Windows Security Stopped Working

Collapse
X
Collapse
 
  • Page of 3
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • Malnutrition
    PCHF Moderator
    • Jul 2016
    • 7045
    #16
    Copy the content of the code box below.
    Do not copy the word code!!!
    Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
    Attach it to your next message.
    Code:
    Start::
CreateRestorePoint:
CloseProcesses:
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
CHR Extension: (Social Blade) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2022-09-04] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn
2024-03-04 09:34 - 2024-03-04 09:34 - 000758086 _____ C:\WINDOWS\system32\perfh007.dat
2024-03-04 09:34 - 2024-03-04 09:34 - 000156254 _____ C:\WINDOWS\system32\perfc007.dat
AlternateDataStreams: C:\Windows:CM_2a732c3f1e3eb40b63fe062d0180f157c71684af0a0442ab953224075801bb78 [74]
AlternateDataStreams: C:\Windows:CM_bf41c588bad5a092a453669c0d3c66d1ec2c072fbf5c15cc6acda24c9e4d0955 [74]
HKU\S-1-5-21-1421055718-2087356316-1872245878-1001\Software\Classes\regfile:  <==== ATTENTION
FirewallRules: [{B2A138D0-F9E4-4698-9DD1-1EB7C7AD2D8A}] => (Allow) D:\Programme\Overwolf\0.242.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{415602F8-E1B7-4ABF-9E7D-6815C6D59696}] => (Allow) D:\Programme\Overwolf\0.242.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{45244B3F-8373-4486-A556-B3E76E3EECE6}] => (Block) D:\Programme\Overwolf\0.242.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{DA1A8918-44D1-4DA1-A159-037A7957C8FC}] => (Block) D:\Programme\Overwolf\0.242.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{58963355-4A3E-44B9-9C42-5E84E86DFC04}] => (Allow) LPort=26820
FirewallRules: [{5D09B55C-3DD2-4CFA-906F-0AA480ADEC0C}] => (Allow) LPort=26822
C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn
C:\Program Files\Avast Software
C:\Program Files (x86)\Avira
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
C:\ProgramData\Avira
C:\Users\eiko-\AppData\Local\Avira
DeleteKey: HKLM\SOFTWARE\1D0EC6DE-4A80-4CC3-A335-E6E41C951198  
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Avast Software
DeleteKey: HKCU\SOFTWARE\Avast Software
DeleteKey: HKU\S-1-5-21-1421055718-2087356316-1872245878-1001\SOFTWARE\Avast Software
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Avira  =>.Avira
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Lavasoft
DeleteKey: HKCU\SOFTWARE\Lavasoft
DeleteKey: HKU\S-1-5-21-1421055718-2087356316-1872245878-1001\SOFTWARE\Lavasoft
DeleteKey: HKCU\SOFTWARE\Avast Software
DeleteKey: HKCU\SOFTWARE\Avira
File: C:\ProgramData\cm-lock
File: C:\WINDOWS\System32\drivers\RoutePolicy.sys

Startbatch:
RD /S /Q "%windir%\System32\GroupPolicyUsers"
RD /S /Q "%windir%\System32\GroupPolicy"
gpupdate /force
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies" /f
reg delete "HKCU\Software\Policies" /f
reg delete "HKLM\Software\Microsoft\Policies" /f
reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies" /f
reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /f
reg delete "HKLM\Software\Policies" /f
reg delete "HKLM\Software\WOW6432Node\Microsoft\Policies" /f
reg delete "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies" /f
reg delete "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /f
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v SupportUwpStartupTasks /t REG_DWORD /d 1 /f
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableFullTrustStartupTasks /t REG_DWORD /d 2 /f
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableUwpStartupTasks /t REG_DWORD /d 2 /f
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v SupportFullTrustStartupTasks /t REG_DWORD /d 1 /f
endbatch:

emptytemp:
Reboot:
End::



    Download and unzip farbar service scanner to your desktop, right click and run as admin…check all boxes and hit scan.
    Post the log created.

      Comment

      • Urenis
        PCHF Member
        • Feb 2024
        • 14
        #17
        FRST Fixlog:
        [HEADING=1]
        Code:
        Fix result of Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01
Ran by eiko- (05-03-2024 10:43:31) Run:9
Running from C:\Users\eiko-\Desktop
Loaded Profiles: eiko-
Boot Mode: Normal[/HEADING]
fixlist content:
[HR][/HR]
Start::
CreateRestorePoint:
CloseProcesses:
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
CHR Extension: (Social Blade) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2022-09-04] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn
2024-03-04 09:34 - 2024-03-04 09:34 - 000758086 _____ C:\WINDOWS\system32\perfh007.dat
2024-03-04 09:34 - 2024-03-04 09:34 - 000156254 _____ C:\WINDOWS\system32\perfc007.dat
AlternateDataStreams: C:\Windows:CM_2a732c3f1e3eb40b63fe062d0180f157c71684af0a0442ab953224075801bb78 [74]
AlternateDataStreams: C:\Windows:CM_bf41c588bad5a092a453669c0d3c66d1ec2c072fbf5c15cc6acda24c9e4d0955 [74]
HKU\S-1-5-21-1421055718-2087356316-1872245878-1001\Software\Classes\regfile: <==== ATTENTION
FirewallRules: [{B2A138D0-F9E4-4698-9DD1-1EB7C7AD2D8A}] => (Allow) D:\Programme\Overwolf\0.242.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{415602F8-E1B7-4ABF-9E7D-6815C6D59696}] => (Allow) D:\Programme\Overwolf\0.242.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{45244B3F-8373-4486-A556-B3E76E3EECE6}] => (Block) D:\Programme\Overwolf\0.242.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{DA1A8918-44D1-4DA1-A159-037A7957C8FC}] => (Block) D:\Programme\Overwolf\0.242.0.11\OverwolfBrowser.exe => No File
FirewallRules: [{58963355-4A3E-44B9-9C42-5E84E86DFC04}] => (Allow) LPort=26820
FirewallRules: [{5D09B55C-3DD2-4CFA-906F-0AA480ADEC0C}] => (Allow) LPort=26822
C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn
C:\Program Files\Avast Software
C:\Program Files (x86)\Avira
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
C:\ProgramData\Avira
C:\Users\eiko-\AppData\Local\Avira
DeleteKey: HKLM\SOFTWARE\1D0EC6DE-4A80-4CC3-A335-E6E41C951198
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Avast Software
DeleteKey: HKCU\SOFTWARE\Avast Software
DeleteKey: HKU\S-1-5-21-1421055718-2087356316-1872245878-1001\SOFTWARE\Avast Software
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Avira =>.Avira
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Lavasoft
DeleteKey: HKCU\SOFTWARE\Lavasoft
DeleteKey: HKU\S-1-5-21-1421055718-2087356316-1872245878-1001\SOFTWARE\Lavasoft
DeleteKey: HKCU\SOFTWARE\Avast Software
DeleteKey: HKCU\SOFTWARE\Avira
File: C:\ProgramData\cm-lock
File: C:\WINDOWS\System32\drivers\RoutePolicy.sys

Startbatch:
RD /S /Q “%windir%\System32\GroupPolicyUsers”
RD /S /Q “%windir%\System32\GroupPolicy”
gpupdate /force
reg delete “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies” /f
reg delete “HKCU\Software\Policies” /f
reg delete “HKLM\Software\Microsoft\Policies” /f
reg delete “HKLM\Software\Microsoft\Windows\CurrentVersion\Policies” /f
reg delete “HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate” /f
reg delete “HKLM\Software\Policies” /f
reg delete “HKLM\Software\WOW6432Node\Microsoft\Policies” /f
reg delete “HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies” /f
reg delete “HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate” /f
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v SupportUwpStartupTasks /t REG_DWORD /d 1 /f
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableFullTrustStartupTasks /t REG_DWORD /d 2 /f
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableUwpStartupTasks /t REG_DWORD /d 2 /f
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v SupportFullTrustStartupTasks /t REG_DWORD /d 1 /f
endbatch:

emptytemp:
Reboot:
End::
[HR][/HR]
Restore point was successfully created.
Processes closed successfully.
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
CHR Extension: (Social Blade) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2022-09-04] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION => Error: No automatic fix found for this entry.

“C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn” folder move:

C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn => moved successfully
C:\WINDOWS\system32\perfh007.dat => moved successfully
C:\WINDOWS\system32\perfc007.dat => moved successfully
C:\Windows => “:CM_2a732c3f1e3eb40b63fe062d0180f157c71684af0a0442ab953224075801bb78” ADS removed successfully
C:\Windows => “:CM_bf41c588bad5a092a453669c0d3c66d1ec2c072fbf5c15cc6acda24c9e4d0955” ADS removed successfully
HKU\S-1-5-21-1421055718-2087356316-1872245878-1001\Software\Classes\regfile => removed successfully
“HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{B2A138D0-F9E4-4698-9DD1-1EB7C7AD2D8A}” => removed successfully
“HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{415602F8-E1B7-4ABF-9E7D-6815C6D59696}” => removed successfully
“HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{45244B3F-8373-4486-A556-B3E76E3EECE6}” => removed successfully
“HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{DA1A8918-44D1-4DA1-A159-037A7957C8FC}” => removed successfully
“HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{58963355-4A3E-44B9-9C42-5E84E86DFC04}” => not found
“HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{5D09B55C-3DD2-4CFA-906F-0AA480ADEC0C}” => not found
“C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn” => not found
“C:\Program Files\Avast Software” => not found

“C:\Program Files (x86)\Avira” folder move:

C:\Program Files (x86)\Avira => moved successfully

“C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira” folder move:

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira => moved successfully

“C:\ProgramData\Avira” folder move:

C:\ProgramData\Avira => moved successfully

“C:\Users\eiko-\AppData\Local\Avira” folder move:

C:\Users\eiko-\AppData\Local\Avira => moved successfully
HKLM\SOFTWARE\1D0EC6DE-4A80-4CC3-A335-E6E41C951198 => removed successfully
HKLM\SOFTWARE\WOW6432Node\Avast Software => removed successfully
HKCU\SOFTWARE\Avast Software => removed successfully
HKU\S-1-5-21-1421055718-2087356316-1872245878-1001\SOFTWARE\Avast Software => not found
HKLM\SOFTWARE\WOW6432Node\Avira =>.Avira => not found
HKLM\SOFTWARE\WOW6432Node\Lavasoft => removed successfully
HKCU\SOFTWARE\Lavasoft => removed successfully
HKU\S-1-5-21-1421055718-2087356316-1872245878-1001\SOFTWARE\Lavasoft => not found
HKCU\SOFTWARE\Avast Software => not found
HKCU\SOFTWARE\Avira => removed successfully

========================= File: C:\ProgramData\cm-lock ========================

“C:\ProgramData\cm-lock” => not found
====== End of File: ======

========================= File: C:\WINDOWS\System32\drivers\RoutePolicy.sys ========================

C:\WINDOWS\System32\drivers\RoutePolicy.sys
Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00~31bf3856ad364e35~amd64~~10.0.22621.3007.cat
File is digitally signed
MD5: 270F78B608696DD75B339430DAD24C9F
Creation and modification date: 2023-11-16 11:38 - 2023-11-16 11:38
Size: 000098304
Attributes: ----A
Company Name: Microsoft Windows → 
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======

========= Batch: =========
0

0

Die Richtlinie wird aktualisiert…

Die Aktualisierung der Computerrichtlinie wurde erfolgreich abgeschlossen.
Die Aktualisierung der Benutzerrichtlinie wurde erfolgreich abgeschlossen.

Der Vorgang wurde erfolgreich beendet.

Der Vorgang wurde erfolgreich beendet.

Der Vorgang wurde erfolgreich beendet.

FEHLER: Zugriff verweigert

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.

FEHLER: Die L”schvorganganforderung wurde nur teilweise abgeschlossen.

Der Vorgang wurde erfolgreich beendet.

FEHLER: Zugriff verweigert

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.

Der Vorgang wurde erfolgreich beendet.

Der Vorgang wurde erfolgreich beendet.

Der Vorgang wurde erfolgreich beendet.

Der Vorgang wurde erfolgreich beendet.

========= End of Batch: =========

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9540743 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 346576644 B
Windows/system/drivers => 305296 B
Edge => 0 B
Chrome => 171549312 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 8218 B
NetworkService => 8218 B
eiko- => 263343667 B

RecycleBin => 0 B
EmptyTemp: => 755.4 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 10:44:02 ====
        FSS log:

        Code:
        Farbar Service Scanner Version: 03-11-2021
Ran by eiko- (administrator) on 05-03-2024 at 10:51:47
Running from “C:\Users\eiko-\Desktop\FSS”
Microsoft Windows 11 Home (X64)
Boot Mode: Normal
[HR][/HR]
[HEADING=1]Internet Services:[/HEADING]
[HEADING=1]Connection Status:[/HEADING]
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
[HEADING=1]Windows Firewall:[/HEADING]
[HEADING=1]Firewall Disabled Policy:[/HEADING]
[HEADING=1]System Restore:[/HEADING]
[HEADING=1]System Restore Policy:[/HEADING]
[HEADING=1]Security Center:[/HEADING]
[HEADING=1]Windows Update:[/HEADING]
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv: “%systemroot%\system32\svchost.exe -k netsvcs -p”.
The ServiceDll of wuauserv service is OK.
[HEADING=1]Windows Autoupdate Disabled Policy:[/HEADING]
[HEADING=1]Windows Defender:[/HEADING]
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend: ““C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe””.
Checking ServiceDll of WinDefend: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
[HEADING=1]Windows Defender Disabled Policy:[/HEADING]
[HEADING=1]Other Services:[/HEADING]
[HEADING=1]File Check:[/HEADING]
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\Drivers\afd.sys => File is digitally signed
C:\Windows\System32\Drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****
        [/HEADING]

          Comment

          • Malnutrition
            PCHF Moderator
            • Jul 2016
            • 7045
            #18
            Download Windefend.reg Unzip to your desktop. Also wuauserv
            Boot into safe mode. so that you can merge these files, only do so in safe mode.
            Right click and select merge for both .reg files.
            Reboot back into normal mode.




            Post new farbar service scanner log.

              Comment

              • Urenis
                PCHF Member
                • Feb 2024
                • 14
                #19
                Here is the scan result from FSS:

                Code:
                Farbar Service Scanner Version: 03-11-2021
Ran by eiko- (administrator) on 06-03-2024 at 10:26:21
Running from “C:\Users\eiko-\Desktop\FSS”
Microsoft Windows 11 Home (X64)
Boot Mode: Normal
[HR][/HR]
[HEADING=1]Internet Services:[/HEADING]
[HEADING=1]Connection Status:[/HEADING]
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
[HEADING=1]Windows Firewall:[/HEADING]
[HEADING=1]Firewall Disabled Policy:[/HEADING]
[HEADING=1]System Restore:[/HEADING]
[HEADING=1]System Restore Policy:[/HEADING]
[HEADING=1]Security Center:[/HEADING]
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc: “%SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p”.
The ServiceDll of wscsvc service is OK.
[HEADING=1]Windows Update:[/HEADING]
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
[HEADING=1]Windows Autoupdate Disabled Policy:[/HEADING]
[HEADING=1]Windows Defender:[/HEADING]
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend: ““C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe””.
Checking ServiceDll of WinDefend: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
[HEADING=1]Windows Defender Disabled Policy:[/HEADING]
[HEADING=1]Other Services:[/HEADING]
[HEADING=1]File Check:[/HEADING]
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\Drivers\afd.sys => File is digitally signed
C:\Windows\System32\Drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

                  Comment

                  • Malnutrition
                    PCHF Moderator
                    • Jul 2016
                    • 7045
                    #20
                    Since the malware has been removed. Create a new admin profile and see if security center can start, if it does then repair your profile with account profile fixer.

                    If that fails then a repair install is in order.

                      Comment

                      • Urenis
                        PCHF Member
                        • Feb 2024
                        • 14
                        #21
                        Creating a new admin profile didn’t help. After using the account profile fixer, the WinDefend service was still stopped. I then performed the repair install. After that the WinDefend service is running again but Windows Security cannot yet be opened. Here is a current farbar service scanner log.

                        Code:
                        Farbar Service Scanner Version: 03-11-2021
Ran by eiko- (administrator) on 06-03-2024 at 14:05:59
Running from “C:\Users\eiko-\Desktop\FSS”
Microsoft Windows 11 Home (X64)
Boot Mode: Normal
[HR][/HR]
[HEADING=1]Internet Services:[/HEADING]
[HEADING=1]Connection Status:[/HEADING]
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
[HEADING=1]Windows Firewall:[/HEADING]
[HEADING=1]Firewall Disabled Policy:[/HEADING]
[HEADING=1]System Restore:[/HEADING]
[HEADING=1]System Restore Policy:[/HEADING]
[HEADING=1]Security Center:[/HEADING]
[HEADING=1]Windows Update:[/HEADING]
[HEADING=1]Windows Autoupdate Disabled Policy:[/HEADING]
[HEADING=1]Windows Defender:[/HEADING]
[HEADING=1]Other Services:[/HEADING]
[HEADING=1]File Check:[/HEADING]
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\Drivers\afd.sys => File is digitally signed
C:\Windows\System32\Drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

                          Comment

                          • Malnutrition
                            PCHF Moderator
                            • Jul 2016
                            • 7045
                            #22




                            ???

                            Post fresh frst and Addition logs please.




                            Download Autologger to your desktop.
                            Disable your Anitivirus/Defender prior to running.
                            [ul]
                            [li]Unzip it there. – If you are unsure how to unzip a program, then use ---- http://www.7-zip.org/ ----[/li][li]Right click Autologger and run as administrator. (Xp user double click)[/li][li]AVZ4 will open and scan your machine, allow this to complete.[/li][li]Upload Collectionlog.zip to your next reply.[/li][/ul]

                              Comment

                              • Urenis
                                PCHF Member
                                • Feb 2024
                                • 14
                                #23
                                FRST:

                                Code:
                                Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05.03.2024
Ran by eiko- (administrator) on DESKTOP-OSDJ7D2 (Micro-Star International Co., Ltd. MS-7B85) (06-03-2024 20:38:31)
Running from C:\Users\eiko-\Desktop\FRST64english.exe
Loaded Profiles: eiko-
Platform: Microsoft Windows 11 Home Version 23H2 22631.2861 (X64) Language: Deutsch (Deutschland)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A-Volute SAS → A-Volute) C:\Users\eiko-\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc → Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc → Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\RogueKiller\RogueKillerSvc.exe ->) (ADLICE → ) C:\Program Files\RogueKiller\RogueKiller64.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.66\msedgewebview2.exe <15>
(D:\Programme\Dragon Center\APP_Dragon_Center_Keeper.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. → MSI) D:\Programme\Dragon Center\CC_Engine_x64.exe
(D:\Programme\Steam\steam.exe ->) (Valve Corp. → Valve Corporation) D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Discord Inc. → Discord Inc.) C:\Users\eiko-\AppData\Local\Discord\app-1.0.9034\Discord.exe <6>
(explorer.exe ->) (Google LLC → Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(explorer.exe ->) (Logitech Inc → Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(explorer.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe\ms-teams.exe
(explorer.exe ->) (Valve Corp. → Valve Corporation) D:\Programme\Steam\steam.exe
(Google LLC → Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC → Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(NVIDIA Corporation → Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. → Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH) C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe
(services.exe ->) (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH) C:\Program Files (x86)\3S CODESYS\GatewayPLC\ServiceControl.exe
(services.exe ->) (ADLICE → ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(services.exe ->) (Adobe Inc. → Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (A-Volute SAS → Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Corsair Memory, Inc. → Corsair Memory, Inc.) D:\Programme\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(services.exe ->) (geek software GmbH → geek software GmbH) D:\Programme\PDF24\pdf24.exe
(services.exe ->) (HP Inc. → HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher → Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. → Micro-Star Int’l Co., Ltd.) D:\Programme\Dragon Center\DragonCenter_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. → Micro-Star INT’L CO., LTD.) D:\Programme\Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (NVIDIA Corporation → NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation → NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (WIBU-SYSTEMS AG → WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(svchost.exe ->) (Microsoft Corporation → Microsoft Corporation) C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\24.042.0227.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. → Micro-Star Int’l Co., Ltd.) D:\Programme\Dragon Center\APP_Dragon_Center_Keeper.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. → Micro-Star Int’l Co., Ltd.) D:\Programme\Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. → Micro-Star INT’L CO., LTD.) D:\Programme\Dragon Center\StorageMonitor\StorageMonitor.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1668000 2021-06-09] (Logitech Inc → Logitech, Inc.)
HKLM...\Run: [PDF24] => D:\Programme\PDF24\pdf24.exe [613560 2022-11-30] (geek software GmbH → geek software GmbH)
HKLM-x32...\Run: [CORSAIR iCUE Software] => D:\Programme\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [405032 2019-12-21] (Corsair Memory, Inc. → Corsair Memory, Inc.)
HKLM-x32...\Run: [GatewaySysTray] => C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewaySysTray.exe [690456 2017-05-15] (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
HKLM-x32...\Run: [CODESYSControlSysTray] => C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlSysTray.exe [509216 2017-05-15] (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
HKLM-x32...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. → Oracle Corporation)
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012...\Run: [MicrosoftEdgeAutoLaunch_322C183E72E821C8032805843FDA8DCC] => “C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe” --no-startup-window --win-session-start [4060728 2024-03-01] (Microsoft Corporation → Microsoft Corporation)
HKLM...\Print\Monitors\Canon BJ FAX Language Monitor TR8500 series: C:\Windows\system32\CNCALDL.DLL [254464 2019-01-28] (CANON INC.) [File not signed]
HKLM...\Print\Monitors\Canon BJ Language Monitor TR8500 series: C:\Windows\system32\CNMLMDL.DLL [1302016 2019-01-10] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] → C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.95\Installer\chrmstp.exe [2024-03-04] (Google LLC → Google LLC)
Startup: C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2023-12-10]
ShortcutTarget: An OneNote senden.lnk → C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation → Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2023-05-22]
ShortcutTarget: CodeMeter Control Center.lnk → C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG → WIBU-SYSTEMS AG)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {FFE2FE1B-1C7C-4F94-B919-456BF6851F68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. → Adobe Inc.)
Task: {4D56D740-F8FB-4DEF-B3F8-F64A144EC9D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-07] (Google LLC → Google LLC)
Task: {8815457D-F870-4FB9-8D26-51F492C61D7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-07] (Google LLC → Google LLC)
Task: {B97F7B1A-CBE7-4C2D-86CD-B753C4A1B075} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23570520 2024-02-02] (Microsoft Corporation → Microsoft Corporation)
Task: {EE86FD1B-4BC0-444A-8289-47ED15CFCF6E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23570520 2024-02-02] (Microsoft Corporation → Microsoft Corporation)
Task: {E68060AB-6DF7-4D04-AB8A-70607886A6EB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209384 2024-02-29] (Microsoft Corporation → Microsoft Corporation)
Task: {A15099C1-AED8-4FC6-8AE7-7509FDD536D2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209384 2024-02-29] (Microsoft Corporation → Microsoft Corporation)
Task: {76D75D59-EE92-4CE7-AE33-EEEF21398C3C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513808 2024-02-29] (Microsoft Corporation → Microsoft Corporation)
Task: {CC69A0EF-2A50-4EF2-8E51-142824E833DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513808 2024-02-29] (Microsoft Corporation → Microsoft Corporation)
Task: {ED229EC7-51A0-4F98-8F03-603ECEB2184E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\Schedule created by enrollment client to reattest client certificate => C:\WINDOWS\system32\deviceenroller.exe [520192 2023-12-04] (Microsoft Windows → Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {3969FAB3-D1E2-48C3-A88A-63907F4C1254} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher → Microsoft Corporation)
Task: {9ECC7FA2-7D76-41C0-941F-147B71C4F7A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher → Microsoft Corporation)
Task: {F36F1D94-F5A0-4FFC-A74B-D70EFEDCAAF0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher → Microsoft Corporation)
Task: {842E3037-2785-411E-BEEF-4A8B4FDE1C7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher → Microsoft Corporation)
Task: {EFC003FD-C225-4E23-945C-7E84FD4E9554} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation → NVIDIA Corporation) → -d “C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {083D83A3-86B5-437E-BC21-E0CC35ACD65E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation → NVIDIA Corporation) → -d “C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {C60A0C92-E529-4A55-AA72-235D1AFBCA65} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation → NVIDIA Corporation)
Task: {C2B2716D-476E-4B58-8A59-A18A77583588} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation → NVIDIA Corporation)
Task: {CF9F5784-F165-4D6E-876F-A22475E89024} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation → NVIDIA Corporation)
Task: {A6BB91CC-4F56-4B61-837F-A1AD7B9D49EF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation → NVIDIA Corporation)
Task: {C2685297-C323-45CD-AA50-DCCE92F349E1} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation → NVIDIA Corporation)
Task: {6FB59C07-AF87-4EFC-9B03-68C8341BFA48} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation → NVIDIA Corporation)
Task: {C0FF1705-9D3E-48A8-B840-7101B8E4D3BD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation → NVIDIA Corporation)
Task: {99CE4BA9-7C1E-4F0D-8CAF-E34C95AEA6D8} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation → NVIDIA Corporation)
Task: {2F35FD26-5AB7-4952-B1E0-E558B0733762} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-02-29] (Overwolf Ltd → Overwolf LTD)
Task: {AEA52A46-E95A-4D46-8E2D-B9CCFFB7539A} - System32\Tasks\PowerToys\Autorun for eiko- => C:\Program Files\PowerToys\PowerToys.exe [1216544 2024-01-05] (Microsoft Corporation → Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip..\Interfaces{3a305b48-12bf-40ef-b06c-e6fc35585716}: [DhcpNameServer] 192.168.178.1
Tcpip..\Interfaces{3a305b48-12bf-40ef-b06c-e6fc35585716}: [DhcpDomain] fritz.box
[HEADING=1]Edge:[/HEADING]
Edge Profile: C:\Users\eiko-\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-06]
Edge HomePage: Default → hxxps://browser.services/?B=EH&id=19108
Edge StartupUrls: Default → “hxxps://browser.services/?B=EH&id=19108”
Edge DefaultSearchURL: Default → hxxps://browser.services/?B=ES&q={searchTerms}&id=19108
Edge DefaultSearchKeyword: Default → bwse
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\eiko-\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-03-05]
Edge Extension: (Google Docs Offline) - C:\Users\eiko-\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-05]
Edge Extension: (Edge relevant text changes) - C:\Users\eiko-\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-02]
Edge HKLM...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
[HEADING=1]FireFox:[/HEADING]
FF Plugin: @java.com/DTPlugin,version=11.401.2 → C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-12-19] (Oracle America, Inc. → Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.401.2 → C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-12-19] (Oracle America, Inc. → Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 → C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-03-08] (Microsoft Corporation → Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 → D:\Programme\VLC\npvlc.dll [2022-11-08] (VideoLAN → VideoLAN)
FF Plugin: Adobe Acrobat → C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-22] (Adobe Inc. → Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 → C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-03-08] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-03-08] (Microsoft Corporation → Microsoft Corporation)
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Default
CHR Profile: C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default [2024-03-06]
CHR Notifications: Default → hxxps://pchelpforum.net; hxxps://www.alleaktien.de
CHR HomePage: Default → hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR StartupUrls: Default → “hxxp://t-online.de/”
CHR Extension: (Honey: Automatische Coupons & Prämien) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-02-25]
CHR Extension: (Social Blade) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2024-03-05] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
CHR Extension: (uBlock Origin) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-25]
CHR Extension: (Multi-File Downloader) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpecplbkinpdbedgejddhepkgcppgchk [2022-05-12]
CHR Extension: (Video Downloader Professional) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2023-04-19]
CHR Extension: (Just Focus) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\gefaddaengbodpiobpbgblajdboalmgc [2022-10-14]
CHR Extension: (Google Docs Offline) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-28]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-28]
CHR Extension: (Unpaywall) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplffkdpngmdjhlpjmppncnlhomiipha [2023-04-29]
CHR Extension: (Live Stream Downloader) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\looepbdllpjgdmkpdcdffhdbmpbcfekj [2023-12-10]
CHR Extension: (Shazam: Finde Songtitel in deinem Browser) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-01-05]
CHR Extension: (Uncanny Cookie Clicker) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmmdenlpgbgmeofmdkhimecmkcgabgno [2023-11-14]
CHR Extension: (MetaMask) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-03-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKLM...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. → Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-12-10] (BattlEye Innovations e.K. → )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9497696 2024-02-02] (Microsoft Corporation → Microsoft Corporation)
S3 CODESYS Control Win V3; C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlService.exe [5383968 2017-05-15] (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
R2 CODESYS Gateway V3; C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe [562968 2017-05-15] (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
R2 CODESYS ServiceControl; C:\Program Files (x86)\3S CODESYS\GatewayPLC\ServiceControl.exe [203544 2017-05-15] (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
R2 CorsairService; D:\Programme\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55336 2019-12-21] (Corsair Memory, Inc. → Corsair Memory, Inc.)
R2 DragonCenter_Service; D:\Programme\Dragon Center\DragonCenter_Service.exe [142512 2019-08-29] (MICRO-STAR INTERNATIONAL CO., LTD. → Micro-Star Int’l Co., Ltd.)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-12-10] (EasyAntiCheat Oy → Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. → Epic Games, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-19] (HP Inc. → HP Inc.)
R2 LightKeeperService; D:\Programme\Dragon Center\Mystic_Light\LightKeeperService.exe [81552 2020-01-07] (MICRO-STAR INTERNATIONAL CO., LTD. → Micro-Star INT’L CO., LTD.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1909416 2024-01-01] (A-Volute SAS → Nahimic)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-02-29] (Overwolf Ltd → Overwolf LTD)
R2 PDF24; D:\Programme\PDF24\pdf24.exe [613560 2022-11-30] (geek software GmbH → geek software GmbH)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15246256 2024-02-19] (ADLICE → )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-28] (Microsoft Windows Publisher → Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-28] (Microsoft Windows Publisher → Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 → Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 → Apple Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [58368 2023-11-16] (www.winchiphead.com) [File not signed]
S2 CorsairLLAccess2C5180972F76443B27B6BE38ADBF2AE99B374496; D:\Programme\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [20696 2019-12-12] (Microsoft Windows Hardware Compatibility Publisher → Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher → Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher → Corsair)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [386552 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher → Dokan Project)
S1 EneIo; C:\Windows\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher → )
S3 ipadtst; C:\ProgramData\MSI\Super_Charger\ipadtst_64.sys [20464 2013-11-11] (MICRO-STAR INTERNATIONAL CO., LTD. → Windows (R) Win 7 DDK provider)
S3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [16336 2016-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. → MSI)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [94784 2022-06-03] (A-Volute SAS → Windows (R) Win 7 DDK provider)
R3 NTIOLib_CC_COMM; D:\Programme\Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. → MSI)
R3 NTIOLib_CC_CPU; D:\Programme\Dragon Center\Lib\Super_Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. → MSI)
R3 NTIOLib_MysticLight; D:\Programme\Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2020-01-07] (MICRO-STAR INTERNATIONAL CO., LTD. → MSI)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG → The OpenVPN Project)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James → Scarlet.Crush Productions)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. → The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [54208 2024-03-06] (ADLICE (Julien Ascoet) → )
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher → Nefarius Software Solutions e.U.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21040 2024-02-28] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [608648 2024-02-28] (Microsoft Windows → Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-28] (Microsoft Windows → Microsoft Corporation)
R1 WinSetupMon; C:\WINDOWS\System32\DRIVERS\WinSetupMon.sys [108032 2023-12-04] (Microsoft Windows → Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-06 20:38 - 2024-03-06 20:38 - 000000000 _D C:\Users\eiko-\Desktop\FRST-OlderVersion
2024-03-06 16:35 - 2024-03-06 16:35 - 135281643 _____ C:\Users\eiko-\Downloads\MSTeams-x64.msix
2024-03-06 13:57 - 2024-03-06 13:57 - 001754660 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-06 13:57 - 2024-03-06 13:57 - 000758838 _____ C:\WINDOWS\system32\perfh007.dat
2024-03-06 13:57 - 2024-03-06 13:57 - 000157058 _____ C:\WINDOWS\system32\perfc007.dat
2024-03-06 13:56 - 2024-03-06 13:56 - 000000000 D C:\ProgramData\Microsoft OneDrive
2024-03-06 13:55 - 2024-03-06 13:55 - 000000020 SH C:\Users\eiko-\ntuser.ini
2024-03-06 13:54 - 2024-03-06 13:54 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2024-03-06 13:54 - 2024-03-06 13:54 - 000011433 _____ C:\WINDOWS\diagerr.xml
2024-03-06 13:54 - 2024-03-06 13:54 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-06 13:54 - 2024-03-06 13:54 - 000003568 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2024-03-06 13:54 - 2024-03-06 13:54 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-06 13:54 - 2024-03-06 13:54 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-06 13:54 - 2024-03-06 13:54 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-06 13:54 - 2024-03-06 13:54 - 000003344 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2024-03-06 13:54 - 2024-03-06 13:54 - 000003250 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2024-03-06 13:54 - 2024-03-06 13:54 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-06 13:54 - 2024-03-06 13:54 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-06 13:54 - 2024-03-06 13:54 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1012
2024-03-06 13:54 - 2024-03-06 13:54 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1011
2024-03-06 13:54 - 2024-03-06 13:54 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1010
2024-03-06 13:54 - 2024-03-06 13:54 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1009
2024-03-06 13:54 - 2024-03-06 13:54 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1008
2024-03-06 13:54 - 2024-03-06 13:54 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1002
2024-03-06 13:54 - 2024-03-06 13:54 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1001
2024-03-06 13:54 - 2024-03-06 13:54 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-06 13:54 - 2024-03-06 13:54 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-06 13:54 - 2024-03-06 13:54 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-06 13:54 - 2024-03-06 13:54 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-06 13:54 - 2024-03-06 13:54 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-06 13:54 - 2024-03-06 13:54 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-06 13:54 - 2024-03-06 13:54 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1421055718-2087356316-1872245878-1012
2024-03-06 13:54 - 2024-03-06 13:54 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1421055718-2087356316-1872245878-1011
2024-03-06 13:54 - 2024-03-06 13:54 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1421055718-2087356316-1872245878-1010
2024-03-06 13:54 - 2024-03-06 13:54 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1421055718-2087356316-1872245878-1009
2024-03-06 13:54 - 2024-03-06 13:54 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1421055718-2087356316-1872245878-1008
2024-03-06 13:54 - 2024-03-06 13:54 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1421055718-2087356316-1872245878-1002
2024-03-06 13:54 - 2024-03-06 13:54 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1421055718-2087356316-1872245878-1001
2024-03-06 13:54 - 2024-03-06 13:54 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-03-06 13:54 - 2024-03-06 13:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-06 13:54 - 2024-03-06 13:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2024-03-06 13:54 - 2024-03-06 13:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-03-06 13:54 - 2024-03-06 13:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2024-03-06 13:54 - 2024-03-06 13:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2024-03-06 13:53 - 2024-03-06 13:53 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2024-03-06 13:52 - 2024-03-06 13:55 - 000000000 ____D C:\Windows.old
2024-03-06 13:52 - 2024-03-06 13:53 - 000000004 ____H C:\ProgramData\cm-lock
2024-03-06 13:52 - 2024-03-06 13:52 - 000512456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-06 13:52 - 2024-03-06 13:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-06 13:48 - 2024-03-06 13:52 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Crypto
2024-03-06 13:48 - 2024-03-06 13:48 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\SystemCertificates
2024-03-06 13:48 - 2024-03-06 13:48 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Network
2024-03-06 13:43 - 2024-03-06 13:52 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2024-03-06 13:42 - 2024-03-06 13:55 - 000000000 ____D C:\Users\eiko-
2024-03-06 13:42 - 2024-03-06 13:53 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Windows
2024-03-06 13:42 - 2024-03-06 13:52 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Spelling
2024-03-06 13:42 - 2024-03-06 13:43 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\Vorlagen
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\Startmenü
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\Netzwerkumgebung
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\Lokale Einstellungen
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\Eigene Dateien
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\Druckumgebung
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\Documents\Eigene Videos
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\Documents\Eigene Musik
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\Documents\Eigene Bilder
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\AppData\Local\Verlauf
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\AppData\Local\Anwendungsdaten
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 _SHDL C:\Users\eiko-\Anwendungsdaten
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2024-03-06 13:42 - 2024-03-06 13:42 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\CLR Security Config
2024-03-06 13:41 - 2024-03-06 13:41 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2024-03-06 13:41 - 2024-03-06 13:41 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-03-06 13:41 - 2024-03-06 13:41 - 000000000 ____D C:\Program Files\MSBuild
2024-03-06 13:41 - 2024-03-06 13:41 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-03-06 13:41 - 2024-03-06 13:41 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-03-06 13:36 - 2024-03-06 13:36 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2024-03-06 12:32 - 2024-03-06 13:55 - 000000000 ___DC C:\WINDOWS\Panther
2024-03-06 12:30 - 2024-03-06 12:30 - 1370030080 _____ C:\Users\eiko-\Desktop\Windows.iso
2024-03-06 12:22 - 2024-03-06 12:30 - 000000000 ____D C:\ESD
2024-03-06 12:18 - 2024-03-06 12:18 - 000000000 ___HD C:$Windows.~WS
2024-03-06 12:16 - 2024-03-06 12:16 - 000019131 _____ C:\Users\Public\Desktop\mbst-clean-results.txt
2024-03-06 12:14 - 2024-03-06 12:14 - 002390016 _____ (Farbar) C:\Users\eiko-\Downloads\FRSTEnglish.exe
2024-03-06 12:10 - 2024-03-06 12:10 - 000000000 ____D C:\Users\eiko-\Downloads\Antivirus_Removal_Tool_2024_02
2024-03-06 12:08 - 2024-03-06 12:08 - 211481779 _____ C:\Users\eiko-\Downloads\Antivirus_Removal_Tool_2024_02.zip
2024-03-06 10:48 - 2024-03-06 10:48 - 000000000 ____D C:\AccountProfileFixer
2024-03-06 10:46 - 2024-03-06 10:46 - 000518200 _____ (Carifred.com) C:\Users\eiko-\Downloads\AccountProfileFixer.exe
2024-03-06 10:20 - 2024-03-06 10:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-03-06 10:18 - 2024-03-06 10:18 - 000008150 _____ C:\Users\eiko-\Downloads\WinDefend.reg
2024-03-06 10:18 - 2024-03-06 10:18 - 000007020 _____ C:\Users\eiko-\Downloads\wuauserv.reg
2024-03-06 10:18 - 2024-03-06 10:18 - 000007020 _____ C:\Users\eiko-\Desktop\wuauserv.reg
2024-03-05 20:15 - 2024-03-05 20:15 - 000183178 _____ C:\Users\eiko-\Downloads\Studiengangsspezifische-PSO_BA_Mechatronik_2010_03.pdf
2024-03-05 13:26 - 2024-03-05 13:26 - 000000000 ____D C:\Users\eiko-\AppData\LocalLow\Hovgaard Games
2024-03-05 13:16 - 2024-03-05 13:16 - 000000213 _____ C:\Users\eiko-\Desktop\Big Ambitions.url
2024-03-05 10:51 - 2024-03-05 10:51 - 000475113 _____ C:\Users\eiko-\Downloads\FSS (1).zip
2024-03-04 15:34 - 2024-03-04 15:34 - 000001425 _____ C:\Users\eiko-\Desktop\Malwarebytes Scan-Bericht 2024-03-04 143014.txt
2024-03-04 09:37 - 2024-03-04 09:37 - 000525365 _____ C:\Users\eiko-\Desktop\ZHPDiag.html
2024-03-04 09:37 - 2024-03-04 09:37 - 000423368 _____ C:\Users\eiko-\Desktop\ZHPDiag.txt
2024-03-04 09:32 - 2024-03-04 09:46 - 000000872 _____ C:\Users\eiko-\Desktop\ZHPSuite.lnk
2024-03-04 09:32 - 2024-03-04 09:46 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\ZHP
2024-03-04 09:32 - 2024-03-04 09:32 - 000000000 ____D C:\Users\eiko-\AppData\Local\ZHP
2024-03-04 09:29 - 2024-03-04 09:35 - 000000000 ____D C:\Users\eiko-\Downloads\ZHPSuite
2024-03-04 09:29 - 2024-03-04 09:29 - 003052134 _____ C:\Users\eiko-\Downloads\ZHPSuite.zip
2024-03-04 09:27 - 2024-03-06 13:52 - 000054208 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2024-03-04 09:15 - 2024-03-04 09:15 - 000002092 _____ C:\Users\eiko-\Desktop\SAVEMODECODE0.txt
2024-03-04 09:00 - 2024-03-04 09:00 - 000012913 _____ C:\Users\eiko-\Desktop\SAVEMODECODE.txt
2024-03-04 08:54 - 2024-03-04 08:54 - 000028672 _____ C:\BCDbak
2024-03-04 08:53 - 2024-03-04 08:53 - 000001425 _____ C:\Users\eiko-\Desktop\Malwarebytes Scan-Bericht 2024-03-04 074755.txt
2024-03-04 08:50 - 2024-03-06 10:20 - 000000000 ____D C:\Users\eiko-\Desktop\BootSafe
2024-03-04 08:50 - 2024-03-04 08:50 - 000293638 _____ C:\Users\eiko-\Downloads\BootSafe.zip
2024-03-02 08:30 - 2024-03-06 10:18 - 000008150 _____ C:\Users\eiko-\Desktop\WinDefend.reg
2024-03-02 00:25 - 2024-03-04 09:32 - 003538592 _____ (Nicolas Coolman) C:\Users\eiko-\Desktop\ZHPSuite.exe
2024-03-01 23:53 - 2024-03-06 14:05 - 000000000 ____D C:\Users\eiko-\Desktop\FSS
2024-03-01 23:53 - 2024-03-01 23:53 - 000475113 _____ C:\Users\eiko-\Downloads\FSS.zip
2024-03-01 23:53 - 2024-03-01 23:53 - 000475113 _____ C:\Users\eiko-\Desktop\FSS.zip
2024-03-01 19:01 - 2024-03-01 19:01 - 000000213 _____ C:\Users\eiko-\Desktop\Farming Simulator 22.url
2024-03-01 16:08 - 2024-03-01 16:08 - 000011496 _____ C:\Users\eiko-\Desktop\RogueKillerLog.txt,
2024-03-01 15:47 - 2024-03-06 13:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2024-03-01 15:47 - 2024-03-01 16:02 - 000000000 ____D C:\ProgramData\RogueKiller
2024-03-01 15:47 - 2024-03-01 15:47 - 000000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2024-03-01 15:47 - 2024-03-01 15:47 - 000000000 ____D C:\Program Files\RogueKiller
2024-03-01 15:46 - 2024-03-01 15:46 - 048358936 _____ (Adlice Software ) C:\Users\eiko-\Downloads\RogueKiller_setup.exe
2024-03-01 15:46 - 2024-03-01 15:46 - 048358936 _____ (Adlice Software ) C:\Users\eiko-\Desktop\RogueKiller_setup.exe
2024-03-01 13:10 - 2024-03-01 13:10 - 000000000 ____D C:\Users\eiko-\Downloads\logi7400-master
2024-03-01 13:09 - 2024-03-01 13:09 - 000490807 _____ C:\Users\eiko-\Downloads\logi7400-master.zip
2024-03-01 10:21 - 2024-03-01 10:21 - 000000000 ____D C:\KVRT2020_Data
2024-03-01 10:19 - 2024-03-01 10:20 - 109429104 _____ (AO Kaspersky Lab) C:\Users\eiko-\Desktop\KVRT.exe
2024-03-01 10:19 - 2024-03-01 10:19 - 109429104 _____ (AO Kaspersky Lab) C:\Users\eiko-\Downloads\KVRT.exe
2024-02-29 15:01 - 2024-02-29 15:01 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-28 16:51 - 2024-03-04 15:32 - 000078751 _____ C:\Users\eiko-\Desktop\Addition.txt
2024-02-28 16:50 - 2024-03-06 20:38 - 000028931 _____ C:\Users\eiko-\Desktop\FRST.txt
2024-02-28 16:35 - 2024-03-05 10:44 - 000009886 _____ C:\Users\eiko-\Desktop\Fixlog.txt
2024-02-28 16:35 - 2024-02-28 16:35 - 000009288 _____ C:\Users\eiko-\Desktop\rtcdqsmatz.txt
2024-02-28 16:34 - 2024-03-06 20:38 - 002390016 _____ (Farbar) C:\Users\eiko-\Desktop\FRST64english.exe
2024-02-28 16:34 - 2024-03-06 20:38 - 000000000 ____D C:\FRST
2024-02-28 16:34 - 2024-02-28 16:34 - 002386944 _____ (Farbar) C:\Users\eiko-\Downloads\FRST64.exe
2024-02-28 16:32 - 2024-02-28 16:32 - 000712333 _____ C:\Users\eiko-\Downloads\Fixlog.txt.txt
2024-02-28 16:29 - 2024-02-28 16:29 - 000004730 _____ C:\Users\eiko-\Desktop\Malwarebytes Scan-Bericht 2024-02-28 152400.txt
2024-02-28 16:20 - 2024-02-28 16:20 - 002585496 _____ (Malwarebytes) C:\Users\eiko-\Downloads\MBSetup.exe
2024-02-28 16:20 - 2024-02-28 16:20 - 002585496 _____ (Malwarebytes) C:\Users\eiko-\Desktop\MBSetup.exe
2024-02-28 16:18 - 2024-02-28 16:17 - 008797968 _____ (Malwarebytes) C:\Users\eiko-\Desktop\adwcleaner.exe
2024-02-28 16:17 - 2024-02-28 16:19 - 000000000 ____D C:\AdwCleaner
2024-02-28 16:17 - 2024-02-28 16:17 - 008797968 _____ (Malwarebytes) C:\Users\eiko-\Downloads\adwcleaner.exe
2024-02-26 16:16 - 2024-02-26 16:16 - 000000000 ____D C:\Users\eiko-\AppData\LocalLow\Nokta Games
2024-02-26 16:14 - 2024-02-26 16:14 - 000000213 _____ C:\Users\eiko-\Desktop\Supermarket Simulator.url
2024-02-16 12:16 - 2024-02-16 12:16 - 032507592 _____ C:\Users\eiko-\Downloads\MKON Hausarbeit Gruppe 3.zip
2024-02-16 12:12 - 2024-02-16 12:12 - 000000000 ____D C:\Users\eiko-\Downloads\MKON Hausarbeit Gruppe 3
2024-02-14 16:01 - 2024-02-14 16:01 - 017224067 _____ C:\Users\eiko-\Downloads\Unbenanntes_Notizbuch.pdf
2024-02-14 14:17 - 2024-02-14 14:19 - 000000000 ___HD C:$WinREAgent
2024-02-14 11:50 - 2024-02-14 11:50 - 010669146 _____ C:\Users\eiko-\Downloads\978-3-8348-2581-0.pdf
2024-02-13 15:46 - 2024-02-13 15:46 - 006163244 _____ C:\Users\eiko-\Downloads\Anleitung MS2 Aufgabentype.pdf
2024-02-13 10:14 - 2024-02-13 10:14 - 000000000 ____D C:\Users\eiko-\Downloads\Photos-001 (2)
2024-02-13 10:13 - 2024-02-13 10:14 - 062952428 _____ C:\Users\eiko-\Downloads\Photos-001 (2).zip
2024-02-11 12:43 - 2024-02-11 12:43 - 000534937 _____ C:\Users\eiko-\Downloads\RL_Federn_Aufgabe (4).pdf
2024-02-11 12:21 - 2024-02-11 12:21 - 000936592 _____ C:\Users\eiko-\Downloads\624beffb-15e1-47fd-86e0-bf8de081bd29_Export-8ba90b14-8348-4300-9315-58890a9fcb66.zip
2024-02-11 12:21 - 2024-02-11 12:21 - 000000000 ____D C:\Users\eiko-\Downloads\624beffb-15e1-47fd-86e0-bf8de081bd29_Export-8ba90b14-8348-4300-9315-58890a9fcb66
2024-02-11 12:18 - 2024-02-11 12:18 - 003680011 _____ C:\Users\eiko-\Downloads\70f01c28-7c35-43b7-84f4-7366f8fa2549_Export-5fdfccfe-4bbb-432d-8e8d-9a2e76d48e74.zip
2024-02-11 12:18 - 2024-02-11 12:18 - 000000000 ____D C:\Users\eiko-\Downloads\70f01c28-7c35-43b7-84f4-7366f8fa2549_Export-5fdfccfe-4bbb-432d-8e8d-9a2e76d48e74
2024-02-11 11:43 - 2024-02-11 11:43 - 000876160 _____ C:\Users\eiko-\Downloads\Clicker_Kupplungen.pdf
2024-02-10 16:38 - 2024-02-10 16:38 - 000336378 _____ C:\Users\eiko-\Downloads\Kon3_Rechenlabor_Ketten.pdf
2024-02-10 16:38 - 2024-02-10 16:38 - 000225045 _____ C:\Users\eiko-\Downloads\Kon3_Rechenlabor_ZR.pdf
2024-02-10 16:38 - 2024-02-10 16:38 - 000152820 _____ C:\Users\eiko-\Downloads\Kon3_Rechenlabor_Riemen.pdf
2024-02-09 16:12 - 2024-02-09 16:12 - 002336867 _____ C:\Users\eiko-\Downloads\Probeklausur AT1.pdf
2024-02-09 14:38 - 2024-02-09 16:00 - 000000000 ____D C:\Users\eiko-\Downloads\OneDrive_1_9.2.2024
2024-02-09 14:38 - 2024-02-09 14:38 - 001064154 _____ C:\Users\eiko-\Downloads\OneDrive_1_9.2.2024.zip
2024-02-07 15:23 - 2024-02-07 15:23 - 000073710 _____ C:\Users\eiko-\Downloads\Clicker_Riemen (1).pdf
2024-02-05 16:01 - 2024-02-05 16:01 - 001424709 _____ C:\Users\eiko-\Downloads\MP_Codebeispiele_Klausur (1).pdf
2024-02-05 15:58 - 2024-02-05 15:58 - 001424709 _____ C:\Users\eiko-\Downloads\MP_Codebeispiele_Klausur.pdf
2024-02-05 15:49 - 2024-02-05 15:49 - 000656359 _____ C:\Users\eiko-\Downloads\MP_Ubersicht.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-06 20:24 - 2020-10-22 14:00 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\discord
2024-03-06 20:24 - 2020-10-22 14:00 - 000000000 ____D C:\Users\eiko-\AppData\Local\Discord
2024-03-06 20:22 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-06 20:22 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-06 20:18 - 2023-05-22 12:01 - 000000068 __RSH C:\WINDOWS\system32\Drivers\winhv.winsecurity
2024-03-06 20:15 - 2023-01-16 10:32 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-06 20:15 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-06 20:15 - 2020-07-04 09:55 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-06 20:15 - 2020-01-07 20:22 - 000000000 ____D C:\Users\eiko-\AppData\Local\Packages
2024-03-06 19:54 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-06 19:54 - 2020-01-07 21:17 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-06 19:45 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\appcompat
2024-03-06 19:40 - 2023-05-22 12:01 - 000000068 __RSH C:\WINDOWS\system32\Drivers\WUDFRd.winsecurity
2024-03-06 14:11 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-03-06 14:11 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-06 14:11 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-03-06 13:57 - 2020-05-14 14:04 - 000000000 ___HD C:\OneDriveTemp
2024-03-06 13:57 - 2020-01-08 15:49 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-06 13:57 - 2020-01-07 20:24 - 000000000 ___RD C:\Users\eiko-\OneDrive
2024-03-06 13:55 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-06 13:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-06 13:55 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows NT
2024-03-06 13:55 - 2020-01-07 20:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-03-06 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-03-06 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Media
2024-03-06 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-03-06 13:53 - 2024-01-24 09:15 - 000000000 ____D C:\WINDOWS\system32\zh-hant
2024-03-06 13:53 - 2024-01-24 09:15 - 000000000 ____D C:\WINDOWS\system32\zh-hans
2024-03-06 13:53 - 2020-01-07 20:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-03-06 13:52 - 2024-02-03 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview)
2024-03-06 13:52 - 2024-01-25 11:57 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2024-03-06 13:52 - 2024-01-16 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2024-03-06 13:52 - 2024-01-10 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\logisim-evolution
2024-03-06 13:52 - 2023-12-08 14:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Altium
2024-03-06 13:52 - 2023-11-12 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OrcaSlicer
2024-03-06 13:52 - 2023-10-18 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2024-03-06 13:52 - 2023-08-22 10:25 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raspberry Pi
2024-03-06 13:52 - 2023-07-06 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2024-03-06 13:52 - 2023-07-05 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnycubicPhotonWorkshop
2024-03-06 13:52 - 2023-06-30 11:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltiMaker Cura
2024-03-06 13:52 - 2023-06-02 07:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VHDPlus
2024-03-06 13:52 - 2023-05-22 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter
2024-03-06 13:52 - 2023-05-17 18:09 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inkscape
2024-03-06 13:52 - 2023-04-27 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)
2024-03-06 13:52 - 2023-04-21 18:34 - 000000000 ____D C:\ProgramData\regid.2007-07.org.fritzing
2024-03-06 13:52 - 2023-04-21 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fritzing
2024-03-06 13:52 - 2023-04-17 12:56 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crucial Storage Executive
2024-03-06 13:52 - 2023-02-22 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2024-03-06 13:52 - 2022-12-06 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2024-03-06 13:52 - 2022-11-16 14:04 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SQLite ODBC Driver for Win64
2024-03-06 13:52 - 2022-05-09 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
2024-03-06 13:52 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2024-03-06 13:52 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\WCN
2024-03-06 13:52 - 2022-05-07 06:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 __RHD C:\Users\Public\Libraries
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\spool
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Keywords
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-03-06 13:52 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-03-06 13:52 - 2022-03-26 17:39 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2024-03-06 13:52 - 2022-01-12 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2024-03-06 13:52 - 2021-11-02 15:02 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-03-06 13:52 - 2021-08-22 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2024-03-06 13:52 - 2021-04-11 15:53 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2024-03-06 13:52 - 2021-04-10 19:42 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2024-03-06 13:52 - 2021-01-04 00:24 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-06 13:52 - 2020-12-13 17:15 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2024-03-06 13:52 - 2020-10-22 14:00 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-03-06 13:52 - 2020-06-01 14:19 - 000000000 ____D C:\Program Files\UNP
2024-03-06 13:52 - 2020-03-07 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2024-03-06 13:52 - 2020-02-17 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-03-06 13:52 - 2020-01-09 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2024-03-06 13:52 - 2020-01-08 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher
2024-03-06 13:52 - 2020-01-08 16:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-03-06 13:52 - 2020-01-08 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2024-03-06 13:52 - 2020-01-07 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2024-03-06 13:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2024-03-06 13:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ta-in
2024-03-06 13:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\si-lk
2024-03-06 13:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2024-03-06 13:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\my-mm
2024-03-06 13:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2024-03-06 13:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2024-03-06 13:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\am-et
2024-03-06 13:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2024-03-06 13:51 - 2022-05-07 06:28 - 000000000 ____D C:\WINDOWS\Setup
2024-03-06 13:43 - 2023-07-06 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2024-03-06 13:43 - 2023-05-22 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3S CODESYS
2024-03-06 13:43 - 2022-05-07 11:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-03-06 13:43 - 2022-05-07 11:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-03-06 13:43 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2024-03-06 13:43 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2024-03-06 13:43 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2024-03-06 13:43 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\winrm
2024-03-06 13:43 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\slmgr
2024-03-06 13:43 - 2022-05-07 11:29 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2024-03-06 13:43 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-03-06 13:43 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-03-06 13:43 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\dsc
2024-03-06 13:43 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-03-06 13:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-03-06 13:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-03-06 13:43 - 2020-01-07 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2024-03-06 13:43 - 2020-01-07 21:24 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2024-03-06 13:42 - 2022-05-07 06:24 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2024-03-06 13:41 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2024-03-06 13:41 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\MUI
2024-03-06 13:41 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-06 13:05 - 2020-01-09 20:16 - 000000000 ____D C:\Users\eiko-\AppData\Local\Steam
2024-03-06 11:54 - 2020-12-18 16:26 - 000002437 _____ C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nahimic Companion.lnk
2024-03-06 11:48 - 2021-01-04 00:25 - 000002406 _____ C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-06 11:48 - 2020-01-07 20:38 - 000000000 ____D C:\ProgramData\Packages
2024-03-06 11:40 - 2020-01-07 20:24 - 000000000 ____D C:\Users\eiko-\AppData\Local\PlaceholderTileLogoFolder
2024-03-06 11:40 - 2020-01-07 20:22 - 000000000 ____D C:\Users\eiko-\AppData\Local\ConnectedDevicesPlatform
2024-03-06 11:23 - 2020-01-07 22:07 - 000000000 ____D C:\Users\eiko-\AppData\Local\CrashDumps
2024-03-06 11:02 - 2020-01-07 20:20 - 000000000 ___SD C:\Users\eiko-\AppData\Roaming\Microsoft\Protect
2024-03-06 11:02 - 2020-01-07 20:20 - 000000000 ___SD C:\Users\eiko-\AppData\Roaming\Microsoft\Credentials
2024-03-06 10:20 - 2022-04-22 14:57 - 000000000 ____D C:\Users\eiko-\AppData\Local\D3DSCache
2024-03-05 20:37 - 2020-03-07 16:18 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Excel
2024-03-04 08:52 - 2020-01-07 21:17 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-02 08:43 - 2022-10-22 15:08 - 000108136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-03-02 08:43 - 2022-10-22 15:08 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-03-02 08:43 - 2022-02-11 19:58 - 002713080 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-03-02 08:43 - 2022-02-11 19:58 - 000689768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-03-02 08:43 - 2022-02-11 19:58 - 000218616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-03-02 08:43 - 2022-02-11 19:58 - 000202344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-03-02 08:43 - 2022-02-11 19:58 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-03-01 19:26 - 2021-11-02 16:11 - 000000000 ____D C:\Users\eiko-\Documents\My Games
2024-03-01 15:35 - 2020-06-10 09:51 - 000000000 ____D C:\Users\eiko-\AppData\LocalLow\Temp
2024-03-01 15:32 - 2020-03-07 16:17 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Word
2024-03-01 13:11 - 2023-02-22 22:15 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\vlc
2024-03-01 13:10 - 2021-04-11 15:54 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Code
2024-02-29 15:00 - 2020-03-07 16:12 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-28 15:59 - 2020-01-07 20:27 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\MMC
2024-02-28 15:37 - 2020-02-17 18:41 - 000000000 ____D C:\Users\eiko-\AppData\Local\ElevatedDiagnostics
2024-02-28 15:28 - 2020-01-08 03:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-02-28 15:25 - 2020-01-07 20:38 - 000918944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-02-25 13:20 - 2022-05-12 17:00 - 000000000 ____D C:\XboxGames
2024-02-24 20:04 - 2023-01-13 08:53 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-02-24 20:04 - 2022-10-13 19:02 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-16 12:40 - 2023-04-18 15:42 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\FreeFileSync
2024-02-14 14:29 - 2020-01-07 20:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-14 14:27 - 2020-01-07 20:44 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-12 17:53 - 2023-12-18 13:41 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-02-11 22:35 - 2021-10-04 13:24 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Notion
2024-02-11 15:53 - 2024-02-02 15:38 - 000000000 ____D C:\Users\eiko-\Desktop\Papa schicken
2024-02-11 09:20 - 2021-04-06 10:21 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Microsoft\Teams
2024-02-09 12:12 - 2023-01-02 11:24 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\Anki2
2024-02-05 10:14 - 2023-12-08 14:38 - 000000000 ____D C:\Users\eiko-\AppData\Roaming\EQATEC Analytics

