-136319151-2595665921-3748062372-1001
2024-08-10 17:13 - 2021-04-16 00:12 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-136319151-2595665921-3748062372-1001
2024-08-10 17:13 - 2021-04-16 00:05 - 000002397 _____ C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-08-10 17:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-10 17:07 - 2020-12-03 06:05 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-08 21:16 - 2019-10-23 21:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-08-08 21:14 - 2021-12-18 02:35 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-08-08 21:14 - 2020-11-26 06:59 - 000002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-08-08 00:15 - 2021-04-16 00:05 - 000000000 ____D C:\Users\marce
2024-08-07 22:46 - 2024-06-14 21:50 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-08-07 00:43 - 2019-10-23 21:38 - 000000000 ____D C:\Program Files\Microsoft Office
2024-08-06 20:24 - 2024-03-12 17:40 - 000000000 ____D C:\Users\marce\AppData\Roaming\lghub
2024-08-06 13:23 - 2023-11-26 15:50 - 000000000 ____D C:\Users\marce\AppData\Roaming\launcher
2024-08-05 21:32 - 2021-03-26 21:09 - 000000000 ____D C:\Users\marce\AppData\Local\Blizzard Entertainment
2024-08-05 21:28 - 2022-09-17 17:15 - 000000000 ____D C:\Program Files\Riot Vanguard
2024-08-05 20:29 - 2020-12-24 11:55 - 000000000 ____D C:\Users\marce\AppData\Roaming\PreMiD
2024-08-05 18:46 - 2024-06-26 11:50 - 000001350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HidHide Configuration Client.lnk
2024-08-05 18:46 - 2023-05-19 23:40 - 000001988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Feather Launcher.lnk
2024-08-05 18:46 - 2023-02-02 17:06 - 000002633 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aura Wallpaper Creator.lnk
2024-08-05 18:46 - 2022-02-13 23:25 - 000000000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Oculus.lnk
2024-08-05 18:46 - 2022-02-02 00:45 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2024-08-05 18:46 - 2020-12-31 05:46 - 000014343 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2024-08-05 18:46 - 2020-12-28 05:46 - 000019783 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2024-08-05 18:46 - 2020-12-10 15:01 - 000020408 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2024-08-05 18:46 - 2020-12-08 17:01 - 000020953 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2024-08-05 18:46 - 2020-11-29 21:13 - 000001944 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk
2024-08-05 18:46 - 2019-10-23 21:41 - 000002539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-08-05 18:46 - 2019-10-23 21:41 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-08-05 18:45 - 2021-01-12 17:43 - 000000000 ____D C:\ProgramData\Riot Games
2024-08-05 18:12 - 2023-04-24 17:16 - 000000037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Gameforge Client.url
2024-08-05 18:12 - 2021-01-01 05:00 - 000010535 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1
2024-08-05 18:12 - 2020-12-30 05:26 - 000012916 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2024-08-05 18:12 - 2020-12-29 04:44 - 000009147 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2024-08-04 17:03 - 2024-03-19 19:20 - 000000000 ____D C:\Users\marce\AppData\Roaming\riot-client-ux
2024-08-04 16:07 - 2022-01-02 01:39 - 000000000 ____D C:\Program Files\Oculus
2024-08-04 15:49 - 2024-02-16 19:18 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-08-04 15:49 - 2022-10-22 16:17 - 000108024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-08-04 15:49 - 2022-10-22 16:17 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-08-04 15:49 - 2021-11-19 17:15 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-08-04 15:49 - 2020-11-28 10:16 - 002799096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-08-04 15:49 - 2020-11-28 10:16 - 000755304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-08-04 15:49 - 2020-11-28 10:16 - 000222712 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-08-04 15:49 - 2020-11-28 10:16 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-08-04 15:45 - 2021-04-16 00:12 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-08-04 15:45 - 2021-04-16 00:12 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-07-26 21:56 - 2021-04-16 00:04 - 000640376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-07-26 21:55 - 2023-12-23 20:30 - 000000000 ____D C:\WINDOWS\InboxApps
2024-07-26 21:55 - 2021-04-20 15:33 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-07-26 21:54 - 2024-06-24 19:51 - 000000000 ____D C:\Users\marce\AppData\Roaming\DMCache
2024-07-26 17:39 - 2024-07-13 19:50 - 000000000 ____D C:\Users\marce\AppData\Roaming\rsilauncher
2024-07-25 00:25 - 2021-03-26 21:11 - 000000000 ____D C:\Users\marce\AppData\Local\Battle.net
2024-07-25 00:25 - 2021-03-26 21:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2024-07-18 15:46 - 2021-04-16 00:12 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2024-07-18 15:46 - 2021-04-16 00:12 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2024-07-18 15:27 - 2020-11-26 06:50 - 000000000 ____D C:\Users\marce\AppData\Local\Packages
2024-07-18 15:25 - 2020-12-08 16:50 - 000000000 ____D C:\Users\marce\AppData\Roaming\Microsoft\Teams
2024-07-18 15:21 - 2020-12-20 23:19 - 000000000 ____D C:\Users\marce\AppData\Roaming\Microsoft\Word
2024-07-18 15:15 - 2021-01-15 13:14 - 000000000 ____D C:\Users\marce\AppData\Roaming\Microsoft\Excel
2024-07-16 18:43 - 2021-01-15 16:08 - 000000000 ____D C:\ProgramData\Virtual Desktop

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-01-27 09:20 - 2021-01-27 09:20 - 000000124 _____ () C:\Users\marce\AppData\Roaming\debug.log
2024-01-11 11:26 - 2024-01-11 11:26 - 000000016 _____ () C:\Users\marce\AppData\Roaming\obs-virtualcam.txt
2022-08-30 18:37 - 2022-08-30 18:37 - 000001004 _____ () C:\Users\marce\AppData\Roaming\tof_launcher.reg
2021-06-12 14:23 - 2021-06-12 14:23 - 000000353 _____ () C:\Users\marce\AppData\Local\karboncalligraphyrc
2021-06-02 19:24 - 2021-06-12 14:17 - 000002711 _____ () C:\Users\marce\AppData\Local\krita-sysinfo.log
2021-06-02 19:24 - 2021-06-12 14:25 - 000002375 _____ () C:\Users\marce\AppData\Local\krita.log
2021-06-12 14:25 - 2021-06-12 14:25 - 000000039 _____ () C:\Users\marce\AppData\Local\kritadisplayrc
2021-06-02 19:24 - 2021-06-12 14:25 - 000016636 _____ () C:\Users\marce\AppData\Local\kritarc
2022-07-20 12:23 - 2022-07-20 16:22 - 000000128 _____ () C:\Users\marce\AppData\Local\PUTTY.RND
2023-07-03 01:33 - 2023-07-03 01:33 - 000004981 _____ () C:\Users\marce\AppData\Local\recently-used.xbel
2021-05-12 15:11 - 2024-06-25 16:24 - 000007629 _____ () C:\Users\marce\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

EinsMarcel 14.08.2024 10:31
Addition 1/2
 
Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-08.2024
durchgeführt von marce (14-08-2024 09:53:03)
Gestartet von C:\Users\marce\Downloads
Microsoft Windows 10 Home Version 22H2 19045.4651 (X64) (2021-04-15 22:12:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-136319151-2595665921-3748062372-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-136319151-2595665921-3748062372-503 - Limited - Disabled)
Gast (S-1-5-21-136319151-2595665921-3748062372-501 - Limited - Disabled)
marce (S-1-5-21-136319151-2595665921-3748062372-1001 - Administrator - Enabled) => C:\Users\marce
WDAGUtilityAccount (S-1-5-21-136319151-2595665921-3748062372-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

A Normal Lost Phone (HKLM-x32\...\Uplay Install 61517) (Version:  - )
Airshipper (HKLM\...\{5F467C5A-B0D8-4530-858B-D2CECDDECA70}) (Version: 0.10.0 - Airshipper contributors)
Amazon Games (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.3.8425.2 - Amazon.com Services, Inc.)
ARMOURY CRATE Service (HKLM\...\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}) (Version: 5.9.4 - ASUS)
ASUS Aac_GmAcc HAL (HKLM\...\{998249B1-6913-447E-AA37-F445B8CA33D0}) (Version: 1.0.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_GmAcc HAL (HKLM-x32\...\{c3219916-0c5a-483c-8b38-bdd71cf96365}) (Version: 1.0.12.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.3.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{99c84b70-e56e-4a29-9a3a-10d41c9fcc6d}) (Version: 2.3.3.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{7f23d3ea-a821-4293-b7f7-34383bf06437}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.43 - ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.0.1.3 - ASUSTeK Computer Inc.)
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.34 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{049c2f12-c730-4efc-81db-0adcf3ff5782}) (Version: 1.0.34 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{a96c7710-4dd8-463e-8f76-c3ad65b248a5}) (Version: 1.0.33 - ASUSTek COMPUTER INC.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.113 - ASUSTeK Computer Inc.) Hidden
Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team)
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{435220d3-c9be-4e00-978d-e2621d8b2dc9}) (Version: 3.07.49 - ASUSTeK Computer Inc.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.49 - ASUSTeK Computer Inc.) Hidden
Aura Wallpaper Creator (HKLM\...\{1FBF8EDB-E45B-43F2-972A-F282A028B87F}) (Version: 1.1.3 - ASUS)
Aura Wallpaper HTML (HKLM-x32\...\{fd36a871-5a75-4285-a469-61bbe3dbd858}) (Version: 1.5.2.0 - ASUSTek Computer Inc.)
Aura Wallpaper Service (HKLM\...\{A78E52FB-5921-0A22-5D0B-212641047CF4}) (Version: 1.5.3.0 - ASUSTeK COMPUTER INC.)
Autodesk SketchBook (HKLM\...\{AE6C5657-8710-4968-BEB5-1E2ED89CB2D2}) (Version: 8.71.0000 - Autodesk)
Badlion Client (HKLM\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 3.4.0 - Badlion)
Bandai Namco Launcher (HKLM-x32\...\BandaiNamcoLauncher_is1) (Version: 2.0.41.0 - 株式会社バンダイナムコオンライン)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks Services (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\BlueStacksServices) (Version: 3.0.1 - now.gg, Inc.)
Boosteroid (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\{fe32fd0f-18e1-4110-9435-749234ff06e5}) (Version: 1.8.11 - Boosteroid Games S.R.L.)
Citra (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\{8f2dafcb-7e17-463b-ba39-c4d4f5d7f55a}) (Version: 1.0.0 - Citra Team)
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version:  - )
CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.)
CrystalDiskMark 8.0.5 Aoi Edition (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.5 - Crystal Dew World)
CurseForge (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 1.258.0.9849 - Overwolf app)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 2.12a - GOG.com)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 12.1.0.2169 - Disc Soft Ltd)
Deathcounter and Soundboard (HKLM-x32\...\DCSB) (Version: 4.0.0.9 - Kalejin)
Discord (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Discord Canary (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\DiscordCanary) (Version: 1.0.48 - Discord Inc.)
Discord PTB (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\DiscordPTB) (Version: 1.0.1015 - Discord Inc.)
Driver Easy 5.6.15 (HKLM\...\DriverEasy_is1) (Version: 5.6.15 - Easeware)
DSB Notification (HKLM\...\{A82D01C4-0F9C-4FD6-9E2F-EDBD1E9826DC}) (Version: 1.2.1 - ASUSTeK COMPUTER INC.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.269.0.5782 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{72167635-eca7-4247-b89a-db4d0579c980}) (Version: 13.269.0.5782 - Electronic Arts)
ELDEN RING (HKLM-x32\...\ELDEN RING_is1) (Version:  - )
Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2.1 - )
Feather Launcher (HKLM\...\cb3d390f-61d8-588c-9dbc-20097422bee3) (Version: 1.5.5 - Digital Ingot, Inc.)
FileZilla 3.60.1 (HKLM-x32\...\FileZilla Client) (Version: 3.60.1 - Tim Kosse)
FireAlpaca 2.4.3 (64bit) (HKLM\...\FireAlpaca64_is1) (Version: 2.4.3 - firealpaca.com)
FTB App (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Overwolf_cmogmmciplgmocnhikmphehmeecmpaggknkjlbag) (Version: 1.25.18 - Overwolf app)
Gameforge Client (HKLM-x32\...\{d3b2a0c1-f0d0-4888-ae0b-1c5e1febdafb}_is1) (Version: 2.3.34.1851 - Gameforge)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
GaomonTablet (HKLM-x32\...\GaomonTablet) (Version: 1.1.1.1 - Gaomon)
GIMP 2.10.34 (HKLM\...\GIMP-2_is1) (Version: 2.10.34 - The GIMP Team)
GlideX Service Installer (HKLM\...\{A06BDD76-D95C-4AC7-A0DA-73971F366D9B}) (Version: 1.0.21.0 - ASUSTeK COMPUTER INC.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.74.352 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 127.0.6533.100 - Google LLC)
GrandRP Launcher 1.0 version 1.0 (HKLM-x32\...\{D0A3CE4B-226D-159F-2A2C-D4BE0BA4228D}_is1) (Version: 1.0 - Grand RolePlay)
HidHide (HKLM\...\{0B3F1B3F-98BC-4A84-8F71-DDEC7FD6A45B}) (Version: 1.5.212 - Nefarius Software Solutions e.U.)
HoYoPlay (HKLM\...\HYP_1_0_global) (Version: 1.0.5.88 - COGNOSPHERE PTE. LTD.)
HWiNFO64 (HKLM\...\HWiNFO64_is1) (Version: 8.02 - Martin Malik, REALiX s.r.o.)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: 6.42.12 - Tonec Inc.)
Java 8 Update 371 (64-bit) (HKLM\...\{71124AE4-039E-4CA4-87B4-2F64180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
JDownloader 2 (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\jdownloader2) (Version: 2.0.240220 - AppWork GmbH)
Jingle Palette 4.4.5 (HKLM-x32\...\Jingle Palette) (Version: 4.4.5 - )
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version:  - )
King of the Hat (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\460940655984771072) (Version:  - )
Krita (x64) 4.4.3 (HKLM\...\Krita_x64) (Version: 4.4.3.0 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.63.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.63.0 - Hendrik Leppkes)
LDPlayer (HKLM-x32\...\LDPlayer9) (Version: 9.0.66 - XUANZHI INTERNATIONAL CO., LIMITED)
LibreOffice 24.2.5.2 (HKLM\...\{7519E50A-1B31-4EAE-9AB3-DEB5C0F764F9}) (Version: 24.2.5.2 - The Document Foundation)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.6.600476 - Logitech)
Microsoft .NET Core Host - 3.1.9 (x64) (HKLM\...\{99918D04-C78B-40A2-BC82-669878B8FA3D}) (Version: 24.100.29323 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.9 (x64) (HKLM\...\{62673CBC-4DF2-449C-945E-C15E18E9B169}) (Version: 24.100.29323 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.9 (x64) (HKLM\...\{251AE139-3E66-4E5B-972A-3529EE4FE65F}) (Version: 24.100.29323 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.14 (x64) (HKLM\...\{61A6E3A7-F406-418A-B2A6-0606DB55B325}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.8 (x64) (HKLM\...\{6950FA03-8B88-4675-B685-FB21CA1762CC}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.6 (x64) (HKLM\...\{EAEDD1FB-8876-4FD8-98A6-3AF439887414}) (Version: 64.24.15199 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.14 (x64) (HKLM\...\{8D88F0E2-CE9B-4A6D-8309-FDC562195F5B}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.8 (x64) (HKLM\...\{3C3CA326-3F1D-43B7-B0AD-CBC06B2DED5A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.6 (x64) (HKLM\...\{59C4A6C5-E254-4819-B254-0B4FF17747EB}) (Version: 64.24.15199 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.14 (x64) (HKLM\...\{B810ACDF-1C0C-4108-9B92-12F1674FA444}) (Version: 40.56.30907 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.8 (x64) (HKLM\...\{7CEA3ABF-FE24-42AF-ADE6-B4A3EE346743}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.6 (x64) (HKLM\...\{F69305BE-6EFA-45D0-9635-752373304A1A}) (Version: 64.24.15199 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.17830.20138 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 127.0.2651.98 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 127.0.2651.98 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\OneDriveSetup.exe) (Version: 24.146.0721.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Teams) (Version: 1.6.00.35961 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.14501 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Debug Runtime - 14.29.30153 (HKLM\...\{36C28914-B045-41DB-8966-1C1692AF3BB7}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Debug Runtime - 14.29.30153 (HKLM-x32\...\{CA4E811F-BFF9-43CC-894C-D4D2EC262E49}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.6.2122.36397 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{6AC5612A-D067-44B9-9C8E-2C1B3473B429}) (Version: 3.7.2182.35401 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{E281F6E2-136B-4AF0-895B-253279711697}) (Version: 3.7.2182.35401 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.9 (x64) (HKLM\...\{FF2DDED4-D1D8-4B61-84D6-B63A3041115F}) (Version: 24.100.29323 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.9 (x64) (HKLM-x32\...\{0239197e-88fa-40bd-8b97-f9b290a40777}) (Version: 3.1.9.29323 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM\...\{4CD6FFC6-FA14-4016-A7A6-B7E3D6286331}) (Version: 40.56.30911 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.14 (x64) (HKLM-x32\...\{d21a4f20-968a-4b0c-bf04-a38da5f06e41}) (Version: 5.0.14.30911 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.8 (x64) (HKLM\...\{EB3983F9-3D60-456D-A11A-C1366C79AD3E}) (Version: 48.35.45540 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.8 (x64) (HKLM-x32\...\{ca35acb3-b442-44fb-924c-4448120bf689}) (Version: 6.0.8.31518 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.6 (x64) (HKLM\...\{0EF5DD4D-EC49-4AE7-8C9A-F64FF8B3EA58}) (Version: 64.24.15241 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.6 (x64) (HKLM-x32\...\{942f6911-1a02-4186-8c4c-b27eb2b9733d}) (Version: 8.0.6.33720 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft Dungeons Launcher (HKLM-x32\...\{EF414B5E-A9E8-46C1-8A02-7D6663D4FD12}) (Version: 1.0.0.0 - Mojang)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Node.js (HKLM\...\{637236E9-EF59-4F9D-8269-3083C1A6C6D6}) (Version: 20.12.2 - Node.js Foundation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.65.163 (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeForceNOW) (Version: 2.0.65.163 - NVIDIA Corporation)
NVIDIA Grafiktreiber 556.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 556.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.1 - OBS Project)
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17830.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17830.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera GX Stable 109.0.5097.142 (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Opera GX 109.0.5097.142) (Version: 109.0.5097.142 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.122.52971 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{e229ac33-c423-40cb-8e8c-f37fa46536a2}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.258.0.6 - Overwolf Ltd.)
Pixelmon Realms Launcher 1.0.0 (HKLM\...\15c05a6c-f0b9-5cf2-8c56-79e240f16d2f) (Version: 1.0.0 - Pixelmon Realms)
PlanetSide 2 (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PowerToys (Preview) (HKLM\...\{57FC4D2E-D9BB-4F1B-A4EA-6037EEDE6E0C}) (Version: 0.66.0 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{3ece69df-0f51-455b-b00e-f4715ded8876}) (Version: 0.66.0 - Microsoft Corporation)
PreMiD (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\PreMiD latest) (Version: latest - Timeraa)
Proton VPN (HKLM\...\Proton VPN_is1) (Version: 3.2.11 - Proton AG)
PyCharm Community Edition 2020.3.3 (HKLM-x32\...\PyCharm Community Edition 2020.3.3) (Version: 203.7148.72 - JetBrains s.r.o.)
Python 3.12.3 (64-bit) (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\{5ee4d2b6-a5dc-4321-b6bd-3ebc98120a51}) (Version: 3.12.3150.0 - Python Software Foundation)
Python 3.12.3 Add to Path (64-bit) (HKLM\...\{8FB3DEFF-4D86-4889-9B0A-0FE7AE90D7C9}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Core Interpreter (64-bit) (HKLM\...\{3519C7D0-70D4-46F5-A0A9-3A115D73E2EC}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Development Libraries (64-bit) (HKLM\...\{8EB1F259-1326-4583-B383-F5C3D7C93D7D}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Documentation (64-bit) (HKLM\...\{5C195EDE-CE8F-4C5C-A4B8-B60913B9C2B9}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Executables (64-bit) (HKLM\...\{474E5879-A9D5-4DF5-9385-ADF7E224CEC7}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 pip Bootstrap (64-bit) (HKLM\...\{837260D6-3959-452B-A557-666302BEA663}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Standard Library (64-bit) (HKLM\...\{A1839EB2-3C30-4BCD-AACF-04F6FF6C90CD}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Tcl/Tk Support (64-bit) (HKLM\...\{A2FC8FF0-021A-431C-826E-E4B85D3F064F}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Test Suite (64-bit) (HKLM\...\{575FEF7A-71FE-437E-91B0-D3838C1026DA}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.8.6 (64-bit) (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\{fef707d7-d438-4dd9-bb0f-5788ee658f4f}) (Version: 3.8.6150.0 - Python Software Foundation)
Python 3.8.6 Core Interpreter (64-bit) (HKLM\...\{DE282FFC-F4AD-416A-8479-F3C72F94C967}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Development Libraries (64-bit) (HKLM\...\{59704C10-77A1-4D72-A97B-8FB2A933985B}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Documentation (64-bit) (HKLM\...\{558E2EFE-87D5-4E3F-B050-D4DEC548EA02}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Executables (64-bit) (HKLM\...\{7F55BD37-4437-47EE-8C82-3103E19DB114}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 pip Bootstrap (64-bit) (HKLM\...\{28B1EC39-1C9F-482C-BFF7-4D347CE5ADED}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Standard Library (64-bit) (HKLM\...\{04BA74DE-13BE-477C-8FE5-19F247C0D555}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Tcl/Tk Support (64-bit) (HKLM\...\{79C40B8F-BC99-4FFF-8E1E-F05D246E772C}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Test Suite (64-bit) (HKLM\...\{3968C4C7-904D-4571-BC22-1CD8B87549D7}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Utility Scripts (64-bit) (HKLM\...\{0A041F8F-4124-46CC-B021-AB8E70A873EC}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3B82A91D-DB48-4160-94D2-0B8C6D2B1710}) (Version: 3.8.7205.0 - Python Software Foundation)
RefreshRateService (HKLM-x32\...\{7E5E84CB-B190-4658-A4DC-166779C329D1}) (Version: 2.1.0 - ASUSTeK COMPUTER INC.)
ReMouse Micro (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\ReMouse Micro_is1) (Version: Micro V4.0.2 - AutomaticSolution Software)
ReMouse Standard (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\ReMouse Standard_is1) (Version: Standard V4.1 - AutomaticSolution Software)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Roblox Player for marce (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\roblox-player) (Version:  - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.92.2003 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.3.3.1 - Rockstar Games)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.4.14.0 - ASUSTek COMPUTER INC.)
RSI Launcher 2.0.1 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 2.0.1 - Cloud Imperium Games)
Shotcut (HKLM\...\Shotcut) (Version: 21.12.24 - Meltytech, LLC)
SideQuest 0.10.26 (HKLM\...\4924ec51-3e48-5cb7-b145-2119467094c7) (Version: 0.10.26 - Shane Harris)
Skiller PRO+ (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.1.15.7 - Sharkoon Technologies)
Snap Camera 1.19.0 (HKLM-x32\...\{024A6CF5-627D-497F-980B-B9A6EC5C40AF}_is1) (Version: 1.19.0 - Snap Inc.)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
The Planet Crafter (HKLM-x32\...\1882985557_is1) (Version: v1.105 - GOG.com)
Twitch (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 29.0 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uninstall Lunar Client (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 3.2.15 - Moonsworth LLC)
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
uTorrent Web (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\utweb) (Version: 1.4.0 - BitTorrent Limited)
ValoPlant (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Overwolf_bcppfmdlbgmoabmdolimfajhghjofinldpaobdgo) (Version: 7.3.1 - Overwolf app)
VALORANT (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
Valorant Tracker (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Overwolf_ipmlnnogholfmdmenfijjifldcpjoecappfccceh) (Version: 1.22.0 - Overwolf app)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
vcpp_crt.redist.clickonce (HKLM-x32\...\{76E1A37D-67AC-4D4B-9059-09720DAFD1EB}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
ViGEm Bus Driver (HKLM\...\{966606F3-2745-49E9-BF15-5C3EAA4E9077}) (Version: 1.22.0 - Nefarius Software Solutions e.U.)
Virtual Desktop Service (HKLM\...\{A35FB2FC-0FC6-431C-9D84-ED53AB3F409E}) (Version: 1.18.3 - Virtual Desktop, Inc.)
Virtual Desktop Streamer (HKLM\...\{FD8054F5-459D-4436-9A85-C72A9BF7303C}) (Version: 1.18.8 - Virtual Desktop, Inc.)
Visual Studio Build Tools 2019 (HKLM-x32\...\b04464fb) (Version: 16.11.35 - Microsoft Corporation)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.6.14 - Black Tree Gaming Ltd.)
vs_FileTracker_Singleton (HKLM-x32\...\{045598F8-FB49-4F2A-938B-741E537E4C91}) (Version: 16.11.34728 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited)
WinRAR 5.91 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Wuthering Waves (HKLM-x32\...\KRInstall Wuthering Waves Overseas) (Version: 1.5.3.0 - KURO TECHNOLOGY (HONG KONG) CO., LTD.)
XDefiant (HKLM-x32\...\Uplay Install 15657) (Version:  - Ubisoft)
Zoom (HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\ZoomUMX) (Version: 5.6.4 (799) - Zoom Video Communications, Inc.)