==================== Files in the root of some directories ========

2022-12-14 12:40 - 2022-12-14 16:29 - 000004216 _____ () C:\Users\eiko-\AppData\Roaming\LTspiceXVII.ini
2023-05-17 20:17 - 2023-05-17 20:17 - 000003249 _____ () C:\Users\eiko-\AppData\Local\recently-used.xbel
2022-02-20 02:10 - 2022-02-20 02:10 - 000007605 _____ () C:\Users\eiko-\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
                                Addition:
                                [HEADING=1]
                                Code:
                                Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05.03.2024
Ran by eiko- (06-03-2024 20:40:08)
Running from C:\Users\eiko-\Desktop
Microsoft Windows 11 Home Version 23H2 22631.2861 (X64) (2024-03-06 12:55:04)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1421055718-2087356316-1872245878-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1421055718-2087356316-1872245878-503 - Limited - Disabled)
eiko- (S-1-5-21-1421055718-2087356316-1872245878-1012 - Administrator - Enabled) => C:\Users\eiko-
Gast (S-1-5-21-1421055718-2087356316-1872245878-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1421055718-2087356316-1872245878-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM...{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.008.20555 - Adobe)
Adobe Refresh Manager (HKLM-x32...{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Altium Designer 23 (HKLM...\Altium Designer {A9B34CD7-40BF-42A8-8F33-55BA03B6232C}) (Version: 23.11.1.41 - Altium Limited)
AMD Ryzen Master SDK (HKLM...{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.1.0.1236 - Advanced Micro Devices, Inc.)
Anaconda3 2023.03-1 (Python 3.10.9 64-bit) (HKLM...\Anaconda3 2023.03-1 (Python 3.10.9 64-bit)) (Version: 2023.03-1 - Anaconda, Inc.)
Anki (HKLM-x32...\Anki) (Version: 2.1.55 - )
Anno 1800 (HKLM-x32...\Uplay Install 4553) (Version: - Ubisoft)
AnycubicPhotonWorkshop (HKLM...{C48D4F03-E59D-475F-B34D-E618A500C118}is1) (Version: - Anycubic)
Arduino (HKLM-x32...\Arduino) (Version: 1.8.13 - Arduino LLC)
CLion 2022.1 (HKLM-x32...\CLion 2022.1) (Version: 221.5080.224 - JetBrains s.r.o.)
CodeMeter Runtime Kit v6.30d (HKLM...{627EBCBD-71C2-4FDE-9BEA-3AF7F03FBE10}) (Version: 6.30.2280.504 - WIBU-SYSTEMS AG)
CODESYS V3.5 SP10 Patch 4 (HKLM-x32...{91B73AA2-4B42-481F-9ECD-03AB9C6016DF}) (Version: 3.5.10.407 - 3S-Smart Software Solutions GmbH) Hidden
CODESYS V3.5 SP10 Patch 4 (HKLM-x32...\InstallShield{91B73AA2-4B42-481F-9ECD-03AB9C6016DF}) (Version: 3.5.10.407 - 3S-Smart Software Solutions GmbH)
CORSAIR iCUE Software (HKLM-x32...{30D73167-BD7C-473A-AF2F-BBC194FA42D4}) (Version: 3.24.52 - Corsair)
CrystalDiskInfo 8.13.3 (HKLM...\CrystalDiskInfo_is1) (Version: 8.13.3 - Crystal Dew World)
Dokan Library 1.5.1.1000 (x64) (HKLM...{65A3A964-3DC3-0105-0001-211126123627}) (Version: 1.5.1.1000 - Dokany Project) Hidden
Dokan Library 1.5.1.1000 Bundle (HKLM-x32...{05c046de-f751-48c8-b8d3-77259ea88eb7}) (Version: 1.5.1.1000 - Dokany Project)
Dragon Center (HKLM-x32...{B252FABF-9582-4824-B02B-6D2DC93685C7}}_is1) (Version: 1.0.0.63 - MSI)
draw.io 22.0.2 (HKLM...\27a75bf3-be48-5c35-934f-8491cf108abe) (Version: 22.0.2 - JGraph)
ENE RGB HAL (HKLM...{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32...{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM...{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32...{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32...{9483ABD9-C772-487B-ADF8-09347CF8F2D2}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM...{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32...{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
FreeFileSync (HKLM-x32...\FreeFileSync_is1) (Version: 12.2 - FreeFileSync.org)
Fritzing (HKLM...{62E4A8BF-5F3B-49E0-9ECE-3140C049FA34}) (Version: 0.9.10.0 - Fritzing GmbH)
GIMP 2.10.22 (HKLM...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
Git (HKLM...\Git_is1) (Version: 2.42.0.2 - The Git Development Community)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 122.0.6261.95 - Google LLC)
HWiNFO64 Version 6.12 (HKLM...\HWiNFO64_is1) (Version: 6.12 - Martin Malik - REALiX)
Immortals Fenyx Rising (HKLM-x32...\Uplay Install 5405) (Version: - Ubisoft)
Inkscape (HKLM...{B57F4693-8866-4053-B706-901E03F3301B}) (Version: 1.2.2 - Inkscape)
Java 8 Update 401 (64-bit) (HKLM...{71024AE4-039E-4CA4-87B4-2F64180401F0}) (Version: 8.0.4010.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32...{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
logisim-evolution (HKLM...{BFAB7B04-8835-36CF-87DB-D1E3A319406E}) (Version: 3.8.0 - logisim-evolution developers)
Logitech Options (HKLM...\LogiOptions) (Version: 8.54.161 - Logitech)
LTspice XVII (HKLM...\LTspice XVII) (Version: - Linear Technology Corporation)
Microsoft .NET Host - 5.0.4 (x64) (HKLM...{DD901386-A294-4FF1-A683-0EFF5C66209A}) (Version: 40.16.29816 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.4 (x86) (HKLM-x32...{9BFB6AF7-641C-4B52-82CA-43F5A4FD288E}) (Version: 40.16.29816 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.8 (x64) (HKLM...{19FCE07F-2A75-44AC-9EA5-8E29FE2F8DBE}) (Version: 56.35.63143 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.4 (x64) (HKLM...{773EF543-570F-4746-953A-3CB19DFCB3E2}) (Version: 40.16.29816 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.4 (x86) (HKLM-x32...{79D32D19-A148-4E8E-AC31-2FC90CDBBFA8}) (Version: 40.16.29816 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.8 (x64) (HKLM...{174E0D7C-F2C9-49A2-83FB-95A0FE6FA023}) (Version: 56.35.63143 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.4 (x64) (HKLM...{879C9645-ADF3-4697-915B-00B76EBA629F}) (Version: 40.16.29816 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.4 (x86) (HKLM-x32...{D523398E-D0EE-4F91-AE81-A27222A621DA}) (Version: 40.16.29816 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.8 (x64) (HKLM...{B45C77BA-0B4E-4FBB-99B9-9774ECBE20AA}) (Version: 56.35.63143 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32...\Microsoft Edge) (Version: 123.0.2420.20 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32...\Microsoft EdgeWebView) (Version: 122.0.2365.66 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32...{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM...\ProPlus2019Volume - de-de) (Version: 16.0.10407.20032 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1421055718-2087356316-1872245878-1012...\OneDriveSetup.exe) (Version: 24.042.0227.0001 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM...{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.23.35502 - Microsoft)
Microsoft Update Health Tools (HKLM...{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM...{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM...{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32...{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32...{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM...{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM...{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32...{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32...{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32...{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32...{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32...{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32...{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM...{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM...{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM...{7C0242A3-8B66-35D1-9FE0-13B426ACB609}) (Version: 10.0.60729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.4 (x64) (HKLM...{A04C83D6-2FC0-4F09-9166-E870E5A9E168}) (Version: 40.16.29817 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.4 (x64) (HKLM-x32...{ff817559-f11f-4faa-af52-26feb4b46fff}) (Version: 5.0.4.29817 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.4 (x86) (HKLM-x32...{0F1B4D8B-545C-4C65-BA29-3F564C2F6915}) (Version: 40.16.29817 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.4 (x86) (HKLM-x32...{a83b07f3-e0e5-4402-87d4-3d1acf79c42a}) (Version: 5.0.4.29817 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.8 (x64) (HKLM...{3133BC55-90BD-4B87-82A2-6670B3CAFB81}) (Version: 56.35.63153 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.8 (x64) (HKLM-x32...{d260fcb6-95b8-4c81-8e07-ce75876ffca2}) (Version: 7.0.8.32619 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32...{810F1419-7760-402E-8772-B4054FAA2B72}) (Version: 1.0.0.0 - Mojang)
Nefarius Virtual Gamepad Emulation Bus Driver (HKLM...{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.)
Nextcloud (HKLM...{27596A6F-750F-4996-A5C2-A980522ED1C4}) (Version: 3.4.1.20211221 - Nextcloud GmbH)
NVIDIA GeForce Experience 3.20.2.34 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 456.71 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM...{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10407.20032 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM...{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10407.20032 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM...{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.10407.20032 - Microsoft Corporation) Hidden
OnePlus USB Drivers 1.00 (HKLM-x32...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
OrcaSlicer (HKLM-x32...\OrcaSlicer) (Version: 1.8.0 - SoftFever)
Overwolf (HKLM-x32...\Overwolf) (Version: 0.242.0.12 - Overwolf Ltd.)
PDF24 Creator 11.8.0 (HKLM...{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.8.0 - PDF24.org)
PowerToys (Preview) (HKLM...{6F3910F2-DA29-490C-811F-D3691B134A61}) (Version: 0.77.0 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32...{1aada4d0-ca73-4389-8f63-73923c771fd4}) (Version: 0.77.0 - Microsoft Corporation)
Prusa3D Version 2.5.0 (HKLM...\Prusa3D_is1) (Version: 2.5.0 - Prusa Research a.s.)
PrusaSlicer Version 2.5.0 (HKLM...\PrusaSlicer_is1) (Version: 2.5.0 - Prusa Research s.r.o.)
Qalculate! (HKLM...{F4803C78-0331-4EE2-9103-33FB0673E2D3}) (Version: 4.8.1 - Hanna Knutsson)
Recuva (HKLM...\Recuva) (Version: 1.53 - Piriform)
RogueKiller version 15.15.2.0 (HKLM...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.15.2.0 - Adlice Software)
SAP Crystal Reports runtime engine for .NET Framework (64-bit) (HKLM...{F9B436DD-8D48-430E-BA89-F85DFA452C55}) (Version: 13.0.9.1312 - SAP)
Snapmaker Luban 3.8.0 (HKLM...{4c329381-cbe6-5eac-8b35-1ff73ff2e943}) (Version: 3.8.0 - Snapmaker Dev Team)
Snapmaker Luban 4.4.0 (HKLM...\4c329381-cbe6-5eac-8b35-1ff73ff2e943) (Version: 4.4.0 - Snapmaker Dev Team)
SQLite ODBC Driver for Win64 (remove only) (HKLM-x32...\SQLite ODBC Driver for Win64) (Version: - )
Steam (HKLM-x32...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeighaX 4.00 (x64) (HKLM...{2AB65377-C672-498E-BE74-5C60CCFEAC5C}) (Version: 4.0.0 - Open Design Alliance)
Trackmania (HKLM-x32...\Uplay Install 5595) (Version: - Ubisoft)
Ubisoft Connect (HKLM-x32...\Uplay) (Version: 101.0 - Ubisoft)
UltiMaker Cura 5.3.1 (HKLM-x32...\UltiMaker Cura 5.3.1-5.3.1) (Version: 5.3.1 - UltiMaker)
VHDPlus IDE (64bit) (HKLM...{715CFA00-2211-47A2-AD88-87EC71B9564E}) (Version: 0.11.1.0 - VHDPlus)
Virtual-C IDE (HKLM...{59A5E95F-ABEA-48BF-B3AC-B9A78A17E144}) (Version: 2.2.2 - VirtualC)
VLC media player (HKLM...\VLC media player) (Version: 3.0.18 - VideoLAN)
Windows-PC-Integritätsprüfung (HKLM...{63EFBDB5-01B0-4614-BE9F-7F1908E42275}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM...{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinSCP 6.1.1 (HKLM-x32...\winscp3_is1) (Version: 6.1.1 - Martin Prikryl)
[HEADING=1]Packages:[/HEADING]
Adobe Acrobat Reader → C:\Program Files\Adobe\Acrobat DC [2024-03-06] ()
Dev Home → C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1100.416.0_x64__8wekyb3d8bbwe [2024-03-06] (Microsoft Corporation)
Microsoft Family → C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-03-06] (Microsoft Corp.)
Microsoft Teams (work or school) → C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe [2024-03-06] (Microsoft) [Startup Task]
Microsoft.Windows.Ai.Copilot.Provider → C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-06] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS → C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-06] (Microsoft Corporation)
MicrosoftWindows.Client.FileExp → C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-06] (Microsoft Corporation)
MicrosoftWindows.CrossDevice → C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_0.24012.117.0_x64__cw5n1h2txyewy [2024-03-06] (Microsoft Windows)
NVIDIA Control Panel → C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-03-06] (NVIDIA Corp.)
Solitaire & Casual Games → C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-03-06] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1421055718-2087356316-1872245878-1012_Classes\CLSID{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 → C:\Users\eiko-\AppData\Local\Microsoft\TeamsMeetingAddin\1.23.35502\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation → Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1421055718-2087356316-1872245878-1012_Classes\CLSID{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 → C:\Users\eiko-\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS → A-Volute)
ShellIconOverlayIdentifiers: [ NextcloudError] → {E0342B74-7593-4C70-9D61-22F294AAFE05} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-12-21] (Nextcloud GmbH → Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOK] → {E1094E94-BE93-4EA2-9639-8475C68F3886} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-12-21] (Nextcloud GmbH → Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOKShared] → {E243AD85-F71B-496B-B17E-B8091CBE93D2} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-12-21] (Nextcloud GmbH → Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudSync] → {E3D6DB20-1D83-4829-B5C9-941B31C0C35A} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-12-21] (Nextcloud GmbH → Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudWarning] → {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-12-21] (Nextcloud GmbH → Nextcloud GmbH)
ContextMenuHandlers2: [FileLocksmithExt] → {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2024-01-05] (Microsoft Corporation → Microsoft Corporation)
ContextMenuHandlers3: [FileLocksmithExt] → {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2024-01-05] (Microsoft Corporation → Microsoft Corporation)
ContextMenuHandlers3: [NextcloudContextMenuHandler] → {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} => C:\Program Files\Nextcloud\shellext\NCContextMenu.dll [2021-12-21] (Nextcloud GmbH → Nextcloud GmbH)
ContextMenuHandlers3: [PowerRenameExt] → {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2024-01-05] (Microsoft Corporation → Microsoft Corporation)
ContextMenuHandlers4: [RecuvaShellExt] → {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-06-02] (PIRIFORM SOFTWARE LIMITED → Piriform Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] → {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvshext.dll [2020-10-07] (NVIDIA Corporation → NVIDIA Corporation)
ContextMenuHandlers5: [PowerRenameExt] → {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2024-01-05] (Microsoft Corporation → Microsoft Corporation)
ContextMenuHandlers6: [RecuvaShellExt] → {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-06-02] (PIRIFORM SOFTWARE LIMITED → Piriform Software Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-06-19 10:25 - 2019-06-19 10:25 - 000209920 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\AacHal_x86.dll
2018-03-20 14:34 - 2018-03-20 14:34 - 000265728 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\SB_SMBUS_SDK.dll
2019-06-28 10:51 - 2019-06-28 10:51 - 000184832 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_M2_HAL\AacHal_x86.dll
2020-01-07 22:07 - 2020-01-07 22:05 - 000237568 _____ () [File not signed] D:\Programme\Dragon Center\Mystic_Light\LEDControl.dll
2020-01-09 18:18 - 2019-01-28 06:00 - 000254464 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCALDL.DLL
2020-01-09 18:18 - 2019-01-10 05:00 - 001302016 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMDL.DLL
2020-01-07 22:07 - 2020-01-07 22:05 - 002200784 _____ (Dexin Corp → MICRO-STAR INTERNATIONAL) [File not signed] D:\Programme\Dragon Center\Mystic_Light\IcMSIDll.dll
2020-01-07 22:07 - 2020-01-07 22:07 - 002200784 _____ (Dexin Corp → MICRO-STAR INTERNATIONAL) [File not signed] D:\Programme\Dragon Center\Mystic_Light\Lib\IcMSIDll.dll
2019-10-07 03:55 - 2024-03-06 11:17 - 001286144 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\PS5UI.DLL
2020-03-07 16:12 - 2020-03-07 16:12 - 000000000 ____L (Microsoft Corporation) [symlink → C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-03-07 16:12 - 2020-03-07 16:12 - 000000000 ____L (Microsoft Corporation) [symlink → C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2019-11-15 10:53 - 2019-11-15 10:53 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] D:\Programme\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2020-01-07 22:07 - 2020-01-07 22:07 - 000399872 _____ (TODO: <公司名稱>) [File not signed] D:\Programme\Dragon Center\Mystic_Light\Lib\SDKDLL.dll
2016-09-29 05:30 - 2016-09-29 05:30 - 000220160 _____ (WIBU-SYSTEMS AG) [File not signed] C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.lDe

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:CM_2a732c3f1e3eb40b63fe062d0180f157c71684af0a0442ab953224075801bb78 [74]
AlternateDataStreams: C:\Windows:CM_bf41c588bad5a092a453669c0d3c66d1ec2c072fbf5c15cc6acda24c9e4d0955 [74]
AlternateDataStreams: C:\Users\eiko-\Desktop\RogueKiller_setup.exe:MBAM.Zone.Identifier [187]
AlternateDataStreams: C:\Users\eiko-\Desktop\ZHPSuite.exe:MBAM.Zone.Identifier [77]
AlternateDataStreams: C:\Users\eiko-\Downloads\AccountProfileFixer.exe:MBAM.Zone.Identifier [131]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper → {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} → C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-03-08] (Microsoft Corporation → Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-12-19] (Oracle America, Inc. → Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-12-19] (Oracle America, Inc. → Oracle Corporation)
BHO-x32: Skype for Business Browser Helper → {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} → C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-03-08] (Microsoft Corporation → Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper → {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} → C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2024-01-13] (Microsoft Corporation → Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-22] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-22] (Microsoft Corporation → Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-22] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-22] (Microsoft Corporation → Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-22] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-22] (Microsoft Corporation → Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-22] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-22] (Microsoft Corporation → Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2024-02-28 16:35 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path → C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Windows\System32\OpenSSH;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEMROOT%\System32\OpenSSH;C:\Program Files\dotnet;C:\Program Files (x86)\dotnet;C:\Program Files\Crucial\Crucial Storage Executive;C:\Program Files\Git\cmd
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\Control Panel\Desktop\Wallpaper → C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 4294967295) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM...\StartupApproved\StartupFolder: => “WinZip Preloader.lnk”
HKLM...\StartupApproved\StartupFolder: => “CodeMeter Control Center.lnk”
HKLM...\StartupApproved\Run: => “PDF24”
HKLM...\StartupApproved\Run32: => “CORSAIR iCUE Software”
HKLM...\StartupApproved\Run32: => “IJNetworkScannerSelectorEX2”
HKLM...\StartupApproved\Run32: => “CanonQuickMenu”
HKLM...\StartupApproved\Run32: => “PDFPrint”
HKLM...\StartupApproved\Run32: => “GatewaySysTray”
HKLM...\StartupApproved\Run32: => “CODESYSControlSysTray”

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DD249D51-4DF7-4AB2-8CCD-88656633007A}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG → WIBU-SYSTEMS AG)
FirewallRules: [{8A573C64-1511-4BD4-A4AF-AB0BE1DAD849}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG → WIBU-SYSTEMS AG)
FirewallRules: [{153B85D9-E5D8-452A-9746-4901430233F3}] => (Allow) D:\Programme\Steam\steamapps\common\Big Ambitions\Big Ambitions.exe () [File not signed]
FirewallRules: [{78E8F0F5-AC79-4418-B0D1-BFB5E7A1221B}] => (Allow) D:\Programme\Steam\steamapps\common\Big Ambitions\Big Ambitions.exe () [File not signed]
FirewallRules: [{34FD35ED-6686-4D28-A6C8-6DBEB80593F8}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.66\msedgewebview2.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{3DE411ED-C84C-4DFD-BF00-CDAA974F85F4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC → Google LLC)
FirewallRules: [{3E606B86-BD68-4A44-8CEC-7E0105D17D00}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{F8ACB089-BB54-45B0-B751-BD5AF952905C}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{5AFEC480-363F-4323-AD7C-DCBDFE540457}] => (Allow) D:\Programme\Steam\steamapps\common\Farming Simulator 22\x64\FarmingSimulator2022Game.exe (GIANTS Software GmbH → GIANTS Software GmbH)
FirewallRules: [{C4E667EE-64CF-4F90-8CDD-2183265666FE}] => (Allow) D:\Programme\Steam\steamapps\common\Farming Simulator 22\x64\FarmingSimulator2022Game.exe (GIANTS Software GmbH → GIANTS Software GmbH)
FirewallRules: [{4037986D-C99D-4775-8AFC-BF55CE36CAC9}] => (Allow) D:\Programme\Overwolf\0.242.0.12\OverwolfBrowser.exe (Overwolf Ltd → Overwolf LTD)
FirewallRules: [{0DC44328-1923-4AF2-867A-25D5C7ECE9F7}] => (Allow) D:\Programme\Overwolf\0.242.0.12\OverwolfBrowser.exe (Overwolf Ltd → Overwolf LTD)
FirewallRules: [{B47387AD-2143-488F-B24F-E00E7DE32978}] => (Block) D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe => No File
FirewallRules: [{AE99B29D-2626-46F7-9F22-501881F2E445}] => (Block) D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe => No File
FirewallRules: [{53BE1FB6-6D7C-4016-9BE9-ACA17B30CAD8}] => (Allow) D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe => No File
FirewallRules: [{A7F73065-A310-4FA7-B8E8-AC28FEC462BB}] => (Allow) D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe => No File
FirewallRules: [{0E857EA6-A4E5-4ED8-9C54-64D13821B44E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF → Spotify Ltd)
FirewallRules: [{C172A26F-78BB-48C2-BD26-EA96E4822135}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF → Spotify Ltd)
FirewallRules: [{DFD79D3E-4338-4EEA-999C-528A5CAC8483}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF → Spotify Ltd)
FirewallRules: [{48E1678E-D52E-43C2-8FE4-5DC3EE9E5432}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF → Spotify Ltd)
FirewallRules: [{35BF3957-EA38-4892-A47D-A78804388403}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF → Spotify Ltd)
FirewallRules: [{DA8157EF-5A48-45D9-9F37-342773C8472F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF → Spotify Ltd)
FirewallRules: [{8E5064E6-A832-42FF-B94D-F2C1C77EB730}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF → Spotify Ltd)
FirewallRules: [{689D3F45-EE85-48AF-8302-A98FEB500ABC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF → Spotify Ltd)
FirewallRules: [{19D9484A-641B-45B8-B664-A9C371F01661}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF → Spotify Ltd)
FirewallRules: [{D852E223-3EF6-4721-BF19-6272F579654F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF → Spotify Ltd)
FirewallRules: [{CE7704F2-FF6A-484C-A27E-40464706FE3A}] => (Allow) D:\Programme\Steam\steamapps\common\Supermarket Simulator\Supermarket Simulator.exe () [File not signed]
FirewallRules: [{08C12255-4807-4EA2-B22B-5987EF309E67}] => (Allow) D:\Programme\Steam\steamapps\common\Supermarket Simulator\Supermarket Simulator.exe () [File not signed]
FirewallRules: [{87149421-DD07-4E19-9819-17347BB6C14A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
FirewallRules: [{79068DF1-AF19-45E5-8157-7A928B4CB6D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
FirewallRules: [{ADFA4932-EA8F-4E46-AAAE-E58B935BE380}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
FirewallRules: [{5FD1FC2C-9153-4A41-A69D-61626F835630}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
FirewallRules: [{AD6D52A6-184E-4609-A83F-3B1BFDE17A5D}] => (Allow) C:\Program Files\PowerToys\PowerToys.MouseWithoutBorders.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{4E963323-DBE0-4EB8-BE46-948D296EF8C5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{607F91DD-70EF-4778-A667-37E964C97E6C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [UDP Query User{82C35AEA-279C-4D8D-BE9A-1141D3EB63BD}C:\program files\logisim-evolution\logisim-evolution.exe] => (Allow) C:\program files\logisim-evolution\logisim-evolution.exe () [File not signed]
FirewallRules: [TCP Query User{B658F0F2-0674-4EAF-97A3-24F9862C0969}C:\program files\logisim-evolution\logisim-evolution.exe] => (Allow) C:\program files\logisim-evolution\logisim-evolution.exe () [File not signed]
FirewallRules: [UDP Query User{E6831222-A353-4556-8C88-C187BBE6FB54}C:\program files\altium\ad23\x2.exe] => (Allow) C:\program files\altium\ad23\x2.exe (Altium LLC → Altium LLC)
FirewallRules: [TCP Query User{58C3F345-F0B7-4F88-B4FB-7D5FB56FF212}C:\program files\altium\ad23\x2.exe] => (Allow) C:\program files\altium\ad23\x2.exe (Altium LLC → Altium LLC)
FirewallRules: [UDP Query User{4A6434BA-95EE-4311-802B-664A774B682E}C:\program files\orcaslicer\orca-slicer.exe] => (Allow) C:\program files\orcaslicer\orca-slicer.exe (SoftFever) [File not signed]
FirewallRules: [TCP Query User{68E6CF3C-38A7-4EB9-96CC-F84EFFE857A4}C:\program files\orcaslicer\orca-slicer.exe] => (Allow) C:\program files\orcaslicer\orca-slicer.exe (SoftFever) [File not signed]
FirewallRules: [{AF9965FD-F81F-44F1-AF57-9CC445DD513F}] => (Block) C:\program files\ultimaker cura 5.3.1\ultimaker-cura.exe () [File not signed]
FirewallRules: [{F2FEF788-42EB-4946-BE43-66B4627CB7E6}] => (Block) C:\program files\ultimaker cura 5.3.1\ultimaker-cura.exe () [File not signed]
FirewallRules: [UDP Query User{E0515BBA-3DB8-46D5-B642-49EA0C99180B}C:\program files\ultimaker cura 5.3.1\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.3.1\ultimaker-cura.exe () [File not signed]
FirewallRules: [TCP Query User{5286CD36-1CA4-4B8A-BFA6-9CCB2E7B2A50}C:\program files\ultimaker cura 5.3.1\ultimaker-cura.exe] => (Allow) C:\program files\ultimaker cura 5.3.1\ultimaker-cura.exe () [File not signed]
FirewallRules: [{5C710ECE-9777-4488-9D5E-CB7990EE78AA}] => (Allow) C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlService.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{67625BC9-F345-4610-8730-700695486F99}] => (Allow) C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlService.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{464A1A85-0515-435B-9086-C2EF53D93886}] => (Allow) C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlService.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{B8951E4A-334B-4072-8C39-BED285225477}] => (Allow) C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlService.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{D80E72AE-7250-42D7-846D-0FA9AA12ACE8}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{B852E5C9-F6BA-4C97-9785-569D1E33A681}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{3E8FC8EC-4359-4FAB-9653-F65D906A650A}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{EC09C64B-FC0B-4DB8-8905-631E7C445096}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{C0A7C768-654B-46F7-AA9E-6D111B46F844}] => (Allow) C:\Windows\SysWOW64\Gateway.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{DD5D6F82-F8CD-45DF-8BCD-4B52EE5C701F}] => (Allow) C:\Windows\SysWOW64\Gateway.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{6B8FB6D7-1CFB-412D-9CF5-23706446F401}] => (Allow) C:\Windows\SysWOW64\Gateway.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{CEE39792-4A68-4970-8615-FEBA29CF7019}] => (Allow) C:\Windows\SysWOW64\Gateway.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{FFE70F5B-1EAA-4C55-954C-E763DCD1E0B1}] => (Allow) C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{91238EAC-87E7-4297-9329-E302BE237483}] => (Allow) C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{F2BD632C-2FA0-4AAC-9024-26D7A1A99CEC}] => (Allow) C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{AA40FF9F-72BC-42D8-A8C0-D330563CE228}] => (Allow) C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{D6ED8DD3-E2F1-4B55-95B0-16309EE0B082}] => (Allow) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\IPMCLI.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{2937A2BD-18E2-46CB-A6F2-83A475A1BF2D}] => (Allow) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\IPMCLI.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{99C74BD9-106E-4CD6-A6C5-0E39F9097B6D}] => (Allow) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\IPMCLI.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{CBB56258-647F-4608-8384-296265CCADBB}] => (Allow) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\IPMCLI.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{8B99EB7C-E07A-4126-B1D6-52FF044E7862}] => (Allow) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\RepTool.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{9BAB2765-B9DE-4A99-8182-1B1981DC23B1}] => (Allow) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\RepTool.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{E3B1E9C9-200D-465E-AD9C-622FDA031CF3}] => (Allow) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\RepTool.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{15ECB879-60C4-42F4-94BE-66A38BB6CC48}] => (Allow) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\RepTool.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{395F3D88-3380-4201-873C-014EC07E72EE}] => (Allow) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\CODESYS.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{475F8A65-BC13-4BB3-A1EA-1FF2C99EC3C5}] => (Allow) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\CODESYS.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{015A8D3D-F40C-4BB5-A5A7-74AA118AAD76}] => (Allow) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\CODESYS.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{5B29FA0B-29F5-416D-ABB2-290897BC05FA}] => (Allow) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\CODESYS.exe (3S-Smart Software Solutions GmbH → 3S-Smart Software Solutions GmbH)
FirewallRules: [{08D56A1D-3837-4F57-90CF-849116B7E206}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG → WIBU-SYSTEMS AG)
FirewallRules: [{3D58B04D-AFD0-4482-A115-7571E50C4558}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG → WIBU-SYSTEMS AG)
FirewallRules: [{F0B59BBA-FB70-48B0-8CF3-9153EF7B7BC3}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG → WIBU-SYSTEMS AG)
FirewallRules: [UDP Query User{4CCC7730-F912-4056-BBA6-F50BE4F9EE6A}D:\programme\arduino\java\bin\javaw.exe] => (Allow) D:\programme\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{17BBF18F-A806-495E-93D3-6C38E8158BD2}D:\programme\arduino\java\bin\javaw.exe] => (Allow) D:\programme\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{EC39A673-930D-49EC-9135-9B866A1A0033}D:\programme\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\programme\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{306288FF-4DE5-4EB1-8866-D00FE9C273A8}D:\programme\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\programme\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{8F25C6C8-5F22-43F1-AD9A-25875FCB0E98}] => (Allow) D:\Programme\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. → Relic Entertainment)
FirewallRules: [{FF239137-D032-45F6-B263-143C815C103C}] => (Allow) D:\Programme\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. → Relic Entertainment)
FirewallRules: [UDP Query User{0A70D895-87A9-4B9C-82F2-97CFA3FC0A7F}C:\users\eiko-\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\eiko-\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [TCP Query User{75C4C195-B5F7-4632-8014-53F1FCE8B0ED}C:\users\eiko-\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\eiko-\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{80574D36-E00A-4A9A-8191-87D405ED45C3}] => (Allow) C:\Users\eiko-\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. → Zoom Video Communications, Inc.)
FirewallRules: [{7D17E545-BF8E-4FA8-A01A-08972AEF9CBB}] => (Allow) C:\Users\eiko-\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. → Zoom Video Communications, Inc.)
FirewallRules: [{3268EFBE-4C81-49C9-AD48-EDC3335758F9}] => (Allow) C:\Users\eiko-\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. → Zoom Video Communications, Inc.)
FirewallRules: [{2AB7E746-53EB-4DAD-9654-236D5600CAD2}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc → Logitech, Inc.)
FirewallRules: [{C7F1E4E8-58A9-43F1-AA76-79CECBD2D03F}] => (Allow) D:\Programme\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (Underwriters Laboratories Inc. → )
FirewallRules: [{CE0A55A3-B0F5-40D0-A062-62FBE8739C3C}] => (Allow) D:\Programme\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (Underwriters Laboratories Inc. → )
FirewallRules: [{E46CE610-C8BD-47B6-8BD8-6F88F29BF20A}] => (Allow) D:\Programme\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (Underwriters Laboratories Inc. → )
FirewallRules: [{2E361E33-CE02-4280-9B42-54AA9EA954D8}] => (Allow) D:\Programme\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (Underwriters Laboratories Inc. → )
FirewallRules: [UDP Query User{B757C28E-7F67-4FC1-A65A-A42EB464EA26}C:\users\eiko-\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\eiko-\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [TCP Query User{35E3D4E4-4F09-440B-AB5B-45B905483E2C}C:\users\eiko-\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\eiko-\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{F362C656-6E2B-41BC-BFBB-8CE01081C3C5}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Trackmania\trackmania.exe (NADEO SASU → Nadeo)
FirewallRules: [{495F5E7C-5384-436C-B273-A178C723B2DD}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Trackmania\trackmania.exe (NADEO SASU → Nadeo)
FirewallRules: [UDP Query User{2AA2A08E-9AD4-4EB0-B55E-469CDF39360F}D:\programme\arduino\java\bin\javaw.exe] => (Allow) D:\programme\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{CCA06AF5-66CF-4F13-AB71-F9C39825990B}D:\programme\arduino\java\bin\javaw.exe] => (Allow) D:\programme\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{936F2D13-DF5E-458B-A955-851D5B4FB563}D:\programme\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\programme\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{D4BA32A3-FDF4-4C07-BC62-83B179C6506E}D:\programme\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\programme\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{454E7A75-1C3C-4DFD-8207-0E864B2F1ABA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{F871D8FB-3F4D-421D-AAE3-9F6B20048843}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{C66A0230-400B-493A-8C1B-F00C17D1BEF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{6E369597-3084-4050-B043-600D6ABA1FB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{5976B0C1-5ACC-4485-BDA9-EEA8754EEE6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{C41D44F6-ED97-461A-AA06-94A5A39A07A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{C6BB91F1-1D99-4F69-A490-B20D99D436CF}] => (Allow) D:\Programme\Steam\Steam.exe (Valve Corp. → Valve Corporation)
FirewallRules: [{9A7F8F80-CAB5-4216-8F4E-483D2684F91B}] => (Allow) D:\Programme\Steam\Steam.exe (Valve Corp. → Valve Corporation)
FirewallRules: [{7387F38A-6876-49EC-B2B0-9E71D96ECC72}] => (Allow) D:\Programme\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC → Futuremark)
FirewallRules: [{DBA546C7-062E-4537-BBAC-803DDD3D6A7E}] => (Allow) D:\Programme\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC → Futuremark)
FirewallRules: [{E9B135D1-5AEC-4E80-9760-758BC2ED25E5}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. → Valve Corporation)
FirewallRules: [{DFC0EB80-5C53-4CFD-B783-86F6FE6C8D24}] => (Allow) D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. → Valve Corporation)
FirewallRules: [{217F66B7-11A6-4DFD-80CC-B6D79F5CEC18}] => (Allow) D:\Programme\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: ) [File not signed]
FirewallRules: [{EBF76231-D441-433F-8DAD-7CDFC8468D3E}] => (Allow) D:\Programme\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: ) [File not signed]
FirewallRules: [{6B4D91F0-7455-4AC3-884B-98C1803A6167}] => (Allow) D:\Programme\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [File not signed]
FirewallRules: [{91039128-6EF6-4727-9C42-C448B4C5D10F}] => (Allow) D:\Programme\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [File not signed]
FirewallRules: [{45AE92CD-EA04-4379-8578-613E0030B301}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{287A857D-70DA-42BB-BFF6-F454D73B29F5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{D1330097-8553-48E2-BFE5-3EEEB543BB39}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{C675973E-8322-4C2C-97EB-5D07079A99F0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{9512345D-6394-465C-8E3B-5F33DE5EC10B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{055487D4-80A4-4764-B807-1424EE5FD5F4}] => (Allow) D:\Programme\Ubisoft Game Launcher\games\Anno 1800\Bin\Win64\Anno1800.exe (UBISOFT ENTERTAINMENT INC. → Ubisoft)
FirewallRules: [{38F4B99D-25BE-4655-9C28-43100D3F530D}] => (Allow) C:\Users\eiko-\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. → Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{FCBF3D6D-D1A2-497A-AC73-647AAF1DA470}D:\programme\install\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\programme\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{65184F1F-8F38-4CE4-AA73-22C8F93537CB}D:\programme\install\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\programme\install\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{BE6CA684-F767-440E-B229-7C99913C3337}D:\programme\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) D:\programme\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{043ECEF8-8109-40B8-84AD-19CFAE5B6E76}D:\programme\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) D:\programme\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [{F4CFF23C-172A-431D-B83E-990FD7F8C7F4}] => (Allow) D:\Programme\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (Underwriters Laboratories Inc. → )
FirewallRules: [{6B3EADBD-3708-4F4B-9EF5-06BA20CE694F}] => (Allow) D:\Programme\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (Underwriters Laboratories Inc. → )
FirewallRules: [{E1B86E19-0D33-4630-8FF7-277C68AABBFC}] => (Allow) D:\Programme\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (Underwriters Laboratories Inc. → )
FirewallRules: [{2B27175F-CF4D-4A4F-AD7D-65A0B35F8935}] => (Allow) D:\Programme\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (Underwriters Laboratories Inc. → )
FirewallRules: [TCP Query User{8D7F5CE9-0C93-4AA4-A37F-7964AA9BAD77}D:\programme\freefilesync\bin\freefilesync_x64.exe] => (Allow) D:\programme\freefilesync\bin\freefilesync_x64.exe (Florian BAUER → FreeFileSync.org)
FirewallRules: [UDP Query User{8330EB73-AB1C-41CA-9755-39A390E36176}D:\programme\freefilesync\bin\freefilesync_x64.exe] => (Allow) D:\programme\freefilesync\bin\freefilesync_x64.exe (Florian BAUER → FreeFileSync.org)
FirewallRules: [TCP Query User{5BDA5EB0-9575-4832-80AC-C853FD95A948}D:\programme\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Block) D:\programme\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{0F4A798B-5889-4F92-9609-5A18A87BE9D1}D:\programme\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Block) D:\programme\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{92CF064D-57DB-46A0-9AFF-4D88B7A620E5}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{AD788EA4-4AC7-4DEB-AD15-60BB29596564}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{81AACDE4-9800-490D-B67E-F513665C9918}] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{DC38C056-7BC6-402C-8C7E-0D09D1A7B84F}] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{FA0975BD-7405-4180-8338-3EDF5836A071}] => (Allow) LPort=26820
FirewallRules: [{564C2F60-F3C5-4645-A9C6-44F56CBC52DD}] => (Allow) LPort=26822
FirewallRules: [{D306029C-5CC5-43EA-A63D-499B2F21E6CD}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24047.202.2704.38_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{206EB2EF-8818-4966-994B-177A38E903D0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24047.202.2704.38_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation → Microsoft Corporation)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

06-03-2024 14:11:01 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================
[HEADING=1]Application errors:[/HEADING]
Error: (03/06/2024 04:36:57 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-OSDJ7D2$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{“Message”:“The authority "amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net" does not exist.”}
HTTP/1.1 404 Not Found
Date: Wed, 06 Mar 2024 15:36:59 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 004e17c7-d9f5-48bb-a750-7e834bbbd2d7

Methode: GET(172ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (03/06/2024 04:36:56 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{“Message”:“The authority "amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net" does not exist.”}
HTTP/1.1 404 Not Found
Date: Wed, 06 Mar 2024 15:36:59 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 90507c97-f1c6-4a2a-a8b1-2233ef1c7cd5

Methode: GET(218ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (03/06/2024 02:00:20 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm SecHealthUI.exe Version 10.0.22621.1 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (03/06/2024 01:58:23 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm SecHealthUI.exe Version 10.0.22621.1 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.