Packages:
=========

AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.20025.0_x64__0a9344xs7nr4m [2022-02-14] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.20004.0_x64__0a9344xs7nr4m [2021-06-29] (Advanced Micro Devices Inc.)
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.9.4.0_x64__qmba6cd70vzyy [2024-06-28] (ASUSTeK COMPUTER INC.)
Debian -> C:\Program Files\WindowsApps\TheDebianProject.DebianGNULinux_1.16.0.0_x64__76v4gfsz19hv4 [2024-03-27] (The Debian Project)
Desktop Live Wallpapers -> C:\Program Files\WindowsApps\48405AmbientSoftware.LiveDesktopWallpapers_2.1.3.0_x64__agy8jafheqhng [2024-07-22] (Chan Software Solutions) [Startup Task]
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-06-24] (Disney)
DTS Headphone:X v1 -> C:\Program Files\WindowsApps\DTSInc.DTSHeadphoneXv1_2.0.0.0_x64__t5j2fzbtdg37r [2020-08-11] (DTS, Inc.)
Forager -> C:\Program Files\WindowsApps\HumbleBundle.ForagerWin10_1.0.1.2_x64__q2mcdwmzx4qja [2021-11-28] (Humble Bundle)
GlideX -> C:\Program Files\WindowsApps\B9ECED6F.Glidex_3.3.2.0_x64__qmba6cd70vzyy [2024-07-22] (ASUSTeK COMPUTER INC.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_155.1.1088.0_x64__v10z8vjag6ke6 [2024-08-07] (HP Inc.)
Lively Wallpaper -> C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.144.0_x64__97hta09mmv6hy [2024-06-09] (rocksdanister) [Startup Task]
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-08-05] (Microsoft Corporation)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2407.18001.0_x64__8wekyb3d8bbwe [2024-08-07] (Microsoft Corporation) [Startup Task]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_4.5.4011.0_x64__8wekyb3d8bbwe [2024-04-27] (Microsoft Studios)
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24180.205.2980.1757_x64__8wekyb3d8bbwe [2024-08-04] (Microsoft) [Startup Task]
Minecraft for Windows -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.21.202.0_x64__8wekyb3d8bbwe [2024-07-22] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2024-06-18] (Microsoft Studios)
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.16.0_x64__qmba6cd70vzyy [2024-07-01] (ASUSTeK COMPUTER INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-07-14] (NVIDIA Corp.)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.158.0_x64__pwbj9vvecjh7j [2024-07-04] (Amazon Development Centre (London) Ltd)
Python 3.10 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.3056.0_x64__qbz5n2kfra8p0 [2023-04-08] (Python Software Foundation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.169.0_x64__dt26b99r8h8gj [2020-08-11] (Realtek Semiconductor Corp)
S Note -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.5297316B03CEE_5.2.3.0_x64__3c1yjt4zspk6g [2022-08-05] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x64__zpdnekdrzrea0 [2024-08-04] (Spotify AB) [Startup Task]
Websuche von Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-26] (Microsoft Corporation)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2429.10.0_x64__cv1g1gvanyjgm [2024-08-04] (WhatsApp Inc.) [Startup Task]
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2024-03-25] (New Work SE)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{04d5c66b-d515-61ec-258f-a409f9443e98}\localserver32 -> "C:\Program Files\Proton\VPN\v3.0.7\ProtonVPN.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{10144713-1526-46C9-88DA-1FB52807A9FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\marce\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.14501\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{318cc681-4136-d2bd-6204-14d67a05b724}\localserver32 -> "C:\Program Files\Proton\VPN\v3.2.1\ProtonVPN.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{3f5d0051-61b8-0f45-6166-996cfb4f914f}\localserver32 -> C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> C:\Program Files\Proton\VPN\v3.2.11\ProtonVPN.exe (Proton AG -> )
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{60789D87-9C3C-44AF-B18C-3DE2C2820ED3}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{77257004-6F25-4521-B602-50ECC6EC62A6}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{A0257634-8812-4CE8-AF11-FA69ACAEAFAE}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{a04f95c0-6183-7419-2316-954e331d0cbc}\localserver32 -> "C:\Program Files\Proton\VPN\v3.2.2\ProtonVPN.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{a126d52d-7bdc-c01a-fb69-c574657b2498}\localserver32 -> "C:\Program Files\Proton\VPN\v3.1.1\ProtonVPN.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{C52B9871-E5E9-41FD-B84D-C5ACADBEC7AE}\InprocServer32 -> C:\Users\marce\Downloads\Locale.Emulator.2.5.0.1\LEContextMenuHandler.DLL (Paddy Xu) [Datei ist nicht signiert] [Datei wird verwendet]
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\marce\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-136319151-2595665921-3748062372-1001_Classes\CLSID\{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [                        IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2021-03-02] (Tonec Inc. -> Tonec FZE)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2024-06-27] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
ContextMenuHandlers2: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2023-01-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2024-06-27] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
ContextMenuHandlers3: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2023-01-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2023-01-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_6e87d9907e09ff6b\nvshext.dll [2024-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Robocode\Robocode.lnk -> C:\robocode\robocode.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2023-09-22 17:51 - 2023-07-19 19:31 - 000322048 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2023-09-22 17:51 - 2023-07-17 16:37 - 000175616 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node
2023-09-22 17:51 - 2023-04-14 14:18 - 000159744 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ref-napi\prebuilds\win32-ia32\electron.napi.node
2023-09-22 17:51 - 2023-04-14 14:18 - 000319488 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\sharp\build\Release\sharp-win32-ia32.node
2023-09-22 17:51 - 2023-04-26 16:06 - 000541696 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\usb\prebuilds\win32-ia32\node.napi.node
2024-08-04 16:05 - 2024-08-04 15:43 - 000707584 _____ () [Datei ist nicht signiert] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node
2020-12-02 18:53 - 2020-12-02 18:53 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-12-02 18:53 - 2020-12-02 18:53 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2020-12-02 18:53 - 2020-12-02 18:53 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2023-03-16 00:24 - 2020-12-02 18:53 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2023-03-16 00:24 - 2020-12-02 18:53 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2023-03-16 00:24 - 2020-12-02 18:53 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2023-03-16 00:24 - 2020-12-02 18:53 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2023-03-16 00:24 - 2020-12-02 18:53 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2023-03-16 00:24 - 2020-12-02 18:53 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-04-12 19:59 - 2019-04-12 19:59 - 000427520 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files\ASUS\Aac_Keyboard\AacKbHal_x86.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\tracing:? [16]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lsibuoug.sys:changelist [334]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log:F107EE40EF [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log_backup1:2DD1EC5C91 [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log:CCC93B07B0 [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer10.log_backup1:AD433BF298 [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log:72C8986B20 [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer11.log_backup1:97A90964FA [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log:C40F6B9209 [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer12.log_backup1:7CC29836A6 [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log:AE3C879266 [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer13.log_backup1:AF8AA3CDC1 [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log:DE1448F4D7 [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer14.log_backup1:D61270D3FD [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer15.log:16B67B15CB [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer15.log_backup1:1F4CC1D50C [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer16.log:2B192A174C [5154]
AlternateDataStreams: C:\ProgramData\DisplaySessionContainer16.log_backup1:E86CB8880A [5154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [5154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Gameforge Client.url:F2CF60045E [5154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\HidHide Configuration Client.lnk:B7B9C8BD2D [5154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [5154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [5154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aura Wallpaper Creator.lnk:7B7FFE79BA [5154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk:8BD81608B2 [5154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [5154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [5154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [5154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Feather Launcher.lnk:FBDA9CAD7D [5154]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.34.lnk:968EA13E5A [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk:5465085A2F [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Oculus.lnk:3E1FCB1CF0 [5154]
AlternateDataStreams: C:\Users\marce\Anwendungsdaten:374c9b336db4fa9522b72c58dcd0c3f9 [394]
AlternateDataStreams: C:\Users\marce\Anwendungsdaten:48e63d4de0a63256000858a7c61c87df [394]
AlternateDataStreams: C:\Users\marce\Anwendungsdaten:7eb204cd5958b73ad122d49fc978e003 [394]
AlternateDataStreams: C:\Users\marce\AppData\Roaming:374c9b336db4fa9522b72c58dcd0c3f9 [394]
AlternateDataStreams: C:\Users\marce\AppData\Roaming:48e63d4de0a63256000858a7c61c87df [394]
AlternateDataStreams: C:\Users\marce\AppData\Roaming:7eb204cd5958b73ad122d49fc978e003 [394]
AlternateDataStreams: C:\Users\marce\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6346]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\f8b263be.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\f8b263be.sys => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-136319151-2595665921-3748062372-1001\Software\Classes\regfile:  <==== ACHTUNG
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\Software\Classes\.reg:  =>  <==== ACHTUNG
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\Software\Classes\.bat:  =>  <==== ACHTUNG
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\Software\Classes\.cmd:  =>  <==== ACHTUNG

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

SearchScopes: HKU\S-1-5-21-136319151-2595665921-3748062372-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-136319151-2595665921-3748062372-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2021-11-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2021-11-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-07] (Microsoft Corporation -> Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\sharepoint.com -> hxxps://wwgbayreuthde-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2024-06-17 17:04 - 2024-08-13 21:02 - 000000147 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Python312\Scripts\;C:\Python312\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Oculus\Support\oculus-runtime;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Airshipper\;C:\Program Files\nodejs\;C:\ProgramData\chocolatey\bin;
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\marce\Downloads\Ranni WQHD.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
 ist aktiviert.

Network Binding:
=============
WLAN: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
Ethernet 2: Windscribe VPN -> tapwindscribe0901.sys
LAN-Verbindung 2: WireGuard Tunnel -> wireguard.sys
Bluetooth-Netzwerkverbindung: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys

vms_vsf: Erweiterungsfilter für virtuellen Hyper-V-Switch
vms_vsp: Extension-Protokoll für virtuellen Hyper-V-Switch