Error: (03/06/2024 01:55:02 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-OSDJ7D2$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{“Message”:“The authority "amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net" does not exist.”}
HTTP/1.1 404 Not Found
Date: Wed, 06 Mar 2024 12:55:04 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 2d7d9802-ae22-4390-b1c1-d3da37d1cee8

Methode: GET(187ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (03/06/2024 01:55:01 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{“Message”:“The authority "amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net" does not exist.”}
HTTP/1.1 404 Not Found
Date: Wed, 06 Mar 2024 12:55:04 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7962606e-fbb8-4e72-8415-b562353f569d

Methode: GET(266ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
[HEADING=1]System errors:[/HEADING]
Error: (03/06/2024 08:02:27 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server “{470B9B9B-0E95-4963-B265-5D58E5808C3D}” konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/06/2024 08:00:27 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server “{816A45F9-7406-42BB-B4FA-A655D96F2A8A}” konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/06/2024 07:58:27 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server “{74FA5D1F-BBD3-4F3E-8776-41EDEFC608D9}” konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/06/2024 07:56:27 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server “{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}” konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/06/2024 07:54:27 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server “{CC66E708-C687-42EA-806E-83D41C9D1A5F}” konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/06/2024 07:52:27 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server “{F99A566C-42AE-4DE2-AD4D-D297A04C5433}” konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/06/2024 02:21:00 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OSDJ7D2)
Description: Der Server “{A2A6D7C6-ECBD-439E-9244-9E784608439F}” konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/06/2024 02:19:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OSDJ7D2)
Description: Der Server “{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}” konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2024-03-06 13:52:58
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume7\Programme\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).

Date: 2024-03-06 13:52:58
Description:
The driver \Device\HarddiskVolume7\Programme\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys is blocked from loading as the driver has been revoked by Microsoft.

Date: 2024-03-06 13:52:25
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume4\Windows\System32\drivers\ene.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).

Date: 2024-03-06 13:52:25
Description:
The driver \Device\HarddiskVolume4\Windows\System32\drivers\ene.sys is blocked from loading as the driver has been revoked by Microsoft.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.B0 11/08/2019
Motherboard: Micro-Star International Co., Ltd. B450 GAMING PRO CARBON AC (MS-7B85)
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 30%
Total physical RAM: 32716.52 MB
Available physical RAM: 22674.16 MB
Total Virtual: 37580.52 MB
Available Virtual: 24365.51 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:929.9 GB) (Free:655.72 GB) (Model: CT1000P3SSD8) NTFS
Drive d: (Speicher) (Fixed) (Total:894.24 GB) (Free:417.71 GB) (Model: Patriot Burst) NTFS
Drive e: (SSD Speicher) (Fixed) (Total:119.24 GB) (Free:119.15 GB) (Model: SAMSUNG MZVLW128HEGR-00000) NTFS

\?\Volume{e5fef1f2-14bc-41e5-a2cb-6fec93bb4729}\ () (Fixed) (Total:0.52 GB) (Free:0.5 GB) NTFS
\?\Volume{e1dbc652-80d9-40ab-b45a-f727e4875447}\ () (Fixed) (Total:0.87 GB) (Free:0.08 GB) NTFS
\?\Volume{9ac877f4-f51d-470b-8acb-437c47e286b7}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 894.3 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
                                [/HEADING]

                                  Comment

                                  • Malnutrition
                                    PCHF Moderator
                                    • Jul 2016
                                    • 7045
                                    #24
                                    What is social blade? Are you re installing it? I have removed it several times.
                                    How is Avira VPN being reinstalled?

                                    Can you save your bookmarks and passwords and reset chrome for me.

                                    Hekasoft Backup & Restore - backup your browser for free
                                    https://hekasoft.com/hekasoft-backup-restore/
                                    Hekasoft Backup & Restore is an all-in-one solution to manage your browser data and settings. Backup your favorite browser’s settings in a single file that you can store on external drive or cd-rom and use it to restore the profile.

                                    Reset Chrome settings to default - Google Chrome Help
                                    https://support.google.com/chrome/answer/3296214?hl=en
                                    You can restore your browser settings in Chrome at any time. You might need to do this if apps or extensions you installed changed your settings without your knowledge. Your saved bookmarks and passwo




                                    Can you provide a screen shot of what happens when you try and start windows security center please.



                                    ZHP cleaner Scan.

                                    Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
                                    Once you have started the program, you will need to click the scanner button.
                                    The program will close all open browsers!
                                    Once the scan is completed, the you will want to click the Repair button.
                                    At the end of the process you may be asked to reboot your machine.
                                    After you reboot a report will open on your desktop.
                                    Attach the report here in your next reply.



                                    Security Check Scan.

                                    [ul]
                                    [li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please Copy and paste that log here in your next post[/li][/ul]


                                    Copy the content of the code box below.
                                    [COLOR=rgb(184, 49, 47)]Do not copy the word code!!!
                                    Right Click FRST and run as Administrator.
                                    Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
                                    Attach it to your next message.
                                    Code:
                                    Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
C:\WINDOWS\system32\perfh009.dat
C:\WINDOWS\system32\perfh007.dat
C:\WINDOWS\system32\perfc009.dat
C:\WINDOWS\system32\perfc007.dat
C:\Program Files\Bonjour
C:\WINDOWS\System32\drivers\avkmgr.sys
C:\WINDOWS\System32\drivers\avipbb.sys
C:\WINDOWS\System32\drivers\avdevprot.sys
C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
C:\WINDOWS\System32\drivers\phantomtap.sys
C:\WINDOWS\system32\Tasks\Avira
Unlock: C:\ProgramData\cm-lock
C:\ProgramData\cm-lock
C:\Users\eiko-\AppData\Local\Resmon.ResmonCfg
C:\Users\eiko-\AppData\Roaming\LTspiceXVII.ini
C:\Users\eiko-\AppData\Local\recently-used.xbel
C:\Users\eiko-\AppData\Roaming\EQATEC Analytics
2024-03-06 13:57 - 2024-03-06 13:57 - 000758838 _____ C:\WINDOWS\system32\perfh007.dat
2024-03-06 13:57 - 2024-03-06 13:57 - 000157058 _____ C:\WINDOWS\system32\perfc007.dat
AlternateDataStreams: C:\Windows:CM_2a732c3f1e3eb40b63fe062d0180f157c71684af0a0442ab953224075801bb78 [74]
AlternateDataStreams: C:\Windows:CM_bf41c588bad5a092a453669c0d3c66d1ec2c072fbf5c15cc6acda24c9e4d0955 [74]
AlternateDataStreams: C:\Users\eiko-\Desktop\RogueKiller_setup.exe:MBAM.Zone.Identifier [187]
AlternateDataStreams: C:\Users\eiko-\Desktop\ZHPSuite.exe:MBAM.Zone.Identifier [77]
AlternateDataStreams: C:\Users\eiko-\Downloads\AccountProfileFixer.exe:MBAM.Zone.Identifier [131]
C:\Windows:CM_2a732c3f1e3eb40b63fe062d0180f157c71684af0a0442ab953224075801bb78
C:\Windows:CM_bf41c588bad5a092a453669c0d3c66d1ec2c072fbf5c15cc6acda24c9e4d0955
FirewallRules: [{B47387AD-2143-488F-B24F-E00E7DE32978}] => (Block) D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe => No File
FirewallRules: [{AE99B29D-2626-46F7-9F22-501881F2E445}] => (Block) D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe => No File
FirewallRules: [{53BE1FB6-6D7C-4016-9BE9-ACA17B30CAD8}] => (Allow) D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe => No File
FirewallRules: [{A7F73065-A310-4FA7-B8E8-AC28FEC462BB}] => (Allow) D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe => No File
FirewallRules: [{FA0975BD-7405-4180-8338-3EDF5836A071}] => (Allow) LPort=26820
FirewallRules: [{564C2F60-F3C5-4645-A9C6-44F56CBC52DD}] => (Allow) LPort=26822
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
VirusTotal: C:\Windows\system32\drivers\ene.sys
File: C:\Windows\system32\drivers\ene.sys
File: C:\Windows\system32\p9rdrservice.dll
Virustotal: C:\Windows\system32\p9rdrservice.dll
startpowershell:
get-service
Endpowershell:
CMD: net start
emptytemp:
Reboot:
End::


                                    Look in the Autologger folder and drag out the CheckBrowsersLNK file.
                                    To your desktop.
                                    AutoLogger\CheckBrowserLnk

                                    Drag and drop onto the ClearLNK utility .
                                    After saving ClearLNK to desktop.
                                    [IMG alt=“move.gif”]https://dragokas.com/tools/move.gif




                                    Run HijackThis! as admin! (located in the folder …Autologger\HijackThis)
                                    Do a system scan, then check each item below, make sure and only check the items listed.
                                    Then click Fix checked.
                                    The computer will need to reboot, allow it to do so.
                                    Code:
                                    O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\Program Files (x86)\Microsoft\Edge\Temp -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\FXSAPI.DLL -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSAPI.DLL (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\FXSDRV.DLL -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSDRV.DLL (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\FXSRES.DLL -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSRES.DLL (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\FXSTIFF.DLL -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSTIFF.DLL (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\FXSUI.DLL -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSUI.DLL (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\FXSUI.DLL -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSUI.DLL (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\FXSWZRD.DLL -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSWZRD.DLL (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\New\PCL5URES.DLL -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\PCL5URES.DLL (file missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup (empty)
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service:  'phantomtap'
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)

                                    [/IMG][/COLOR]

                                      Comment

                                      • Urenis
                                        PCHF Member
                                        • Feb 2024
                                        • 14
                                        #25
                                        social blade is a tool that displays YouTube statistics. I actually uninstalled Avira immediately after purchasing the PC. I don’t know where it always comes from.

                                        Here is the screenshot of Windows security. It starts like this and closes after about 30 seconds.
                                        [ATTACH type=“full”]13502[/ATTACH]

                                        Logs:
                                        ZHPDiag:

                                        Code:
                                        ~ ZHPDiag v2024.3.2.9 Von Nicolas Coolman (2024/03/02)
~ gestartet von eiko- (Administrator) (2024/03/07 12:47:19)
~ Assistance: https://forum.nicolascoolman.eu/
~ Blog: https://nicolascoolman.eu/
~ Facebook: ZHP
~ Version des Status: Version OK
~ Modus: Scanner
~ Bericht: C:\Users\eiko-\Desktop\ZHPDiag.txt
~ Bericht: C:\Users\eiko-\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Systemstart: Normal (Normal boot)
Windows 11, 64-bit (Build 22631) =>.Microsoft Corporation

—\ Internet-browser (3) - 0s
~ GCIE: Google Chrome v122.0.6261.95
~ MSIE: Internet Explorer v11.1.22621.0
~ OBIE: Microsoft Edge v123.0.2420.20

—\ Windows-Produkt-Informationen (3) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

—\ System-Datenschutz-software (1) - 1s
Windows Defender W11 (Activate) (Protection)

—\ Software anti-malware (1) - 1s
~ RogueKiller version 15.15.2.0 v15.15.2.0 (Anti-Malware)

—\ Informationen über das system (18) - 0s
~ Operating System: AMD64 Family 23 Model 113 Stepping 0, AuthenticAMD
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
System Restore: Activé (Enable)
System drive C: has 669 GB (70%) free of 952 GB : OK =>.Disk Space

—\ INFORMATIONS MÉMOIRE (MEMORY INFORMATIONS)
~ Slots Total (Total Slots) : 4
~ Slots Utilisés (Used Slots) : 4
~ Slots Disponibles (Free Slots) : 0
~ Type de barrette (FormFactor): DIMM
~ Taille (Size) : 8 Go
~ Vitesse (Speed) : 2133
~ Charge mémoire (Memory Usage) : 19%
~ RAM physique Total (Total Physical) : 32 Go : OK
~ RAM physique Disponible (Available Physical) : 26 Go
~ Total virtuelle (Total Virtual) : 36.7 Go
~ Disponible virtuelle (Available Virtual): 28.87 Go

—\ Verbindung zu den Systemmodus (3) - 0s
~ Computer Name: DESKTOP-OSDJ7D2
~ User Name: eiko-
~ Logged in as Administrator

—\ Aufzählung von Disk-Einheiten (7) - 1s
~ Drive C: has 669 GB free of 952 GB (System)
~ Drive D: has 427 GB free of 915 GB
~ Drive E: has 122 GB free of 122 GB

—\ ETAT DE LA COMMANDE TRIM
~ La commande TRIM est active (NTFS)
~ La commande TRIM est active (ReFS)

—\ SYSTEM DISK MAIN FEATURES (22) - 12s
~ Model: Patriot Burst vSBFMKA.3 (952 Gb )
~ Media Type: SSD Fixed Disk ( Bus: SATA)

—\ SYSTEM DISK GENERAL ATTRIBUTES
OK - N0 - Indicateur d’usure du périphérique de stockage (Storage Device Wear Indicator) (%): 0
OK - N1 - Temps de latence maximal de vidage (Maximum Flash latency) (ms): 0.017
OK - N2 - Temps de latence maximal d’écriture (Maximum write latency) (ms): 0.025
OK - N3 - Temps de latence maximal de lecture (Maximum read latency) (ms): 0.107
OK - N4 - Vitesse de rotation (Spindle Speed) (RPM): 0

—\ S.M.A.R.T. PARAMETERS - [Flag][Value][Worst] [Threshold][Raw Value]
OK - 01 - Taux d’erreur de lecture (Raw Read Error Rate) - [11][100][100] [50][0]
OK - 09 - Heures de fonctionnement (Power-On Hours Count (POH) - [18][100][100] [0][8323]
OK - 0C - Nombre de cycles en fonctionnement (Power Cycles Count) - [18][100][100] [0][1380]
OK - A8 - Maximum de cycles P/E (Maximum P/E Cycles) - [18][100][100] [0][0]
OK - AA - Nombre de blocs réservés utilisés (Used Reserved Block Count) - [3][89][89] [10][221]
OK - AD - Nombre de blocs effacés (Average Block-Erase Count) - [18][100][100] [0][16]
OK - C0 - Pertes de Puissance inattendues (Unexpected Power Loss Count) - [18][100][100] [0][17]
OK - C2 - Température interne actuelle (Temperature) - [35][67][67] [0][33]
OK - DA - Fréquence des erreurs de marque d’adresse (Address Mark Errors Frequency) - [11][100][100] [50][0]
OK - E7 - Durée de vie restante (SSD Life Left) - [19][100][100] [0][99]
OK - F1 - Nombre total d’écriture Hôte (Total LBA Written, Lifetime Host Writes) - [18][100][100] [0][2327]

—\ Status der Windows-Sicherheitscenter (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

—\ Suche generische Systemdateien (25) - 1s
[MD5.0833E505DCC2203D6375CAB9FFF4F480] - 04/12/2023 - (.Microsoft Corporation - Windows-Explorer.) – C:\WINDOWS\Explorer.exe [5298768] =>.Microsoft®
[MD5.57A6B4BDF247C1A6CA08AC09A8F9B742] - 07/05/2022 - (.Microsoft Corporation - Windows-Hostprozess (Rundll32).) – C:\WINDOWS\System32\rundll32.exe [73728] [Unsigned] =>.Microsoft Corporation
[MD5.E72284A1301EC8A119AE863ADD26D0AA] - 04/12/2023 - (.Microsoft Corporation - Windows-Startanwendung.) – C:\WINDOWS\System32\Wininit.exe [579952] [Unsigned] =>.Microsoft Corporation
[MD5.3D5D8865385E0DC224394AE1A289D2CE] - 04/12/2023 - (.Microsoft Corporation - Interneterweiterungen für Win32.) – C:\WINDOWS\System32\wininet.dll [5232544] =>.Microsoft®
[MD5.CCEAB8B5A7DED689747C9E5B124CAE7E] - 04/12/2023 - (.Microsoft Corporation - Windows-Anmeldeanwendung.) – C:\WINDOWS\System32\Winlogon.exe [909312] [Unsigned] =>.Microsoft Corporation
[MD5.6B75A00870646432692FAD2A71023198] - 04/12/2023 - (.Microsoft Corporation - Softwarelizenzierungsbibliothek.) – C:\WINDOWS\System32\sppcomapi.dll [356352] [Unsigned] =>.Microsoft Corporation
[MD5.02C77411C2E4DEFEF1A00DCB7A3442D8] - 04/12/2023 - (.Microsoft Corporation - DNS-Client-API-DLL.) – C:\WINDOWS\System32\dnsapi.dll [1034528] =>.Microsoft®
[MD5.EF1D97BBFC518F3896657FD495E3A782] - 04/12/2023 - (.Microsoft Corporation - DNS-Client-API-DLL.) – C:\WINDOWS\Syswow64\dnsapi.dll [768544] =>.Microsoft®
[MD5.5ABA8DD165AF2D7BD49E307B42229083] - 04/12/2023 - (.Microsoft Corporation - Windows Update Agent.) – C:\WINDOWS\System32\wuaueng.dll [130528] [Unsigned] =>.Microsoft Corporation
[MD5.372D0A6214152903FACE466F0C637B1C] - 04/12/2023 - (.Microsoft Corporation - Treiber für zusätzliche WinSock-Funktionen.) – C:\WINDOWS\System32\drivers\AFD.sys [697840] [Unsigned] =>.Microsoft Corporation
[MD5.BE55BB568AB319140B1DD89358AF9EFB] - 04/12/2023 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [62832] [Unsigned] =>.Microsoft Corporation
[MD5.9374900DC6DA12E0393269889D12F249] - 04/12/2023 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\Cdfs.sys [131072] [Unsigned] =>.Microsoft Corporation
[MD5.BD94BB6159F87B6D4D3E10CDC20C069A] - 07/05/2022 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\Cdrom.sys [204800] [Unsigned] =>.Microsoft Corporation
[MD5.E6EFDDE7D2DDF2A3254C86C40C5CD84F] - 04/12/2023 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\DfsC.sys [184320] [Unsigned] =>.Microsoft Corporation
[MD5.E4B9C6E6594D173A8D60DDAAB3A4B807] - 04/12/2023 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\HDAudBus.sys [192512] [Unsigned] =>.Microsoft Corporation
[MD5.566132924EBEEAE1A41FB521B56E0AAA] - 07/05/2022 - (.Microsoft Corporation - i8042-Anschlusstreiber.) – C:\WINDOWS\System32\drivers\i8042prt.sys [159744] [Unsigned] =>.Microsoft Corporation
[MD5.9425DF210EABB5AC6E7EAF5705D1B4AA] - 04/12/2023 - (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\IpNat.sys [258048] [Unsigned] =>.Microsoft Corporation
[MD5.204854A3124E39A53A83FC45B99C444C] - 04/12/2023 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\WINDOWS\System32\drivers\MRxSmb.sys [660864] [Unsigned] =>.Microsoft Corporation
[MD5.74C676120EC95C8372515D13FC086AF8] - 04/12/2023 - (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netBT.sys [327680] [Unsigned] =>.Microsoft Corporation
[MD5.423FFF6192BA3F10315E6F4A4DED8FD7] - 04/12/2023 - (.Microsoft Corporation - NT-Dateisystemtreiber.) – C:\WINDOWS\System32\drivers\ntfs.sys [3335656] [Unsigned] =>.Microsoft Corporation
[MD5.3A4E501001979A77B7F2C353944699A9] - 07/05/2022 - (.Microsoft Corporation - Treiber für parallelen Anschluss.) – C:\WINDOWS\System32\drivers\Parport.sys [135168] [Unsigned] =>.Microsoft Corporation
[MD5.298389F510DED6B76606D40BB37EC87D] - 04/12/2023 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\Rasl2tp.sys [151552] [Unsigned] =>.Microsoft Corporation
[MD5.9327D2D9AEA1C64BC6993E48849232E9] - 07/05/2022 - (.Microsoft Corporation - Geräte-Redirector für Microsoft RDP.) – C:\WINDOWS\System32\drivers\rdpdr.sys [196608] [Unsigned] =>.Microsoft Corporation
[MD5.C8ECEAE641D734CFBDDCCC7B50F2EDC4] - 04/12/2023 - (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [157056] [Unsigned] =>.Microsoft Corporation
[MD5.26E1B735BA5879B42B324F1D3163FC68] - 04/12/2023 - (.Microsoft Corporation - Volumeschattenkopie-Treiber.) – C:\WINDOWS\System32\drivers\volsnap.sys [468352] [Unsigned] =>.Microsoft Corporation

—\ Nicht deaktiviert Windows Dienste (82) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Inc. - Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Inc.®
O23 - Service: C:\WINDOWS\System32\AudioEndpointBuilder.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Windows-Audio-Endpunkterstellung.) - C:\WINDOWS\System32\AudioEndpointBuilder.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\audiosrv.dll (Audiosrv) . (.Microsoft Corporation - Windows-Audiodienst.) - C:\WINDOWS\System32\Audiosrv.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\bfe.dll (BFE) . (.Microsoft Corporation - Basisfiltermodul.) - C:\WINDOWS\System32\bfe.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\bisrv.dll (BrokerInfrastructure) . (.Microsoft Corporation - Process State Manager (PSM) Service.) - C:\WINDOWS\System32\psmsrv.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\cbdhsvc.dll (cbdhsvc) . (.Microsoft Corporation - Microsoft (R)-Zwischenablageverlauf.) - C:\WINDOWS\System32\cbdhsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: cbdhsvc_5d5ae (cbdhsvc_5d5ae) . (.Microsoft Corporation - Hostprozess für Windows-Dienste.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\cdpusersvc.dll (CDPUserSvc) . (.Microsoft Corporation - Microsoft (R)-CDP-Benutzerkomponenten.) - C:\WINDOWS\System32\CDPUserSvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: CDPUserSvc_5d5ae (CDPUserSvc_5d5ae) . (.Microsoft Corporation - Hostprozess für Windows-Dienste.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: Microsoft Office-Klick-und-Los-Dienst (ClickToRunSvc) . (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe =>.Microsoft®
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
O23 - Service: CODESYS Gateway V3 Version 3.5.10.40 (CODESYS Gateway V3) . (.3S-Smart Software Solutions GmbH - GatewayService.) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe =>.3S-Smart Software Solutions GmbH®
O23 - Service: CODESYS ServiceControl Version 3.5.10.0 (CODESYS ServiceControl) . (.3S-Smart Software Solutions GmbH - ServiceControl.) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\ServiceControl.exe =>.3S-Smart Software Solutions GmbH®
O23 - Service: C:\Windows\System32\coremessaging.dll (CoreMessagingRegistrar) . (.Microsoft Corporation - Microsoft CoreMessaging Dll.) - C:\Windows\System32\coremessaging.dll =>.Microsoft®
O23 - Service: Corsair Service (CorsairService) . (.Corsair Memory, Inc. - Corsair.Service.) - D:\Programme\Corsair\CORSAIR iCUE Software\Corsair.Service.exe =>.Corsair Memory, Inc.®
O23 - Service: C:\WINDOWS\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Kryptografiedienste.) - C:\WINDOWS\System32\cryptsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\das.dll (DeviceAssociationService) . (.Microsoft Corporation - Gerätezuordnungsdienst.) - C:\WINDOWS\System32\das.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - DHCP Clientdienst.) - C:\Windows\System32\dhcpcore.dll =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\diagtrack.dll (DiagTrack) . (.Microsoft Corporation - Microsoft Windows-Diagnosenachverfolgung.) - C:\WINDOWS\System32\diagtrack.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\dispbroker.desktop.dll (DispBrokerDesktopSvc) . (.Microsoft Corporation - Desktopbildschirm-Broker.) - C:\WINDOWS\System32\DispBroker.Desktop.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - DNS-Cacheauflösungsdienst.) - C:\WINDOWS\System32\dnsrslvr.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\dosvc.dll (DoSvc) . (.Microsoft Corporation - Hostprozess für Windows-Dienste.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: Dragon Center Service (DragonCenter_Service) . (.Micro-Star Int’l Co., Ltd. - DragonCenter Service.) - D:\Programme\Dragon Center\DragonCenter_Service.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.®
O23 - Service: C:\WINDOWS\System32\dusmsvc.dll (DusmSvc) . (.Microsoft Corporation - Dienst für Datennutzung.) - C:\WINDOWS\System32\dusmsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Microsoft Edge Update Service (edgeupdate) (edgeupdate) . (.Microsoft Corporation - Microsoft Edge Update.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\wevtsvc.dll (EventLog) . (.Microsoft Corporation - Ereignisprotokollierungsdienst.) - C:\WINDOWS\System32\wevtsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\FntCache.dll (FontCache) . (.Microsoft Corporation - Windows-Dienst für Schriftartencache.) - C:\WINDOWS\System32\FntCache.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: GameInput Service (GameInput Service) . (.Microsoft Corporation - GameInput Host Service.) - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe =>.Microsoft®
O23 - Service: Gaming Services (GamingServices) . (.Microsoft Corporation - GamingServices.) - C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\GamingServices.exe =>.Microsoft®
O23 - Service: Gaming Services (GamingServicesNet) . (.Microsoft Corporation - GamingServices.) - C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe =>.Microsoft®
O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Gruppenrichtlinienclient.) - C:\WINDOWS\System32\gpsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Google Update-Dienst (gupdate) (gupdate) . (.Google LLC - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google LLC®
O23 - Service: HP Print Scan Doctor Service (HPPrintScanDoctorService) . (.HP Inc. - .) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe =>.HP Inc.®
O23 - Service: C:\WINDOWS\System32\ikeext.dll (IKEEXT) . (.Microsoft Corporation - IKE-Erweiterung.) - C:\WINDOWS\System32\ikeext.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\iphlpsvc.dll (iphlpsvc) . (.Microsoft Corporation - Dienst, der IPv6-Konnektivität über ein IPv.) - C:\WINDOWS\System32\iphlpsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - Serverdienst-DLL.) - C:\WINDOWS\System32\srvsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - Arbeitsstationsdienst-DLL.) - C:\WINDOWS\System32\wkssvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: LightKeeperService (LightKeeperService) . (.Micro-Star INT’L CO., LTD. - LightKeeperService.) - D:\Programme\Dragon Center\Mystic_Light\LightKeeperService.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.®
O23 - Service: C:\WINDOWS\system32\lsm.dll (LSM) . (.Microsoft Corporation - Lokaler Sitzungs-Manager-Dienst.) - C:\WINDOWS\System32\lsm.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\moshost.dll (MapsBroker) . (.Microsoft Corporation - Manager für heruntergeladene Karten.) - C:\WINDOWS\System32\moshost.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FirewallAPI.dll (mpssvc) . (.Microsoft Corporation - Microsoft-Schutzdienst.) - C:\WINDOWS\System32\mpssvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Nahimic service (NahimicService) . (.Nahimic - .) - C:\WINDOWS\System32\NahimicService.exe [Unsigned] =>.Nahimic
O23 - Service: C:\Windows\System32\netlogon.dll (Netlogon) . (.Microsoft Corporation - Local Security Authority Process.) - C:\WINDOWS\System32\lsass.exe [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Netzwerkspeicherschnittstellen-RPC-Server.) - C:\WINDOWS\System32\nsisvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation®
O23 - Service: C:\WINDOWS\System32\APHostRes.dll (OneSyncSvc) . (.Microsoft Corporation - Accounts Host Service.) - C:\WINDOWS\System32\APHostService.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: OneSyncSvc_5d5ae (OneSyncSvc_5d5ae) . (.Microsoft Corporation - Hostprozess für Windows-Dienste.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\pcasvc.dll (PcaSvc) . (.Microsoft Corporation - Programmkompatibilitäts-Assistent-Dienst.) - C:\WINDOWS\System32\pcasvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: PDF24 (PDF24) . (.geek software GmbH - PDF24 Backend.) - D:\Programme\PDF24\pdf24.exe {7B70689C80A3B5B20BDE0B06301B7E1C}. =>.Geek Software GmbH
O23 - Service: C:\WINDOWS\System32\umpo.dll (Power) . (.Microsoft Corporation - Stromversorgung (Benutzermodus).) - C:\WINDOWS\System32\umpo.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\WINDOWS\System32\profsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\rasmans.dll (RasMan) . (.Microsoft Corporation - RAS-Verbindungsverwaltung.) - C:\WINDOWS\System32\rasmans.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: RogueKiller RTP (rkrtservice) . (.ADLICE - .) - C:\Program Files\RogueKiller\RogueKillerSvc.exe =>.ADLICE®
O23 - Service: C:\WINDOWS\system32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - RPC-Endpunktzuordnung.) - C:\WINDOWS\System32\RpcEpMap.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: @combase.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\WINDOWS\System32\rpcss.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Aufgabenplanungsdienst.) - C:\WINDOWS\System32\schedsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\Sens.dll (SENS) . (.Microsoft Corporation - Benachrichtigungsdienst für Systemereigniss.) - C:\WINDOWS\System32\sens.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Windows-Shelldienste-DLL.) - C:\Windows\System32\shsvcs.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\spoolsv.exe,-1 (Spooler) . (.Microsoft Corporation - Spoolersubsystem-Anwendung.) - C:\WINDOWS\System32\spoolsv.exe [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Softwareschutzplattform-Dienst von Microsof.) - C:\WINDOWS\System32\sppsvc.exe [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\windows.staterepository.dll (StateRepository) . (.Microsoft Corporation - Windows-StateRepository-API-Server.) - C:\Windows\System32\windows.staterepository.dll =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\wiaservc.dll (StiSvc) . (.Microsoft Corporation - Digitalbildgerätedienst.) - C:\WINDOWS\System32\wiaservc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\StorSvc.dll (StorSvc) . (.Microsoft Corporation - Speicherdienste.) - C:\WINDOWS\System32\storsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\sysmain.dll (SysMain) . (.Microsoft Corporation - SysMain-Diensthost.) - C:\WINDOWS\System32\sysmain.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\system32\SystemEventsBrokerServer.dll (SystemEventsBroker) . (.Microsoft Corporation - Systemereignisbroker.) - C:\WINDOWS\System32\SystemEventsBrokerServer.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\TabSvc.dll (TextInputManagementService) . (.Microsoft Corporation - Microsoft Dienst für die Texteingabeverwalt.) - C:\WINDOWS\System32\TabSvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\themeservice.dll (Themes) . (.Microsoft Corporation - Windows-Shelldesigndienste-DLL.) - C:\WINDOWS\System32\themeservice.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\usermgr.dll (UserManager) . (.Microsoft Corporation - Benutzer-Manager.) - C:\WINDOWS\System32\usermgr.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\usosvc.dll (UsoSvc) . (.Microsoft Corporation - Updatesitzung für Orchestrator Service.) - C:\WINDOWS\System32\usosvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wcmsvc.dll (Wcmsvc) . (.Microsoft Corporation - Dienst-DLL des Windows-Verbindungs-Managers.) - C:\WINDOWS\System32\wcmsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\webthreatdefusersvc.dll (webthreatdefusersvc) . (.Microsoft Corporation - Web Threat Defense-Benutzerdienst.) - C:\WINDOWS\System32\webthreatdefusersvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: webthreatdefusersvc_5d5ae (webthreatdefusersvc_5d5ae) . (.Microsoft Corporation - Hostprozess für Windows-Dienste.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) . (.Microsoft Corporation - Antimalware Service Executable.) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\wbem\wmisvc.dll (Winmgmt) . (.Microsoft Corporation - WMI.) - C:\WINDOWS\System32\wbem\WMIsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wlansvc.dll (WlanSvc) . (.Microsoft Corporation - DLL für den automatischen Windows-WLAN-Konf.) - C:\WINDOWS\System32\wlansvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\wpnservice.dll (WpnService) . (.Microsoft Corporation - Windows-Pushbenachrichtigungssystemdienst.) - C:\WINDOWS\System32\WpnService.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\WpnUserService.dll (WpnUserService) . (.Microsoft Corporation - Windows-Pushbenachrichtigungs-Benutzerdiens.) - C:\WINDOWS\System32\WpnUserService.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: WpnUserService_5d5ae (WpnUserService_5d5ae) . (.Microsoft Corporation - Hostprozess für Windows-Dienste.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: C:\WINDOWS\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Windows-Sicherheitscenterdienst.) - C:\WINDOWS\System32\wscsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\WINDOWS\System32\SearchIndexer.exe,-103 (WSearch) . (.Microsoft Corporation - Microsoft Windows Search-Indexerstellung.) - C:\Windows\System32\SearchIndexer.exe [Unsigned] =>.Microsoft Corporation