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\Run32: => "GaomonTablet"
HKLM\...\StartupApproved\Run32: => "Skiller PRO+"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "PreMiD"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "LGHUB"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "DiscordCanary"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "Opera GX Stable"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "RiotClient"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "electron.app.BlueStacks Services"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6A7EFD9FB16063B23C21C72578A008BC"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "Lunar Client"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "nefarius_HidHide_Updater"
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9FF11B8D-EAF4-494B-A998-DD5CDEF18076}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [UDP Query User{DE3D4538-A099-4BB3-9ED2-9F2197F106FB}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{1D6B9AD9-417A-4EBB-8F3A-2BE069FF35D1}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{2BED023B-2B9D-4E54-89E9-18555148FAB1}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [TCP Query User{673F2368-4F5D-46B1-8C87-F54E62E16349}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [UDP Query User{4345900E-8839-4B6A-AB45-554A02848519}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{90291B92-C645-43EA-A818-78100A854C8F}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{0F10CBDC-FCF0-4CCB-9971-A0FE02242477}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{33336089-AC5B-4E08-8047-786A8194A92C}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{9F1C067B-7FB5-4630-971B-5C5E0214CB2D}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [UDP Query User{7956BB01-0C55-4E75-9AD3-994BF1093C2F}C:\program files\jetbrains\pycharm community edition 2020.3.3\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2020.3.3\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{90E831AB-BB58-46CB-BB1F-FCD9B305AE18}C:\program files\jetbrains\pycharm community edition 2020.3.3\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2020.3.3\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{E2A29D91-33AD-4419-8DF9-4981FC45FE59}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{1A658EB4-CC7A-48EC-9D48-2B4F1B6BB4AD}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{9BF0EC8E-F532-4778-ABB5-C065736A5799}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve Corp. -> )
FirewallRules: [{08DAE5F1-B0B4-4E38-AF75-847D01E7EDB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{D45F7C45-5D4E-48CB-83E9-602EBE312880}C:\program files (x86)\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{534C4B39-C730-4438-85C8-7CC80AA1FFF7}C:\program files (x86)\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve Corp. -> )
FirewallRules: [{BA2908A1-6EDB-4CAA-9512-C7113969E73C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DFD3C111-EBE5-44DC-AB4B-4DD92471D8FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{35796799-D902-419E-99BD-7443E6ECB68B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert]
FirewallRules: [{AFA08714-2D04-4F65-ADDC-5E85A0B23D7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\VRChat.exe () [Datei ist nicht signiert]
FirewallRules: [{0C1225FC-BDA3-4544-B326-F6D48BA1685A}] => (Allow) C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Streamer.exe (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
FirewallRules: [{5FEABA64-BECE-40A0-B4DD-4A59503806DF}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\install.exe => Keine Datei
FirewallRules: [{360788C1-3242-44FD-B960-224F5ED89852}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\install.exe => Keine Datei
FirewallRules: [{47C12A8A-015B-48CD-B9F1-D404B8BA0E30}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\UnityCrashHandler64.exe => Keine Datei
FirewallRules: [{52AE056C-2A1E-499B-B7CC-0A2839148672}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\UnityCrashHandler64.exe => Keine Datei
FirewallRules: [{009EA0BC-0816-4F77-BFCF-9B815285BD4E}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\VRChat.exe => Keine Datei
FirewallRules: [{DEB5B8BD-62EA-41F5-80ED-A093F1239BD8}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\VRChat.exe => Keine Datei
FirewallRules: [UDP Query User{C189AD46-F08E-4A10-BDC5-F1E2021AC99E}C:\users\marce\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\marce\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6FD651E0-F85E-4DF0-BB5A-87088A660EFA}C:\users\marce\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\marce\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F2914919-E115-4C58-9C16-40C1B38AB647}C:\users\marce\appdata\roaming\premid\premid.exe] => (Allow) C:\users\marce\appdata\roaming\premid\premid.exe (GitHub, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{64C66572-364F-4815-B67B-D4F6EEBFBF13}C:\users\marce\appdata\roaming\premid\premid.exe] => (Allow) C:\users\marce\appdata\roaming\premid\premid.exe (GitHub, Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{E05D2FED-E658-4392-8565-A7856AD658AD}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{C241846A-9654-4F50-94C7-DD03D4C69B61}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{7EE509D7-535E-4F5C-B404-566A8EBF53CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Puzzle Together\Puzzle Together.exe () [Datei ist nicht signiert]
FirewallRules: [{4A3BD37E-B665-41C7-BBBC-9D70DB5498E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Puzzle Together\Puzzle Together.exe () [Datei ist nicht signiert]
FirewallRules: [{58157501-5D20-43B7-856E-64726A116B71}] => (Allow) C:\Users\marce\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe => Keine Datei
FirewallRules: [{C4646250-DC1C-4732-B446-FC41A5D4BD0C}] => (Allow) C:\Users\marce\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe => Keine Datei
FirewallRules: [{3B7A3AC0-0B05-46C2-8E47-1015E519EADE}] => (Allow) C:\Users\marce\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe => Keine Datei
FirewallRules: [{D0C51D46-1B9F-4CD5-9F0D-337A1D3267D6}] => (Allow) C:\Users\marce\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe => Keine Datei
FirewallRules: [{C3AFDDD1-5C5A-4B51-A2A9-A37D0DB2DEE6}] => (Allow) C:\Users\marce\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe => Keine Datei
FirewallRules: [{83B57795-E26B-4EA0-9696-6C9B63B9C755}] => (Allow) C:\Users\marce\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe => Keine Datei
FirewallRules: [{6B2ADAAA-47B4-4113-9162-FAF864223778}] => (Allow) C:\Users\marce\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe => Keine Datei
FirewallRules: [{104FCD71-8787-4C3D-8CE3-FD681DECF9C6}] => (Allow) C:\Users\marce\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe => Keine Datei
FirewallRules: [UDP Query User{56CDA3E4-7D04-493B-9748-CBBE573DC8D3}C:\users\marce\appdata\roaming\premid\premid.exe] => (Allow) C:\users\marce\appdata\roaming\premid\premid.exe (GitHub, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F4809714-46E1-4D4A-962F-CB5B435F003B}C:\users\marce\appdata\roaming\premid\premid.exe] => (Allow) C:\users\marce\appdata\roaming\premid\premid.exe (GitHub, Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{1BEA456C-81D4-41E9-B6F4-6DB8C2C346DA}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe
FirewallRules: [TCP Query User{A9D024D0-D8AD-4BF6-A202-B2E9C927E28A}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe
FirewallRules: [{ADFD9BA1-5681-4990-AD1C-F3359C248B21}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C2410F9A-6A6D-484F-BCE7-97E469EBB5C0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{16AD3DA3-4C3B-41EC-8E2A-21DE76AD99A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Datei ist nicht signiert]
FirewallRules: [{B9675C85-16F9-47C2-B69A-B7809DC59701}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Datei ist nicht signiert]
FirewallRules: [{E930BBB0-832F-47F8-BE7B-A4AF5D12DE29}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{8A14C270-B7DE-4F9A-BE5B-F463C0472AE5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{631CA3D7-99D3-4992-8B70-16CE0DB1A9BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B7CB9AFA-042C-4625-82CA-150769521B8E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{519FFF67-22B4-40B2-9AE1-C3EC26B8945C}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [UDP Query User{934EDE3A-982D-4A69-A69A-C944BAF35087}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [{2EED9C4A-B9F3-46EE-9443-91463A83B0A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [Datei ist nicht signiert]
FirewallRules: [{C00D2B96-DF0F-4CFB-8FFB-51613AC351B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [Datei ist nicht signiert]
FirewallRules: [{F7FCF4E1-214F-4BED-AFD6-DC8C8B8F7B42}] => (Allow) C:\Users\marce\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{9613191E-0D23-469D-A4A8-0E93A28B5990}] => (Allow) C:\Users\marce\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{E17663BF-5B41-40F0-B268-7585B8F56A12}] => (Allow) C:\Users\marce\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [TCP Query User{31FF4ABC-8EE5-466E-B9B6-22DDA8F6F3A5}C:\users\marce\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\marce\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{7A3999B3-4D20-4406-A53B-26A05FCE0E6E}C:\users\marce\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\marce\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{69A24133-C8F6-4AA7-85A0-65F6B9038F07}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => Keine Datei
FirewallRules: [UDP Query User{B5EAAA4D-C4F1-424D-8AE8-A3F28CCDB349}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => Keine Datei
FirewallRules: [{CDE9592B-D16A-4AE7-9EE5-BD31A9ACDA28}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\install.exe => Keine Datei
FirewallRules: [{6F3FD66F-8011-4188-829D-0C57B025F24C}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\install.exe => Keine Datei
FirewallRules: [{3A517214-54AA-4960-ACD5-6A04B583691A}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\launch.exe => Keine Datei
FirewallRules: [{7F933D26-4164-46CA-9436-2ACEBA1F8D94}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\launch.exe => Keine Datei
FirewallRules: [{70AB39E4-DB34-455A-B0E3-16E6464F302D}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\UnityCrashHandler64.exe => Keine Datei
FirewallRules: [{F309A6FA-188B-4018-B9D9-94CB99DA1E86}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\UnityCrashHandler64.exe => Keine Datei
FirewallRules: [{180AF186-463B-4DAB-A0E8-6FEBD138A21B}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\VRChat.exe => Keine Datei
FirewallRules: [{841E31C4-2DDE-4904-B4A0-5D3D75252504}] => (Allow) C:\Program Files\Oculus\Software\Software\vrchat-vrchat\VRChat.exe => Keine Datei
FirewallRules: [{A1648C1F-1FA5-410C-AA4C-D7D2C1F5305E}] => (Allow) C:\Users\marce\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{BBC72E24-3E1D-4DE5-B696-7570F0AC5F64}] => (Allow) C:\Users\marce\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{BAE4BB0E-E6AF-4D05-B3C1-035DA0FB911E}C:\users\marce\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\marce\appdata\roaming\utorrent web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [UDP Query User{B5209D30-9F54-4CBB-ACB0-28C1C38F963C}C:\users\marce\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\marce\appdata\roaming\utorrent web\utweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{BA033861-5447-4A4B-B78D-16AFF9DEA160}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [{306CE3BD-1A0F-4C22-B2BE-3F486C9F8448}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [TCP Query User{3F521BB8-C8E6-46B4-AEC3-5A402EC31713}C:\program files (x86)\steam\steamapps\common\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spellbreak\g3\binaries\win64\spellbreak.exe => Keine Datei
FirewallRules: [UDP Query User{0D181D76-6C30-4D7D-8377-4EFA8BAB5A20}C:\program files (x86)\steam\steamapps\common\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\spellbreak\g3\binaries\win64\spellbreak.exe => Keine Datei
FirewallRules: [TCP Query User{F7A30969-2E97-4529-B869-F033BEDB9755}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Keine Datei
FirewallRules: [UDP Query User{DD64C0B4-5F86-4C9E-8AB5-FF2AA3799787}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => Keine Datei
FirewallRules: [{11EFB7CF-228B-4949-B52C-FDA48335BDCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muck\Muck.exe () [Datei ist nicht signiert]
FirewallRules: [{143D7050-09CC-4453-8298-AC18A3FA5ADF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muck\Muck.exe () [Datei ist nicht signiert]
FirewallRules: [{1A2A2458-10D4-4327-AA5B-2234FF2E79BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doki Doki Literature Club\DDLC.exe () [Datei ist nicht signiert]
FirewallRules: [{C2AB20C6-FC51-46AE-A57D-F16201E8E666}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Doki Doki Literature Club\DDLC.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F98AC5AC-62B9-4407-BFD6-D46CE4121F62}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe => Keine Datei
FirewallRules: [UDP Query User{B7A6EC76-3742-452F-AB71-90977B3A16C2}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe => Keine Datei
FirewallRules: [TCP Query User{BCB806F2-F195-47EF-8420-035DD7A9F37E}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [UDP Query User{058CFB8E-31D4-41F8-A0C8-5852F64BBEA0}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe (Turtle Entertainment Online, Inc. -> Badlion)
FirewallRules: [TCP Query User{390F23E4-0B5E-43EE-9238-E197698C551F}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe => Keine Datei
FirewallRules: [UDP Query User{37CC226A-2C8F-4564-888B-33D83669BCC6}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Allow) C:\program files\genshin impact\genshin impact game\genshinimpact.exe => Keine Datei
FirewallRules: [TCP Query User{6F6E6B99-FFF1-4947-A73D-11AD5F9B228F}C:\users\marce\onedrive\desktop\cube.world.v1.0.0-1\cubeworld.exe] => (Allow) C:\users\marce\onedrive\desktop\cube.world.v1.0.0-1\cubeworld.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{E3A6D1D1-5C2E-4B8F-B130-A29B2E9CA554}C:\users\marce\onedrive\desktop\cube.world.v1.0.0-1\cubeworld.exe] => (Allow) C:\users\marce\onedrive\desktop\cube.world.v1.0.0-1\cubeworld.exe () [Datei ist nicht signiert]
FirewallRules: [{CB6ABAE5-3144-4281-A9F2-0D982A266022}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RuneScape\bin\win64\RuneScape.exe => Keine Datei
FirewallRules: [{0F5FA801-158B-41B6-947C-09047A1085E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RuneScape\bin\win64\RuneScape.exe => Keine Datei
FirewallRules: [{ADE82C5F-B858-46AD-824B-AE971CF7D783}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Find Love or Die Trying\Find Love or Die Trying by Auden Jin (PC)\Find Love or Die Trying by Auden Jin.exe => Keine Datei
FirewallRules: [{113A8C0F-93E6-464C-9C9A-566A5742E959}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Find Love or Die Trying\Find Love or Die Trying by Auden Jin (PC)\Find Love or Die Trying by Auden Jin.exe => Keine Datei
FirewallRules: [TCP Query User{71DE10C2-52DF-4F99-9E28-D5EFCCFD49CF}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{8CF02D69-05AE-4147-A134-BF94E2F705F9}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{5A11F5C5-16BB-4ED6-BED6-ED60669C34A1}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{903DCC3D-2195-474E-9C4E-92550B826DD8}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{88A32F8E-834B-415C-B32E-832C5F4D6D08}] => (Allow) C:\Program Files

EinsMarcel 14.08.2024 10:32
Addition 2/2
 
Code:

(x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe => Keine Datei
FirewallRules: [{23E4A75A-B526-4B8C-8281-163307749F06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds.exe => Keine Datei
FirewallRules: [{46D5E808-D381-4E7F-934C-1E85977AF3ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kidnapped Girl\KidnappedGirl.exe () [Datei ist nicht signiert]
FirewallRules: [{7FB432F8-5DB0-46CB-A73E-FECE3A469EE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kidnapped Girl\KidnappedGirl.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{C5360C3A-8452-4EA9-9B30-A11067FC9712}C:\users\marce\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\marce\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{065D0E8D-47C2-4DCD-A298-79CC75146A93}C:\users\marce\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\marce\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => Keine Datei
FirewallRules: [{254C9118-84CD-4C85-86C9-326679D8DD13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe => Keine Datei
FirewallRules: [{8B05BF1F-599D-405A-B36F-ECE025ADB33D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe => Keine Datei
FirewallRules: [{70FB2FA4-661E-4C4E-AD41-39A99D6E0A49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe => Keine Datei
FirewallRules: [{BB2AC5D1-4310-47DC-BD1B-1E1BC6235AA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => Keine Datei
FirewallRules: [{F1E39B7B-8011-4A28-925A-56595FFFBEEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe => Keine Datei
FirewallRules: [{8F7288DA-C6A3-4832-9945-F769845D714D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe => Keine Datei
FirewallRules: [{C1444696-E245-4377-A0A5-34A6D4C0635C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe => Keine Datei
FirewallRules: [{CFCABF33-579B-4A45-843F-7BD68CF7A904}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => Keine Datei
FirewallRules: [{0FBAA0F2-1EDA-4AD7-AF1B-91DFD90A57B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Idle Slayer\Idle Slayer.exe () [Datei ist nicht signiert]
FirewallRules: [{6BC70454-E9B2-4EF4-8FBF-B32A9052AB19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Idle Slayer\Idle Slayer.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{9538BF23-A688-4F12-8B34-1037B6BB3F9C}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4541F856-157A-4A55-A5A3-F72FC5B05ED7}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe (Re-Logic) [Datei ist nicht signiert]
FirewallRules: [{53953BCD-AA1B-4CB9-9553-DE3211D99752}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Leaf Blower Revolution\game.exe (Humble North) [Datei ist nicht signiert]
FirewallRules: [{828EFF0F-202C-419E-93FA-60CC18654E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Leaf Blower Revolution\game.exe (Humble North) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{7FC18B7E-E3CA-41E9-A63F-7D44C195A3B1}C:\program files\ea games\pvz battle for neighborville\pvzbattleforneighborville.exe] => (Allow) C:\program files\ea games\pvz battle for neighborville\pvzbattleforneighborville.exe => Keine Datei
FirewallRules: [UDP Query User{894FEEC9-9F0D-4FAA-AE8B-07E5AA40F50B}C:\program files\ea games\pvz battle for neighborville\pvzbattleforneighborville.exe] => (Allow) C:\program files\ea games\pvz battle for neighborville\pvzbattleforneighborville.exe => Keine Datei
FirewallRules: [{03D9CB63-DAF1-4DA3-B11E-4149192C63D2}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => Keine Datei
FirewallRules: [{0928EC2D-5CA2-4823-BD58-1E7B47EAC317}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Auto Pets\Super Auto Pets.exe () [Datei ist nicht signiert]
FirewallRules: [{2FC48CD4-8E7A-43D1-A5BE-5E0D813C7445}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Super Auto Pets\Super Auto Pets.exe () [Datei ist nicht signiert]
FirewallRules: [{D1ED7F10-E5D2-454B-A110-47783E09E02D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NGU IDLE\NGUIdle.exe () [Datei ist nicht signiert]
FirewallRules: [{9FE119F7-8FC0-4717-8AC7-C6E952F5F13E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NGU IDLE\NGUIdle.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{FE44AB4B-A20D-4AD9-8992-064471C0EBF7}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{19DC3F1F-628C-46D6-9F1E-BE1078EA3B42}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{0A469141-90DC-40A7-B836-C8996B99E99F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Untrusted\Untrusted.exe () [Datei ist nicht signiert]
FirewallRules: [{3D925D13-C9E0-4893-91F7-FAEAE09E43FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Untrusted\Untrusted.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{12586944-1789-49BF-B308-06B691937E74}C:\users\marce\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\marce\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{7D413754-0F88-4D5A-82B0-CBD326BA64D4}C:\users\marce\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\marce\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{352F7C51-869C-4B39-9FF3-18C47AE8F831}C:\users\marce\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\marce\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{93FFBF94-4A24-45FE-B621-4DB5F1C1D271}C:\users\marce\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\marce\.lunarclient\jre\1.8\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{15B99109-75E5-42E9-AE81-9A3FF0867E2E}C:\users\marce\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\marce\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{8DD44257-1231-47E3-B397-CFAFAC1399DF}C:\users\marce\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\marce\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{684987A6-A01B-42ED-8AFE-1D415B461065}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{2193D0C8-0521-4651-8EB2-4FBA65DD4E54}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{F1F483CF-308B-417B-AEB5-0B1E77EE08F2}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{B2FD6D63-46D4-4ACE-8E22-5364CD4584CE}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{828D430E-F850-45F0-AF07-D9D55995B16D}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{662DE1F7-9A08-44C0-80DC-C7A191AEDBEF}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{9911EAE1-7E14-4789-AC9D-A9AF0EEED241}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Facebook Technologies, LLC -> )
FirewallRules: [{69B6FC29-0B6D-46C4-B103-6DE2206A7791}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Facebook Technologies, LLC -> )
FirewallRules: [{05BD9D6B-82F6-4846-8A2B-2B61538DF54B}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe => Keine Datei
FirewallRules: [{1DCA1F28-1D04-4F7F-8B9E-AC2FB23F52B4}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe => Keine Datei
FirewallRules: [{EA92817B-F409-448C-ACFF-63F2CF0D057C}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe => Keine Datei
FirewallRules: [{A3B0BB7D-2185-46A5-B049-EE9B3579A637}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe => Keine Datei
FirewallRules: [{860AE90A-25FD-4125-B0E0-49263F780839}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe => Keine Datei
FirewallRules: [{9E8F8789-2621-43EF-8974-F0E76DE67A82}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe => Keine Datei
FirewallRules: [{13D21EB5-3984-445B-AF04-A6212E8206DF}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert]
FirewallRules: [{45867F4B-C359-4EDA-BA27-4E3C62D2220E}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [Datei ist nicht signiert]
FirewallRules: [{3A0B3BE4-433A-4933-83EA-17E1B5B4246C}] => (Allow) C:\Program Files\Oculus\Software\Software\ramen-vr-zenith\UnityCrashHandler64.exe => Keine Datei
FirewallRules: [{745D0F6D-F51A-42C1-9254-9ED0EC505DB2}] => (Allow) C:\Program Files\Oculus\Software\Software\ramen-vr-zenith\UnityCrashHandler64.exe => Keine Datei
FirewallRules: [{1DC5422E-27CA-4D83-AE77-A7E06DF98F4B}] => (Allow) C:\Program Files\Oculus\Software\Software\ramen-vr-zenith\UnityClient@Windows.exe => Keine Datei
FirewallRules: [{13C39538-6366-4685-BDC6-03DEDC64E5FB}] => (Allow) C:\Program Files\Oculus\Software\Software\ramen-vr-zenith\UnityClient@Windows.exe => Keine Datei
FirewallRules: [TCP Query User{C254124A-862C-47A7-BE3F-65DC857581B3}C:\users\marce\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\marce\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{DF91B42C-880D-4B9D-A57C-510E83EB173D}C:\users\marce\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\marce\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{B07B4D82-0C27-4BA9-9C38-1D64F21E27F1}C:\users\marce\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\marce\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{D39D69E0-A427-459F-B13C-63D79A17886C}C:\users\marce\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\marce\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{9208AA0A-DAEC-4D12-B7CB-62CACAE5ADA7}C:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe => Keine Datei
FirewallRules: [UDP Query User{EA7E94E0-C0B4-4697-875C-6D6D636FAE20}C:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe => Keine Datei
FirewallRules: [TCP Query User{97235691-4B06-48D9-9254-1FDB7885A49D}C:2\maneater\binaries\wingdk\maneater-wingdk-shipping.exe] => (Allow) C:2\maneater\binaries\wingdk\maneater-wingdk-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{0DFD4422-84A0-430C-850B-27550C91E099}C:2\maneater\binaries\wingdk\maneater-wingdk-shipping.exe] => (Allow) C:2\maneater\binaries\wingdk\maneater-wingdk-shipping.exe => Keine Datei
FirewallRules: [{A8CA9938-483B-4320-AB1B-0FFFF6D6B4D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bitburner\bitburner.exe (Daniel Xie, hydroflame, et al.) [Datei ist nicht signiert]
FirewallRules: [{F20E16F6-15B3-4DFE-9CCA-65E81A2F2D54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bitburner\bitburner.exe (Daniel Xie, hydroflame, et al.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{E9BBBA28-0F75-4986-86EE-FBC6141407AE}C:\users\marce\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\marce\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{92BAEA0E-F1AB-4A86-92A0-107AC316FC08}C:\users\marce\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\marce\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{9DDE3D56-7AE9-44D8-A356-040871FA0986}C:\users\marce\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\marce\appdata\local\discord\app-1.0.9004\discord.exe => Keine Datei
FirewallRules: [UDP Query User{C2843AF5-BEEB-49C9-971A-BDC2FBC5D26E}C:\users\marce\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\marce\appdata\local\discord\app-1.0.9004\discord.exe => Keine Datei
FirewallRules: [TCP Query User{F1973ED2-925F-42D4-967F-D8CAD0D8AA72}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6655C44C-BE4A-4ACA-B713-718809B23BC1}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{196690BD-ECD6-4EDB-8DFF-3303DB344EB0}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{2C8E4766-BAE8-4E04-83AE-CC1542579E7C}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{BA708D55-A9B5-45EE-A7A0-C962097E0E3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Swords of Legends Online\bin64\SOLO_Launcher.exe => Keine Datei
FirewallRules: [{740430D0-AC88-4607-9A59-A933874EFA9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Swords of Legends Online\bin64\SOLO_Launcher.exe => Keine Datei
FirewallRules: [{52DBA16B-3E10-45D6-8C1F-7EE2AC99BCE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm of the Mad God\RotMG Exalt Launcher.exe (Deca Live Operations GmbH -> )
FirewallRules: [{15F5C764-7924-49AE-9CE2-74D0CED3ECF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm of the Mad God\RotMG Exalt Launcher.exe (Deca Live Operations GmbH -> )
FirewallRules: [{9CD93673-CA59-4C83-B93E-7AF5F499BACB}] => (Allow) C:\Program Files\Oculus\Software\Software\ready-at-dawn-echo-arena\bin\win10\BsSndRpt64.exe => Keine Datei
FirewallRules: [{8A6217B3-32D7-4615-9D15-59192F160A73}] => (Allow) C:\Program Files\Oculus\Software\Software\ready-at-dawn-echo-arena\bin\win10\BsSndRpt64.exe => Keine Datei
FirewallRules: [{06A974D7-7201-44AA-9D5D-F395FC38D9BE}] => (Allow) C:\Program Files\Oculus\Software\Software\ready-at-dawn-echo-arena\bin\win10\echovr.exe => Keine Datei
FirewallRules: [{A7A5CAED-7512-42AE-A5FC-29B237E9FFAA}] => (Allow) C:\Program Files\Oculus\Software\Software\ready-at-dawn-echo-arena\bin\win10\echovr.exe => Keine Datei
FirewallRules: [TCP Query User{BED53090-7F11-438C-968D-BAA714713B0B}C:\program files (x86)\overwatch\_beta_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_beta_\overwatch.exe => Keine Datei
FirewallRules: [UDP Query User{52CA005A-C37D-4529-B1C4-425B7E70AFEA}C:\program files (x86)\overwatch\_beta_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_beta_\overwatch.exe => Keine Datei
FirewallRules: [{5E11E668-1382-4E88-956C-1AB2F0E1E3C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [{173E9484-A907-4717-80B6-7163CB3C9F1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Soundpad\Soundpad.exe (Arthur Lepp -> Leppsoft)
FirewallRules: [TCP Query User{B19230FA-F302-455C-80BE-E12E46B7D305}C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe => Keine Datei
FirewallRules: [UDP Query User{420A6F82-523E-4F1B-8036-14163826EBE2}C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe => Keine Datei
FirewallRules: [{8283FFE9-27DF-48BB-AF39-4AB25A3F9B2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [Datei ist nicht signiert]
FirewallRules: [{2E2822E5-451D-496C-A5C4-CF96F7ADE67C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRChat\launch.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{EAC532DC-9C96-45D9-9E0C-D8C567B80A6A}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{DE2CAE68-E521-4D03-923A-C8D69B375CAA}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{A112C21F-7B93-4842-A678-5A3590E97DAF}] => (Allow) C:\Users\marce\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{8DFC0E6F-032D-497F-994F-F1E24113ADBA}] => (Allow) C:\Users\marce\AppData\Local\tofMiniLoader\tofMiniLoader.exe (PROXIMA BETA PTE. LIMITED -> )
FirewallRules: [{A988DB63-604E-4AAB-9535-EB134A7A2176}] => (Allow) C:\Tower Of Fantasy\Launcher\intl_service\intl_service.exe => Keine Datei
FirewallRules: [{0B6ED2EC-72A1-4652-9F90-C8BE36012DC4}] => (Allow) C:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe => Keine Datei
FirewallRules: [{C2701228-2220-4148-918C-1A8E893FF382}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Idling to Rule the Gods\Idling to Rule the Gods.exe () [Datei ist nicht signiert]
FirewallRules: [{5D0567B6-846F-4C65-A83B-D5D6FD60EC29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Idling to Rule the Gods\Idling to Rule the Gods.exe () [Datei ist nicht signiert]
FirewallRules: [{A36B17E9-B199-424B-97F5-6BBCB2065617}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left on Read\LeftOnRead\WIN\LeftOnRead.exe () [Datei ist nicht signiert]
FirewallRules: [{D8A86475-ABF8-4412-9049-E6AA7FDD93E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left on Read\LeftOnRead\WIN\LeftOnRead.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{99BA7859-8E14-430A-983E-B0DAE3C1A0F4}C:\users\marce\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\marce\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{EAF9CF5B-1AB2-475B-90D1-1D84B4D21ABE}C:\users\marce\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\marce\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{3538ED54-8BE6-4C4B-AF0C-02D8FF91E458}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Datei ist nicht signiert]
FirewallRules: [{0047CDD4-8EDC-45B2-BD5C-C11892DA2C88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [Datei ist nicht signiert]
FirewallRules: [{C3667EA4-3A84-4AD1-9B3A-FE8EA411D7DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BF7D3095-CB13-4D2B-8886-F2B340FBD21D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{76AE9437-7F2A-4862-AE20-CD356A8241D1}C:\grandrp launcher\ragemp\ragemp_v.exe] => (Allow) C:\grandrp launcher\ragemp\ragemp_v.exe (RAGE Multiplayer Developers) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{CD79AEC3-E4C8-43E8-B92C-AD70BF6A5F70}C:\grandrp launcher\ragemp\ragemp_v.exe] => (Allow) C:\grandrp launcher\ragemp\ragemp_v.exe (RAGE Multiplayer Developers) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{A6034738-2FB5-426B-AC53-45B5B3ABBACD}C:\grandrp launcher\ragemp\cef\ragemp_game_ui.exe] => (Allow) C:\grandrp launcher\ragemp\cef\ragemp_game_ui.exe (RAGE Multiplayer Developers) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{83961E41-D8B0-4C68-8740-92F32A487CDC}C:\grandrp launcher\ragemp\cef\ragemp_game_ui.exe] => (Allow) C:\grandrp launcher\ragemp\cef\ragemp_game_ui.exe (RAGE Multiplayer Developers) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{BADD9062-7166-4379-96D7-62961EBEAB01}C:\users\marce\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Allow) C:\users\marce\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{2E1EA6F9-7C9F-4CE7-A651-1BA5E920B72C}C:\users\marce\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Allow) C:\users\marce\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe
FirewallRules: [TCP Query User{D6BA63F4-4657-4EC2-9668-522EBD879FFA}C:\program files\java\jre1.8.0_321\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_321\bin\javaw.exe => Keine Datei
FirewallRules: [UDP Query User{750BA609-8018-45F8-8021-84AA469BB661}C:\program files\java\jre1.8.0_321\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_321\bin\javaw.exe => Keine Datei
FirewallRules: [TCP Query User{B9BFB687-4FBB-4999-8C28-C1E83E2EB7FA}C:\users\marce\appdata\local\citra\nightly-mingw\citra-qt.exe] => (Allow) C:\users\marce\appdata\local\citra\nightly-mingw\citra-qt.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{ABF7772F-2E8F-4EEE-841E-8BB9AFAF6B3D}C:\users\marce\appdata\local\citra\nightly-mingw\citra-qt.exe] => (Allow) C:\users\marce\appdata\local\citra\nightly-mingw\citra-qt.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{9185A1D2-13A8-4CFE-88D0-204661D88D47}C:\users\marce\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\marce\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{7D9097E2-DE84-47C7-8661-7F4C7A380FE8}C:\users\marce\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\marce\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{D4BFA345-DE62-47A4-A95D-B5FB3F4339C3}C:\users\marce\appdata\roaming\vortex\skyrimse\mods\skyrim together reborn-69993-1-3-2-1663682636\skyrimtogetherreborn\skyrimtogetherserver.exe] => (Allow) C:\users\marce\appdata\roaming\vortex\skyrimse\mods\skyrim together reborn-69993-1-3-2-1663682636\skyrimtogetherreborn\skyrimtogetherserver.exe (Together Team) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{9F52B5FD-C5D1-4336-8669-CCFBD4E809C2}C:\users\marce\appdata\roaming\vortex\skyrimse\mods\skyrim together reborn-69993-1-3-2-1663682636\skyrimtogetherreborn\skyrimtogetherserver.exe] => (Allow) C:\users\marce\appdata\roaming\vortex\skyrimse\mods\skyrim together reborn-69993-1-3-2-1663682636\skyrimtogetherreborn\skyrimtogetherserver.exe (Together Team) [Datei ist nicht signiert]
FirewallRules: [{10519DA3-F0E9-4B87-86E7-DE50C285A030}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outpath First Journey\Outpath.exe () [Datei ist nicht signiert]
FirewallRules: [{AB8E97DA-A8E4-4D3A-9329-32178B971418}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outpath First Journey\Outpath.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{B0BDBA15-C7CB-4106-A7C7-AF0E111D5763}C:\users\marce\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\marce\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{4B78A04A-ADC3-49FF-A794-991A2B917456}C:\users\marce\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\marce\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{DDBB5D90-1E06-4F39-9FB3-CEFDAB7E968A}C:\users\marce\appdata\local\yuzu\yuzu-windows-msvc\yuzu.exe] => (Allow) C:\users\marce\appdata\local\yuzu\yuzu-windows-msvc\yuzu.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{E1711866-945E-4DD7-8C3E-E9A472580D50}C:\users\marce\appdata\local\yuzu\yuzu-windows-msvc\yuzu.exe] => (Allow) C:\users\marce\appdata\local\yuzu\yuzu-windows-msvc\yuzu.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{846C3A0F-7662-4DF5-8EAB-FEE3A3B4C1F1}C:\users\marce\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.22.1215.2008\jdk-17.0.1+12-minimal\bin\java.exe] => (Allow) C:\users\marce\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.22.1215.2008\jdk-17.0.1+12-minimal\bin\java.exe => Keine Datei
FirewallRules: [UDP Query User{193EACFE-2D6B-44D6-B948-9938BC575805}C:\users\marce\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.22.1215.2008\jdk-17.0.1+12-minimal\bin\java.exe] => (Allow) C:\users\marce\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.22.1215.2008\jdk-17.0.1+12-minimal\bin\java.exe => Keine Datei
FirewallRules: [TCP Query User{061A84A0-4591-44B8-AD01-569C00446E4A}C:\users\marce\appdata\local\.ftba\bin\runtime\jdk-17.0.2+8-jre\bin\javaw.exe] => (Allow) C:\users\marce\appdata\local\.ftba\bin\runtime\jdk-17.0.2+8-jre\bin\javaw.exe
FirewallRules: [UDP Query User{B0B35F16-D95E-469E-924C-4448FD9C81EC}C:\users\marce\appdata\local\.ftba\bin\runtime\jdk-17.0.2+8-jre\bin\javaw.exe] => (Allow) C:\users\marce\appdata\local\.ftba\bin\runtime\jdk-17.0.2+8-jre\bin\javaw.exe
FirewallRules: [TCP Query User{58442802-7D9E-41F8-A48E-57BE2D16382C}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [UDP Query User{8909FA1F-1CAA-4C3F-B4BD-179503C4C63A}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [{F65C8E05-446A-4905-8430-FEB5554FD6C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe (Sandbox Interactive GmbH -> Sandbox Interactive GmbH)
FirewallRules: [{35A7A87E-8F06-4883-A8A2-E7895851DD89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Albion Online\launcher\AlbionLauncher.exe (Sandbox Interactive GmbH -> Sandbox Interactive GmbH)
FirewallRules: [{81AC8812-7724-4802-BA0F-D99B268481E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PickCrafter\PickCrafter\PickCrafter.exe => Keine Datei
FirewallRules: [{F8429BB6-5ACB-489D-B88D-EB7025762453}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PickCrafter\PickCrafter\PickCrafter.exe => Keine Datei
FirewallRules: [{980B6A8C-6DB8-4E35-8AFA-A7295C238A8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> )
FirewallRules: [{7455AEBE-FD8D-47BD-A043-36F72D6EC287}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> )
FirewallRules: [{666DAFC6-5C00-4CCE-9A66-4F3C29738006}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Grinder\RealmGrinderDesktop.exe () [Datei ist nicht signiert]
FirewallRules: [{2765787E-83DA-4025-BDA2-96A214E8195D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Grinder\RealmGrinderDesktop.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{23E3C58D-ED98-48E4-9EAC-675DF4BDBAE2}C:\users\marce\appdata\roaming\.minecraft\jre\openjdk17u-jre_x64_windows_hotspot_17.0.3_7\bin\javaw.exe] => (Allow) C:\users\marce\appdata\roaming\.minecraft\jre\openjdk17u-jre_x64_windows_hotspot_17.0.3_7\bin\javaw.exe
FirewallRules: [UDP Query User{0F3117F3-FE00-42B6-A3FC-01FB013ACDF3}C:\users\marce\appdata\roaming\.minecraft\jre\openjdk17u-jre_x64_windows_hotspot_17.0.3_7\bin\javaw.exe] => (Allow) C:\users\marce\appdata\roaming\.minecraft\jre\openjdk17u-jre_x64_windows_hotspot_17.0.3_7\bin\javaw.exe
FirewallRules: [{764DDF51-40E4-4892-AC93-A294CABFDFF9}] => (Block) C:\users\marce\appdata\roaming\.minecraft\jre\openjdk17u-jre_x64_windows_hotspot_17.0.3_7\bin\javaw.exe
FirewallRules: [{ADEE7BCB-9CE9-4352-BF37-CC51A7BF72CD}] => (Block) C:\users\marce\appdata\roaming\.minecraft\jre\openjdk17u-jre_x64_windows_hotspot_17.0.3_7\bin\javaw.exe
FirewallRules: [TCP Query User{45989C29-4658-4728-B4F1-310BDC7F7702}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => Keine Datei
FirewallRules: [UDP Query User{2FB5B7C9-01F7-4737-9F12-434F66B5B0D8}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => Keine Datei
FirewallRules: [TCP Query User{557889BC-82D1-474E-A480-457E40D949B7}C:\users\marce\appdata\local\discordcanary\app-1.0.70\discordcanary.exe] => (Allow) C:\users\marce\appdata\local\discordcanary\app-1.0.70\discordcanary.exe => Keine Datei
FirewallRules: [UDP Query User{D09FA99E-D487-4702-81E7-1708B5A40F9A}C:\users\marce\appdata\local\discordcanary\app-1.0.70\discordcanary.exe] => (Allow) C:\users\marce\appdata\local\discordcanary\app-1.0.70\discordcanary.exe => Keine Datei
FirewallRules: [{C9D6F001-DA4C-441E-9B03-2BE97E99C1D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Idle Research\Idle Research.exe () [Datei ist nicht signiert]
FirewallRules: [{8CA73748-66D3-4F5A-B237-8C608BDB19BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Idle Research\Idle Research.exe () [Datei ist nicht signiert]
FirewallRules: [{97F4205A-5B8F-4FD3-847B-6F2BA31E5749}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Idle Wizard\IdleWizard.exe () [Datei ist nicht signiert]
FirewallRules: [{9494B09B-9976-4B20-91ED-F4AA952B564C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Idle Wizard\IdleWizard.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{9FBC31FF-2E70-4C3B-A573-2E7937036DF4}C:\users\marce\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\marce\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{17C7AAA8-D015-497E-B8E0-2754E06B7A6E}C:\users\marce\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\marce\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{B332C008-8F69-48DF-99B1-B1AD3367462D}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Keine Datei
FirewallRules: [{4BA024B2-905D-4E84-85C0-307B000AB918}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Keine Datei
FirewallRules: [{B3880BCC-9966-43D4-8FC6-87843D2807DB}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Keine Datei
FirewallRules: [{D0A85331-D1BF-4A58-B3AD-53851A6050BE}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => Keine Datei
FirewallRules: [{CCCBF363-18E4-42F5-BC53-66B5BB340610}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{1A456935-FF2A-4E7F-8B1D-F59BB0951C68}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{D9F71360-DFAA-4E66-AF0F-E865F6A7B3CD}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [TCP Query User{F2611916-59D0-445F-95FE-0ED2F0E69590}C:\program files (x86)\steam\steamapps\common\u3ds\unturned.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\u3ds\unturned.exe (Smartly Dressed Games Ltd. -> )
FirewallRules: [UDP Query User{05EED1E6-589E-4991-A462-3914BD1B6FD7}C:\program files (x86)\steam\steamapps\common\u3ds\unturned.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\u3ds\unturned.exe (Smartly Dressed Games Ltd. -> )
FirewallRules: [{E6E7A80B-C601-4339-BE99-33BA326E3646}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{D8B31C1D-5709-4A15-84D6-577B09ABA7DE}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{1BEC560B-87ED-463B-A2AC-B5200FB9EB5D}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [{C3AA1BC3-CF2B-4612-88CA-F5C909F3DF42}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Facebook Technologies, LLC -> Facebook Technologies, LLC)
FirewallRules: [TCP Query User{BCF2305C-0D93-48F5-9160-E8BD7195E8C0}C:\users\marce\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.1007.1959\jdk-17.0.1+12-minimal\bin\java.exe] => (Allow) C:\users\marce\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.1007.1959\jdk-17.0.1+12-minimal\bin\java.exe => Keine Datei
FirewallRules: [UDP Query User{8B47D023-7AFB-49F1-84F6-0144689246FD}C:\users\marce\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.1007.1959\jdk-17.0.1+12-minimal\bin\java.exe] => (Allow) C:\users\marce\appdata\local\overwolf\extensions\cmogmmciplgmocnhikmphehmeecmpaggknkjlbag\1.23.1007.1959\jdk-17.0.1+12-minimal\bin\java.exe => Keine Datei
FirewallRules: [{0DFC10C4-28CC-4C1F-88AD-22A6D495AAF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tower Ball - Incremental Tower Defense\Tower Ball.exe () [Datei ist nicht signiert]
FirewallRules: [{9F3DBA38-7BD2-47F0-88F7-FE706B6E6F63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tower Ball - Incremental Tower Defense\Tower Ball.exe () [Datei ist nicht signiert]
FirewallRules: [{9D8F175F-0B02-4869-A229-A38515391CD2}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemoteAgent.exe => Keine Datei
FirewallRules: [{5336620D-338A-4696-96A2-7FC15F9D7485}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_4fc38a913e0f2ea5\ASUSLinkRemote\AsusLinkRemoteAgent.exe => Keine Datei
FirewallRules: [TCP Query User{B2479253-BE0F-454F-99A2-BC5863A34E54}C:\users\marce\appdata\local\vortxengine\app-2.3.43\signal-x64\signalrgb.exe] => (Allow) C:\users\marce\appdata\local\vortxengine\app-2.3.43\signal-x64\signalrgb.exe => Keine Datei
FirewallRules: [UDP Query User{93359F06-B2FD-40A7-B5A1-226F3B7A85F4}C:\users\marce\appdata\local\vortxengine\app-2.3.43\signal-x64\signalrgb.exe] => (Allow) C:\users\marce\appdata\local\vortxengine\app-2.3.43\signal-x64\signalrgb.exe => Keine Datei
FirewallRules: [TCP Query User{1A65A6CC-0CC8-4AB0-9307-472BBD308AC3}C:\users\marce\appdata\local\programs\lunarclient\lunar client.exe] => (Allow) C:\users\marce\appdata\local\programs\lunarclient\lunar client.exe (Moonsworth, LLC -> Moonsworth LLC)
FirewallRules: [UDP Query User{B19FE1AB-0693-411C-9843-1F817C6E75B0}C:\users\marce\appdata\local\programs\lunarclient\lunar client.exe] => (Allow) C:\users\marce\appdata\local\programs\lunarclient\lunar client.exe (Moonsworth, LLC -> Moonsworth LLC)
FirewallRules: [{0dba8a30-c67a-4352-91c7-de85884e0330}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [{9af73675-74bd-4086-9e5c-548e7be8fbca}] => (Allow) C:\Program Files\ldplayer9box\VBoxNetNAT.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [{10ec073b-6b14-41a3-9bb4-6155b2f81f95}] => (Allow) C:\LDPlayer\LDPlayer9\dnplayer.exe (Shanghai Baizhi Network Technology Co., Ltd. -> )
FirewallRules: [{E8E3A923-9C87-4538-87FD-A076A675799C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Goose Goose Duck\GGDLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{CC77516A-86E4-44F1-85B8-4C7937D0139C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Goose Goose Duck\GGDLauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{EEBBACFF-68B1-423E-B129-9FFAD45D2792}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{99E07FE7-BFD4-4A35-983E-ACD4AA61BEAE}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{DBEE594E-1BA4-4EBF-8506-8879B562A129}] => (Allow) C:\Program Files\Netmarble\Netmarble Launcher\Netmarble Launcher.exe => Keine Datei
FirewallRules: [TCP Query User{0FC33140-9A69-4C46-AF50-47BDD8712C8F}C:\program files (x86)\steam\steamapps\common\steamvr\bin\win64\vrserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamvr\bin\win64\vrserver.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{144E37D9-1728-40FA-9C9A-D16A0EDEF3B8}C:\program files (x86)\steam\steamapps\common\steamvr\bin\win64\vrserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\steamvr\bin\win64\vrserver.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B242DFAF-EDAE-4B32-B9A1-8F8F83CD08B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe () [Datei ist nicht signiert]
FirewallRules: [{1EC6D96E-F760-4239-A26F-8B73C3173409}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe () [Datei ist nicht signiert]
FirewallRules: [{AC3B0E3A-A63D-4E7A-A1ED-C9BEFF849CCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unnamed Space Idle\SpaceIdle.exe (JDOG CORP) [Datei ist nicht signiert]
FirewallRules: [{AD4A5B35-4D5E-45A2-B881-42139402C98F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unnamed Space Idle\SpaceIdle.exe (JDOG CORP) [Datei ist nicht signiert]
FirewallRules: [{88F9138C-01A5-4E5A-AFC4-7395BB3AEFAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VTOL VR\VTOLVR.exe () [Datei ist nicht signiert]
FirewallRules: [{49ED492F-0F6C-44C6-81FD-9AA464632E41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VTOL VR\VTOLVR.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{7A865950-F5DE-4E1B-BC35-E10BB914555F}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [UDP Query User{0BA74DD4-032F-4C3A-9570-BAD22CDC4EF0}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [{EB9F979C-A224-463D-9E20-F9762F561992}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sacred X:Heavens Wonderland\Game.exe () [Datei ist nicht signiert]
FirewallRules: [{31D9368E-8828-495C-8D81-1A2BAA1ED329}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sacred X:Heavens Wonderland\Game.exe () [Datei ist nicht signiert]
FirewallRules: [{D3E49327-E634-42B7-B60A-A651828CDFB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Die in the Dungeon ORIGINS\Die in the Dungeon ORIGINS.exe () [Datei ist nicht signiert]
FirewallRules: [{1457366C-F22F-42DA-8DF4-2BF8FA633D0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Die in the Dungeon ORIGINS\Die in the Dungeon ORIGINS.exe () [Datei ist nicht signiert]
FirewallRules: [{A4A0F573-E57D-418D-854C-447A2AB09EE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolvesville\Wolvesville.exe (Wolvesville GmbH & Co. KG) [Datei ist nicht signiert]
FirewallRules: [{596381C3-5B6A-423A-8E95-982E3A48301D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolvesville\Wolvesville.exe (Wolvesville GmbH & Co. KG) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{2B4D692B-C7BB-4082-B24D-92DAAA53A25E}C:\wuthering waves\wuthering waves game\client\binaries\win64\client-win64-shipping.exe] => (Allow) C:\wuthering waves\wuthering waves game\client\binaries\win64\client-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{C407DC04-1FD1-4ED1-A41B-41EE089F7E7D}C:\wuthering waves\wuthering waves game\client\binaries\win64\client-win64-shipping.exe] => (Allow) C:\wuthering waves\wuthering waves game\client\binaries\win64\client-win64-shipping.exe => Keine Datei
FirewallRules: [{ED2C8EB2-DE50-48FC-8AC0-DC5D332534FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VA Proxy Demo\VA-Proxy.exe () [Datei ist nicht signiert]
FirewallRules: [{7639CA5B-87A4-4D32-84FE-13D25B0FDFEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VA Proxy Demo\VA-Proxy.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{09ED99D4-84F3-4B76-A861-B8F7042B087C}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{33F441AE-449B-4359-B3A1-1BDE2EC4877C}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{B92B9A9E-44FC-4886-9307-0F0DF16817FE}] => (Allow) D:\Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{9904524E-0669-4D41-8460-75E08E51D174}] => (Allow) D:\Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{788701C8-2582-493C-AC15-CCC271E36B04}] => (Allow) D:\Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [{EF20FA37-6BC8-4F7F-96E7-92023C19CD33}] => (Allow) D:\Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [{88631F5E-25A2-4BF5-8363-BDF30ED83CEB}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{50402CB1-F4DF-4385-BE1E-C0933DF55C2C}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{90DC2390-9B60-4A33-8062-04C68A34288A}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{BF3A450F-EBEF-4B41-A5C8-B3E736B39B12}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{0235881D-7E5E-4A4A-A420-67378666D5FC}D:\gog games\the planet crafter\planet crafter.exe] => (Allow) D:\gog games\the planet crafter\planet crafter.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{D816E593-09C8-4B50-BAC3-3D7C6286C74E}D:\gog games\the planet crafter\planet crafter.exe] => (Allow) D:\gog games\the planet crafter\planet crafter.exe () [Datei ist nicht signiert]
FirewallRules: [{DCB834EE-D705-49AC-9940-A11F2EA05B4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yu-Gi-Oh!  Master Duel\masterduel.exe () [Datei ist nicht signiert]
FirewallRules: [{9868B697-4F40-4C1F-B1CE-F0F4B96429D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yu-Gi-Oh!  Master Duel\masterduel.exe () [Datei ist nicht signiert]
FirewallRules: [{978A36E6-6314-4109-8A99-54B4F8CA4E33}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (SIA AVB Disc Soft -> Disc Soft FZE LLC)
FirewallRules: [{4A79CA93-C7D7-4E08-ACBA-4CF11E52C36B}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (SIA AVB Disc Soft -> Disc Soft FZE LLC)
FirewallRules: [{3777B0F1-6BF4-4C52-9654-50A731AF572F}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{AB06D2F6-59B5-4118-81C1-5D980B601A9A}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [TCP Query User{4C41EC9E-5694-4800-BA45-C8704F201040}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [UDP Query User{83C27B09-2708-4167-AF2D-41014910A6E6}D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\games\borderlands3\oakgame\binaries\win64\borderlands3.exe (Gearbox Software, L.L.C. -> Gearbox Software)
FirewallRules: [{CEA310D9-B665-4EEC-A74E-B11EB75E72C3}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.16.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{6BA3FC3E-421F-421A-8DE4-AC03095DA833}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.16.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{CD0F088F-0424-488A-8809-E232491166B6}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.16.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{79D4065C-2D5E-4F03-84F0-D2E07937F080}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.16.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{59A6688D-7D64-4464-A8DD-4952484FAA02}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3B5A15D0-C795-475E-865E-2DE1BFB7DBFB}D:\blade-and-sorcery-steamrip.com\blade and sorcery\bladeandsorcery.exe] => (Allow) D:\blade-and-sorcery-steamrip.com\blade and sorcery\bladeandsorcery.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{9AD4BC19-292F-42E4-A039-0702223E9371}D:\blade-and-sorcery-steamrip.com\blade and sorcery\bladeandsorcery.exe] => (Allow) D:\blade-and-sorcery-steamrip.com\blade and sorcery\bladeandsorcery.exe () [Datei ist nicht signiert]
FirewallRules: [{0B136EF0-6EE6-4D97-8784-F3DBF28D2FE7}] => (Allow) D:\SteamLibrary\steamapps\common\The Finals\Discovery.exe (Embark Studios AB -> )
FirewallRules: [{94FA7F5B-D50A-4E3A-BFBB-081C3C73BDFC}] => (Allow) D:\SteamLibrary\steamapps\common\The Finals\Discovery.exe (Embark Studios AB -> )
FirewallRules: [{F5A1C891-30AB-40BA-948B-364255EBA4AB}] => (Allow) C:\Program Files\Boosteroid Games S.R.L\Boosteroid\Bin\Boosteroid.exe (Boosteroid Games SRL -> Boosteroid Games S.R.L.)
FirewallRules: [TCP Query User{70FD93AA-2488-4912-A03E-C2BE28A6649C}D:\games\starcitizen\live\bin64\starcitizen.exe] => (Allow) D:\games\starcitizen\live\bin64\starcitizen.exe => Keine Datei
FirewallRules: [UDP Query User{009F9CB3-E1BC-4EE9-9AD4-43FADF6A32DC}D:\games\starcitizen\live\bin64\starcitizen.exe] => (Allow) D:\games\starcitizen\live\bin64\starcitizen.exe => Keine Datei
FirewallRules: [{014ED04F-7883-4773-89F3-DF1FEA2577A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8D6434FF-4929-40C7-A4CD-E99080133AE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E59A7FE0-D171-4D41-9623-30C2D000203E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{977AA2C3-4F80-4C3A-9576-38BC0820F1FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FDD41E26-1CAF-4EC3-85A3-6D246F750670}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Contingency Plan\ContingencyPlan.exe () [Datei ist nicht signiert]
FirewallRules: [{0FDE0C4C-3EDF-4D7B-9BCB-B31244853C33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Contingency Plan\ContingencyPlan.exe () [Datei ist nicht signiert]
FirewallRules: [{9AEDE06D-50DA-4EC2-AAA7-D61A0EE74597}] => (Allow) D:\SteamLibrary\steamapps\common\Once Human\ONCE_HUMAN.exe (NetEase (Hangzhou) Network Co., Ltd -> 网易)
FirewallRules: [{CF886F51-401F-423C-9DA4-E5A245799449}] => (Allow) D:\SteamLibrary\steamapps\common\Once Human\ONCE_HUMAN.exe (NetEase (Hangzhou) Network Co., Ltd -> 网易)
FirewallRules: [TCP Query User{93F803F6-1ECA-4824-8455-A91FEEA81C31}D:\games\stacklands v1.4.1.20\stacklands.exe] => (Allow) D:\games\stacklands v1.4.1.20\stacklands.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{A9626CFB-A8FB-4B4F-94B9-BBD70F3DBB37}D:\games\stacklands v1.4.1.20\stacklands.exe] => (Allow) D:\games\stacklands v1.4.1.20\stacklands.exe () [Datei ist nicht signiert]
FirewallRules: [{C53CEF80-1E56-41C3-BB90-2638C21E1F8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5F730250-D0C9-40C1-82A3-8AC93485DEDC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D0992FD8-672B-4481-A9BA-5B2E3A449E19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C924C839-CBAB-418B-B420-A2D955223CB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BE1D2B2F-7A7C-43B7-9CDF-E97C300D9626}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{104DF2FC-2150-4522-A3E0-12C19A042AB9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C2114196-54B2-4BA1-BF0A-0F7D1835EE9D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3946F73A-1B0F-4088-B550-EE8EF1636B11}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0F926DBF-3EF1-475A-93B8-D6CB0BEB068F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8D5654B2-9B37-4F59-B3C5-998B0B8C05EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6AA28039-24EC-4D25-9FEF-77E39519BF22}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24180.205.2980.1757_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{58403707-D8F2-428D-8478-97AE013ED5C8}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24180.205.2980.1757_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B2B72FA0-AEA3-42B1-81EF-233D78730D9F}C:\users\marce\appdata\local\discordcanary\app-1.0.425\discordcanary.exe] => (Allow) C:\users\marce\appdata\local\discordcanary\app-1.0.425\discordcanary.exe => Keine Datei
FirewallRules: [UDP Query User{5B73775C-2C53-4671-9F9B-8F24D10700E4}C:\users\marce\appdata\local\discordcanary\app-1.0.425\discordcanary.exe] => (Allow) C:\users\marce\appdata\local\discordcanary\app-1.0.425\discordcanary.exe => Keine Datei
FirewallRules: [{4217CD92-F9B8-4A4C-8A34-FC98C6193B72}] => (Allow) D:\SteamLibrary\steamapps\common\Overwatch\Overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{F00F899C-BF15-4A5A-BC5E-1294035323DC}] => (Allow) D:\SteamLibrary\steamapps\common\Overwatch\Overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{595C69C8-F16F-4572-9DB7-9F9D97060B6E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA8171C0-D440-45F4-9BF5-AFC181981977}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15887C5B-9042-4541-B4F1-77D5D51A403D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A24296EF-F4C8-456C-92C1-06D1B5CC57E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9BC5C6C4-C5C8-45A3-BDAB-F3DE0B2AA06C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{4796B3FD-398A-4C71-9BB0-F3441DFA8B50}C:\users\marce\.lunarclient\jre\56e53accb20696f802d92bd011174126b5e3154e\zulu21.30.15-ca-jre21.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\marce\.lunarclient\jre\56e53accb20696f802d92bd011174126b5e3154e\zulu21.30.15-ca-jre21.0.1-win_x64\bin\javaw.exe
FirewallRules: [UDP Query User{FDD46C35-8C1A-42AA-9843-042E39EF5BA9}C:\users\marce\.lunarclient\jre\56e53accb20696f802d92bd011174126b5e3154e\zulu21.30.15-ca-jre21.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\marce\.lunarclient\jre\56e53accb20696f802d92bd011174126b5e3154e\zulu21.30.15-ca-jre21.0.1-win_x64\bin\javaw.exe
FirewallRules: [{CF32656A-6921-4C61-86AF-90485BEB8D63}] => (Allow) C:\Program Files (x86)\Overwolf\0.256.0.2\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{20142BDF-697F-4C1A-8120-A3A6290A1685}] => (Allow) C:\Program Files (x86)\Overwolf\0.256.0.2\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{F99DD9C0-17C0-4DB7-9216-5CA9038380C0}] => (Block) C:\Program Files (x86)\Overwolf\0.256.0.2\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{B702C01E-E51D-4EF9-A90E-0CAB95A12DAF}] => (Block) C:\Program Files (x86)\Overwolf\0.256.0.2\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{46A05128-099A-49B2-9CCA-7E896FFC79BD}] => (Allow) C:\Program Files (x86)\Overwolf\0.251.2.1\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{4FCFFF0B-E32F-4B9A-A4EA-CDA76C34A44B}] => (Allow) C:\Program Files (x86)\Overwolf\0.251.2.1\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{B00F3A70-E02E-4BBF-8690-6DC44192A04F}] => (Block) C:\Program Files (x86)\Overwolf\0.251.2.1\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{B97C1A1F-AA1F-4660-897D-52DDF38A7A50}] => (Block) C:\Program Files (x86)\Overwolf\0.251.2.1\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{8950773D-4655-4329-83E2-AAB8491C0582}] => (Allow) C:\Program Files (x86)\Overwolf\0.258.0.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CC1E1A48-6363-4803-A908-EF5E7971FC15}] => (Allow) C:\Program Files (x86)\Overwolf\0.258.0.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{48558514-2A5D-4117-95F3-D9268ADB70A1}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.98\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0AF40DB6-E1BA-4DCC-86D2-4DCCB2C16C8C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{84B81AD4-F5B2-4253-9258-08D206D9E79F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E05194A7-4BEC-45FD-9897-DFCF9C5CDF85}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B50272F9-4725-41A2-A4E1-C1C221D3A56C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4CE2466E-CEE1-4C33-9592-51EF26A05307}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D35E279D-568F-4C1F-A9C8-E8C9ED9BA80A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E253C298-CCF5-4F43-80B7-9C129E205054}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{425A5C94-7386-435C-B387-873F26B7AE09}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{23D2E996-B6A2-42B0-8884-C121850819B3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{FCCB32C9-5680-43F2-A337-8B987F82A42B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D848139B-D331-4D07-882D-23462FEA9975}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B2C89D7F-476C-4EDA-8A63-5E61E3AFEA41}] => (Allow) C:\Program Files\ASUS\GlideX\GlideXService.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [{5855EB9E-7128-4DC0-AD29-9136455E61C7}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{F83DC1E9-DF8A-49D6-9222-016CD35E5323}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{B1A3C3BC-28CF-4387-9D69-C68E1861B7C5}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{EA8A08D8-2108-4A04-BB3C-423EEE08C54E}] => (Allow) C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe (ASUSTeK COMPUTER INC. -> )