—\ Allgemeinzustand der Dienste nicht Microsoft (SR=Running, SS=Stopped) (114) - 7s
SR - Boot [07/05/2022] [ 108376] (3ware) . (.LSI.) - C:\WINDOWS\System32\drivers\3ware.sys =>.Microsoft®
SR - Auto [31/01/2024] [ 172992] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Inc..) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Inc.®
SR - Boot [07/05/2022] [ 1136472] (ADP80XX) . (.PMC-Sierra.) - C:\WINDOWS\System32\drivers\ADP80XX.SYS =>.Microsoft®
SR - Demand [16/03/2020] [ 46344] AMD GPIO Client Driver (amdgpio2) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdgpio2.sys =>.Advanced Micro Devices INC.®
SR - Demand [09/03/2020] [ 24520] AMD GPIO Client Driver (amdgpio3) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdgpio3.sys =>.AMD PMP-PE CB Code Signer v20160415®
SR - Demand [07/05/2022] [ 45568] AMD I2C Controller Service (amdi2c) . (.Advanced Micro Devices, Inc.) - C:\WINDOWS\System32\drivers\amdi2c.sys [Unsigned] =>.Advanced Micro Devices, Inc
SR - Demand [18/06/2021] [ 41184] AMD PCI (AMDPCIDev) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys =>.Advanced Micro Devices INC.®
SR - Boot [07/05/2022] [ 84312] (amdsata) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\amdsata.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 260440] (amdsbs) . (.AMD Technologies Inc..) - C:\WINDOWS\System32\drivers\amdsbs.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 28008] (amdxata) . (.Advanced Micro Devices.) - C:\WINDOWS\System32\drivers\amdxata.sys =>.Microsoft®
SR - Demand [09/10/2020] [ 20032] Apple KMDF Filter Driver (AppleKmdfFilter) . (.Apple Inc..) - C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys =>.WDKTestCert build,132303256403278908®
SR - Demand [09/10/2020] [ 35976] Apple Lower Filter Driver (AppleLowerFilter) . (.Apple Inc..) - C:\WINDOWS\System32\drivers\AppleLowerFilter.sys =>.WDKTestCert build,132303256403278908®
SR - Boot [07/05/2022] [ 113496] Apple Solid State Drive Device (AppleSSD) . (.Apple Inc..) - C:\WINDOWS\System32\drivers\AppleSSD.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 132968] Adaptec SAS/SATA-II RAID S (arcsas) . (.PMC-Sierra, Inc..) - C:\WINDOWS\System32\drivers\arcsas.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 534872] QLogic Network Adapter VBD (b06bdrv) . (.QLogic Corporation.) - C:\WINDOWS\System32\drivers\bxvbda.sys =>.Microsoft®
SR - Demand [07/05/2022] [ 9728] bcmfn2 Service (bcmfn2) . (…) - C:\WINDOWS\System32\drivers\bcmfn2.sys [Unsigned] =>.Broadcom Corporation
SS - Demand [10/12/2023] [15772456] BattlEye Service (BEService) . (.BattlEye Innovations e.K..) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.®
SR - Demand [16/11/2023] [ 58368] CH341SER_A64 (CH341SER_A64) . (.www.winchiphead.com.) - C:\WINDOWS\System32\Drivers\CH341S64.SYS [Unsigned] =>.www.winchiphead.com
SR - Boot [07/05/2022] [ 320880] (cht4iscsi) . (.Chelsio Communications.) - C:\WINDOWS\System32\drivers\cht4sx64.sys =>.Microsoft®
SR - Demand [07/05/2022] [ 1854832] Chelsio Virtual Bus Driver (cht4vbd) . (.Chelsio Communications.) - C:\WINDOWS\System32\drivers\cht4vx64.sys =>.Microsoft®
SR - Auto [29/09/2016] [ 4602856] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
SS - Demand [15/05/2017] [ 5383968] CODESYS Control Win V3 Version 3.5.10.40 (CODESYS Control Win V3) . (.3S-Smart Software Solutions GmbH.) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlService.exe =>.3S-Smart Software Solutions GmbH®
SR - Auto [15/05/2017] [ 562968] CODESYS Gateway V3 Version 3.5.10.40 (CODESYS Gateway V3) . (.3S-Smart Software Solutions GmbH.) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe =>.3S-Smart Software Solutions GmbH®
SR - Auto [15/05/2017] [ 203544] CODESYS ServiceControl Version 3.5.10.0 (CODESYS ServiceControl) . (.3S-Smart Software Solutions GmbH.) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\ServiceControl.exe =>.3S-Smart Software Solutions GmbH®
SR - Auto [00/00/0000] [ 0] CorsairLLAccess2C5180972F76443B27B6BE38ADBF2AE99B374496 (CorsairLLAccess2C5180972F76443B27B6BE38ADBF2AE99B374496) . (…) - \D:\Programme\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys (.not file.) [Unsigned]
SR - Auto [21/12/2019] [ 55336] Corsair Service (CorsairService) . (.Corsair Memory, Inc..) - D:\Programme\Corsair\CORSAIR iCUE Software\Corsair.Service.exe =>.Corsair Memory, Inc.®
SR - Demand [06/07/2020] [ 45984] Corsair Bus (CorsairVBusDriver) . (.Corsair.) - C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys =>.Microsoft®
SR - Demand [06/07/2020] [ 21920] Corsair virtual device (CorsairVHidDriver) . (.Corsair.) - C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys =>.Microsoft®
SR - System [26/11/2021] [ 386552] dokan1 (dokan1) . (.Dokan Project.) - C:\WINDOWS\System32\DRIVERS\dokan1.sys =>.Microsoft®
SR - Auto [29/08/2019] [ 142512] Dragon Center Service (DragonCenter_Service) . (.Micro-Star Int’l Co., Ltd..) - D:\Programme\Dragon Center\DragonCenter_Service.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.®
SR - Demand [06/05/2022] [ 576000] Intel(R) PRO/10 (e1i68x64) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\e1i68x64.sys [Unsigned] =>.Intel Corporation
SS - Demand [10/12/2023] [ 955816] Easy Anti-Cheat (Epic Online Services) (EasyAntiCheat_EOS) . (.Epic Games, Inc..) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe =>.EasyAntiCheat Oy®
SR - Boot [07/05/2022] [ 3441512] QLogic 10 Gigabit Ethernet Ada (ebdrv) . (.Marvell Semiconductor Inc..) - C:\WINDOWS\System32\drivers\evbda.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 3424104] QLogic Legacy Ethernet Adapte (ebdrv0) . (.QLogic Corporation.) - C:\WINDOWS\System32\drivers\evbd0a.sys =>.Microsoft®
SR - System [22/05/2019] [ 17624] EneIo (EneIo) . (.Microsoft.) - C:\Windows\system32\drivers\ene.sys =>.Microsoft®
SS - Demand [02/08/2023] [ 934352] Epic Online Services (EpicOnlineServices) . (.Epic Games, Inc..) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe =>.Epic Games Inc.®
SS - Demand [27/02/2024] [ 1677600] Google Chrome Elevation Service (GoogleChromeElevationServi (GoogleChromeElevationService) . (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.95\elevation_service.exe =>.Google LLC®
SR - Auto [07/01/2020] [ 156104] Google Update-Dienst (gupdate) (gupdate) . (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google LLC®
SS - Demand [07/01/2020] [ 156104] Google Update-Dienst (gupdatem) (gupdatem) . (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google LLC®
SR - Auto [19/01/2024] [ 230360] HP Print Scan Doctor Service (HPPrintScanDoctorService) . (.HP Inc..) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe =>.HP Inc.®
SR - Boot [07/05/2022] [ 65360] (HpSAMD) . (.Hewlett-Packard Company.) - C:\WINDOWS\System32\drivers\HpSAMD.sys =>.Microsoft®
SR - Demand [07/05/2022] [ 36352] Intel Serial IO GPIO Controlle (iagpio) . (.Intel(R) Corporation.) - C:\WINDOWS\System32\drivers\iagpio.sys [Unsigned] =>.Intel(R) Corporation
SR - Demand [07/05/2022] [ 91136] Intel(R) Serial IO I2C Host Cont (iai2c) . (.Intel(R) Corporation.) - C:\WINDOWS\System32\drivers\iai2c.sys [Unsigned] =>.Intel(R) Corporation
SR - Demand [07/05/2022] [ 79360] Intel(R) S (iaLPSS2i_GPIO2) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/05/2022] [ 93184] In (iaLPSS2i_GPIO2_BXT_P) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/05/2022] [ 112128] Intel( (iaLPSS2i_GPIO2_CNL) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/05/2022] [ 96256] Intel( (iaLPSS2i_GPIO2_GLK) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/05/2022] [ 171520] Intel(R) Seria (iaLPSS2i_I2C) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/05/2022] [ 175104] Intel( (iaLPSS2i_I2C_BXT_P) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/05/2022] [ 177152] Intel(R) S (iaLPSS2i_I2C_CNL) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/05/2022] [ 177664] Intel(R) S (iaLPSS2i_I2C_GLK) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/05/2022] [ 38128] Intel(R) Serial IO (iaLPSSi_GPIO) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys =>.Intel Corporation - Client Components Group®
SR - Demand [07/05/2022] [ 113152] Intel(R) Serial IO I (iaLPSSi_I2C) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [Unsigned] =>.Intel Corporation
SR - Boot [07/05/2022] [ 885584] Intel Chipset SATA RAI (iaStorAVC) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaStorAVC.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 413008] Intel RAID Controller Wi (iaStorV) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\iaStorV.sys =>.Microsoft®
SR - Demand [07/05/2022] [ 559976] Mellanox InfiniBand Bus/A (ibbus) . (.Mellanox.) - C:\WINDOWS\System32\drivers\ibbus.sys =>.Microsoft®
SR - Demand [24/01/2024] [ 1467560] Intel(R) Wireless Bluetooth (ibtusb) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_a7d139945f8b60a7\ibtusb.sys {009D18AA38B06C1D1D27234641048B2A74}. =>.Intel Corporation
SR - Demand [11/11/2013] [ 20464] ipadtst (ipadtst) . (.MICRO-STAR INTERNATIONAL CO., LTD..) - C:\ProgramData\MSI\Super_Charger\ipadtst_64.sys =>.MICRO-STAR INTERNATIONAL CO., LTD.®
SR - Demand [29/07/2016] [ 16336] ipadtst2 (ipadtst2) . (.MSI.) - C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys =>.MICRO-STAR INTERNATIONAL CO., LTD.®
SR - Boot [07/05/2022] [ 187224] (ItSas35i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\ItSas35i.sys =>.Microsoft®
SR - Auto [07/01/2020] [ 81552] LightKeeperService (LightKeeperService) . (.Micro-Star INT’L CO., LTD..) - D:\Programme\Dragon Center\Mystic_Light\LightKeeperService.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.®
SR - Boot [07/05/2022] [ 109920] (LSI_SAS) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sas.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 125280] (LSI_SAS2i) . (.LSI Corporation.) - C:\WINDOWS\System32\drivers\lsi_sas2i.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 138600] (LSI_SAS3i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\lsi_sas3i.sys =>.Microsoft®
SR - Demand [26/10/2012] [ 351520] Logitech RightSound Filter Driver (lvrs64) . (.Logitech Inc..) - C:\WINDOWS\System32\DRIVERS\lvrs64.sys =>.Logitech, Inc.®
SR - Demand [26/10/2012] [ 4758176] @oem13.inf,%PID_0825_DD%(UVC);Logitech HD Webcam C270(UVC) (LVUVC64) . (.Logitech Inc..) - C:\WINDOWS\System32\DRIVERS\lvuvc64.sys =>.Logitech, Inc.®
SR - Boot [07/05/2022] [ 81752] (megasas2i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\MegaSas2i.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 101224] (megasas35i) . (.Broadcom Inc.) - C:\WINDOWS\System32\drivers\megasas35i.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 576856] (megasr) . (.LSI Corporation, Inc..) - C:\WINDOWS\System32\drivers\megasr.sys =>.Microsoft®
SR - Demand [07/05/2022] [ 1132392] Mellanox ConnectX Bus E (mlx4_bus) . (.Mellanox.) - C:\WINDOWS\System32\drivers\mlx4_bus.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 90472] (mpi3drvi) . (.Broadcom Limited.) - C:\WINDOWS\System32\drivers\mpi3drvi.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 64872] (mvumis) . (.Marvell Semiconductor, Inc..) - C:\WINDOWS\System32\drivers\mvumis.sys =>.Microsoft®
SR - Auto [01/01/2024] [ 1909416] Nahimic service (NahimicService) . (.Nahimic.) - C:\WINDOWS\System32\NahimicService.exe =>.A-Volute SAS®
SR - Demand [03/06/2022] [ 94784] Nahimic mirroring de (Nahimic_Mirroring) . (.A-Volute SAS.) - C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys =>.A-Volute SAS®
SR - Demand [07/05/2022] [ 147304] NetworkDirect Service (ndfltr) . (.Mellanox.) - C:\WINDOWS\System32\drivers\ndfltr.sys =>.Microsoft®
SR - Demand [07/05/2022] [ 83288] NDKPerf Driver (NDKPerf) . (.Microsoft.) - C:\WINDOWS\System32\drivers\NDKPerf.sys =>.Microsoft®
SR - Demand [23/01/2024] [ 8896696] ___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit (Netwtw08) . (.Intel Corporation.) - C:\WINDOWS\System32\drivers\Netwtw08.sys {0DA3866568FDA2C70D45B0F37403604B}. =>.Intel Corporation
SR - Demand [00/00/0000] [ 0] NTIOLib_CC_COMM (NTIOLib_CC_COMM) . (…) - \D:\Programme\Dragon Center\Lib\SYS\NTIOLib_X64.sys (.not file.) [Unsigned]
SR - Demand [00/00/0000] [ 0] NTIOLib_CC_CPU (NTIOLib_CC_CPU) . (…) - \D:\Programme\Dragon Center\Lib\Super_Charger\NTIOLib_X64.sys (.not file.) [Unsigned]
SR - Demand [00/00/0000] [ 0] NTIOLib_MysticLight (NTIOLib_MysticLight) . (…) - \D:\Programme\Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys (.not file.) [Unsigned]
SR - Auto [05/12/2019] [ 858480] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
SS - Demand [05/12/2019] [ 858480] NVIDIA NetworkService Container (NvContainerNetworkService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
SR - Auto [07/10/2020] [ 893848] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation®
SR - Demand [07/10/2020] [ 230720] Service for NVIDIA High Definitio (NVHDA) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvhda64v.sys =>.NVIDIA Corporation®
SR - Demand [07/10/2020] [32479640] (nvlddmkm) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvlddmkm.sys =>.NVIDIA Corporation®
SR - Boot [07/05/2022] [ 151392] (nvraid) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvraid.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 167256] (nvstor) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvstor.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 30336] NVIDIA KMS (NvStreamKms) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys =>.NVIDIA Corporation®
SR - Demand [17/04/2019] [ 69840] NVIDIA Virtual Au (nvvad_WaveExtensible) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvad64v.sys =>.NVIDIA Corporation®
SR - Demand [22/08/2019] [ 75600] NVVHCI Enumerator Service (nvvhci) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvhci.sys =>.NVIDIA Corporation®
SS - Demand [09/07/2008] [ 139488] OpcEnum (OpcEnum) . (.OPC Foundation.) - C:\Windows\SysWOW64\OpcEnum.exe {00E7D14424B9A863F6E62D940DDF005FF7}. =>.OPC Foundation
SS - Demand [29/02/2024] [ 2642952] Overwolf Updater Windows SCM (OverwolfUpdater) . (.Overwolf LTD.) - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe {0DACC0F743C79D8A6464DC967AF3B039}. =>.Overwolf LTD
SR - Auto [30/11/2022] [ 613560] PDF24 (PDF24) . (.geek software GmbH.) - D:\Programme\PDF24\pdf24.exe {7B70689C80A3B5B20BDE0B06301B7E1C}. =>.Geek Software GmbH
SR - Boot [07/05/2022] [ 59752] (percsas2i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\percsas2i.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 69464] (percsas3i) . (.Avago Technologies.) - C:\WINDOWS\System32\drivers\percsas3i.sys =>.Microsoft®
SR - Demand [18/03/2020] [ 45056] Phantom TAP-Windows Adapter V9 (phantomtap) . (.The OpenVPN Project.) - C:\WINDOWS\System32\drivers\phantomtap.sys =>.Avira Operations GmbH & Co. KG®
SR - Boot [07/05/2022] [ 45408] pvscsi Storage Controller Dr (pvscsi) . (.VMware, Inc..) - C:\WINDOWS\System32\drivers\pvscsii.sys =>.Microsoft®
SR - Auto [19/02/2024] [15246256] RogueKiller RTP (rkrtservice) . (.ADLICE.) - C:\Program Files\RogueKiller\RogueKillerSvc.exe =>.ADLICE®
SR - Demand [04/12/2023] [ 98304] Microsoft Route Poli (RoutePolicy) . (…) - C:\WINDOWS\System32\drivers\RoutePolicy.sys [Unsigned]
SR - Demand [19/05/2013] [ 39168] Scp Virtual Bus Driver (ScpVBus) . (.Scarlet.Crush Productions.) - C:\WINDOWS\System32\drivers\ScpVBus.sys =>.Bruce James®
SR - Boot [07/05/2022] [ 45920] (SiSRaid2) . (.Silicon Integrated Systems Corp..) - C:\WINDOWS\System32\drivers\SiSRaid2.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 82784] (SiSRaid4) . (.Silicon Integrated Systems.) - C:\WINDOWS\System32\drivers\sisraid4.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 210784] (SmartSAMD) . (.Microsemi Corportation.) - C:\WINDOWS\System32\drivers\SmartSAMD.sys =>.Microsoft®
SS - Demand [29/02/2024] [ 2661736] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve Corp.®
SR - Boot [07/05/2022] [ 32080] (stexstor) . (.Promise Technology, Inc..) - C:\WINDOWS\System32\drivers\stexstor.sys =>.Microsoft®
SR - Demand [21/04/2016] [ 27136] TAP-Windows Adapter V9 (tap0901) . (.The OpenVPN Project.) - C:\WINDOWS\System32\drivers\tap0901.sys [Unsigned] =>.The OpenVPN Project
SR - Demand [07/03/2024] [ 54208] (TrueSight) . (. {169D2C94309C0380414BCFDD93A6B27D}..) - C:\Windows\System32\drivers\truesight.sys {169D2C94309C0380414BCFDD93A6B27D}.
SR - Demand [07/10/2020] [ 717616] NVIDIA USB Type-C PPC Se (UcmCxUcsiNvppc) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvppc.inf_amd64_1bea1a9a02d425f4\UcmCxUcsiNvppc.sys =>.NVIDIA Corporation®
SR - System [14/12/2020] [ 165744] Nefarius Virtual Gamepad Emula (ViGEmBus) . (.Nefarius Software Solutions e.U..) - C:\WINDOWS\System32\drivers\ViGEmBus.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 167784] (vsmraid) . (.VIA Technologies Inc.,Ltd.) - C:\WINDOWS\System32\drivers\vsmraid.sys =>.Microsoft®
SR - Boot [07/05/2022] [ 306512] VIA StorX Storage RAID Co (VSTXRAID) . (.VIA Corporation.) - C:\WINDOWS\System32\drivers\vstxraid.sys =>.Microsoft®
SR - Demand [07/05/2022] [ 37224] WinMad Service (WinMad) . (.Mellanox.) - C:\WINDOWS\System32\drivers\winmad.sys =>.Microsoft®
SR - System [00/00/0000] [ 0] WinSetupMon (WinSetupMon) . (…) - C:\WINDOWS\System32\DRIVERS\WinSetupMon.sys (.not file.) [Unsigned]
SR - Demand [07/05/2022] [ 74096] WinVerbs Service (WinVerbs) . (.Mellanox.) - C:\WINDOWS\System32\drivers\winverbs.sys =>.Microsoft®

—\ Auto Laden von Programmen vom Register und Ordner (15) - 0s
O4 - HKLM..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Security notification icon.) – C:\WINDOWS\system32\SecurityHealthSystray.exe [Unsigned] =>.Microsoft Corporation
O4 - HKLM..\Run: [LogiOptions] . (.Logitech, Inc. - LogiOptions.exe (UNICODE).) – C:\Program Files\Logitech\LogiOptions\LogiOptions.exe =>.Logitech Inc®
O4 - HKLM..\Run: [PDF24] . (.geek software GmbH - PDF24 Backend.) – D:\Programme\PDF24\pdf24.exe {7B70689C80A3B5B20BDE0B06301B7E1C}. =>.Geek Software GmbH
O4 - HKCU..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) – C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft®
O4 - HKCU..\Run: [MicrosoftEdgeAutoLaunch_322C183E72E821C8032805843FDA8DCC] . (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O4 - HKUS\S-1-5-19..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (64 bit) Setup.) – C:\Windows\System32\OneDriveSetup.exe [Unsigned] =>.Microsoft Corporation
O4 - HKUS\S-1-5-20..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (64 bit) Setup.) – C:\Windows\System32\OneDriveSetup.exe [Unsigned] =>.Microsoft Corporation
O4 - HKUS\S-1-5-19..\RunOnce: [WAB Migrate] . (.Microsoft Corporation - Windows Contacts.) – C:\Program Files\Windows Mail\wab.exe [Unsigned] =>.Microsoft Corporation
O4 - HKUS\S-1-5-20..\RunOnce: [WAB Migrate] . (.Microsoft Corporation - Windows Contacts.) – C:\Program Files\Windows Mail\wab.exe [Unsigned] =>.Microsoft Corporation
O4 - HKLM..\Wow6432Node\Run: [CORSAIR iCUE Software] . (.Corsair Memory, Inc. - iCUE.) – D:\Programme\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe =>.Corsair Memory, Inc.®
O4 - HKLM..\Wow6432Node\Run: [GatewaySysTray] . (.3S-Smart Software Solutions GmbH - GatewaySysTray.) – C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewaySysTray.exe =>.3S-Smart Software Solutions GmbH®
O4 - HKLM..\Wow6432Node\Run: [CODESYSControlSysTray] . (.3S-Smart Software Solutions GmbH - CODESYS" Control"SysTray.exe.) – C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlSysTray.exe =>.3S-Smart Software Solutions GmbH®
O4 - HKLM..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) – C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe {060E2F8F9E1B8BE518D5FE2B69CFCCB1}. =>.Oracle Corporation
O4 - HKUS\S-1-5-21-1421055718-2087356316-1872245878-1012..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) – C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft®
O4 - HKUS\S-1-5-21-1421055718-2087356316-1872245878-1012..\Run: [MicrosoftEdgeAutoLaunch_322C183E72E821C8032805843FDA8DCC] . (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®

—\ Prozess läuft (38) - 8s
[MD5.FF172556E001C52C3776D809615A0D28] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe [893848] [PID.2276] =>.NVIDIA Corporation®
[MD5.FF172556E001C52C3776D809615A0D28] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe [893848] [PID.3776] =>.NVIDIA Corporation®
[MD5.A32EFE68DBC7A558A94FA8ECAC852642] - (.Corsair Memory, Inc. - Corsair.Service.) – D:\Programme\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55336] [PID.4820] =>.Corsair Memory, Inc.®
[MD5.00BC114A99972C6FBC84D36F540A1DF5] - (.Adobe Inc. - Acrobat Update Service.) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992] [PID.4828] =>.Adobe Inc.®
[MD5.595EE09FB25B33A04C0FFC3D5DD2B66A] - (.3S-Smart Software Solutions GmbH - ServiceControl.) – C:\Program Files (x86)\3S CODESYS\GatewayPLC\ServiceControl.exe [203544] [PID.4848] =>.3S-Smart Software Solutions GmbH®
[MD5.73766FBD24613BA51DC015FD7679FF3D] - (.Micro-Star INT’L CO., LTD. - LightKeeperService.) – D:\Programme\Dragon Center\Mystic_Light\LightKeeperService.exe [81552] [PID.4864] =>.MICRO-STAR INTERNATIONAL CO., LTD.®
[MD5.025BCF28CA3F217C1868DDE628884E78] - (.HP Inc. - .) – C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360] [PID.4904] =>.HP Inc.®
[MD5.073762408901EFE8C7DC676B8213E808] - (.Micro-Star Int’l Co., Ltd. - DragonCenter Service.) – D:\Programme\Dragon Center\DragonCenter_Service.exe [142512] [PID.4916] =>.MICRO-STAR INTERNATIONAL CO., LTD.®
[MD5.257B4CAD33734D5117C4E1E73B702644] - (.geek software GmbH - PDF24 Backend.) – D:\Programme\PDF24\pdf24.exe [613560] [PID.4932] {7B70689C80A3B5B20BDE0B06301B7E1C}. =>.Geek Software GmbH
[MD5.3F0254374355F22AF20794BAC2D12925] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480] [PID.4992] =>.NVIDIA Corporation®
[MD5.A04CE833ED4C7511D21897FA318460A1] - (.3S-Smart Software Solutions GmbH - GatewayService.) – C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe [562968] [PID.5048] =>.3S-Smart Software Solutions GmbH®
[MD5.5503AE96FB98C49E936DB5379264B91C] - (.Nahimic - .) – C:\WINDOWS\system32\NahimicService.exe [1909416] [PID.5060] [Unsigned] =>.Nahimic
[MD5.E95E477A28313EA6EF4ADA4472442DC3] - (…) – C:\Program Files\RogueKiller\RogueKillerSvc.exe [15246256] [PID.5104] =>.ADLICE®
[MD5.B3AB5C695D39A4ED7640B8BE2B1CA9C4] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) – C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [4602856] [PID.5640] =>.WIBU-SYSTEMS AG®
[MD5.4D58D8BED608035937BE1DAACBE98A1A] - (.Micro-Star Int’l Co., Ltd. - LEDKeeper2.) – D:\Programme\Dragon Center\Mystic_Light\LEDKeeper2.exe [1160368] [PID.9388] =>.MICRO-STAR INTERNATIONAL CO., LTD.®
[MD5.6C8710D08D96F1781B94FE56D65C681A] - (.Micro-Star Int’l Co., Ltd. - Dragon Center Keeper.) – D:\Programme\Dragon Center\APP_Dragon_Center_Keeper.exe [90288] [PID.10364] =>.MICRO-STAR INTERNATIONAL CO., LTD.®
[MD5.3F0254374355F22AF20794BAC2D12925] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480] [PID.10384] =>.NVIDIA Corporation®
[MD5.3F0254374355F22AF20794BAC2D12925] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480] [PID.10440] =>.NVIDIA Corporation®
[MD5.1334DFD3052B1945E9B0578AF5099E37] - (.Micro-Star INT’L CO., LTD. - Storage Monitor.) – D:\Programme\Dragon Center\StorageMonitor\StorageMonitor.exe [30368] [PID.10484] =>.MICRO-STAR INTERNATIONAL CO., LTD.®
[MD5.439A748875B1AA5B1C5E9BABA9B40E60] - (…) – C:\Program Files\RogueKiller\RogueKiller64.exe [36149680] [PID.12456] =>.ADLICE®
[MD5.71D6B6E0293E15DB472B3A6BFC147833] - (.Node.js - NVIDIA Web Helper Service.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [29784696] [PID.13580] =>.NVIDIA Corporation®
[MD5.4C3832FBE84B8CE63D8E3AB7D76F9983] - (.Google LLC - Google Crash Handler.) – C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe [301856] [PID.14376] =>.Google LLC®
[MD5.DAE993327723122C9288504A62E9F082] - (.Google LLC - Google Crash Handler.) – C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe [402208] [PID.14392] =>.Google LLC®
[MD5.56BB4C97949CAFD4F2682A9A4FA82B6A] - (.MSI - .) – D:\Programme\Dragon Center\CC_Engine_x64.exe [1794736] [PID.14984] =>.MICRO-STAR INTERNATIONAL CO., LTD.®
[MD5.D1C0FC8103BF494ADF6C38078BD8D92B] - (…) – C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.290.0_x64__cw5n1h2txyewy\Dashboard\widgetservice.exe [207144] [PID.8840] =>.Microsoft®
[MD5.D7B78D3FC4AE887D8872972AE1E48A7E] - (.Logitech, Inc. - LogiOptions.exe (UNICODE).) – C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1668000] [PID.15392] =>.Logitech Inc®
[MD5.E96A9277828C54834E8BFC5F2BC62E7F] - (.Logitech, Inc. - LogiOptionsMgr.exe (UNICODE).) – C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe [14854560] [PID.15560] =>.Logitech Inc®
[MD5.30D7824FD1B5B9172E703C9BBC63F667] - (.Logitech - Logi Overlay.) – C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe [659360] [PID.15584] =>.Logitech Inc®
[MD5.5907E3E4DF23DD816F3365227F155755] - (.Oracle Corporation - Java Update Scheduler.) – C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680] [PID.20248] {060E2F8F9E1B8BE518D5FE2B69CFCCB1}. =>.Oracle Corporation
[MD5.974A85153E618A7BC592AFC081CD144F] - (.A-Volute - A-Volute NS.) – C:\Users\eiko-\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe [1218776] [PID.10760] =>.A-Volute SAS®
[MD5.A7539A6EA2851E543F80EE32011858B3] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2772256] [PID.17820] =>.Google LLC®
[MD5.A7539A6EA2851E543F80EE32011858B3] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2772256] [PID.3936] =>.Google LLC®
[MD5.A7539A6EA2851E543F80EE32011858B3] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2772256] [PID.14748] =>.Google LLC®
[MD5.A7539A6EA2851E543F80EE32011858B3] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2772256] [PID.9656] =>.Google LLC®
[MD5.A7539A6EA2851E543F80EE32011858B3] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2772256] [PID.11948] =>.Google LLC®
[MD5.A7539A6EA2851E543F80EE32011858B3] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2772256] [PID.22292] =>.Google LLC®
[MD5.65C0218D7678C7A14AD6C08E11A1284D] - (.Nicolas Coolman - ZHPSuite.) – C:\Users\eiko-\AppData\Roaming\ZHP\ZHPSuite.exe [3538592] [PID.21348] [Unsigned] =>.Nicolas Coolman
[MD5.A7539A6EA2851E543F80EE32011858B3] - (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2772256] [PID.22864] =>.Google LLC®