==================== Wiederherstellungspunkte =========================

14-08-2024 09:53:06 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager ============

Name: AMD Radeon(TM) RX Vega 10 Graphics
Description: AMD Radeon(TM) RX Vega 10 Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc.
Service: amdkmdag
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (08/14/2024 09:11:05 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (6128,D,23) SRUJet: Datenbank "C:\WINDOWS\system32\SRU\SRUDB.dat": Index UserIdTimeStamp von Tabelle "{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}" ist beschädigt (0).

Error: (08/14/2024 08:11:05 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (6128,D,23) SRUJet: Datenbank "C:\WINDOWS\system32\SRU\SRUDB.dat": Index UserIdTimeStamp von Tabelle "{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}" ist beschädigt (0).

Error: (08/14/2024 07:10:05 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (6128,D,23) SRUJet: Datenbank "C:\WINDOWS\system32\SRU\SRUDB.dat": Index UserIdTimeStamp von Tabelle "{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}" ist beschädigt (0).

Error: (08/14/2024 06:10:05 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (6128,D,23) SRUJet: Datenbank "C:\WINDOWS\system32\SRU\SRUDB.dat": Index UserIdTimeStamp von Tabelle "{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}" ist beschädigt (0).

Error: (08/14/2024 05:09:17 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (6128,D,23) SRUJet: Datenbank "C:\WINDOWS\system32\SRU\SRUDB.dat": Index UserIdTimeStamp von Tabelle "{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}" ist beschädigt (0).

Error: (08/14/2024 04:08:05 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (6128,D,23) SRUJet: Datenbank "C:\WINDOWS\system32\SRU\SRUDB.dat": Index UserIdTimeStamp von Tabelle "{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}" ist beschädigt (0).

Error: (08/14/2024 03:07:05 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (6128,D,23) SRUJet: Datenbank "C:\WINDOWS\system32\SRU\SRUDB.dat": Index UserIdTimeStamp von Tabelle "{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}" ist beschädigt (0).

Error: (08/14/2024 02:06:06 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (6128,D,23) SRUJet: Datenbank "C:\WINDOWS\system32\SRU\SRUDB.dat": Index UserIdTimeStamp von Tabelle "{D10CA2FE-6FCF-4F6D-848E-B2E99266FA89}" ist beschädigt (0).


Systemfehler:
=============
Error: (08/13/2024 09:04:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/13/2024 09:04:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

Error: (08/13/2024 09:03:28 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (90:78:b2:5a:98:83) ist fehlgeschlagen.

Error: (08/13/2024 09:02:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "GameInput Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/13/2024 09:02:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "GameInput Service" wurde mit folgendem Fehler beendet:
Die Verbunddatei "GameInput Service" wurde mit einer neueren Version erstellt.

Error: (08/13/2024 09:02:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HidHideWatchdog.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (08/13/2024 09:02:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Gruppenrichtlinienclient" wurde aufgrund folgenden Fehlers nicht gestartet:
Zugriff verweigert

Error: (08/13/2024 09:02:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Gruppenrichtlinienclient" wurde aufgrund folgenden Fehlers nicht gestartet:
Zugriff verweigert


Windows Defender:
================
Date: 2024-08-14 09:13:44
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {43EC3317-1A5F-4DE9-B654-9C0A117F8625}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2024-08-14 05:05:23
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Casdet!rfn&threatid=2147727512&enterprise=0
Name: Trojan:Win32/Casdet!rfn
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\marce\Downloads\SolaraBETA3.rar
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: LAPTOP-ATC5R52J\marce
Prozessname: C:\Users\marce\AppData\Local\Temp\{a1f18aa8-4dff-4f49-bd35-8c1a16b3f315}\e4881c05.exe
Sicherheitsversion: AV: 1.417.92.0, AS: 1.417.92.0, NIS: 1.417.92.0
Modulversion: AM: 1.1.24070.3, NIS: 1.1.24070.3

Date: 2024-08-14 04:51:34
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0
Name: Trojan:Script/Wacatac.H!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\KVRT2020_Data\Temp\iocE5A04DD1-A1CF-B940-8563-42978A562A98.crdownload
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: LAPTOP-ATC5R52J\marce
Prozessname: C:\Users\marce\AppData\Local\Temp\{a1f18aa8-4dff-4f49-bd35-8c1a16b3f315}\e4881c05.exe
Sicherheitsversion: AV: 1.417.92.0, AS: 1.417.92.0, NIS: 1.417.92.0
Modulversion: AM: 1.1.24070.3, NIS: 1.1.24070.3

Date: 2024-08-14 04:50:09
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Dllinject&threatid=2147731327&enterprise=0
Name: Trojan:MSIL/Dllinject
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\marce\Downloads\oxygen_u.zip
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: LAPTOP-ATC5R52J\marce
Prozessname: C:\Users\marce\AppData\Local\Temp\{a1f18aa8-4dff-4f49-bd35-8c1a16b3f315}\e4881c05.exe
Sicherheitsversion: AV: 1.417.92.0, AS: 1.417.92.0, NIS: 1.417.92.0
Modulversion: AM: 1.1.24070.3, NIS: 1.1.24070.3

Date: 2024-08-14 04:45:50
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Wacatac.H!ml&threatid=2147814524&enterprise=0
Name: Trojan:Script/Wacatac.H!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\KVRT2020_Data\Temp\ioc7E35F5D3-2D71-4F41-BDA8-930F48DF0483.crdownload; file:_C:\Users\marce\Downloads\Nicht bestätigt 589743.crdownload
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: LAPTOP-ATC5R52J\marce
Prozessname: C:\Users\marce\AppData\Local\Temp\{a1f18aa8-4dff-4f49-bd35-8c1a16b3f315}\e4881c05.exe
Sicherheitsversion: AV: 1.417.92.0, AS: 1.417.92.0, NIS: 1.417.92.0
Modulversion: AM: 1.1.24070.3, NIS: 1.1.24070.3
Event[0]:

Date: 2024-03-16 15:46:55
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.407.471.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.24020.9
Fehlercode: 0x80070102
Fehlerbeschreibung: Der Wartevorgang wurde abgebrochen.

Date: 2024-03-16 15:46:55
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.407.471.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.24020.9
Fehlercode: 0x80070102
Fehlerbeschreibung: Der Wartevorgang wurde abgebrochen.

CodeIntegrity:
===============
Date: 2024-08-14 09:16:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\marce\AppData\Local\DiscordCanary\app-1.0.431\DiscordCanary.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.258.0.6\OWClient.dll that did not meet the Microsoft signing level requirements.

Date: 2024-08-14 09:16:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\marce\AppData\Local\DiscordCanary\app-1.0.431\DiscordCanary.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.258.0.6\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements.

Date: 2024-08-14 09:16:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\marce\AppData\Local\DiscordCanary\app-1.0.431\DiscordCanary.exe) attempted to load \Device\HarddiskVolume3\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-08-14 09:15:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\marce\AppData\Local\DiscordCanary\app-1.0.429\DiscordCanary.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.258.0.6\OWClient.dll that did not meet the Microsoft signing level requirements.

Date: 2024-08-14 09:15:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\marce\AppData\Local\DiscordCanary\app-1.0.429\DiscordCanary.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.258.0.6\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements.

Date: 2024-08-14 09:15:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\marce\AppData\Local\DiscordCanary\app-1.0.429\DiscordCanary.exe) attempted to load \Device\HarddiskVolume3\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen ===========================

BIOS: American Megatrends Inc. FX705DT.316 01/28/2021
Hauptplatine: ASUSTeK COMPUTER INC. FX705DT
Prozessor: AMD Ryzen 7 3750H with Radeon Vega Mobile Gfx
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 15808.9 MB
Verfügbarer physikalischer RAM: 6779.09 MB
Summe virtueller Speicher: 25536.9 MB
Verfügbarer virtueller Speicher: 13376.02 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:475.55 GB) (Free:55.34 GB) (Model: Micron_2200V_MTFDHBA512TCK) NTFS
Drive d: (Volume) (Fixed) (Total:953.87 GB) (Free:32.86 GB) (Model: Intenso SSD Sata III) NTFS

\\?\Volume{6b762115-a3f6-4cf9-95f5-a7f6d27f5ae0}\ (RECOVERY) (Fixed) (Total:1.12 GB) (Free:0.48 GB) NTFS
\\?\Volume{fa59baa3-8aff-480b-b70d-735f09ed17d6}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: B859509B)
Partition 1: (Not Active) - (Size=953.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: EBDC1629)

Partition: GPT.

==================== Ende von Addition.txt =======================

cosinus 14.08.2024 10:41
Zitat:
nichtmal 2FA hilf dort
Das ergibt erstmal so keinen Sinn. Der zweite Faktor ist genau deswegen da, eben damit ein kompromittiertes Gerät allein nicht dazu führt, dass ein Angreifer deine Konten übernehmen kann.

Wie sieht der 2FA bei dir aus? Separates Gerät oder einfach Mail an deine Adresse?
Und Passwörter hast du vernünftig vergeben oder hast du etwa ein Passwort und nimmst das für _alles_?


Zitat:
C:\users\marce\appdata\local\yuzu\yuzu-windows-msvc\yuzu.exe
C:\Users\marce\Downloads\SolaraBETA3.rar
C:\Users\marce\Downloads\oxygen_u.zip
Das soll was bitte sein? Quelle?

EinsMarcel 14.08.2024 11:02
Guten Tag cosinus,
Also erstmal nehme ich nicht ein Passwort für alles _alles_ :)
Das mit dem 2FA verwirrt mich ja genauso wie dich, von den Accounts wo ich 2FA aktiviert habe wurden zwei komprimiert, mein Steam Account und mein EA Account, bei mein Steam Account habe ich die Mobile Verifizierung Aktiv, und obwohl ich dort selber nichts bestätigt hatte, hatte ein Gerät aus Russland Zugriff auf mein Steam Account, und beim EA Account hatte ich Email 2FA an, wo mir auch 2FA codes an meine Email geschickt wurden, auf die der Hacker anscheinend zugriff hatte, weil kurz danach die Email Adresse von meinem EA Konto zurückgesetzt wurde. Aber auf meiner Email Adresse ist halt kein unbekanntes Gerät angemeldet :/
Und ich sehe jetzt erst das Windows Defender anscheinend auch noch ein Scan gemacht hatte während Kaspersky lief, die Dateien die du gerade zitiert hast sind aber, da bin ich mir zu 100% sicher, Fehlalarme .

cosinus 14.08.2024 11:22
Zitat:
die Dateien die du gerade zitiert hast sind aber, da bin ich mir zu 100% sicher, Fehlalarme .
Das weißt du woher? Was sollen das für Dateien sein?

EinsMarcel 14.08.2024 11:28
Yuzu ist ein Emulator und die anderen zwei Dateien sind DLL-Injector

cosinus 14.08.2024 11:46
-> SolaraBETA3.rar

Und warum glaubst du findet man im Netz nur Belege, dass das Malware ist?
Was genau machst du damit?

EinsMarcel 14.08.2024 12:11
Ich bin mir so sicher weil ich die 2 DLL-Injector nie genutzt hatte, deswegen sind die ja auch noch in den .rar und .zip Dateien komprimiert, wollte mit den DLL-Injector nen Freund in nen Spiel nerven, habs dann aber doch nicht gemacht weil er offline gegangen war, ich hoffe das bringt dir ein bisschen Licht und Dunkel, und da ich es vorher noch nicht angemerkt hatte; Danke das du mir helfen willst :)

cosinus 14.08.2024 12:16
Das glaub ich nicht. Sondern dass du dir beim Herumspielen damit die Finger verbrannt hast.

Bitte mit Malwarebytes einen Scan machen.

EinsMarcel 14.08.2024 12:49
Hab ein Malwarebytes Scan gemacht, und alles erkannte in Quarantäne verschoben. Hier ist der Bericht :)

Code:

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 14.08.2024
Scan-Zeit: 13:25
Protokolldatei: db256060-5a2f-11ef-87e1-d8c0a68fc63c.json

-Softwaredaten-
Version: 5.1.7.121
Komponentenversion: 1.0.5002
Version des Aktualisierungspakets: 1.0.87866
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.4651)
CPU: x64
Dateisystem: NTFS
Benutzer: LAPTOP-ATC5R52J\marce

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 452728
Erkannte Bedrohungen: 18
In die Quarantäne verschobene Bedrohungen: 18
Abgelaufene Zeit: 12 Min., 53 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 18
PUP.Optional.Perion, C:\USERS\MARCE\APPDATA\LOCAL\TEMP\HQ_CONTROL\IMAPP.EXE, In Quarantäne, 662, 1256189, 1.0.87866, , ame, , 312707A513F86ED20642F43F8EF4DD14, 9B398917C796083A6005AB3F9D78243DBC0FAD12BE1E196BE2B01041D4C951A7
PUP.Optional.Perion, C:\USERS\MARCE\APPDATA\ROAMING\HQ_CONTROL\IMDBU.DLL, In Quarantäne, 662, 1256189, 1.0.87866, , ame, , 8AE8BB143301934A023BC5C9BB160B56, DB890BB2555E0BF3F82B38DC12ECD581348E40E53F9A51DD512149075C7DF0A4
PUP.Optional.Perion, C:\USERS\MARCE\APPDATA\ROAMING\HQ_CONTROL\IMWRAPPU.DLL, In Quarantäne, 662, 1256189, 1.0.87866, , ame, , CBF4827A5920A5F02C50F78ED46D0319, 7187903A9E4078F4D31F4B709A59D24EB6B417EA289F4F28EABCE1EA2E713DCE
PUP.Optional.Perion, C:\USERS\MARCE\APPDATA\ROAMING\HQ_CONTROL\IMLOOKU.DLL, In Quarantäne, 662, 1256189, 1.0.87866, , ame, , 3EA6D805A18715F7368363DEA3CD3F4C, A6766C524497144D585EFA4FE384B516B563203427003508F7C8F6BFFA7C928D
PUP.Optional.Perion, C:\USERS\MARCE\APPDATA\ROAMING\HQ_CONTROL\IMAPP.EXE, In Quarantäne, 662, 1256189, 1.0.87866, , ame, , 312707A513F86ED20642F43F8EF4DD14, 9B398917C796083A6005AB3F9D78243DBC0FAD12BE1E196BE2B01041D4C951A7
PUP.Optional.Perion, C:\USERS\MARCE\APPDATA\ROAMING\HQ_CONTROL\IMHTTPCOMM.DLL, In Quarantäne, 662, 1256189, 1.0.87866, , ame, , A70D91A9FD7B65BAA0355EE559098BD8, 96D6264B26DECF6595CA6F0584A1B60589EC5DACDF03DDF5FBB6104A6AFC9E7A
PUP.Optional.Perion, C:\USERS\MARCE\APPDATA\ROAMING\HQ_CONTROL\IMUTILSU.DLL, In Quarantäne, 662, 1256189, 1.0.87866, , ame, , A7EABA8BC12B2B7EC2A41A4D9E45008A, 914B1E53451B8BE2C362D62514F28BDEF46A133535D959B13F3F4BF3BC63DF3A
PUP.Optional.Perion, C:\USERS\MARCE\APPDATA\ROAMING\HQ_CONTROL\SQLITE3.DLL, In Quarantäne, 662, 1256189, 1.0.87866, , ame, , B7FB7EB3CB04E0A086A8D945FF45615E, 8567B0E23FD4178270CA674810755C9DFDAE1F4028E01C0C74A4EEB7774A1688
PUP.Optional.BundleInstaller, C:\USERS\MARCE\APPDATA\ROAMING\UTORRENT WEB\UTWEB.EXE, In Quarantäne, 69, 1207153, 1.0.87866, , ame, , 917C35591CAA55020FDAF170FEA524CE, 4B7D89B7D86635718E2482B29EF7834D56EEBC6722DF1BD25365B65B3222FAB7
PUP.Optional.BundleInstaller, C:\USERS\MARCE\APPDATA\ROAMING\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk, In Quarantäne, 69, 1207153, 1.0.87866, , ame, , 43B19E55008C7DCAEE0339E0D468751A, 73A362EE75AB67AC7EDD2AE19AFAFC78F6F61C1255363F82718705C4E9DBE5A4
PUP.Optional.BundleInstaller, C:\USERS\MARCE\ONEDRIVE\DESKTOP\uTorrent Web.lnk, In Quarantäne, 69, 1207153, 1.0.87866, , ame, , 0F9F340A9F60C46A4084AFBAB27C696C, C31CBC178C598BB7B49AB82968E541DC3BA90E6F987C4E15125833D88B7E46B5
PUP.Optional.Perion, C:\USERS\MARCE\APPDATA\ROAMING\HQ_CONTROL\IMLOOKEXU.DLL, In Quarantäne, 662, 1256189, 1.0.87866, , ame, , 6527BE4D6A3333DC5A49218C4F80530D, 908AB22CB8FA1B9125CF5746E5591FD84E4853326A812B9431CA1C0B9E997E1F
PUP.Optional.Perion, C:\USERS\MARCE\APPDATA\ROAMING\HQ_CONTROL\WLESSFP1.DLL, In Quarantäne, 662, 1256189, 1.0.87866, , ame, , 5120C44F241A12A3D5A3E87856477C13, FBD4B6011D3D1C2AF22827CA548BA19669EEF31173D496E75F064EF7A884431C
PUP.Optional.Perion, C:\USERS\MARCE\APPDATA\ROAMING\HQ_CONTROL\IMABU.DLL, In Quarantäne, 662, 1256189, 1.0.87866, , ame, , 2102382908725F195CE2C3703CAA0C5F, C56D37F20069E48EADE31236B4D3AA5AFDA2621BD77760E85964F1E6834BE9A6
PUP.Optional.Perion, C:\USERS\MARCE\APPDATA\ROAMING\HQ_CONTROL\IMNTUTILU.DLL, In Quarantäne, 662, 1256189, 1.0.87866, , ame, , BB326FE795E2C1C19CD79F320E169FD3, A8E1B0E676DCE9556037D29FD96521EC814858404BA4CFDD0DB0EDBE22C87BC7
PUP.Optional.BundleInstaller, C:\USERS\MARCE\DOWNLOADS\UTWEB_INSTALLER.EXE, In Quarantäne, 69, 875791, 1.0.87866, , ame, , 436AD5A61D6DCDD2752B8DFF8822671A, 8480B4726A4B55FAB4086C467CDD4C28EB2285694B6D9E95A85F208C53353F37
PUP.Optional.BundleInstaller, C:\USERS\MARCE\DOWNLOADS\FILEZILLA_3.60.1_WIN64_SPONSORED2-SETUP.EXE, In Quarantäne, 69, 1185378, 1.0.87866, , ame, , E852BC99FB5B72011373E4D5F019F4B5, 8E1D05D06FB7EF50A6F171C7E4F44EE64F6953D6769A646924CFCE79ABA98A68
PUP.Optional.BundleInstaller, C:\USERS\MARCE\DOWNLOADS\DTLITE1210-2169.EXE, In Quarantäne, 69, 1261938, 1.0.87866, , ame, , F644BE5504A88097959ACEB720C987F4, 3ECD5A3A1175B9BAF3A018F134F0BF352F1CE3E9D5F974D293CCC5CE243C527C


Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)

cosinus 14.08.2024 13:39
adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner bitte wiederholen falls es Funde gab.

EinsMarcel 14.08.2024 13:54
Erster Durchlauf:
Code:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-14-2024
# Duration: 00:00:11
# OS:      Windows 10 (Build 19045.4651)
# Scanned:  32105
# Detected: 9


***** [ Services ] *****

PUP.Optional.Legacy            Updater

***** [ Folders ] *****

PUP.Optional.Legacy            C:\Users\marce\AppData\Roaming\Tencent
PUP.Optional.WebCompanion      C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy            HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy            HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.Legacy            HKLM\System\Setup\FirstBoot\Services\Updater
PUP.Optional.WebCompanion      HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion      HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion      HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Zweiter Durchlauf:

Code:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-14-2024
# Duration: 00:00:11
# OS:      Windows 10 (Build 19045.4651)
# Scanned:  32104
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [2106 octets] - [14/08/2024 14:51:20]
AdwCleaner[C00].txt - [2128 octets] - [14/08/2024 14:51:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

cosinus 14.08.2024 14:00
Da war bisher nur Junkware.
Bitte neue FRST-Logs.

EinsMarcel 14.08.2024 14:12
FRST
 
Aber gerne :)


FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08.2024
durchgeführt von marce (Administrator) auf LAPTOP-ATC5R52J (ASUSTeK COMPUTER INC. TUF Gaming FX705DT_FX705DT) (14-08-2024 15:01:14)
Gestartet von C:\Users\marce\Downloads\FRST64.exe
Geladene Profile: marce
Plattform: Microsoft Windows 10 Home Version 22H2 19045.4651 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOSD.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (SIA AVB Disc Soft -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe <2>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\GlideX\GlideXService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe <2>
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Facebook Technologies, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_6e87d9907e09ff6b\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (SIA AVB Disc Soft -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2429.10.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
konnte nicht auf den Prozess zugreifen -> GetMonitorInfo.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-07-09] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [GaomonTablet] => C:\Users\marce\AppData\Roaming\GaomonTablet\GaomonTablet.exe [2154696 2021-05-11] (GUANZHOU GAOMON ELECTRONIC TECHNOLOGY CO.,LTD . -> Guangzhou Gaomon Technology Co., Ltd.)
HKLM-x32\...\Run: [Skiller PRO+] => C:\Program Files (x86)\Skiller PRO+\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies) [Datei ist nicht signiert]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Discord] => C:\Users\marce\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4407656 2024-07-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36729320 2024-08-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\marce\AppData\Local\Microsoft\Teams\Update.exe [2591296 2024-01-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [PreMiD] => C:\Users\marce\AppData\Roaming\PreMiD\PreMiD.exe [126285312 2021-02-21] (GitHub, Inc.) [Datei ist nicht signiert]
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1832968 2024-08-05] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [DiscordCanary] => C:\Users\marce\AppData\Local\DiscordCanary\Update.exe [1525096 2022-07-14] (Discord Inc. -> GitHub)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Opera GX Stable] => C:\Users\marce\AppData\Local\Programs\Opera GX\launcher.exe [1511840 2024-08-14] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\marce\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46247680 2024-08-04] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [71185664 2024-08-04] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3380840 2024-08-13] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\marce\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2023-09-18] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [MicrosoftEdgeAutoLaunch_6A7EFD9FB16063B23C21C72578A008BC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3814968 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Lunar Client] => C:\Users\marce\AppData\Local\Programs\lunarclient\Lunar Client.exe [176849464 2024-08-10] (Moonsworth, LLC -> Moonsworth LLC)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13991760 2024-04-25] (GOG  sp. z o.o -> GOG.com)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [6021896 2024-06-19] (Tonec Inc. -> Tonec Inc.)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482400 2024-06-27] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [Microsoft.Lists] => C:\Users\marce\AppData\Local\Microsoft\OneDrive\24.146.0721.0003\Microsoft.SharePoint.exe [1025552 2024-08-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [AF_uuid_2139460] => 216ccfc5-56a2-4254-9ac1-ac0f5d0f2beb (Keine Datei)
HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\Run: [AF_counter_2139460] => 1 (Keine Datei)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\127.0.6533.100\Installer\chrmstp.exe [2024-08-08] (Google LLC -> Google LLC)
AppInit_DLLs: C:\PROGRA~1\VIRTUA~1\VIRTUA~4.DLL => C:\Program Files\Virtual Desktop Streamer\VirtualDesktop.Injector64.dll [132520 2021-01-09] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
Startup: C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-11-28]
ShortcutTarget: Twitch.lnk -> C:\Users\marce\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {111E9450-D29A-4936-B036-BBB5D7EBFA6D} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusHotkey.exe [324960 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {AC43ECFE-A103-45D2-96A4-52DA6DF57432} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusUpdateChecker.exe [792296 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {34BBEF4F-D3EB-497B-8BE2-495560998244} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [313192 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {A4120DC2-72F5-4ACA-A917-54A5476A4D44} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1898344 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {CBC06814-F46D-4C73-BA22-68934E6D7BA5} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d66fb738d40797 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-08-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {84D11694-9BBB-42D1-88C9-38C6B4909D1B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-08-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {AFA59341-1E23-4DC4-A27E-196D304A6398} - System32\Tasks\ASUS\Aura Wallpaper Service => C:\Program Files\ASUS\Aura Wallpaper Service\Aura Wallpaper Service.exe [2103408 2023-05-29] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {301A9B7B-89BA-4686-9C02-B8431BD06142} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2023-07-19] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {297A174C-824B-42C8-AE45-FF596F7AD52E} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (Keine Datei)
Task: {4ABCDE3B-7E71-4564-A944-F6950F5C97A3} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe [5097936 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {B31FA52E-C1E3-4F1E-97D9-B448A8F1C2A5} - System32\Tasks\DSB Notification => C:\Program Files\ASUS\DSB Notification\DSBNotification.exe [782216 2019-01-28] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {2A30ED9B-F45F-4FFF-A27C-BF574326F4ED} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{C6F48DCB-FF55-497E-9162-04B454445745} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC)
Task: {4063069A-7DCA-4D8B-9A2F-92257D26A05B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28584424 2024-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E32B778-03E7-4E2F-8693-661A4C1FB402} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28584424 2024-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {1515B75C-2CB7-43A8-84EB-811A773B7BB6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312288 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DC887E4-27F2-4659-B772-9336A118E2C8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312288 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {57004B5F-3F6D-4C61-A507-76A7B5413A45} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [182240 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {2390B1B9-0CFC-474A-8E8B-E07600BC1B5F} - System32\Tasks\nefarius_HidHide_Updater => C:\Program Files\Nefarius Software Solutions\HidHide\x64\nefarius_HidHide_Updater.exe  --background --log-level info (Keine Datei)
Task: {FDE915FB-96FC-4984-8251-464C3591F69B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {62C0AF75-084C-4486-BE18-FEDECCBAFD04} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BE53276-A64C-4716-ABD5-F2B555DD669E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {DE6A011A-13FD-4269-BE91-E60D612A8771} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {058E972B-0F02-4959-AFFB-F7C947EB7789} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81CB18A6-35DD-41D2-ACB1-9B4DC3C51E4C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A72DCB3-45C1-41B4-B986-77BC77A87535} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {41C816BA-A8E5-410F-922E-E0C7D541B59F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F8CC03F-FB42-4418-8ED9-73ED8D98BE65} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BACF90A-FE8C-40A7-BB44-FB8C15A1A0D4} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1665594722 => C:\Users\marce\AppData\Local\Programs\Opera GX\launcher.exe [1511840 2024-08-14] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\marce\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {DCF02EC3-60C8-424C-B90D-5B0B43BA96D2} - System32\Tasks\Opera GX scheduled Autoupdate 1664471426 => C:\Users\marce\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe [5779360 2024-08-07] (Opera Norway AS -> Opera Software)
Task: {E60DE1E9-628C-4DF5-8569-39322BCFDB38} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2370056 2024-08-05] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {8947C43F-C410-4E80-8D1C-7BA7C64FEEAB} - System32\Tasks\PowerToys\Autorun for marce => C:\Program Files\PowerToys\PowerToys.exe [1087936 2023-01-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A3D1E78-F43F-4F42-9052-2224BC879AA1} - System32\Tasks\RtkAudUService64_BG => C:\Windows\system32\RtkAudUService64.exe [862192 2019-02-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0553770d-67ed-47e7-b31c-e215500dfcb2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0553770d-67ed-47e7-b31c-e215500dfcb2}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\64259445A51224F6870273539303024585: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\64259445A51224F6870273539303024585: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\64259445A51224F6870273539303024585: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\75C414E40225943484142544027574: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\75C414E40225943484142544027574: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c58d50b1-9756-47d6-8ee2-1efbcaa4d959}\75C414E40225943484142544027574: [DhcpDomain] fritz.box

Edge:
=======
Edge Profile: C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-18]
Edge Extension: (PreMiD) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\agjnjboanicjcpenljmaaigopkgdnihi [2024-07-18]
Edge Extension: (AutoDraw for skribbl.io) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bpnefockcbbpkbahgkkacjmebfheacjb [2023-05-14]
Edge Extension: (FrankerFaceZ) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2021-12-21]
Edge Extension: (Return YouTube Dislike) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2024-04-24]
Edge Extension: (Google Docs Offline) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-01]
Edge Extension: (BetterTTV) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2024-06-24]
Edge Extension: (Netflix Party is now Teleparty) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\igbncjcgfkfnfgbaieiimpfkobabmkce [2024-07-06]
Edge Extension: (Edge relevant text changes) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-03]
Edge Extension: (Video DownloadHelper) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmkaglaafmhbcpleggkmaliipiilhldn [2024-06-24]
Edge Extension: (IDM Integration Module) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2024-07-18]
Edge Extension: (VidSync) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\magpalppgpekmbgkamakkiiafbldipne [2021-12-21]
Edge Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-07-18]
Edge Extension: (Ears: Bass Boost, EQ Any Audio!) - C:\Users\marce\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nfdfiepdkbnoanddpianalelglmfooik [2023-05-14]
Edge HKU\S-1-5-21-136319151-2595665921-3748062372-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2024-06-19]

FireFox:
========
FF HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\marce\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\marce\AppData\Roaming\IDM\idmmzcc5 [2024-06-24] [] [ist nicht signiert]
FF HKU\S-1-5-21-136319151-2595665921-3748062372-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-19] []
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default [2024-08-14]
CHR DownloadDir: C:\Users\marce\Downloads
CHR Notifications: Default -> hxxps://aternos.org; hxxps://community.citra-emu.org; hxxps://play.geforcenow.com; hxxps://web.telegram.org
CHR Extension: (PreMiD) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\agjnjboanicjcpenljmaaigopkgdnihi [2024-07-26]
CHR Extension: (BetterTTV) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-06-18]
CHR Extension: (Videochat Extension - IP Locator for Omegle) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\alchldmijhnnapijdmchpkdeikibjgoi [2024-08-05]
CHR Extension: (AutoDraw for skribbl.io) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpnefockcbbpkbahgkkacjmebfheacjb [2024-07-26]
CHR Extension: (uBlock Origin) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-08-05]
CHR Extension: (FrankerFaceZ) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2020-11-26]
CHR Extension: (Return YouTube Dislike) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2024-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-24]
CHR Extension: (AdBlock − blockieren Sie Werbung im Internet) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-08-07]
CHR Extension: (Behind The Overlay) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljipkdpcjbmhkdjjmbbaggebcednbbme [2024-01-06]
CHR Extension: (Video DownloadHelper) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2024-08-09]
CHR Extension: (VidSync) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\magpalppgpekmbgkamakkiiafbldipne [2020-11-26]
CHR Extension: (Ears: Bass Boost, EQ Any Audio!) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfdfiepdkbnoanddpianalelglmfooik [2023-04-26]
CHR Extension: (IDM Integration Module) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-08-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2024-08-04]
CHR Profile: C:\Users\marce\AppData\Local\Google\Chrome\User Data\System Profile [2024-08-13]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-06-19]
CHR HKU\S-1-5-21-136319151-2595665921-3748062372-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-06-19]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-06-19]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-136319151-2595665921-3748062372-1001) Opera GXStable - "C:\Users\marce\AppData\Local\Programs\Opera GX\opera.exe"

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2704864 2024-05-26] (PROXIMA BETA PTE. LIMITED -> ANTICHEATEXPERT.COM)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-06-28] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-08-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\AsusAppService\AsusAppService.exe [1199464 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [502120 2023-11-22] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [156208 2020-08-11] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe [563152 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe [1377744 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSwitch\AsusSwitch.exe [650704 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe [5097936 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [865744 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S2 Aura Wallpaper Service; C:\Program Files\ASUS\Aura Wallpaper Service\AuraWallpaperService.exe [735856 2023-05-29] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 BandaiNamcoLauncherService; C:\Program Files (x86)\BandaiNamcoLauncher\Launcher\BridgeService\BandaiNamcoLauncherService.exe [150240 2023-11-08] (BANDAI NAMCO Online Inc. -> BNO)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2568840 2024-07-25] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2024-06-15] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13995624 2024-07-31] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4937312 2024-06-27] (SIA AVB Disc Soft -> Disc Soft FZE LLC)
S2 DTSAPO3Service; C:\WINDOWS\System32\DTS\PC\APO3x\DTSAPO3Service.exe [223640 2019-09-03] (DTS, Inc. -> )
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [13772392 2024-08-13] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2024-06-11] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [960752 2024-07-14] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_19; C:\ProgramData\EQU8\Totally Accurate Battlegrounds\bin\anticheat.x64.equ8.exe [8459408 2021-12-31] (Int3 Software AB -> Int3 Software AB)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348880 2024-04-25] (GOG  sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178064 2024-04-25] (GOG  sp. z o.o -> GOG.com)
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [635968 2023-03-21] (Gameforge 4D GmbH -> )
S2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 GlideXService; C:\Program Files\ASUS\GlideX\GlideXService.exe [720568 2022-06-21] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 GlideXServiceExt; C:\Program Files\ASUS\GlideX\GlideXServiceExt.exe [229568 2022-06-21] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-08-07] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11193088 2024-08-04] (Logitech Inc -> Logitech, Inc.)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-07-11] (The Document Foundation -> The Document Foundation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-29] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-08-14] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-08-14] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_6e87d9907e09ff6b\Display.NvContainer\NVDisplay.Container.exe [1274888 2024-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2370056 2024-08-05] (Overwolf Ltd -> Overwolf LTD)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [146688 2024-08-04] (Facebook Technologies, LLC -> Facebook Technologies, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [418048 2024-08-04] (Facebook Technologies, LLC -> Facebook Technologies, LLC)
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.2.11\ProtonVPNService.exe [474824 2024-03-27] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.2.11\ProtonVPN.WireGuardService.exe [474312 2024-03-27] (Proton AG -> ProtonVPN)
S2 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [40672 2021-09-10] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek Computer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [6792176 2024-07-07] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2065880 2024-06-14] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 ucldr_blueprotocol_jp; C:\Program Files\Common Files\Wellbia.com\ucldr_blueprotocol_jp.exe [5552168 2023-06-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9730864 2024-07-09] (Riot Games, Inc. -> Riot Games, Inc.)
S2 VirtualDesktop.Service.exe; C:\Program Files\Virtual Desktop\VirtualDesktop.Service.exe [1962920 2020-12-01] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
S2 HidHideWatchdog.exe; "C:\Program Files\Nefarius Software Solutions\HidHide\x64\HidHideWatchdog.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1896736 2024-05-27] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [59344 2023-11-22] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSAIO.sys [49208 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusWmiAcpi.sys [49064 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 BadlionAnticheat; C:\Windows\system32\drivers\BadlionAnticheat.sys [1178120 2023-06-01] (Microsoft Windows Hardware Compatibility Publisher -> <Turtle Entertainment>)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2024-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2024-06-27] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EQU8_HELPER_19; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_19.sys [38032 2021-10-02] (Int3 Software AB -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2022-05-18] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 HidHide; C:\WINDOWS\System32\drivers\HidHide.sys [59088 2023-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 HoYoProtect; C:\WINDOWS\system32\HoYoKProtect.sys [3686568 2024-07-05] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
R2 IDMWFP; C:\WINDOWS\System32\drivers\idmwfp.sys [173736 2023-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Tonec Inc.)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-30] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2024-02-09] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R3 logi_audio_surround; C:\WINDOWS\System32\DriverStore\FileRepository\logi_audio.inf_amd64_ef292d87e6baed60\logi_audio_surround.sys [44200 2024-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-03-06] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-23] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-03-06] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-08-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [201280 2024-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78800 2024-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2024-08-14] (Malwarebytes Inc. -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [75280 2022-01-02] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2022-01-02] (Oculus VR, LLC -> Facebook Inc.)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.2.11\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R2 SignalRgbDriver; C:\WINDOWS\System32\Drivers\SignalRgbDriver.sys [19984 2024-01-11] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2022-04-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 vdvad_WaveExtensible; C:\WINDOWS\System32\drivers\vdvad.sys [41072 2020-10-02] (Virtual Desktop, Inc. -> Virtual Desktop)
R3 vdvge; C:\WINDOWS\System32\drivers\vdvge.sys [77864 2020-10-02] (Virtual Desktop, Inc. -> Virtual Desktop, Inc.)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [39676808 2024-07-09] (Riot Games, Inc. -> Riot Games, Inc.)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [249400 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [19600 2021-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 VOICEMOD_Driver; C:\WINDOWS\system32\drivers\vmdrv.sys [48136 2021-08-12] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-08-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602504 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29592 2024-06-24] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [215864 2024-03-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 equ8_helper; \??\C:\WINDOWS\system32\DRIVERS\equ8_helper.sys [X]
S3 NEProtect; \??\D:\SteamLibrary\steamapps\common\Once Human\NEProtect.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-08-14 14:51 - 2024-08-14 14:51 - 000000000 ____D C:\AdwCleaner
2024-08-14 14:50 - 2024-08-14 14:50 - 008790880 _____ (Malwarebytes) C:\Users\marce\Downloads\adwcleaner.exe
2024-08-14 14:50 - 2024-08-14 14:50 - 000000000 ___HD C:\$WinREAgent
2024-08-14 14:48 - 2024-08-14 14:48 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-08-14 13:41 - 2024-08-14 13:45 - 000005537 _____ C:\Users\marce\Downloads\Malwarebytes Scan-Bericht 2024-08-14 132505.txt
2024-08-14 13:23 - 2024-08-14 13:23 - 002596072 _____ (Malwarebytes) C:\Users\marce\Downloads\MBSetup (2).exe
2024-08-14 13:23 - 2024-08-14 13:23 - 002397184 _____ (Farbar) C:\Users\marce\Downloads\FRST64 (1).exe
2024-08-14 13:22 - 2024-08-14 14:59 - 000000000 ____D C:\Users\marce\AppData\Local\Malwarebytes
2024-08-14 13:22 - 2024-08-14 13:22 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-08-14 13:21 - 2024-08-14 13:21 - 002596072 _____ (Malwarebytes) C:\Users\marce\Downloads\MBSetup (1).exe
2024-08-14 13:21 - 2024-08-14 13:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-08-14 13:21 - 2024-08-14 13:21 - 000000000 ____D C:\Program Files\Malwarebytes
2024-08-14 13:19 - 2024-08-14 13:19 - 002596072 _____ (Malwarebytes) C:\Users\marce\Downloads\MBSetup.exe
2024-08-14 10:47 - 2024-08-14 10:47 - 000001905 _____ C:\Users\marce\OneDrive\Desktop\Neues Textdokument (4).txt
2024-08-14 09:53 - 2024-08-14 09:57 - 000153755 _____ C:\Users\marce\Downloads\Addition.txt
2024-08-14 09:47 - 2024-08-14 15:02 - 000046770 _____ C:\Users\marce\Downloads\FRST.txt
2024-08-14 09:47 - 2024-08-14 15:01 - 000000000 ____D C:\FRST
2024-08-14 09:46 - 2024-08-14 09:46 - 002397184 _____ (Farbar) C:\Users\marce\Downloads\FRST64.exe
2024-08-13 20:40 - 2024-08-14 11:36 - 000000000 ____D C:\KVRT2020_Data
2024-08-13 20:38 - 2024-08-13 20:39 - 111720816 _____ (AO Kaspersky Lab) C:\Users\marce\Downloads\KVRT.exe
2024-08-13 19:49 - 2024-08-13 19:49 - 000000000 _____ C:\Users\marce\OneDrive\Desktop\Neues Textdokument (2).txt
2024-08-10 21:19 - 2024-08-10 21:19 - 001204704 _____ C:\Users\marce\Downloads\InventoryProfilesNext-fabric-1.21-2.0.4.jar
2024-08-10 21:17 - 2024-08-10 21:17 - 000084190 _____ C:\Users\marce\Downloads\justenoughbreeding-fabric-1.21-1.2.4.jar
2024-08-10 21:13 - 2024-08-10 21:13 - 000006188 _____ C:\Users\marce\Downloads\clientcrafting-fabric-1.21-1.8.jar
2024-08-07 22:46 - 2024-08-07 22:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-08-07 15:43 - 2024-08-07 15:43 - 000000000 ____D C:\Users\marce\AppData\Local\UniCompactView
2024-08-07 15:37 - 2024-08-07 15:37 - 000000000 ____D C:\Users\marce\AppData\Roaming\Netease
2024-08-07 15:30 - 2024-08-07 15:30 - 000000000 ____D C:\Users\marce\AppData\Roaming\CC
2024-08-07 15:29 - 2024-08-07 15:29 - 000000000 ____D C:\Users\marce\AppData\Local\UniSDK_FirstOpen
2024-08-07 15:09 - 2024-08-07 15:09 - 000000000 ____D C:\Users\marce\AppData\Local\UniSDK
2024-08-07 00:44 - 2024-08-07 00:44 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-08-07 00:43 - 2024-08-07 00:43 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (Preview).lnk
2024-08-05 17:41 - 2024-08-05 17:41 - 000000223 _____ C:\Users\marce\OneDrive\Desktop\Overwatch® 2.url
2024-08-04 16:05 - 2024-08-04 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-08-04 16:05 - 2024-08-04 16:05 - 000000000 ____D C:\Program Files\LGHUB
2024-07-26 21:55 - 2024-07-26 21:55 - 000000000 ____D C:\WINDOWS\system32\compatrel
2024-07-26 21:42 - 2024-07-26 21:42 - 000000000 ____D C:\Users\marce\AppData\LocalLow\sokpop
2024-07-26 21:37 - 2024-07-26 21:40 - 000000000 ____D C:\Users\marce\Downloads\Compressed
2024-07-26 18:02 - 2024-07-26 18:02 - 000000223 _____ C:\Users\marce\OneDrive\Desktop\Once Human.url
2024-07-25 00:24 - 2024-07-25 00:24 - 000000000 ____D C:\ProgramData\Battle.net_components
2024-07-18 18:16 - 2024-07-18 18:15 - 012188099 _____ C:\Users\marce\OneDrive\Desktop\Portfolio Marcel ***** Latein.pdf
2024-07-18 18:15 - 2024-07-18 18:15 - 012188099 _____ C:\Users\marce\Downloads\Portfolio mit Bilder (1).pdf
2024-07-18 18:13 - 2024-07-18 18:13 - 012181765 _____ C:\Users\marce\Downloads\Portfolio mit Bilder.pdf
2024-07-18 18:08 - 2024-07-18 18:08 - 017681985 _____ C:\Users\marce\OneDrive\Dokumente\Portfolio Marcel *****.odt
2024-07-18 18:08 - 2024-07-18 18:08 - 000393549 _____ C:\Users\marce\OneDrive\Dokumente\Portfolio Marcel ***** PDF.pdf
2024-07-18 16:31 - 2024-07-18 18:04 - 017681967 _____ C:\Users\marce\OneDrive\Dokumente\Unbenannt 1.odt
2024-07-18 16:21 - 2024-07-18 16:21 - 001076952 _____ C:\Users\marce\Downloads\Gescanntes Dokument 2024-07-18 um 16.20.20.pdf
2024-07-18 15:27 - 2024-07-18 15:27 - 000000000 ____D C:\Users\marce\AppData\LocalLow\Temp
2024-07-18 15:26 - 2024-07-18 15:26 - 012005255 _____ C:\Users\marce\Downloads\portfolio bilder.pdf
2024-07-18 15:10 - 2024-07-18 15:10 - 000000000 ____D C:\Users\marce\AppData\Roaming\LibreOffice
2024-07-18 15:10 - 2024-07-18 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 24.2
2024-07-18 15:09 - 2024-07-18 15:09 - 000000000 ____D C:\Program Files\LibreOffice
2024-07-18 15:07 - 2024-07-18 15:09 - 364859392 _____ C:\Users\marce\Downloads\LibreOffice_24.2.5_Win_x86-64.msi
2024-07-18 15:06 - 2024-07-18 15:06 - 012284295 _____ C:\Users\marce\Downloads\B5  ŁRKUNDUN  - DAS WILL ICHkk.docx.pdf
2024-07-16 18:47 - 2024-07-16 18:47 - 000000000 ____D C:\Users\marce\AppData\LocalLow\biggaming
2024-07-16 18:21 - 2024-07-16 18:21 - 000000223 _____ C:\Users\marce\OneDrive\Desktop\Contingency Plan.url