—\ Google Chrome, Startseite,Seiten of search,Ausdehnung (34) - 1s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://t-online.de
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [bmnlcjabgnpnenekpadlanbbkooimhnj] PayPal Honey
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [cfidkbgamfhdgmedldkagjopnbobdmdn] Social Blade =>Hijacker.Browser
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [cjpalhdlnbpafiamejdnhcphjbkeiagm] uBlock Origin =>.Raymond Hill
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [dpecplbkinpdbedgejddhepkgcppgchk] Downloader
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [elicpjhcidhpjomhibiffojpinpmmpil] Video Downloader Professional =>.startpage24.com
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [gefaddaengbodpiobpbgblajdboalmgc] Just Focus
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [ihcjicgdanjaechkgeegckofjjedodee] Malwarebytes =>.Malwarebytes
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [iplffkdpngmdjhlpjmppncnlhomiipha] Unpaywall
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [looepbdllpjgdmkpdcdffhdbmpbcfekj] Download HLS Streams
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [mmioliijnhnoblpgimnlajmefafdfilb]
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [mmmdenlpgbgmeofmdkhimecmkcgabgno] Uncanny Cookie Clicker - click for details
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [nkbihfbeogaeaoehlefnkodbefgpgknn] MetaMask =>.MetaMask
G2 - GCE: Preference [eiko-][User Data\Default\Extensions] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [eiko-][User Data\Default\Local Extension Settings] [bmnlcjabgnpnenekpadlanbbkooimhnj]
G2 - GCE: Preference [eiko-][User Data\Default\Local Extension Settings] [cjpalhdlnbpafiamejdnhcphjbkeiagm] =>.uBlock Origin
G2 - GCE: Preference [eiko-][User Data\Default\Local Extension Settings] [dpecplbkinpdbedgejddhepkgcppgchk]
G2 - GCE: Preference [eiko-][User Data\Default\Local Extension Settings] [elicpjhcidhpjomhibiffojpinpmmpil] =>.Video Downloader
G2 - GCE: Preference [eiko-][User Data\Default\Local Extension Settings] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [eiko-][User Data\Default\Local Extension Settings] [ihcjicgdanjaechkgeegckofjjedodee] =>.Malwarebytes
G2 - GCE: Preference [eiko-][User Data\Default\Local Extension Settings] [iplffkdpngmdjhlpjmppncnlhomiipha]
G2 - GCE: Preference [eiko-][User Data\Default\Local Extension Settings] [looepbdllpjgdmkpdcdffhdbmpbcfekj]
G2 - GCE: Preference [eiko-][User Data\Default\Local Extension Settings] [mmioliijnhnoblpgimnlajmefafdfilb]
G2 - GCE: Preference [eiko-][User Data\Default\Local Extension Settings] [nkbihfbeogaeaoehlefnkodbefgpgknn]
G2 - GCE: Preference [eiko-][User Data\Default\Managed Extension Settings] [cjpalhdlnbpafiamejdnhcphjbkeiagm] =>.uBlock Origin
G2 - GCE: Preference [eiko-][User Data\Default\Sync Extension Settings] [bmnlcjabgnpnenekpadlanbbkooimhnj]
G2 - GCE: Preference [eiko-][User Data\Default\Sync Extension Settings] [cfidkbgamfhdgmedldkagjopnbobdmdn] =>.Legitimate
G2 - GCE: Preference [eiko-][User Data\Default\Sync Extension Settings] [dpecplbkinpdbedgejddhepkgcppgchk]
G2 - GCE: Preference [eiko-][User Data\Default\Sync Extension Settings] [elicpjhcidhpjomhibiffojpinpmmpil] =>.Video Downloader
G2 - GCE: Preference [eiko-][User Data\Default\Sync Extension Settings] [gefaddaengbodpiobpbgblajdboalmgc]
G2 - GCE: Preference [eiko-][User Data\Default\Sync Extension Settings] [ihcjicgdanjaechkgeegckofjjedodee] =>.Malwarebytes
G2 - GCE: Preference [eiko-][User Data\Default\Sync Extension Settings] [mmioliijnhnoblpgimnlajmefafdfilb]
G2 - GCE: Preference [eiko-][User Data\Default\Sync Extension Settings] [mmmdenlpgbgmeofmdkhimecmkcgabgno]

—\ Internet Explorer, Startseite,Seiten of search,Ausdehnung (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.22621.2792 (WinBuild.160101.0800)) – C:\Windows\System32\ieframe.dll =>.Microsoft Corporation

—\ INTERNET EXPLORER, vertrauenswürdige Website und sensible Website (1) - 0s
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)

—\ Microsoft Edge, Plugins,Startseite,Seiten of search,Ausdehnung (4) - 1s
E2 - GCE: Preference [eiko-][User Data\Default\Extensions] [bojobppfploabceghnmlahpoonbcbacn] Malwarebytes =>.Malwarebytes
E2 - GCE: Preference [eiko-][User Data\Default\Extensions] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
E2 - GCE: Preference [eiko-][User Data\Default\Extensions] [jmjflgjpcpepeafmmgdpfkogkghcpiha] Edge relevant text changes =>.Legitimate
E2 - GCE: Preference [eiko-][User Data\Default\Local Extension Settings] [jdiccldimpdaibmpdkjnbmckianbfold] =>.Microsoft Corporation

—\ Internet Explorer, Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies =>.Microsoft

—\ Line Analysis - IniFiles, Auto Laden von Programmen (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

—\ Hosts Datei-Umleitung (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

—\ Browser Helper-Objekte (4) - 0s
O2 - BHO: IEToEdge BHO [64Bits] - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} . (.Microsoft Corporation - IEToEdge BHO.) – C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.20\BHO\ie_to_edge_bho_64.dll =>.Microsoft®
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) – C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll =>.Microsoft®
O2 - BHO: Java™ Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java™ Platform SE binary.) – C:\Program Files\Java\jre-1.8\bin\ssv.dll {060E2F8F9E1B8BE518D5FE2B69CFCCB1}. =>.Oracle Corporation
O2 - BHO: Java™ Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java™ Platform SE binary.) – C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll {060E2F8F9E1B8BE518D5FE2B69CFCCB1}. =>.Oracle Corporation

—\ Globale Tastenkombinationen Start (127) - 13s
O4 - GS\Desktop [Administrator]: Inkscape.lnk . (.Inkscape project - .) C:\Program Files (x86)\Inkscape\bin\inkscape.exe [Unsigned] =>.Inkscape Project
O4 - GS\Desktop [Administrator]: Notion.lnk . (.Notion Labs, Inc - Notion.) C:\Users\eiko-\AppData\Local\Programs\Notion\Notion.exe {326A7C3DBAB1332971BB3EBB4CA7FC7D}.
O4 - GS\Desktop [Administrator]: Studium - HAW - Verknüpfung.lnk . (…) D:\Studium - HAW [Unsigned]
O4 - GS\Desktop [Administrator]: ZHPSuite.lnk . (.Nicolas Coolman - ZHPSuite.) C:\Users\eiko-\AppData\Roaming\ZHP\ZHPSuite.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\Quicklaunch [Administrator]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O4 - GS\Quicklaunch [Administrator]: Microsoft Outlook.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE /recycle =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Bluetooth-Dateiübertragung.LNK . (.Microsoft Corporation - Überträgt Dateien zwischen Ger.) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: WinSCP (zum Hochladen).lnk . (.Martin Prikryl - WinSCP: SFTP, FTP, WebDAV, S3 and SCP clien.) C:\Program Files (x86)\WinSCP\WinSCP.exe /upload {04292E45125096FE6D57AB7C648AA118}. =>.Martin Prikryl
O4 - GS\TaskBar [Administrator]: Anki.lnk . (…) D:\Programme\Anki\anki.exe {112C3F3ACD305D62BA1D39BB64CF209A}.
O4 - GS\TaskBar [Administrator]: FreeFileSync.lnk . (.FreeFileSync.org - FreeFileSync - Folder Comparison and Synchr.) D:\Programme\FreeFileSync\FreeFileSync.exe =>.Florian BAUER®
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\TaskBar [Administrator]: Notion.lnk . (.Notion Labs, Inc - Notion.) C:\Users\eiko-\AppData\Local\Programs\Notion\Notion.exe {326A7C3DBAB1332971BB3EBB4CA7FC7D}.
O4 - GS\Startup [Administrator]: An OneNote senden.lnk . (.Microsoft Corporation - An OneNote senden.) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE /tsr =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: Administrative Tools.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\system32\control.exe /name Microsoft.AdministrativeTools =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: Desktop.lnk . (…) D:\Desktop [Unsigned]
O4 - GS\Programs [Administrator]: Microsoft Teams classic (work or school).lnk . (.Microsoft Corporation - Microsoft Teams classic.) C:\Users\eiko-\AppData\Local\Microsoft\Teams\Update.exe --processStart “Teams.exe” =>.Microsoft®
O4 - GS\Programs [Administrator]: Nahimic Companion.lnk . (.A-Volute - A-Volute NS.) C:\Users\eiko-\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe /app nahimic /dialog =>.A-Volute SAS®
O4 - GS\Programs [Administrator]: Notion.lnk . (.Notion Labs, Inc - Notion.) C:\Users\eiko-\AppData\Local\Programs\Notion\Notion.exe {326A7C3DBAB1332971BB3EBB4CA7FC7D}.
O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft®
O4 - GS\Programs [Administrator]: PC Health Check.lnk . (…) C:\Users\eiko-\AppData\Local\PCHealthCheck\PCHealthCheck.exe =>.Microsoft®
O4 - GS\Programs [Administrator]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) D:\Programme\Tor Browser\Browser\firefox.exe [Unsigned] =>.Mozilla Corporation
O4 - GS\Programs [Administrator]: TV & Radio.lnk . (…) C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\Stream [Unsigned]
O4 - GS\Desktop [eiko-]: Inkscape.lnk . (.Inkscape project - .) C:\Program Files (x86)\Inkscape\bin\inkscape.exe [Unsigned] =>.Inkscape Project
O4 - GS\Desktop [eiko-]: Notion.lnk . (.Notion Labs, Inc - Notion.) C:\Users\eiko-\AppData\Local\Programs\Notion\Notion.exe {326A7C3DBAB1332971BB3EBB4CA7FC7D}.
O4 - GS\Desktop [eiko-]: Studium - HAW - Verknüpfung.lnk . (…) D:\Studium - HAW [Unsigned]
O4 - GS\Desktop [eiko-]: ZHPSuite.lnk . (.Nicolas Coolman - ZHPSuite.) C:\Users\eiko-\AppData\Roaming\ZHP\ZHPSuite.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [eiko-]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\Quicklaunch [eiko-]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O4 - GS\Quicklaunch [eiko-]: Microsoft Outlook.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE /recycle =>.Microsoft Corporation
O4 - GS\sendTo [eiko-]: Bluetooth-Dateiübertragung.LNK . (.Microsoft Corporation - Überträgt Dateien zwischen Ger.) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [eiko-]: WinSCP (zum Hochladen).lnk . (.Martin Prikryl - WinSCP: SFTP, FTP, WebDAV, S3 and SCP clien.) C:\Program Files (x86)\WinSCP\WinSCP.exe /upload {04292E45125096FE6D57AB7C648AA118}. =>.Martin Prikryl
O4 - GS\TaskBar [eiko-]: Anki.lnk . (…) D:\Programme\Anki\anki.exe {112C3F3ACD305D62BA1D39BB64CF209A}.
O4 - GS\TaskBar [eiko-]: FreeFileSync.lnk . (.FreeFileSync.org - FreeFileSync - Folder Comparison and Synchr.) D:\Programme\FreeFileSync\FreeFileSync.exe =>.Florian BAUER®
O4 - GS\TaskBar [eiko-]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\TaskBar [eiko-]: Notion.lnk . (.Notion Labs, Inc - Notion.) C:\Users\eiko-\AppData\Local\Programs\Notion\Notion.exe {326A7C3DBAB1332971BB3EBB4CA7FC7D}.
O4 - GS\Startup [eiko-]: An OneNote senden.lnk . (.Microsoft Corporation - An OneNote senden.) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE /tsr =>.Microsoft Corporation
O4 - GS\Programs [eiko-]: Administrative Tools.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\system32\control.exe /name Microsoft.AdministrativeTools =>.Microsoft Corporation
O4 - GS\Programs [eiko-]: Desktop.lnk . (…) D:\Desktop [Unsigned]
O4 - GS\Programs [eiko-]: Microsoft Teams classic (work or school).lnk . (.Microsoft Corporation - Microsoft Teams classic.) C:\Users\eiko-\AppData\Local\Microsoft\Teams\Update.exe --processStart “Teams.exe” =>.Microsoft®
O4 - GS\Programs [eiko-]: Nahimic Companion.lnk . (.A-Volute - A-Volute NS.) C:\Users\eiko-\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe /app nahimic /dialog =>.A-Volute SAS®
O4 - GS\Programs [eiko-]: Notion.lnk . (.Notion Labs, Inc - Notion.) C:\Users\eiko-\AppData\Local\Programs\Notion\Notion.exe {326A7C3DBAB1332971BB3EBB4CA7FC7D}.
O4 - GS\Programs [eiko-]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft®
O4 - GS\Programs [eiko-]: PC Health Check.lnk . (…) C:\Users\eiko-\AppData\Local\PCHealthCheck\PCHealthCheck.exe =>.Microsoft®
O4 - GS\Programs [eiko-]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) D:\Programme\Tor Browser\Browser\firefox.exe [Unsigned] =>.Mozilla Corporation
O4 - GS\Programs [eiko-]: TV & Radio.lnk . (…) C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\Stream [Unsigned]
O4 - GS\Desktop [Gast]: Inkscape.lnk . (.Inkscape project - .) C:\Program Files (x86)\Inkscape\bin\inkscape.exe [Unsigned] =>.Inkscape Project
O4 - GS\Desktop [Gast]: Notion.lnk . (.Notion Labs, Inc - Notion.) C:\Users\eiko-\AppData\Local\Programs\Notion\Notion.exe {326A7C3DBAB1332971BB3EBB4CA7FC7D}.
O4 - GS\Desktop [Gast]: Studium - HAW - Verknüpfung.lnk . (…) D:\Studium - HAW [Unsigned]
O4 - GS\Desktop [Gast]: ZHPSuite.lnk . (.Nicolas Coolman - ZHPSuite.) C:\Users\eiko-\AppData\Roaming\ZHP\ZHPSuite.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Gast]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\Quicklaunch [Gast]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O4 - GS\Quicklaunch [Gast]: Microsoft Outlook.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE /recycle =>.Microsoft Corporation
O4 - GS\sendTo [Gast]: Bluetooth-Dateiübertragung.LNK . (.Microsoft Corporation - Überträgt Dateien zwischen Ger.) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Gast]: WinSCP (zum Hochladen).lnk . (.Martin Prikryl - WinSCP: SFTP, FTP, WebDAV, S3 and SCP clien.) C:\Program Files (x86)\WinSCP\WinSCP.exe /upload {04292E45125096FE6D57AB7C648AA118}. =>.Martin Prikryl
O4 - GS\TaskBar [Gast]: Anki.lnk . (…) D:\Programme\Anki\anki.exe {112C3F3ACD305D62BA1D39BB64CF209A}.
O4 - GS\TaskBar [Gast]: FreeFileSync.lnk . (.FreeFileSync.org - FreeFileSync - Folder Comparison and Synchr.) D:\Programme\FreeFileSync\FreeFileSync.exe =>.Florian BAUER®
O4 - GS\TaskBar [Gast]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\TaskBar [Gast]: Notion.lnk . (.Notion Labs, Inc - Notion.) C:\Users\eiko-\AppData\Local\Programs\Notion\Notion.exe {326A7C3DBAB1332971BB3EBB4CA7FC7D}.
O4 - GS\Startup [Gast]: An OneNote senden.lnk . (.Microsoft Corporation - An OneNote senden.) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE /tsr =>.Microsoft Corporation
O4 - GS\Programs [Gast]: Administrative Tools.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\system32\control.exe /name Microsoft.AdministrativeTools =>.Microsoft Corporation
O4 - GS\Programs [Gast]: Desktop.lnk . (…) D:\Desktop [Unsigned]
O4 - GS\Programs [Gast]: Microsoft Teams classic (work or school).lnk . (.Microsoft Corporation - Microsoft Teams classic.) C:\Users\eiko-\AppData\Local\Microsoft\Teams\Update.exe --processStart “Teams.exe” =>.Microsoft®
O4 - GS\Programs [Gast]: Nahimic Companion.lnk . (.A-Volute - A-Volute NS.) C:\Users\eiko-\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe /app nahimic /dialog =>.A-Volute SAS®
O4 - GS\Programs [Gast]: Notion.lnk . (.Notion Labs, Inc - Notion.) C:\Users\eiko-\AppData\Local\Programs\Notion\Notion.exe {326A7C3DBAB1332971BB3EBB4CA7FC7D}.
O4 - GS\Programs [Gast]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft®
O4 - GS\Programs [Gast]: PC Health Check.lnk . (…) C:\Users\eiko-\AppData\Local\PCHealthCheck\PCHealthCheck.exe =>.Microsoft®
O4 - GS\Programs [Gast]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) D:\Programme\Tor Browser\Browser\firefox.exe [Unsigned] =>.Mozilla Corporation
O4 - GS\Programs [Gast]: TV & Radio.lnk . (…) C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\Stream [Unsigned]
O4 - GS\CommonDesktop [Public]: Adobe Acrobat.lnk . (.Adobe Systems Incorporated - .) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe [Unsigned] =>.Adobe Systems Incorporated
O4 - GS\CommonDesktop [Public]: AnycubicPhotonWorkshop.lnk . (…) C:\Program Files\AnycubicPhotonWorkshop\AnycubicPhotonWorkshop.exe {1FDD06412B027853B8C4BC51}.
O4 - GS\CommonDesktop [Public]: CODESYS V3.5 SP10 Patch 4.lnk . (.3S-Smart Software Solutions GmbH - CODESYS Development System.) C:\Program Files (x86)\3S CODESYS\CODESYS\Common\CODESYS.exe --Profile=“CODESYS V3.5 SP10 Patch 4” =>.3S-Smart Software Solutions GmbH®
O4 - GS\CommonDesktop [Public]: draw.io.lnk . (.JGraph - draw.io.) C:\Program Files\draw.io\draw.io.exe {352CB174D3737071385E8FBF60E68896}. =>.JGraph
O4 - GS\CommonDesktop [Public]: Epic Games Launcher.lnk . (.Epic Games, Inc. - UnrealEngineLauncherProxy.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe =>.Epic Games Inc.®
O4 - GS\CommonDesktop [Public]: Fritzing.lnk . (.Fritzing - Fritzing.exe.) C:\Program Files (x86)\Fritzing\Fritzing.exe [Unsigned] =>.Fritzing
O4 - GS\CommonDesktop [Public]: Hekasoft Backup & Restore.lnk . (.Hekasoft - Hekasoft Backup Restore.) C:\Program Files\Hekasoft Backup & Restore\hbr.exe [Unsigned] =>.Hekasoft
O4 - GS\CommonDesktop [Public]: logisim-evolution.lnk . (…) C:\Program Files (x86)\logisim-evolution\logisim-evolution.exe [Unsigned]
O4 - GS\CommonDesktop [Public]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O4 - GS\CommonDesktop [Public]: OrcaSlicer.lnk . (.SoftFever - OrcaSlicer.) C:\Program Files\OrcaSlicer\orca-slicer.exe [Unsigned]
O4 - GS\CommonDesktop [Public]: Prusa G-code Viewer.lnk . (.Prusa Research - PrusaSlicer G-code Viewer.) C:\Program Files\Prusa3D\PrusaSlicer\prusa-gcodeviewer.exe =>.Prusa Research a.s.®
O4 - GS\CommonDesktop [Public]: PrusaSlicer.lnk . (.Prusa Research - PrusaSlicer.) C:\Program Files\Prusa3D\PrusaSlicer\prusa-slicer.exe =>.Prusa Research a.s.®
O4 - GS\CommonDesktop [Public]: Qalculate! (classic).lnk . (…) C:\WINDOWS\Installer{F4803C78-0331-4EE2-9103-33FB0673E2D3}_41840528D5D505CF18EB26.exe [Unsigned]
O4 - GS\CommonDesktop [Public]: Qalculate! (new).lnk . (…) C:\WINDOWS\Installer{F4803C78-0331-4EE2-9103-33FB0673E2D3}_126DA849235C64812CBF67.exe [Unsigned]
O4 - GS\CommonDesktop [Public]: Recuva.lnk . (.Piriform Software Ltd - Recuva.) C:\Program Files\Recuva\recuva64.exe =>.PIRIFORM SOFTWARE LIMITED®
O4 - GS\CommonDesktop [Public]: RogueKiller.lnk . (…) C:\Program Files\RogueKiller\RogueKiller64.exe =>.ADLICE®
O4 - GS\CommonDesktop [Public]: VHDPlus IDE.lnk . (.Protop Solutions UG - FPGA Programming made easy.) C:\Program Files (x86)\VHDPlus\VHDPlus.exe [Unsigned]
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) D:\Programme\VLC\vlc.exe =>.VideoLAN®
O4 - GS\CommonDesktop [Public]: WinSCP.lnk . (.Martin Prikryl - WinSCP: SFTP, FTP, WebDAV, S3 and SCP clien.) C:\Program Files (x86)\WinSCP\WinSCP.exe {04292E45125096FE6D57AB7C648AA118}. =>.Martin Prikryl
O4 - GS\Programs [Public]: Administrative Tools.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\system32\control.exe /name Microsoft.AdministrativeTools =>.Microsoft Corporation
O4 - GS\Programs [Public]: Desktop.lnk . (…) D:\Desktop [Unsigned]
O4 - GS\Programs [Public]: Microsoft Teams classic (work or school).lnk . (.Microsoft Corporation - Microsoft Teams classic.) C:\Users\eiko-\AppData\Local\Microsoft\Teams\Update.exe --processStart “Teams.exe” =>.Microsoft®
O4 - GS\Programs [Public]: Nahimic Companion.lnk . (.A-Volute - A-Volute NS.) C:\Users\eiko-\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe /app nahimic /dialog =>.A-Volute SAS®
O4 - GS\Programs [Public]: Notion.lnk . (.Notion Labs, Inc - Notion.) C:\Users\eiko-\AppData\Local\Programs\Notion\Notion.exe {326A7C3DBAB1332971BB3EBB4CA7FC7D}.
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft®
O4 - GS\Programs [Public]: PC Health Check.lnk . (…) C:\Users\eiko-\AppData\Local\PCHealthCheck\PCHealthCheck.exe =>.Microsoft®
O4 - GS\Programs [Public]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) D:\Programme\Tor Browser\Browser\firefox.exe [Unsigned] =>.Mozilla Corporation
O4 - GS\Programs [Public]: TV & Radio.lnk . (…) C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC Plus Player\Stream [Unsigned]
O4 - GS\Startup [Public]: CodeMeter Control Center.lnk . (.WIBU-SYSTEMS AG - CodeMeter Control Center.) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe =>.WIBU-SYSTEMS AG®
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remotedesktopverbindung.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Schrittaufzeichnung.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player Legacy.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows WordPad-Anwendung.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Zeichentabelle.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Access.lnk . (.Microsoft Corporation - Erstellen Sie schnell eine pro.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Adobe Acrobat.lnk . (.Adobe Systems Incorporated - .) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe [Unsigned] =>.Adobe Systems Incorporated
O4 - GS\ProgramsCommon [Public]: Anki.lnk . (…) D:\Programme\Anki\anki.exe {112C3F3ACD305D62BA1D39BB64CF209A}.
O4 - GS\ProgramsCommon [Public]: Arduino.lnk . (.Arduino LLC - Arduino IDE.) D:\Programme\Arduino\arduino.exe [Unsigned] =>.Arduino LLC
O4 - GS\ProgramsCommon [Public]: draw.io.lnk . (.JGraph - draw.io.) C:\Program Files\draw.io\draw.io.exe {352CB174D3737071385E8FBF60E68896}. =>.JGraph
O4 - GS\ProgramsCommon [Public]: Epic Games Launcher.lnk . (.Epic Games, Inc. - UnrealEngineLauncherProxy.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe =>.Epic Games Inc.®
O4 - GS\ProgramsCommon [Public]: Excel.lnk . (.Microsoft Corporation - Erkennen Sie mit Leichtigkeit .) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: GIMP 2.10.22.lnk . (.Spencer Kimball, Peter Mattis and the GIMP Developmen - GNU Image Manipulation Program.) C:\Program Files\GIMP 2\bin\gimp-2.10.exe =>.Jernej Simončič®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google LLC - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O4 - GS\ProgramsCommon [Public]: Microsoft Edge.lnk . (.Microsoft Corporation - Microsoft Edge.) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O4 - GS\ProgramsCommon [Public]: Nextcloud.lnk . (.Nextcloud GmbH - .) C:\Program Files (x86)\Nextcloud\nextcloud.exe [Unsigned] =>.Nextcloud GmbH
O4 - GS\ProgramsCommon [Public]: OneNote 2016.lnk . (.Microsoft Corporation - Verfassen Sie Notizen, die Sie.) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Outlook.lnk . (.Microsoft Corporation - Verwalten Sie Ihre E-Mails, Ze.) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: PC Health Check.lnk . (…) C:\Program Files (x86)\PCHealthCheck\PCHealthCheck.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: PowerPoint.lnk . (.Microsoft Corporation - Entwerfen Sie mit Leichtigkeit.) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Publisher.lnk . (.Microsoft Corporation - Erstellen Sie Publikationen au.) C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: qalc.lnk . (…) C:\WINDOWS\Installer{F4803C78-0331-4EE2-9103-33FB0673E2D3}_0A03179EBCC34B46B7BA2E.exe [Unsigned]
O4 - GS\ProgramsCommon [Public]: Qalculate! (classic).lnk . (…) C:\WINDOWS\Installer{F4803C78-0331-4EE2-9103-33FB0673E2D3}_D4FF729CA8AC010B3B502D.exe [Unsigned]
O4 - GS\ProgramsCommon [Public]: Qalculate! (new).lnk . (…) C:\WINDOWS\Installer{F4803C78-0331-4EE2-9103-33FB0673E2D3}_3EF71820DD17DEF848CDFA.exe [Unsigned]
O4 - GS\ProgramsCommon [Public]: Skype for Business.lnk . (.Microsoft Corporation - Halten Sie überall den Kontakt.) C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Snapmaker Luban.lnk . (.Snapmaker Dev Team - Snapmaker Luban.) C:\Program Files\Snapmaker Luban\Snapmaker Luban.exe {0A15B5C63D9C303E3309B7F596A8D1D1}.
O4 - GS\ProgramsCommon [Public]: VirtualC.lnk . (…) C:\WINDOWS\Installer{59A5E95F-ABEA-48BF-B3AC-B9A78A17E144}\winicon.exe [Unsigned]
O4 - GS\ProgramsCommon [Public]: WinSCP.lnk . (.Martin Prikryl - WinSCP: SFTP, FTP, WebDAV, S3 and SCP clien.) C:\Program Files (x86)\WinSCP\WinSCP.exe {04292E45125096FE6D57AB7C648AA118}. =>.Martin Prikryl
O4 - GS\ProgramsCommon [Public]: Word.lnk . (.Microsoft Corporation - Erstellen Sie ansprechende Dok.) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE =>.Microsoft Corporation

—\ Lop.com/Domain Entführer (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = fritz.box
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{3a305b48-12bf-40ef-b06c-e6fc35585716}: DhcpNameServer = 192.168.178.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{3a305b48-12bf-40ef-b06c-e6fc35585716}: DhcpDomain = fritz.box

—\ Zusätzliche Protokolle (27) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-Anzeige.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX-Steuerung für Streamingvideo.) – C:\Windows\System32\MSVidCtl.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-Anzeige.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-Anzeige.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-Erweiterung für Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office component.) – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft®
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office component.) – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft®
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office component.) – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft®
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office component.) – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-Anzeige.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX-Steuerung für Streamingvideo.) – C:\Windows\System32\MSVidCtl.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-Anzeige.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) – C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL =>.Microsoft®

—\ AppInit_DLLs Registrierungswert Autorun (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Userinit-Anmeldeanwendung.) - C:\WINDOWS\System32\Userinit.exe =>.Microsoft Corporation

—\ ASIC (ActiveSetup Installed Components) (7) - 0s
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Setup-Hilfsprogramm für die Microsoft Legac.) – C:\Windows\System32\unregmp2.exe [Unsigned] =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) – C:\Windows\System32\wmpdxm.dll [Unsigned] =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Setup-Hilfsprogramm für die Microsoft Legac.) – C:\Windows\System32\unregmp2.exe [Unsigned] =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE-Hilfsprogramm für Pro-Benutzerinitalisie.) – C:\Windows\System32\ie4uinit.exe [Unsigned] =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) – C:\Windows\System32\mscories.dll =>.Microsoft®
O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google LLC - Google Chrome Installer.) – C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.95\Installer\chrmstp.exe =>.Google LLC®
O40 - ASIC: Microsoft Edge [64Bits] - {9459C573-B17A-45AE-9F64-1857B5D58CEE} . (.Microsoft Corporation - Microsoft Edge Installer.) – C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.20\Installer\setup.exe =>.Microsoft®

—\ Installierte Software (157) - 20s
O42 - Logiciel: 3DMark - (.UL.) [HKLM][64Bits] – Steam App 223850 =>.Valve Corp.®
O42 - Logiciel: Adobe Acrobat (64-bit) - (.Adobe.) [HKLM][64Bits] – {AC76BA86-1033-1033-7760-BC15014EA700} [Unsigned] =>.Adobe
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {AC76BA86-0804-1033-1959-018244601067} [Unsigned] =>.Adobe Systems Incorporated (Hidden)
O42 - Logiciel: Age of Empires IV - (.Relic Entertainment.) [HKLM][64Bits] – Steam App 1466860 =>.Valve Corp.®
O42 - Logiciel: Age of Mythology: Extended Edition - (.SkyBox Labs.) [HKLM][64Bits] – Steam App 266840 =>.Valve Corp.®
O42 - Logiciel: Altium Designer 23 - (.Altium Limited.) [HKLM][64Bits] – Altium Designer {A9B34CD7-40BF-42A8-8F33-55BA03B6232C} {09FEED19E3C973A65B3DEBAC2C6DCA59}. =>.Altium Limited
O42 - Logiciel: AMD Ryzen Master SDK - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] – {DBD50508-5F75-416B-995D-C42433A00944} [Unsigned] =>.Advanced Micro Devices, Inc.
O42 - Logiciel: Anaconda3 2023.03-1 (Python 3.10.9 64-bit) - (.Anaconda, Inc..) [HKLM][64Bits] – Anaconda3 2023.03-1 (Python 3.10.9 64-bit) {0D78CB77821B2F887CAACF9EF37E3C42}. =>.Anaconda, Inc.
O42 - Logiciel: Anki - (.Damien Elmes.) [HKLM][64Bits] – Anki {112C3F3ACD305D62BA1D39BB64CF209A}. =>.Damien Elmes
O42 - Logiciel: Anno 1800 - (.Ubisoft.) [HKLM][64Bits] – Uplay Install 4553 =>.Ubisoft Entertainment Sweden AB®
O42 - Logiciel: AnycubicPhotonWorkshop - (.Anycubic.) [HKLM][64Bits] – {C48D4F03-E59D-475F-B34D-E618A500C118}is1 [Unsigned]
O42 - Logiciel: Arduino - (.Arduino LLC.) [HKLM][64Bits] – Arduino [Unsigned] =>.Arduino LLC
O42 - Logiciel: Big Ambitions - (.Hovgaard Games.) [HKLM][64Bits] – Steam App 1331550 =>.Valve Corp.®
O42 - Logiciel: CLion 2022.1 - (.JetBrains s.r.o..) [HKLM][64Bits] – CLion 2022.1 [Unsigned] =>.JetBrains s.r.o.
O42 - Logiciel: CodeMeter Runtime Kit v6.30d - (.WIBU-SYSTEMS AG.) [HKLM][64Bits] – {627EBCBD-71C2-4FDE-9BEA-3AF7F03FBE10} [Unsigned] =>.WIBU-SYSTEMS AG
O42 - Logiciel: CODESYS V3.5 SP10 Patch 4 - (.3S-Smart Software Solutions GmbH.) [HKLM][64Bits] – {91B73AA2-4B42-481F-9ECD-03AB9C6016DF} [Unsigned] =>.3S-Smart Software Solutions GmbH (Hidden)
O42 - Logiciel: CODESYS V3.5 SP10 Patch 4 - (.3S-Smart Software Solutions GmbH.) [HKLM][64Bits] – InstallShield{91B73AA2-4B42-481F-9ECD-03AB9C6016DF} =>.3S-Smart Software Solutions GmbH®
O42 - Logiciel: CORSAIR iCUE Software - (.Corsair.) [HKLM][64Bits] – {30D73167-BD7C-473A-AF2F-BBC194FA42D4} [Unsigned] =>.Corsair
O42 - Logiciel: CrystalDiskInfo 8.13.3 - (.Crystal Dew World.) [HKLM][64Bits] – CrystalDiskInfo_is1 [Unsigned] =>.Crystal Dew World
O42 - Logiciel: Dokan Library 1.5.1.1000 (x64) - (.Dokany Project.) [HKLM][64Bits] – {65A3A964-3DC3-0105-0001-211126123627} [Unsigned] =>.Dokany Project (Hidden)
O42 - Logiciel: Dokan Library 1.5.1.1000 Bundle - (.Dokany Project.) [HKLM][64Bits] – {05c046de-f751-48c8-b8d3-77259ea88eb7} {05B9E5C73998821D2E591A368995B191}. =>.Dokany Project
O42 - Logiciel: Dragon Center - (.MSI.) [HKLM][64Bits] – {B252FABF-9582-4824-B02B-6D2DC93685C7}}_is1 =>.MICRO-STAR INTERNATIONAL CO., LTD.®
O42 - Logiciel: draw.io 22.0.2 - (.JGraph.) [HKLM][64Bits] – 27a75bf3-be48-5c35-934f-8491cf108abe {352CB174D3737071385E8FBF60E68896}. =>.JGraph
O42 - Logiciel: ENE IO Driver - (.ENE TECHNOLOGY INC..) [HKLM][64Bits] – {D0512FFD-6194-4D2E-967E-25B82A3322FF} [Unsigned] =>.ENE TECHNOLOGY INC. (Hidden)
O42 - Logiciel: ENE RGB HAL - (.Ene Tech..) [HKLM][64Bits] – {87316426-A33E-41E9-942B-968E928A9A47} [Unsigned] =>.Ene Tech. (Hidden)
O42 - Logiciel: ENE RGB HAL - (.Ene Tech..) [HKLM][64Bits] – {9f93601b-15ea-4e69-8d7c-dfa0f29ae04e} =>.ENE TECHNOLOGY INC.® (Hidden)
O42 - Logiciel: ENE_EHD_M2_HAL - (.ENE TECHNOLOGY INC..) [HKLM][64Bits] – {1CD178C9-BB49-4E59-9DA6-3C152E2A9844} [Unsigned] =>.ENE TECHNOLOGY INC. (Hidden)
O42 - Logiciel: ENE_EHD_M2_HAL - (.ENE TECHNOLOGY INC..) [HKLM][64Bits] – {fe81cfd3-9db4-409d-b0f9-26707d1423c6} =>.ENE TECHNOLOGY INC.® (Hidden)
O42 - Logiciel: Epic Games Launcher - (.Epic Games, Inc..) [HKLM][64Bits] – {9483ABD9-C772-487B-ADF8-09347CF8F2D2} [Unsigned] =>.Epic Games, Inc.
O42 - Logiciel: Epic Games Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {F9C5C994-F6B9-4D75-B3E7-AD01B84073E9} [Unsigned] =>.Epic Games, Inc. (Hidden)
O42 - Logiciel: Epic Online Services - (.Epic Games, Inc..) [HKLM][64Bits] – {57A956AB-4BCC-45C6-9B40-957E4E125568} [Unsigned] =>.Epic Games, Inc.
O42 - Logiciel: Farming Simulator 22 - (.Giants Software.) [HKLM][64Bits] – Steam App 1248130 =>.Valve Corp.®
O42 - Logiciel: FreeFileSync - (.FreeFileSync.org.) [HKLM][64Bits] – FreeFileSync_is1 =>.Florian BAUER®
O42 - Logiciel: Fritzing - (.Fritzing GmbH.) [HKLM][64Bits] – {62E4A8BF-5F3B-49E0-9ECE-3140C049FA34} [Unsigned] =>.Fritzing GmbH
O42 - Logiciel: GIMP 2.10.22 - (.The GIMP Team.) [HKLM][64Bits] – GIMP-2_is1 =>.Jernej Simončič®
O42 - Logiciel: Git - (.The Git Development Community.) [HKLM][64Bits] – Git_is1 {7D467C5AC99420F6A7E2A89ED61472B4}. =>.The Git Development Community
O42 - Logiciel: Google Chrome - (.Google LLC.) [HKLM][64Bits] – Google Chrome =>.Google LLC®
O42 - Logiciel: Hekasoft Backup & Restore 0.96 - (.Hekasoft.) [HKLM][64Bits] – {PBR27112011-M1447-7KS6-C3E2-1X8374W715U4}_is1 [Unsigned] =>.Hekasoft
O42 - Logiciel: HWiNFO64 Version 6.12 - (.Martin Malik - REALiX.) [HKLM][64Bits] – HWiNFO64_is1 [Unsigned] =>.Martin Malik - REALiX
O42 - Logiciel: Immortals Fenyx Rising - (.Ubisoft.) [HKLM][64Bits] – Uplay Install 5405 =>.Ubisoft Entertainment Sweden AB®
O42 - Logiciel: Inkscape - (.Inkscape.) [HKLM][64Bits] – {B57F4693-8866-4053-B706-901E03F3301B} [Unsigned] =>.InkScape
O42 - Logiciel: Java 8 Update 401 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] – {71024AE4-039E-4CA4-87B4-2F64180401F0} [Unsigned] =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] – {4A03706F-666A-4037-7777-5F2748764D10} [Unsigned] =>.Oracle Corporation (Hidden)
O42 - Logiciel: Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {43a03b9c-4770-409c-a999-587b60700b63} =>.Epic Games Inc.® (Hidden)
O42 - Logiciel: logisim-evolution - (.logisim-evolution developers.) [HKLM][64Bits] – {BFAB7B04-8835-36CF-87DB-D1E3A319406E} [Unsigned]
O42 - Logiciel: Logitech Options - (.Logitech.) [HKLM][64Bits] – LogiOptions =>.Logitech Inc®
O42 - Logiciel: LTspice XVII - (.Linear Technology Corporation.) [HKLM][64Bits] – LTspice XVII [Unsigned] =>.Linear Technology Corporation
O42 - Logiciel: Microsoft .NET Host - 5.0.4 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {DD901386-A294-4FF1-A683-0EFF5C66209A} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Host - 5.0.4 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {9BFB6AF7-641C-4B52-82CA-43F5A4FD288E} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Host - 7.0.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {19FCE07F-2A75-44AC-9EA5-8E29FE2F8DBE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Host FX Resolver - 5.0.4 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {773EF543-570F-4746-953A-3CB19DFCB3E2} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Host FX Resolver - 5.0.4 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {79D32D19-A148-4E8E-AC31-2FC90CDBBFA8} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Host FX Resolver - 7.0.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {174E0D7C-F2C9-49A2-83FB-95A0FE6FA023} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Runtime - 5.0.4 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {879C9645-ADF3-4697-915B-00B76EBA629F} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Runtime - 5.0.4 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {D523398E-D0EE-4F91-AE81-A27222A621DA} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft .NET Runtime - 7.0.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {B45C77BA-0B4E-4FBB-99B9-9774ECBE20AA} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Edge - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft Edge =>.Microsoft®
O42 - Logiciel: Microsoft Edge Update - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft Edge Update [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Edge WebView2-Laufzeit - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft EdgeWebView =>.Microsoft®
O42 - Logiciel: Microsoft GameInput - (.Microsoft Corporation.) [HKLM][64Bits] – {1F2B6AF3-C260-8666-5950-E3FEDBC851D6} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Professional Plus 2019 - de-de - (.Microsoft Corporation.) [HKLM][64Bits] – ProPlus2019Volume - de-de =>.Microsoft®
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] – OneDriveSetup.exe =>.Microsoft®
O42 - Logiciel: Microsoft Teams Meeting Add-in for Microsoft Office - (.Microsoft.) [HKLM][64Bits] – {A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91} [Unsigned] =>.Microsoft
O42 - Logiciel: Microsoft Update Health Tools - (.Microsoft Corporation.) [HKLM][64Bits] – {C6FD611E-7EFE-488C-A0E0-974C09EF6473} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] – {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] – {9A25302D-30C0-39D9-BD6F-21E6EC160475} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] – {9BE518E6-ECC6-35A9-88E4-87755C07200F} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] – {1D8E6291-B0D5-35EC-8441-6616F567A0F7} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] – {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {37B8F9C7-03FB-3253-8781-2517C99D7C00} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {B175520C-86A2-35A7-8619-86DC379688B9} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {BD95A8CD-1D9F-35AD-981A-3E7925026EBB} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] – {050d4fc8-5d48-4b8f-8972-47c82c46020f} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] – {f65db027-aff3-4070-886a-0d87064aabb1} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {929FBD26-9020-399B-9A7A-751D61F0B942} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {A749D8E6-B613-3BE3-8F5F-045C84EBA29B} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 - (.Microsoft Corporation.) [HKLM][64Bits] – {b2d0f752-adc5-496e-8f70-8669de01f746} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 - (.Microsoft Corporation.) [HKLM][64Bits] – {d92971ab-f030-43c8-8545-c66c818d0e05} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 - (.Microsoft Corporation.) [HKLM][64Bits] – {14C49FC8-3E9B-4F29-8526-26629B5CF30B} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 - (.Microsoft Corporation.) [HKLM][64Bits] – {0D01A812-82A1-481F-8546-8E28E976F8DF} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 - (.Microsoft Corporation.) [HKLM][64Bits] – {7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 - (.Microsoft Corporation.) [HKLM][64Bits] – {0AE39060-F209-4D05-ABC7-54B8F9CFA32E} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {7C0242A3-8B66-35D1-9FE0-13B426ACB609} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft Visual Studio 2010 Tools for Office Runtime (x64) =>.Microsoft®
O42 - Logiciel: Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - - (.Microsoft Corporation.) [HKLM][64Bits] – {3583C06F-41E7-302F-AA16-980FA3848798} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] – Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU =>.Microsoft®
O42 - Logiciel: Microsoft Windows Desktop Runtime - 5.0.4 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {A04C83D6-2FC0-4F09-9166-E870E5A9E168} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Windows Desktop Runtime - 5.0.4 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {ff817559-f11f-4faa-af52-26feb4b46fff} =>.Microsoft®
O42 - Logiciel: Microsoft Windows Desktop Runtime - 5.0.4 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {0F1B4D8B-545C-4C65-BA29-3F564C2F6915} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Windows Desktop Runtime - 5.0.4 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] – {a83b07f3-e0e5-4402-87d4-3d1acf79c42a} =>.Microsoft®
O42 - Logiciel: Microsoft Windows Desktop Runtime - 7.0.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {3133BC55-90BD-4B87-82A2-6670B3CAFB81} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Windows Desktop Runtime - 7.0.8 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] – {d260fcb6-95b8-4c81-8e07-ce75876ffca2} =>..NET®
O42 - Logiciel: Minecraft Launcher - (.Mojang.) [HKLM][64Bits] – {810F1419-7760-402E-8772-B4054FAA2B72} [Unsigned] =>.Mojang
O42 - Logiciel: Nefarius Virtual Gamepad Emulation Bus Driver - (.Nefarius Software Solutions e.U..) [HKLM][64Bits] – {93D91F60-7C94-4A79-863F-EA713D2EB3F3} [Unsigned] =>.Nefarius Software Solutions e.U.
O42 - Logiciel: Nextcloud - (.Nextcloud GmbH.) [HKLM][64Bits] – {27596A6F-750F-4996-A5C2-A980522ED1C4} [Unsigned] =>.Nextcloud GmbH
O42 - Logiciel: NVAPI Monitor plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA ABHub - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvAbHub [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA GeForce Experience 3.20.2.34 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Grafiktreiber 456.71 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA NodeJS - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Optimus Update 38.0.4.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA PhysX-Systemsoftware 9.19.0218 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA ShadowPlay 3.20.2.34 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Telemetry Client - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA TelemetryApi helper for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Update 38.0.4.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Virtual Audio 4.13.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Virtual Host Controller - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvVHCI [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008C-0000-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-007E-0000-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008C-0407-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: OnePlus USB Drivers 1.00 - (.OnePlus, Inc.) [HKLM][64Bits] – OnePlus USB Drivers 1.00 [Unsigned] =>.OnePlus, Inc
O42 - Logiciel: OrcaSlicer - (.SoftFever.) [HKLM][64Bits] – OrcaSlicer [Unsigned]
O42 - Logiciel: Overwolf - (.Overwolf Ltd..) [HKLM][64Bits] – Overwolf {0DACC0F743C79D8A6464DC967AF3B039}. =>.Overwolf Ltd.
O42 - Logiciel: PDF24 Creator 11.8.0 - (.PDF24.org.) [HKLM][64Bits] – {81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1 [Unsigned] =>.PDF24.org
O42 - Logiciel: PowerToys (Preview) - (.Microsoft Corporation.) [HKLM][64Bits] – {6F3910F2-DA29-490C-811F-D3691B134A61} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: PowerToys (Preview) x64 - (.Microsoft Corporation.) [HKLM][64Bits] – {1aada4d0-ca73-4389-8f63-73923c771fd4} =>.Microsoft®
O42 - Logiciel: Prusa3D Version 2.5.0 - (.Prusa Research a.s..) [HKLM][64Bits] – Prusa3D_is1 [Unsigned]
O42 - Logiciel: PrusaSlicer Version 2.5.0 - (.Prusa Research s.r.o..) [HKLM][64Bits] – PrusaSlicer_is1 [Unsigned]
O42 - Logiciel: Qalculate! - (.Hanna Knutsson.) [HKLM][64Bits] – {F4803C78-0331-4EE2-9103-33FB0673E2D3} [Unsigned]
O42 - Logiciel: Recuva - (.Piriform.) [HKLM][64Bits] – Recuva =>.Piriform Software Ltd®
O42 - Logiciel: RogueKiller version 15.15.2.0 - (.Adlice Software.) [HKLM][64Bits] – 8B3D7924-ED89-486B-8322-E8594065D5CB_is1 =>.ADLICE®
O42 - Logiciel: SAP Crystal Reports runtime engine for .NET Framework (64-bit) - (.SAP.) [HKLM][64Bits] – {F9B436DD-8D48-430E-BA89-F85DFA452C55} [Unsigned] =>.SAP
O42 - Logiciel: Snapmaker Luban 3.8.0 - (.Snapmaker Dev Team.) [HKLM][64Bits] – {4c329381-cbe6-5eac-8b35-1ff73ff2e943} {0119496D699B5C9A0542428C9DAD5EBA}.
O42 - Logiciel: Snapmaker Luban 4.4.0 - (.Snapmaker Dev Team.) [HKLM][64Bits] – 4c329381-cbe6-5eac-8b35-1ff73ff2e943 {0A15B5C63D9C303E3309B7F596A8D1D1}.
O42 - Logiciel: SQLite ODBC Driver for Win64 (remove only) - (.Legitimate.) [HKLM][64Bits] – SQLite ODBC Driver for Win64 [Unsigned]
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] – Steam =>.Valve®
O42 - Logiciel: Supermarket Simulator - (.Nokta Games.) [HKLM][64Bits] – Steam App 2670630 =>.Valve Corp.®
O42 - Logiciel: TeighaX 4.00 (x64) - (.Open Design Alliance.) [HKLM][64Bits] – {2AB65377-C672-498E-BE74-5C60CCFEAC5C} [Unsigned] =>.Open Design Alliance
O42 - Logiciel: Trackmania - (.Ubisoft.) [HKLM][64Bits] – Uplay Install 5595 =>.Ubisoft Entertainment Sweden AB®
O42 - Logiciel: Ubisoft Connect - (.Ubisoft.) [HKLM][64Bits] – Uplay =>.Ubisoft Entertainment Sweden AB®
O42 - Logiciel: UltiMaker Cura 5.3.1 - (.UltiMaker.) [HKLM][64Bits] – UltiMaker Cura 5.3.1-5.3.1 [Unsigned] =>.Ultimaker
O42 - Logiciel: VHDPlus IDE (64bit) - (.VHDPlus.) [HKLM][64Bits] – {715CFA00-2211-47A2-AD88-87EC71B9564E} [Unsigned]
O42 - Logiciel: Virtual-C IDE - (.VirtualC.) [HKLM][64Bits] – {59A5E95F-ABEA-48BF-B3AC-B9A78A17E144} [Unsigned]
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] – VLC media player [Unsigned] =>.VideoLAN
O42 - Logiciel: Windows-PC-Integritätsprüfung - (.Microsoft Corporation.) [HKLM][64Bits] – {63EFBDB5-01B0-4614-BE9F-7F1908E42275} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Windows-PC-Integritätsprüfung - (.Microsoft Corporation.) [HKLM][64Bits] – {B3956CF3-F6C5-4567-AC38-1FD4432B319C} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: WinSCP 6.1.1 - (.Martin Prikryl.) [HKLM][64Bits] – winscp3_is1 {04292E45125096FE6D57AB7C648AA118}. =>.Martin Prikryl

—\ HKCU & HKLM Software Keys (181) - 20s
HKLM\SOFTWARE\27a75bf3-be48-5c35-934f-8491cf108abe =>Adware.CrossRider
HKLM\SOFTWARE\4c329381-cbe6-5eac-8b35-1ff73ff2e943 =>Adware.CrossRider
HKLM\SOFTWARE\A-Volute =>.A-Volute
HKLM\SOFTWARE\Acronis =>.Acronis
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\AE Protection =>.Legitimate
HKLM\SOFTWARE\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\Altium =>.Altium
HKLM\SOFTWARE\AMD =>.AMD
HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Cadence Design Systems, Inc. =>.Cadence Design Systems, Inc.
HKLM\SOFTWARE\Canon =>.Canon
HKLM\SOFTWARE\Caphyon =>.Caphyon
HKLM\SOFTWARE\cFos =>.CFos Software
HKLM\SOFTWARE\Corsair =>.RSA Security
HKLM\SOFTWARE\CVSM =>.Legitimate
HKLM\SOFTWARE\CyberGhost =>.CyberGhost S.R.L
HKLM\SOFTWARE\d7xTech
HKLM\SOFTWARE\DefaultUserEnvironment =>.Microsoft Corporation
HKLM\SOFTWARE\dotnet =>.Legitimate
HKLM\SOFTWARE\Foxit Software =>.Foxit Software
HKLM\SOFTWARE\Fritzing GmbH =>.Fritzing GmbH
HKLM\SOFTWARE\Futuremark =>.Futuremark
HKLM\SOFTWARE\GIMP 2.10
HKLM\SOFTWARE\GitForWindows
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\HiJackThis+
HKLM\SOFTWARE\HP =>.HP
HKLM\SOFTWARE\IM Providers =>.IM Providers
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Khronos =>.Khronos
HKLM\SOFTWARE\Logishrd =>.LogiShrd
HKLM\SOFTWARE\logisim-evolution developers
HKLM\SOFTWARE\Logitech =>.Logitech
HKLM\SOFTWARE\Martin Prikryl =>.Martin Prikryl
HKLM\SOFTWARE\Micron
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Nahimic =>.Nahimic
HKLM\SOFTWARE\Nefarius Software Solutions e.U. =>.Nefarius Software Solutions e.U.
HKLM\SOFTWARE\Nextcloud GmbH =>.Nextcloud GmbH
HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\OEM =>.OEM
HKLM\SOFTWARE\OpenSSH =>.OpenBSD
HKLM\SOFTWARE\Oracle =>.Oracle
HKLM\SOFTWARE\Partner =>.Google Inc.
HKLM\SOFTWARE\PDF24
HKLM\SOFTWARE\Piriform =>.Piriform
HKLM\SOFTWARE\Python =>.Python
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\SAP BusinessObjects =>.SAP BusinessObjects
HKLM\SOFTWARE\Setup =>.Unknown
HKLM\SOFTWARE\SOFTWARE =>.Unknown
HKLM\SOFTWARE\Valve =>.Valve
HKLM\SOFTWARE\VHDPlus
HKLM\SOFTWARE\VideoLAN =>.VideoLan Team
HKLM\SOFTWARE\WIBU-SYSTEMS =>.Wibu-Systems
HKLM\SOFTWARE\WinChipHead
HKLM\SOFTWARE\Windows =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\3S-Smart Software Solutions GmbH =>.3S-Smart Software Solutions GmbH
HKLM\SOFTWARE\WOW6432Node\4c329381-cbe6-5eac-8b35-1ff73ff2e943 =>Adware.CrossRider
HKLM\SOFTWARE\WOW6432Node\7-Zip =>.Igor Pavlov
HKLM\SOFTWARE\WOW6432Node\Absolute Software =>.Absolute Software
HKLM\SOFTWARE\WOW6432Node\Acronis =>.Acronis
HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\WOW6432Node\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\WOW6432Node\Angry IP Scanner =>.Angry IP Scanner
HKLM\SOFTWARE\WOW6432Node\Anki =>.Damien Elmes
HKLM\SOFTWARE\WOW6432Node\Arduino =>.Arduino
HKLM\SOFTWARE\WOW6432Node\Avira =>.Avira
HKLM\SOFTWARE\WOW6432Node\CANON =>.Canon
HKLM\SOFTWARE\WOW6432Node\CleverFiles =>.CleverFiles
HKLM\SOFTWARE\WOW6432Node\Corsair =>.RSA Security
HKLM\SOFTWARE\WOW6432Node\CyberGhost =>.CyberGhost S.R.L
HKLM\SOFTWARE\WOW6432Node\dotnet =>.Legitimate
HKLM\SOFTWARE\WOW6432Node\EasyAntiCheat_EOS =>.EasyAntiCheat
HKLM\SOFTWARE\WOW6432Node\Epic Games =>.Epic Games
HKLM\SOFTWARE\WOW6432Node\EpicGames =>.Epic Games
HKLM\SOFTWARE\WOW6432Node\Foxit Software =>.Foxit Software
HKLM\SOFTWARE\WOW6432Node\FreeFileSync =>.ZenJu Software
HKLM\SOFTWARE\WOW6432Node\Futuremark =>.Futuremark
HKLM\SOFTWARE\WOW6432Node\Google =>.Google
HKLM\SOFTWARE\WOW6432Node\HP =>.HP
HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
HKLM\SOFTWARE\WOW6432Node\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\WOW6432Node\JetBrains =>.JetBrains
HKLM\SOFTWARE\WOW6432Node\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\WOW6432Node\KasperskyLab =>.Kaspersky Labs
HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\WOW6432Node\Malwarebytes =>.Malwarebytes
HKLM\SOFTWARE\WOW6432Node\Martin Prikryl =>.Martin Prikryl
HKLM\SOFTWARE\WOW6432Node\Mojang =>.Mojang
HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\MSI =>.MSI
HKLM\SOFTWARE\WOW6432Node\Nextcloud GmbH =>.Nextcloud GmbH
HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\Oracle =>.Oracle
HKLM\SOFTWARE\WOW6432Node\Overwolf =>.Overwolf
HKLM\SOFTWARE\WOW6432Node\PDFPrint =>.Legitimate
HKLM\SOFTWARE\WOW6432Node\Relic =>.Relic
HKLM\SOFTWARE\WOW6432Node\SoftFever
HKLM\SOFTWARE\WOW6432Node\TeamViewer =>.TeamViewer GmbH
HKLM\SOFTWARE\WOW6432Node\TechSmith =>.TechSmith
HKLM\SOFTWARE\WOW6432Node\TVInstallTemp =>.TeamViewer GmbH
HKLM\SOFTWARE\WOW6432Node\Ubisoft =>.Ubisoft
HKLM\SOFTWARE\WOW6432Node\Valve =>.Valve
HKLM\SOFTWARE\WOW6432Node\VirtualC
HKLM\SOFTWARE\WOW6432Node\WIBU-SYSTEMS =>.Wibu-Systems
HKLM\SOFTWARE\WOW6432Node\X-AVCSD =>.Avira Software
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\A-Volute =>.A-Volute
HKCU\SOFTWARE\Adlice Software =>.Adlice Software
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\appdatalow =>.Microsoft Corporation
HKCU\SOFTWARE\ChangeTracker =>.Legitimate
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\Discord =>.SUP.Discord
HKCU\SOFTWARE\ENE_RGB_HAL
HKCU\SOFTWARE\ENE_RGB_HAL_EHD
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\Hovgaard Games
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\LogiShrd =>.LogiShrd
HKCU\SOFTWARE\Logitech =>.Logitech
HKCU\SOFTWARE\Malwarebytes Support Tool
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\SyncEngines =>.Microsoft Corporation
HKCU\SOFTWARE\Valve =>.Valve
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\software =>.Microsoft Corporation
HKU.DEFAULT\SOFTWARE\Adlice Software =>.Adlice Software
HKU.DEFAULT\SOFTWARE\Adobe =>.Adobe
HKU.DEFAULT\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKU.DEFAULT\SOFTWARE\Avira =>.Avira
HKU.DEFAULT\SOFTWARE\Canon =>.Canon
HKU.DEFAULT\SOFTWARE\Caphyon =>.Caphyon
HKU.DEFAULT\SOFTWARE\ENE_RGB_HAL
HKU.DEFAULT\SOFTWARE\ENE_RGB_HAL_EHD
HKU.DEFAULT\SOFTWARE\Epic Games =>.Epic Games
HKU.DEFAULT\SOFTWARE\Google =>.Google
HKU.DEFAULT\SOFTWARE\HP =>.HP
HKU.DEFAULT\SOFTWARE\Mozilla =>.Mozilla
HKU.DEFAULT\SOFTWARE\Netscape =>.Netscape
HKU.DEFAULT\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKU.DEFAULT\SOFTWARE\PDF24
HKU.DEFAULT\SOFTWARE\PDFPrint =>.Legitimate
HKU.DEFAULT\SOFTWARE\Piriform =>.Piriform
HKU.DEFAULT\SOFTWARE\QtProject =>.QtProject
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\A-Volute =>.A-Volute
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Adlice Software =>.Adlice Software
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Adobe =>.Adobe
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\appdatalow =>.Microsoft Corporation
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\ChangeTracker =>.Legitimate
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Chromium =>.Chromium
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Discord =>.SUP.Discord
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\ENE_RGB_HAL
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\ENE_RGB_HAL_EHD
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Google =>.Google
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Hovgaard Games
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\IM Providers =>.IM Providers
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\LogiShrd =>.LogiShrd
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Logitech =>.Logitech
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Malwarebytes Support Tool
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Netscape =>.Netscape
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\SyncEngines =>.Microsoft Corporation
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Valve =>.Valve
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\ZHP =>.Nicolas Coolman

—\ Packages (19) - 1s
C:\Program Files (x86)\WindowsApps\1527c705-839a-4832-9118-54d4Bd6a0c89_10.0.19640.1000_neutral_neutral_cw5n1h2txyewy - (..) [ms-resource:AppxManifest_DisplayName]
C:\Program Files (x86)\WindowsApps\AdobeAcrobatReaderCoreApp_23.0.0.0_x64__pc75e8sa7ep4e - (..) [Adobe Acrobat Reader]
C:\Program Files (x86)\WindowsApps\c5e2524a-ea46-4f67-841f-6a9465d9d515_10.0.22621.1_neutral_neutral_cw5n1h2txyewy - (.Microsoft Corporation.) [ms-resource:AppxManifest_DisplayName] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\Clipchamp.Clipchamp_2.9.3.0_neutral__yxz26nhyzhsrt - (.Legitimate.) [ms-resource:Clipchamp/AppName]
C:\Program Files (x86)\WindowsApps\E2A4F912-2574-4A75-9BB0-0D023378592B_10.0.19640.1000_neutral_neutral_cw5n1h2txyewy - (..) [ms-resource:AppxManifest_DisplayName]
C:\Program Files (x86)\WindowsApps\F46D4000-FD22-4DB4-AC8E-4E1DDDE828FE_10.0.22621.1_neutral_neutral_cw5n1h2txyewy - (.Microsoft Corporation.) [ms-resource:AppxManifest_DisplayName] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe - (.Microsoft Corporation.) [Microsoft Family] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.28.0_x64__8wekyb3d8bbwe - (.Microsoft Corporation.) [ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\MicrosoftTeams_24047.202.2704.38_x64__8wekyb3d8bbwe - (.Microsoft Corporation.) [Microsoft Teams] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\MicrosoftWindows.Client.CBS_1000.22681.1000.0_x64__cw5n1h2txyewy - (.Microsoft Corporation.) [ms-resource:ProductPkgDisplayName] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\MicrosoftWindows.Client.Core_1000.22645.1000.0_x64__cw5n1h2txyewy - (.Microsoft Corporation.) [ms-resource:ProductPkgDisplayName] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\MicrosoftWindows.Client.FileExp_1000.22651.1000.0_x64__cw5n1h2txyewy - (.Microsoft Corporation.) [ms-resource:ProductPkgDisplayName] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.290.0_x64__cw5n1h2txyewy - (.Microsoft Corporation.) [Windows Web Experience Pack] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\MicrosoftWindows.CrossDevice_1.24022.80.0_x64__cw5n1h2txyewy - (..) [ms-resource://MicrosoftWindows.CrossDevice/CrossDevice.Core/Resources/PackageName]
C:\Program Files (x86)\WindowsApps\MicrosoftWindows.UndockedDevKit_10.0.22621.1_neutral_neutral_cw5n1h2txyewy - (.Microsoft Corporation.) [UDK Package] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe - (..) [Microsoft Teams (work or school)]
C:\Program Files (x86)\WindowsApps\NcsiUwpApp_1000.22621.1.0_neutral_neutral_8wekyb3d8bbwe - (.Microsoft.) [NcsiUwpApp] =>Microsoft
C:\Program Files (x86)\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj - (.nVidia Corporation.) [NVIDIA Control Panel] =>nVidia Corporation
C:\Program Files (x86)\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0 - (.Spotify.) [Spotify Music] =>Spotify