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-08-14 14:58 - 2021-04-16 00:12 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2024-08-14 14:58 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-14 14:55 - 2021-04-16 00:49 - 000478006 _____ C:\WINDOWS\system32\perfh011.dat
2024-08-14 14:55 - 2021-04-16 00:49 - 000132884 _____ C:\WINDOWS\system32\perfc011.dat
2024-08-14 14:55 - 2021-04-16 00:12 - 002333496 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-08-14 14:55 - 2019-12-07 16:50 - 000744968 _____ C:\WINDOWS\system32\perfh007.dat
2024-08-14 14:55 - 2019-12-07 16:50 - 000150354 _____ C:\WINDOWS\system32\perfc007.dat
2024-08-14 14:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-08-14 14:52 - 2020-08-11 10:06 - 000000000 ____D C:\ProgramData\NVIDIA
2024-08-14 14:51 - 2023-09-22 18:52 - 000000000 ____D C:\Users\marce\AppData\Roaming\asus_framework
2024-08-14 14:51 - 2021-01-15 14:55 - 000000000 ____D C:\Users\marce\AppData\Local\Oculus
2024-08-14 14:51 - 2021-01-12 18:03 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-08-14 14:51 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-08-14 14:48 - 2023-01-19 23:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2024-08-14 14:48 - 2021-04-16 00:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-08-14 14:48 - 2021-04-16 00:04 - 000008192 ___SH C:\DumpStack.log.tmp
2024-08-14 14:48 - 2020-11-26 06:50 - 000000000 ____D C:\Users\marce\AppData\Local\CrashDumps
2024-08-14 14:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-08-14 14:18 - 2022-07-18 18:25 - 000000000 ____D C:\Users\marce\AppData\Roaming\discordcanary
2024-08-14 14:18 - 2019-12-07 11:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2024-08-14 14:17 - 2020-11-26 22:08 - 197093640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-08-14 14:17 - 2020-11-26 22:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-08-14 13:55 - 2022-07-18 18:25 - 000000000 ____D C:\Users\marce\AppData\Local\DiscordCanary
2024-08-14 13:40 - 2021-04-16 00:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-08-14 13:39 - 2024-06-27 19:17 - 000000000 ____D C:\Users\marce\AppData\Roaming\Hq_Control
2024-08-14 13:39 - 2021-05-23 20:11 - 000000000 ____D C:\Users\marce\AppData\Roaming\uTorrent Web
2024-08-14 13:23 - 2024-03-27 16:55 - 000001417 _____ C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2024-08-14 13:23 - 2022-09-29 19:10 - 000004300 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1664471426
2024-08-14 13:23 - 2022-09-29 19:10 - 000001417 _____ C:\Users\marce\OneDrive\Desktop\Browser Opera GX.lnk
2024-08-14 13:22 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-08-14 13:18 - 2020-11-26 06:50 - 000000000 ____D C:\Users\marce\AppData\Local\D3DSCache
2024-08-14 13:18 - 2020-08-11 10:10 - 000000000 ____D C:\Program Files\ASUS
2024-08-14 11:36 - 2023-09-09 10:02 - 000000000 ____D C:\Users\marce\AppData\Roaming\G HUB
2024-08-14 09:16 - 2022-07-18 18:25 - 000002341 _____ C:\Users\marce\OneDrive\Desktop\Discord Canary.lnk
2024-08-14 09:13 - 2020-12-31 22:00 - 000000000 ____D C:\Users\marce\AppData\Local\ElevatedDiagnostics
2024-08-13 21:14 - 2024-03-04 18:09 - 000000000 ____D C:\Users\marce\AppData\Local\LGHUB
2024-08-13 21:02 - 2020-11-26 07:06 - 000000000 ____D C:\Program Files (x86)\Steam
2024-08-13 20:24 - 2020-11-26 06:51 - 000000000 ____D C:\Users\marce\AppData\Local\NVIDIA Corporation
2024-08-13 19:13 - 2021-11-28 14:31 - 000000000 ____D C:\ProgramData\EA Desktop
2024-08-13 16:43 - 2020-11-29 21:11 - 000000000 ____D C:\Users\marce\AppData\Roaming\.minecraft
2024-08-13 16:39 - 2021-04-29 22:06 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-08-13 16:35 - 2023-02-04 13:55 - 000002325 _____ C:\Users\marce\OneDrive\Desktop\FTB App.lnk
2024-08-13 16:35 - 2022-07-15 18:57 - 000002325 _____ C:\Users\marce\OneDrive\Desktop\CurseForge.lnk
2024-08-13 16:35 - 2022-05-12 19:38 - 000002325 _____ C:\Users\marce\OneDrive\Desktop\Valorant Tracker.lnk
2024-08-13 16:35 - 2022-04-26 16:51 - 000002325 _____ C:\Users\marce\OneDrive\Desktop\ValoPlant.lnk
2024-08-13 16:34 - 2021-04-29 22:05 - 000000000 ____D C:\Users\marce\AppData\Local\Overwolf
2024-08-13 16:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-08-12 21:44 - 2021-10-16 12:04 - 000000000 ____D C:\Users\marce\AppData\Roaming\lunarclient
2024-08-10 20:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-08-10 18:28 - 2024-06-01 19:43 - 000001399 _____ C:\Users\marce\OneDrive\Desktop\Roblox Player.lnk
2024-08-10 18:28 - 2022-12-26 15:46 - 000001227 _____ C:\Users\marce\OneDrive\Desktop\Roblox Studio.lnk
2024-08-10 18:28 - 2022-12-26 15:46 - 000000000 ____D C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-08-10 17:13 - 2021-12-13 18:57 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-136319151-2595665921-3748062372-1001
2024-08-10 17:13 - 2021-04-16 00:12 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-136319151-2595665921-3748062372-1001
2024-08-10 17:13 - 2021-04-16 00:05 - 000002397 _____ C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-08-10 17:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-10 17:07 - 2020-12-03 06:05 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-08 21:16 - 2019-10-23 21:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-08-08 21:14 - 2021-12-18 02:35 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-08-08 21:14 - 2020-11-26 06:59 - 000002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-08-08 00:15 - 2021-04-16 00:05 - 000000000 ____D C:\Users\marce
2024-08-07 22:46 - 2024-06-14 21:50 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-08-07 00:43 - 2019-10-23 21:38 - 000000000 ____D C:\Program Files\Microsoft Office
2024-08-06 20:24 - 2024-03-12 17:40 - 000000000 ____D C:\Users\marce\AppData\Roaming\lghub
2024-08-06 13:23 - 2023-11-26 15:50 - 000000000 ____D C:\Users\marce\AppData\Roaming\launcher
2024-08-05 21:32 - 2021-03-26 21:09 - 000000000 ____D C:\Users\marce\AppData\Local\Blizzard Entertainment
2024-08-05 21:28 - 2022-09-17 17:15 - 000000000 ____D C:\Program Files\Riot Vanguard
2024-08-05 20:29 - 2020-12-24 11:55 - 000000000 ____D C:\Users\marce\AppData\Roaming\PreMiD
2024-08-05 18:46 - 2024-06-26 11:50 - 000001350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HidHide Configuration Client.lnk
2024-08-05 18:46 - 2023-05-19 23:40 - 000001988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Feather Launcher.lnk
2024-08-05 18:46 - 2023-02-02 17:06 - 000002633 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aura Wallpaper Creator.lnk
2024-08-05 18:46 - 2022-02-13 23:25 - 000000000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Oculus.lnk
2024-08-05 18:46 - 2022-02-02 00:45 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2024-08-05 18:46 - 2020-12-31 05:46 - 000014343 _____ C:\ProgramData\DisplaySessionContainer15.log_backup1
2024-08-05 18:46 - 2020-12-28 05:46 - 000019783 _____ C:\ProgramData\DisplaySessionContainer12.log_backup1
2024-08-05 18:46 - 2020-12-10 15:01 - 000020408 _____ C:\ProgramData\DisplaySessionContainer11.log_backup1
2024-08-05 18:46 - 2020-12-08 17:01 - 000020953 _____ C:\ProgramData\DisplaySessionContainer10.log_backup1
2024-08-05 18:46 - 2020-11-29 21:13 - 000001944 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Badlion Client.lnk
2024-08-05 18:46 - 2019-10-23 21:41 - 000002539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-08-05 18:46 - 2019-10-23 21:41 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-08-05 18:45 - 2021-01-12 17:43 - 000000000 ____D C:\ProgramData\Riot Games
2024-08-05 18:12 - 2023-04-24 17:16 - 000000037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Gameforge Client.url
2024-08-05 18:12 - 2021-01-01 05:00 - 000010535 _____ C:\ProgramData\DisplaySessionContainer16.log_backup1
2024-08-05 18:12 - 2020-12-30 05:26 - 000012916 _____ C:\ProgramData\DisplaySessionContainer14.log_backup1
2024-08-05 18:12 - 2020-12-29 04:44 - 000009147 _____ C:\ProgramData\DisplaySessionContainer13.log_backup1
2024-08-04 17:03 - 2024-03-19 19:20 - 000000000 ____D C:\Users\marce\AppData\Roaming\riot-client-ux
2024-08-04 16:07 - 2022-01-02 01:39 - 000000000 ____D C:\Program Files\Oculus
2024-08-04 15:49 - 2024-02-16 19:18 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-08-04 15:49 - 2022-10-22 16:17 - 000108024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-08-04 15:49 - 2022-10-22 16:17 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-08-04 15:49 - 2021-11-19 17:15 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-08-04 15:49 - 2020-11-28 10:16 - 002799096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-08-04 15:49 - 2020-11-28 10:16 - 000755304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-08-04 15:49 - 2020-11-28 10:16 - 000222712 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-08-04 15:49 - 2020-11-28 10:16 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-08-04 15:45 - 2021-04-16 00:12 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-08-04 15:45 - 2021-04-16 00:12 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-07-26 21:56 - 2021-04-16 00:04 - 000640376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-07-26 21:55 - 2023-12-23 20:30 - 000000000 ____D C:\WINDOWS\InboxApps
2024-07-26 21:55 - 2021-04-20 15:33 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-07-26 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-07-26 21:54 - 2024-06-24 19:51 - 000000000 ____D C:\Users\marce\AppData\Roaming\DMCache
2024-07-26 17:39 - 2024-07-13 19:50 - 000000000 ____D C:\Users\marce\AppData\Roaming\rsilauncher
2024-07-25 00:25 - 2021-03-26 21:11 - 000000000 ____D C:\Users\marce\AppData\Local\Battle.net
2024-07-25 00:25 - 2021-03-26 21:10 - 000000000 ____D C:\Program Files (x86)\Battle.net
2024-07-18 15:46 - 2021-04-16 00:12 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2024-07-18 15:46 - 2021-04-16 00:12 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2024-07-18 15:27 - 2020-11-26 06:50 - 000000000 ____D C:\Users\marce\AppData\Local\Packages
2024-07-18 15:25 - 2020-12-08 16:50 - 000000000 ____D C:\Users\marce\AppData\Roaming\Microsoft\Teams
2024-07-18 15:21 - 2020-12-20 23:19 - 000000000 ____D C:\Users\marce\AppData\Roaming\Microsoft\Word
2024-07-18 15:15 - 2021-01-15 13:14 - 000000000 ____D C:\Users\marce\AppData\Roaming\Microsoft\Excel
2024-07-16 18:43 - 2021-01-15 16:08 - 000000000 ____D C:\ProgramData\Virtual Desktop

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-01-27 09:20 - 2021-01-27 09:20 - 000000124 _____ () C:\Users\marce\AppData\Roaming\debug.log
2024-01-11 11:26 - 2024-01-11 11:26 - 000000016 _____ () C:\Users\marce\AppData\Roaming\obs-virtualcam.txt
2022-08-30 18:37 - 2022-08-30 18:37 - 000001004 _____ () C:\Users\marce\AppData\Roaming\tof_launcher.reg
2021-06-12 14:23 - 2021-06-12 14:23 - 000000353 _____ () C:\Users\marce\AppData\Local\karboncalligraphyrc
2021-06-02 19:24 - 2021-06-12 14:17 - 000002711 _____ () C:\Users\marce\AppData\Local\krita-sysinfo.log
2021-06-02 19:24 - 2021-06-12 14:25 - 000002375 _____ () C:\Users\marce\AppData\Local\krita.log
2021-06-12 14:25 - 2021-06-12 14:25 - 000000039 _____ () C:\Users\marce\AppData\Local\kritadisplayrc
2021-06-02 19:24 - 2021-06-12 14:25 - 000016636 _____ () C:\Users\marce\AppData\Local\kritarc
2022-07-20 12:23 - 2022-07-20 16:22 - 000000128 _____ () C:\Users\marce\AppData\Local\PUTTY.RND
2023-07-03 01:33 - 2023-07-03 01:33 - 000004981 _____ () C:\Users\marce\AppData\Local\recently-used.xbel
2021-05-12 15:11 - 2024-06-25 16:24 - 000007629 _____ () C:\Users\marce\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================
--- --- ---

[/CODE]


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:24 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19