—\ Inhalt der Ordner Programme (403) - 11s
O43 - CFD: 16/11/2021 - D – C:\Program Files\Adobe =>.Adobe Inc.®
O43 - CFD: 08/12/2023 - D – C:\Program Files\Altium {09FEED19E3C973A65B3DEBAC2C6DCA59}.
O43 - CFD: 07/01/2020 - D – C:\Program Files\AMD =>.Advanced Micro Devices INC.®
O43 - CFD: 05/07/2023 - D – C:\Program Files\AnycubicPhotonWorkshop {1FDD06412B027853B8C4BC51}.
O43 - CFD: 22/05/2023 - D – C:\Program Files\CodeMeter =>.Legitimate
O43 - CFD: 06/03/2024 - D – C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 17/04/2023 - D – C:\Program Files\Crucial =>.Micron Technology, Inc.®
O43 - CFD: 06/07/2023 - D – C:\Program Files\Dokan {05B9E5C73998821D2E591A368995B191}.
O43 - CFD: 06/07/2023 - D – C:\Program Files\dotnet =>..NET®
O43 - CFD: 18/10/2023 - D – C:\Program Files\draw.io {352CB174D3737071385E8FBF60E68896}.
O43 - CFD: 07/01/2020 - D – C:\Program Files\ENE =>.ENE
O43 - CFD: 10/12/2023 - D – C:\Program Files\Epic Games =>.Epic Games
O43 - CFD: 21/04/2023 - D – C:\Program Files\Fritzing =>.Fritzing
O43 - CFD: 08/01/2020 - [0] SHD – C:\Program Files\Gemeinsame Dateien =>.Gemeinsame Dateien
O43 - CFD: 18/12/2020 - D – C:\Program Files\GIMP 2 =>.Jernej Simončič®
O43 - CFD: 18/10/2023 - D – C:\Program Files\Git =>.Global Information Technology
O43 - CFD: 07/03/2024 - D – C:\Program Files\Hekasoft Backup & Restore [Unsigned]
O43 - CFD: 19/01/2024 - D – C:\Program Files\HPPrintScanDoctor =>.HP Inc.®
O43 - CFD: 17/05/2023 - D – C:\Program Files\Inkscape =>.inkscape.org
O43 - CFD: 04/12/2023 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 16/01/2024 - D – C:\Program Files\Java =>.Oracle
O43 - CFD: 10/01/2024 - D – C:\Program Files\logisim-evolution [Unsigned]
O43 - CFD: 22/08/2021 - D – C:\Program Files\Logitech =>.Logitech Inc®
O43 - CFD: 29/02/2024 - D – C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 07/03/2020 - D – C:\Program Files\Microsoft Office 15 =>.Microsoft Corporation
O43 - CFD: 11/11/2023 - D – C:\Program Files\Microsoft Update Health Tools =>.Microsoft Corporation
O43 - CFD: 09/05/2022 - [0] D – C:\Program Files\mingw-w64
O43 - CFD: 07/05/2022 - [0] D – C:\Program Files\ModifiableWindowsApps =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 06/04/2021 - D – C:\Program Files\Nefarius Software Solutions =>.Nefarius Software Solutions e.U.®
O43 - CFD: 02/05/2022 - D – C:\Program Files\Nextcloud {00980C39AA679AD337FB40CF706DB769C8}.
O43 - CFD: 08/01/2020 - D – C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 12/11/2023 - D – C:\Program Files\OrcaSlicer [Unsigned]
O43 - CFD: 22/04/2022 - D – C:\Program Files\PCHealthCheck =>.Microsoft Corporation
O43 - CFD: 03/02/2024 - D – C:\Program Files\PowerToys =>.Microsoft®
O43 - CFD: 06/07/2023 - D – C:\Program Files\Prusa3D [Unsigned]
O43 - CFD: 25/10/2023 - D – C:\Program Files\Qalculate [Unsigned]
O43 - CFD: 06/07/2023 - D – C:\Program Files\Recuva =>.Piriform
O43 - CFD: 06/03/2024 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 01/03/2024 - D – C:\Program Files\RogueKiller =>.Adlice Software
O43 - CFD: 27/09/2022 - D – C:\Program Files\Snapmaker Luban {0A15B5C63D9C303E3309B7F596A8D1D1}.
O43 - CFD: 16/11/2022 - D – C:\Program Files\SQLite =>.Legitimate
O43 - CFD: 30/06/2023 - D – C:\Program Files\UltiMaker Cura 5.3.1 [Unsigned]
O43 - CFD: 08/01/2020 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Program Files\UNP =>.Microsoft Corporation
O43 - CFD: 02/06/2023 - D – C:\Program Files\VHDPlus =>..NET®
O43 - CFD: 22/05/2023 - D – C:\Program Files\WIBU-SYSTEMS =>.Wibu-Systems
O43 - CFD: 06/03/2024 - D – C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 04/12/2023 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - SHD – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 07/03/2024 - HD – C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - D – C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 22/05/2023 - D – C:\Program Files (x86)\3S CODESYS =>.3S-Smart Software Solutions GmbH®
O43 - CFD: 07/01/2020 - D – C:\Program Files (x86)\Adobe =>.Adobe Inc.®
O43 - CFD: 22/05/2023 - D – C:\Program Files (x86)\CodeMeter =>.Legitimate
O43 - CFD: 06/03/2024 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 06/04/2021 - D – C:\Program Files (x86)\dotnet =>.Microsoft®
O43 - CFD: 10/12/2023 - D – C:\Program Files (x86)\EasyAntiCheat_EOS =>.EasyAntiCheat
O43 - CFD: 07/01/2020 - D – C:\Program Files (x86)\ENE [Unsigned] =>.ENE
O43 - CFD: 10/12/2023 - D – C:\Program Files (x86)\Epic Games =>.Epic Games
O43 - CFD: 07/03/2024 - D – C:\Program Files (x86)\Google =>.Google LLC®
O43 - CFD: 30/01/2022 - D – C:\Program Files (x86)\HP =>.Hewlett-Packard
O43 - CFD: 22/05/2023 - D – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 04/12/2023 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 22/02/2020 - [0] D – C:\Program Files (x86)\Java =>.Oracle
O43 - CFD: 06/03/2024 - D – C:\Program Files (x86)\Microsoft =>.Microsoft Corporation
O43 - CFD: 26/03/2023 - D – C:\Program Files (x86)\Microsoft GameInput =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 08/01/2020 - D – C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 06/10/2022 - D – C:\Program Files (x86)\OnePlus USB Drivers [Unsigned]
O43 - CFD: 08/12/2023 - D – C:\Program Files (x86)\Open Design Alliance =>.Open Design Alliance
O43 - CFD: 22/08/2023 - D – C:\Program Files (x86)\Raspberry Pi Imager {7CEFF3A1D1FBB760FE85774A8BC65117}.
O43 - CFD: 06/03/2024 - D – C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 16/11/2022 - D – C:\Program Files (x86)\SAP BusinessObjects =>.SAP BusinessObjects
O43 - CFD: 24/03/2022 - D – C:\Program Files (x86)\TeamViewer =>.TeamViewer GmbH
O43 - CFD: 04/01/2021 - [0] HD – C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 26/03/2023 - D – C:\Program Files (x86)\Windows Kits =>.Microsoft Corporation
O43 - CFD: 04/12/2023 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - D – C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - SHD – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - D – C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 22/08/2023 - D – C:\Program Files (x86)\WinSCP {04292E45125096FE6D57AB7C648AA118}.
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3S CODESYS
O43 - CFD: 07/05/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 04/12/2023 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Altium
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnycubicPhotonWorkshop
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter =>.Legitimate
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo =>.Crystal Dew World
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fritzing =>.Fritzing
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git =>.Global Information Technology
O43 - CFD: 07/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hekasoft Backup & Restore
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains =>.JetBrains Inc
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\logisim-evolution
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech =>.Logitech
O43 - CFD: 07/05/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher =>.Mojang
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI =>.MSI
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OrcaSlicer
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 =>.Geek Software GmbH
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview)
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva =>.Piriform
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games =>.Riot Games
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller =>.Adlice Software
O43 - CFD: 06/03/2024 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
O43 - CFD: 07/05/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltiMaker Cura
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VHDPlus
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 07/05/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 18/12/2021 - D – C:\ProgramData\A-Volute =>.A-Volute
O43 - CFD: 16/11/2021 - D – C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 12/06/2020 - D – C:\ProgramData\AirDroid =>.AirDroid
O43 - CFD: 08/12/2023 - D – C:\ProgramData\Altium
O43 - CFD: 08/12/2023 - D – C:\ProgramData\Altium2004
O43 - CFD: 27/04/2023 - D – C:\ProgramData\anaconda3
O43 - CFD: 08/01/2020 - [0] SHD – C:\ProgramData\Anwendungsdaten =>.Microsoft Corporation
O43 - CFD: 22/05/2023 - D – C:\ProgramData\AP =>.AP
O43 - CFD: 17/04/2023 - D – C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 06/10/2022 - D – C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 05/02/2021 - D – C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 26/11/2023 - D – C:\ProgramData\Autodesk =>.Autodesk
O43 - CFD: 12/02/2024 - D – C:\ProgramData\boost_interprocess =>.boost.org
O43 - CFD: 09/01/2020 - D – C:\ProgramData\Canon =>.Canon
O43 - CFD: 09/01/2020 - HD – C:\ProgramData\CanonIJQuickMenu =>.Canon Inc.
O43 - CFD: 22/04/2022 - HD – C:\ProgramData\CanonIJScan =>.Canon Inc.
O43 - CFD: 09/01/2020 - D – C:\ProgramData\CanonIJWSpt =>.Canon Inc.
O43 - CFD: 05/07/2023 - D – C:\ProgramData\Caphyon =>.Caphyon
O43 - CFD: 07/01/2020 - D – C:\ProgramData\cFos =>.CFos Software
O43 - CFD: 06/07/2023 - D – C:\ProgramData\CleverFiles =>.CleverFiles
O43 - CFD: 22/05/2023 - D – C:\ProgramData\CodeMeter =>.Legitimate
O43 - CFD: 22/05/2023 - D – C:\ProgramData\CODESYS =>.3S-Smart Software Solutions GmbH
O43 - CFD: 22/05/2023 - [0] D – C:\ProgramData\CODESYS - Application Composer
O43 - CFD: 22/05/2023 - D – C:\ProgramData\CoDeSysOPC =>.3S-Smart Software Solutions GmbH
O43 - CFD: 07/01/2020 - D – C:\ProgramData\Corsair =>.RSA Security
O43 - CFD: 06/03/2024 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 08/01/2020 - [0] SHD – C:\ProgramData\Dokumente =>.Microsoft Corporation
O43 - CFD: 10/12/2023 - D – C:\ProgramData\Epic =>.Epic
O43 - CFD: 22/04/2022 - [0] D – C:\ProgramData\Foxit Software =>.Foxit Software
O43 - CFD: 22/05/2023 - D – C:\ProgramData\Gateway Files
O43 - CFD: 28/11/2022 - D – C:\ProgramData\HP =>.Hewlett-Packard
O43 - CFD: 22/08/2021 - D – C:\ProgramData\Logishrd =>.Logitech Inc.
O43 - CFD: 06/03/2024 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 06/10/2022 - D – C:\ProgramData\MSI =>.MSI
O43 - CFD: 07/03/2024 - D – C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 10/12/2023 - D – C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 07/01/2020 - D – C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 13/12/2020 - D – C:\ProgramData\Overwolf =>.Overwolf
O43 - CFD: 03/02/2024 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 22/05/2023 - D – C:\ProgramData\PackageManagerCLI
O43 - CFD: 07/03/2024 - D – C:\ProgramData\Packages =>.Microsoft Corporation
O43 - CFD: 06/07/2023 - D – C:\ProgramData\Piriform =>.Piriform
O43 - CFD: 07/03/2024 - D – C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\ProgramData\regid.2007-07.org.fritzing
O43 - CFD: 25/10/2023 - D – C:\ProgramData\Riot Games =>.Riot Games
O43 - CFD: 01/03/2024 - D – C:\ProgramData\RogueKiller =>.Adlice Software
O43 - CFD: 07/05/2022 - [0] D – C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - [0] D – C:\ProgramData\ssh =>.Microsoft Corporation
O43 - CFD: 08/01/2020 - [0] SHD – C:\ProgramData\Startmenü =>.Microsoft Corporation
O43 - CFD: 05/04/2021 - D – C:\ProgramData\Trackmania =>.Ubisoft
O43 - CFD: 21/02/2020 - D – C:\ProgramData\Twitch =>.Twitch
O43 - CFD: 07/01/2020 - D – C:\ProgramData\Ubisoft =>.Ubisoft
O43 - CFD: 09/01/2020 - D – C:\ProgramData\UL =>.UL
O43 - CFD: 21/02/2020 - D – C:\ProgramData\UniqueId =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - D – C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 08/01/2020 - [0] SHD – C:\ProgramData\Vorlagen =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - D – C:\ProgramData\WindowsHolographicDevices =>.Microsoft Corporation
O43 - CFD: 02/05/2022 - D – C:\ProgramData\WinZip =>.WinZip
O43 - CFD: 16/11/2021 - D – C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 10/12/2023 - D – C:\Program Files (x86)\Common Files\BattlEye =>.BattlEye
O43 - CFD: 16/01/2024 - D – C:\Program Files (x86)\Common Files\Java =>.Oracle
O43 - CFD: 28/04/2022 - D – C:\Program Files (x86)\Common Files\logishrd =>.Logitech Inc.
O43 - CFD: 06/03/2024 - D – C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
O43 - CFD: 22/05/2023 - D – C:\Program Files (x86)\Common Files\OPC Foundation =>.OPC Foundation
O43 - CFD: 16/01/2024 - D – C:\Program Files (x86)\Common Files\Oracle =>.Oracle
O43 - CFD: 01/03/2024 - D – C:\Program Files (x86)\Common Files\Overwolf =>.Overwolf
O43 - CFD: 06/03/2024 - D – C:\Program Files (x86)\Common Files\Steam =>.Steam Games
O43 - CFD: 04/12/2023 - D – C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 03/02/2024 - D – C:\Users\eiko-\AppData\Roaming.minecraft =>.Microsoft Corporation
O43 - CFD: 17/11/2021 - D – C:\Users\eiko-\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 12/06/2020 - D – C:\Users\eiko-\AppData\Roaming\AirDroid =>.AirDroid
O43 - CFD: 08/12/2023 - D – C:\Users\eiko-\AppData\Roaming\Altium
O43 - CFD: 09/02/2024 - D – C:\Users\eiko-\AppData\Roaming\Anki2
O43 - CFD: 26/11/2023 - D – C:\Users\eiko-\AppData\Roaming\Autodesk =>.Autodesk
O43 - CFD: 16/11/2022 - D – C:\Users\eiko-\AppData\Roaming\Cadence
O43 - CFD: 10/04/2021 - D – C:\Users\eiko-\AppData\Roaming\CadSoft =>.CadSoft
O43 - CFD: 22/04/2022 - D – C:\Users\eiko-\AppData\Roaming\Canon =>.Canon
O43 - CFD: 01/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Code
O43 - CFD: 22/05/2023 - D – C:\Users\eiko-\AppData\Roaming\CODESYS =>.3S-Smart Software Solutions GmbH
O43 - CFD: 20/11/2022 - D – C:\Users\eiko-\AppData\Roaming\com.adobe.dunamis =>.Adobe Inc.
O43 - CFD: 05/01/2022 - [0] D – C:\Users\eiko-\AppData\Roaming\com.skymavis.launcher
O43 - CFD: 07/01/2020 - D – C:\Users\eiko-\AppData\Roaming\Corsair =>.RSA Security
O43 - CFD: 30/06/2023 - D – C:\Users\eiko-\AppData\Roaming\cura
O43 - CFD: 23/02/2023 - D – C:\Users\eiko-\AppData\Roaming\CyberGhost =>.CyberGhost S.R.L
O43 - CFD: 04/02/2020 - D – C:\Users\eiko-\AppData\Roaming\de.devolo.dLAN.Cockpit =>.Devolo AG
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\discord
O43 - CFD: 05/02/2021 - D – C:\Users\eiko-\AppData\Roaming\dlg
O43 - CFD: 18/10/2023 - D – C:\Users\eiko-\AppData\Roaming\draw.io
O43 - CFD: 06/04/2021 - D – C:\Users\eiko-\AppData\Roaming\DS4Windows =>.DSDCS
O43 - CFD: 10/12/2023 - D – C:\Users\eiko-\AppData\Roaming\EasyAntiCheat =>.EasyAntiCheat
O43 - CFD: 05/02/2024 - D – C:\Users\eiko-\AppData\Roaming\EQATEC Analytics
O43 - CFD: 22/04/2022 - D – C:\Users\eiko-\AppData\Roaming\Foxit Software =>.Foxit Software
O43 - CFD: 16/02/2024 - D – C:\Users\eiko-\AppData\Roaming\FreeFileSync =>.ZenJu Software
O43 - CFD: 14/04/2023 - D – C:\Users\eiko-\AppData\Roaming\Fritzing =>.Fritzing
O43 - CFD: 21/02/2020 - D – C:\Users\eiko-\AppData\Roaming\ftblauncher =>.Games Software
O43 - CFD: 10/04/2021 - D – C:\Users\eiko-\AppData\Roaming\Fusion360
O43 - CFD: 18/12/2020 - D – C:\Users\eiko-\AppData\Roaming\GIMP =>.The GIMP Team
O43 - CFD: 07/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Hekasoft =>.Hekasoft
O43 - CFD: 30/01/2022 - D – C:\Users\eiko-\AppData\Roaming\HPPSDr
O43 - CFD: 17/05/2023 - D – C:\Users\eiko-\AppData\Roaming\inkscape =>.inkscape.org
O43 - CFD: 09/05/2022 - D – C:\Users\eiko-\AppData\Roaming\JetBrains =>.JetBrains Inc
O43 - CFD: 27/04/2023 - D – C:\Users\eiko-\AppData\Roaming\jupyter =>.Jupyter Project
O43 - CFD: 22/08/2021 - D – C:\Users\eiko-\AppData\Roaming\Logishrd =>.Logitech Inc.
O43 - CFD: 22/04/2022 - D – C:\Users\eiko-\AppData\Roaming\Mavis Hub
O43 - CFD: 06/03/2024 - SD – C:\Users\eiko-\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 03/05/2022 - D – C:\Users\eiko-\AppData\Roaming\Nextcloud
O43 - CFD: 11/02/2024 - D – C:\Users\eiko-\AppData\Roaming\Notion
O43 - CFD: 09/01/2020 - D – C:\Users\eiko-\AppData\Roaming\NVIDIA =>.nVidia Corporation
O43 - CFD: 03/02/2024 - D – C:\Users\eiko-\AppData\Roaming\OrcaSlicer
O43 - CFD: 29/08/2023 - D – C:\Users\eiko-\AppData\Roaming\PrusaSlicer
O43 - CFD: 26/11/2023 - D – C:\Users\eiko-\AppData\Roaming\Python =>.Python
O43 - CFD: 27/07/2020 - D – C:\Users\eiko-\AppData\Roaming\Skype =>.Skype
O43 - CFD: 18/12/2020 - D – C:\Users\eiko-\AppData\Roaming\Snapmaker Luban
O43 - CFD: 28/09/2022 - D – C:\Users\eiko-\AppData\Roaming\snapmaker-luban
O43 - CFD: 02/02/2020 - [0] D – C:\Users\eiko-\AppData\Roaming\Spotify =>.Spotify
O43 - CFD: 16/01/2024 - D – C:\Users\eiko-\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 06/04/2021 - D – C:\Users\eiko-\AppData\Roaming\Teams
O43 - CFD: 12/06/2020 - D – C:\Users\eiko-\AppData\Roaming\TeamViewer =>.TeamViewer GmbH
O43 - CFD: 19/12/2021 - D – C:\Users\eiko-\AppData\Roaming\Techsmith =>.TechSmith
O43 - CFD: 21/02/2020 - D – C:\Users\eiko-\AppData\Roaming\Twitch =>.Twitch
O43 - CFD: 23/01/2024 - D – C:\Users\eiko-\AppData\Roaming\VHDPlus
O43 - CFD: 01/03/2024 - D – C:\Users\eiko-\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 07/03/2024 - D – C:\Users\eiko-\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 25/01/2024 - D – C:\Users\eiko-\AppData\Roaming\Zoom =>.ZOOM
O43 - CFD: 05/01/2022 - D – C:\Users\eiko-\AppData\Local@axielauncher-updater
O43 - CFD: 23/01/2023 - D – C:\Users\eiko-\AppData\Local\Adobe =>.Adobe
O43 - CFD: 16/11/2022 - D – C:\Users\eiko-\AppData\Local\allegro
O43 - CFD: 08/12/2023 - D – C:\Users\eiko-\AppData\Local\Altium
O43 - CFD: 08/12/2023 - [0] D – C:\Users\eiko-\AppData\Local\AltiumSecurityService
O43 - CFD: 05/02/2021 - D – C:\Users\eiko-\AppData\Local\Anton_Small
O43 - CFD: 06/03/2024 - [0] SHD – C:\Users\eiko-\AppData\Local\Anwendungsdaten =>.Microsoft Corporation
O43 - CFD: 05/07/2023 - D – C:\Users\eiko-\AppData\Local\ANYCUBIC
O43 - CFD: 10/08/2021 - D – C:\Users\eiko-\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 23/08/2023 - D – C:\Users\eiko-\AppData\Local\Arduino15 =>.Arduino
O43 - CFD: 02/01/2024 - D – C:\Users\eiko-\AppData\Local\Autodesk =>.Autodesk
O43 - CFD: 17/05/2023 - D – C:\Users\eiko-\AppData\Local\babl-0.1 =>.The GIMP Team
O43 - CFD: 13/10/2023 - D – C:\Users\eiko-\AppData\Local\Backup =>.Symantec
O43 - CFD: 22/04/2022 - D – C:\Users\eiko-\AppData\Local\balena-etcher-updater
O43 - CFD: 10/12/2023 - D – C:\Users\eiko-\AppData\Local\BattlEye =>.BattlEye
O43 - CFD: 22/08/2023 - D – C:\Users\eiko-\AppData\Local\cache =>.Legitimate
O43 - CFD: 07/01/2020 - D – C:\Users\eiko-\AppData\Local\CEF =>.CEF
O43 - CFD: 17/07/2023 - D – C:\Users\eiko-\AppData\Local\CMakeTools
O43 - CFD: 09/01/2020 - D – C:\Users\eiko-\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 27/04/2023 - D – C:\Users\eiko-\AppData\Local\conda
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Local\ConnectedDevicesPlatform =>.Microsoft Corporation
O43 - CFD: 07/01/2020 - D – C:\Users\eiko-\AppData\Local\Corsair =>.RSA Security
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 10/12/2023 - D – C:\Users\eiko-\AppData\Local\CrashReportClient
O43 - CFD: 06/07/2023 - D – C:\Users\eiko-\AppData\Local\CrashRpt
O43 - CFD: 30/06/2023 - D – C:\Users\eiko-\AppData\Local\cura
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Local\D3DSCache =>.Legitimate
O43 - CFD: 02/01/2023 - [0] D – C:\Users\eiko-\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Local\Discord
O43 - CFD: 06/07/2023 - D – C:\Users\eiko-\AppData\Local\DiskDrill =>.Clever Software
O43 - CFD: 22/05/2023 - D – C:\Users\eiko-\AppData\Local\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 22/11/2022 - D – C:\Users\eiko-\AppData\Local\draw.io-updater
O43 - CFD: 05/02/2021 - D – C:\Users\eiko-\AppData\Local\easytornado.com
O43 - CFD: 28/02/2024 - D – C:\Users\eiko-\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 17/05/2023 - D – C:\Users\eiko-\AppData\Local\enchant
O43 - CFD: 10/12/2023 - D – C:\Users\eiko-\AppData\Local\Epic Games =>.Epic Games
O43 - CFD: 10/12/2023 - D – C:\Users\eiko-\AppData\Local\EpicGamesLauncher =>.Epic Games
O43 - CFD: 17/05/2023 - D – C:\Users\eiko-\AppData\Local\fontconfig =>.Portable Apps
O43 - CFD: 10/12/2023 - D – C:\Users\eiko-\AppData\Local\FortniteGame
O43 - CFD: 21/02/2020 - D – C:\Users\eiko-\AppData\Local\ftblauncher =>.Games Software
O43 - CFD: 10/04/2021 - D – C:\Users\eiko-\AppData\Local\Fusion 360 CAM
O43 - CFD: 05/01/2022 - D – C:\Users\eiko-\AppData\Local\GameAnalytics
O43 - CFD: 18/12/2020 - D – C:\Users\eiko-\AppData\Local\gegl-0.4 =>.Portable Apps
O43 - CFD: 18/12/2020 - D – C:\Users\eiko-\AppData\Local\GIMP =>.The GIMP Team
O43 - CFD: 07/01/2020 - D – C:\Users\eiko-\AppData\Local\Google =>.Google
O43 - CFD: 15/03/2023 - D – C:\Users\eiko-\AppData\Local\Governikus GmbH & Co. KG =>.Governikus GmbH & Co. KG
O43 - CFD: 05/05/2023 - D – C:\Users\eiko-\AppData\Local\gtk-2.0 =>.GTK Project
O43 - CFD: 07/03/2024 - D – C:\Users\eiko-\AppData\Local\Hekasoft =>.Hekasoft
O43 - CFD: 09/07/2022 - D – C:\Users\eiko-\AppData\Local\IsolatedStorage =>.id Software
O43 - CFD: 09/05/2022 - D – C:\Users\eiko-\AppData\Local\JetBrains =>.JetBrains Inc
O43 - CFD: 17/04/2023 - D – C:\Users\eiko-\AppData\Local\JxBrowser
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 07/01/2020 - D – C:\Users\eiko-\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
O43 - CFD: 02/05/2022 - D – C:\Users\eiko-\AppData\Local\Nextcloud
O43 - CFD: 18/12/2020 - D – C:\Users\eiko-\AppData\Local\NhNotifSys
O43 - CFD: 02/01/2023 - D – C:\Users\eiko-\AppData\Local\notion-updater
O43 - CFD: 08/01/2020 - D – C:\Users\eiko-\AppData\Local\NVIDIA =>.nVidia Corporation
O43 - CFD: 10/12/2023 - D – C:\Users\eiko-\AppData\Local\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 10/03/2020 - D – C:\Users\eiko-\AppData\Local\OneDrive =>.Microsoft Corporation
O43 - CFD: 12/11/2023 - D – C:\Users\eiko-\AppData\Local\OrcaSlicer
O43 - CFD: 03/02/2024 - D – C:\Users\eiko-\AppData\Local\Overwolf =>.Overwolf
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 07/01/2020 - [0] D – C:\Users\eiko-\AppData\Local\PackageStaging =>.Apcera
O43 - CFD: 17/10/2021 - D – C:\Users\eiko-\AppData\Local\PCHealthCheck =>.Microsoft Corporation
O43 - CFD: 06/12/2022 - D – C:\Users\eiko-\AppData\Local\PDF24 =>.Geek Software GmbH
O43 - CFD: 22/04/2022 - D – C:\Users\eiko-\AppData\Local\Picture2avi
O43 - CFD: 27/04/2023 - D – C:\Users\eiko-\AppData\Local\pip =>.Python
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Local\PlaceholderTileLogoFolder =>.Microsoft Corporation
O43 - CFD: 18/07/2023 - D – C:\Users\eiko-\AppData\Local\Printrun
O43 - CFD: 15/04/2023 - D – C:\Users\eiko-\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 17/12/2023 - D – C:\Users\eiko-\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 25/10/2023 - D – C:\Users\eiko-\AppData\Local\Qalculate
O43 - CFD: 22/08/2023 - D – C:\Users\eiko-\AppData\Local\Raspberry Pi
O43 - CFD: 22/04/2021 - D – C:\Users\eiko-\AppData\Local\Riot Games =>.Riot Games
O43 - CFD: 07/03/2022 - D – C:\Users\eiko-\AppData\Local\snapmaker-luban-updater
O43 - CFD: 17/11/2021 - D – C:\Users\eiko-\AppData\Local\SolidDocuments =>.SolidDocuments
O43 - CFD: 23/03/2020 - D – C:\Users\eiko-\AppData\Local\speech =>.Microsoft Corporation
O43 - CFD: 27/04/2023 - D – C:\Users\eiko-\AppData\Local\Spyder =>.Spyder
O43 - CFD: 06/04/2021 - D – C:\Users\eiko-\AppData\Local\SquirrelTemp =>.Squirrels
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Local\Steam =>.Steam Games
O43 - CFD: 17/02/2020 - D – C:\Users\eiko-\AppData\Local\TeamSpeak 3 =>.TeamSpeak
O43 - CFD: 12/06/2020 - D – C:\Users\eiko-\AppData\Local\TeamViewer =>.TeamViewer GmbH
O43 - CFD: 19/12/2021 - D – C:\Users\eiko-\AppData\Local\TechSmith =>.TechSmith
O43 - CFD: 07/03/2024 - D – C:\Users\eiko-\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - [0] SHD – C:\Users\eiko-\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 06/07/2023 - D – C:\Users\eiko-\AppData\Local\ToastNotificationManagerCompat
O43 - CFD: 12/08/2023 - D – C:\Users\eiko-\AppData\Local\Ubisoft Game Launcher =>.Ubisoft
O43 - CFD: 09/01/2020 - D – C:\Users\eiko-\AppData\Local\UL =>.UL
O43 - CFD: 30/06/2023 - D – C:\Users\eiko-\AppData\Local\Ultimaker B.V
O43 - CFD: 10/12/2023 - D – C:\Users\eiko-\AppData\Local\UnrealEngine =>.Unreal Software
O43 - CFD: 10/12/2023 - D – C:\Users\eiko-\AppData\Local\UnrealEngineLauncher =>.Unreal Software
O43 - CFD: 06/03/2024 - [0] SHD – C:\Users\eiko-\AppData\Local\Verlauf
O43 - CFD: 07/01/2020 - [0] D – C:\Users\eiko-\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 09/12/2022 - [0] D – C:\Users\eiko-\AppData\Local\VLC Plus Player Updater
O43 - CFD: 04/03/2024 - D – C:\Users\eiko-\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 16/11/2023 - D – C:\Users\eiko-\AppData\Local\Zoom =>.ZOOM
O43 - CFD: 12/03/2020 - [0] D – C:\Users\eiko-\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 01/02/2024 - D – C:\Users\eiko-\AppData\Local\Programs\Microsoft VS Code =>.Microsoft Corporation
O43 - CFD: 17/12/2023 - D – C:\Users\eiko-\AppData\Local\Programs\Notion
O43 - CFD: 08/01/2024 - D – C:\Users\eiko-\AppData\LocalLow\Adobe =>.Adobe
O43 - CFD: 05/06/2020 - D – C:\Users\eiko-\AppData\LocalLow\Foxit
O43 - CFD: 05/03/2024 - D – C:\Users\eiko-\AppData\LocalLow\Hovgaard Games
O43 - CFD: 14/10/2022 - SD – C:\Users\eiko-\AppData\LocalLow\Microsoft =>.Microsoft Corporation
O43 - CFD: 10/02/2021 - D – C:\Users\eiko-\AppData\LocalLow\Mozilla =>.Mozilla Corporation
O43 - CFD: 26/02/2024 - D – C:\Users\eiko-\AppData\LocalLow\Nokta Games
O43 - CFD: 22/04/2021 - D – C:\Users\eiko-\AppData\LocalLow\Riot Games =>.Riot Games
O43 - CFD: 12/07/2023 - D – C:\Users\eiko-\AppData\LocalLow\SebastianLague
O43 - CFD: 05/01/2022 - D – C:\Users\eiko-\AppData\LocalLow\Sky Mavis
O43 - CFD: 07/01/2020 - D – C:\Users\eiko-\AppData\LocalLow\Sun =>.Oracle
O43 - CFD: 01/03/2024 - [0] D – C:\Users\eiko-\AppData\LocalLow\Temp =>.Microsoft Corporation
O43 - CFD: 05/01/2022 - D – C:\Users\eiko-\AppData\LocalLow\Unity =>.Unity
O43 - CFD: 25/06/2023 - D – C:\Users\eiko-\Desktop\AT_Labore
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\Desktop\AutoLogger
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\Desktop\BootSafe
O43 - CFD: 12/07/2023 - D – C:\Users\eiko-\Desktop\Digital Logic Sim
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\Desktop\FRST-OlderVersion
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\Desktop\FSS
O43 - CFD: 22/02/2023 - [0] D – C:\Users\eiko-\Desktop\Jerks Staffel 5
O43 - CFD: 09/01/2024 - D – C:\Users\eiko-\Desktop\LogicSim
O43 - CFD: 24/08/2023 - D – C:\Users\eiko-\Desktop\Neuer Ordner
O43 - CFD: 11/02/2024 - D – C:\Users\eiko-\Desktop\Papa schicken
O43 - CFD: 25/06/2023 - D – C:\Users\eiko-\Desktop\The good Old Minecraft
O43 - CFD: 07/05/2022 - RD – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - RD – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk =>.Autodesk
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crucial Storage Executive
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc =>.SUP.Discord
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inkscape =>.inkscape.org
O43 - CFD: 07/05/2022 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf =>.Overwolf
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raspberry Pi
O43 - CFD: 17/02/2020 - [0] D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games =>.Riot Games
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SQLite ODBC Driver for Win64 =>.Legitimate
O43 - CFD: 06/03/2024 - RD – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
O43 - CFD: 07/05/2022 - RD – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft =>.Ubisoft
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code =>.Pinnacle Systems, Inc.
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom =>.ZOOM
O43 - CFD: 08/01/2020 - [0] SHD – C:\Users\Default\AppData\Local\Anwendungsdaten =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 08/01/2020 - [0] SHD – C:\Users\Default\AppData\Local\Verlauf
O43 - CFD: 08/01/2020 - [0] SHD – C:\Users\Default User\AppData\Local\Anwendungsdaten =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 07/05/2022 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 06/03/2024 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 08/01/2020 - [0] SHD – C:\Users\Default User\AppData\Local\Verlauf
O43 - CFD: 06/03/2024 - D – C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation

—\ ShellIconOverlayIdentifiers (SIOI) (6) - 0s
O106 - SIOI: [ NextcloudError] - {E0342B74-7593-4C70-9D61-22F294AAFE05}. (.Nextcloud GmbH - Nextcloud shell extension.) – C:\Program Files\Nextcloud\shellext\NCOverlays.dll {00980C39AA679AD337FB40CF706DB769C8}. =>.Nextcloud GmbH
O106 - SIOI: [ NextcloudOK] - {E1094E94-BE93-4EA2-9639-8475C68F3886}. (.Nextcloud GmbH - Nextcloud shell extension.) – C:\Program Files\Nextcloud\shellext\NCOverlays.dll {00980C39AA679AD337FB40CF706DB769C8}. =>.Nextcloud GmbH
O106 - SIOI: [ NextcloudOKShared] - {E243AD85-F71B-496B-B17E-B8091CBE93D2}. (.Nextcloud GmbH - Nextcloud shell extension.) – C:\Program Files\Nextcloud\shellext\NCOverlays.dll {00980C39AA679AD337FB40CF706DB769C8}. =>.Nextcloud GmbH
O106 - SIOI: [ NextcloudSync] - {E3D6DB20-1D83-4829-B5C9-941B31C0C35A}. (.Nextcloud GmbH - Nextcloud shell extension.) – C:\Program Files\Nextcloud\shellext\NCOverlays.dll {00980C39AA679AD337FB40CF706DB769C8}. =>.Nextcloud GmbH
O106 - SIOI: [ NextcloudWarning] - {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483}. (.Nextcloud GmbH - Nextcloud shell extension.) – C:\Program Files\Nextcloud\shellext\NCOverlays.dll {00980C39AA679AD337FB40CF706DB769C8}. =>.Nextcloud GmbH
O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows-Shellerweiterungs-DLL für erweitert.) – C:\Windows\System32\EhStorShell.dll [Unsigned] =>.Microsoft Corporation

—\ Search Context Menu Handlers (SCMH) (31) - 1s
O108 - CMH1: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client-Shellerweiterung.) – C:\Program Files\Windows Defender\shellext.dll =>.Microsoft®
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Allgemeine Windows-Shell-DLL.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Allgemeine Windows-Shell-DLL.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shellerweiterungen für Freigaben.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Arbeitsordner-Shellerweiterun.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH2: NvAppShExt [64Bits] - {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nv3dappshext.dll =>.NVIDIA Corporation®
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Allgemeine Windows-Shell-DLL.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH2: OpenGLShExt [64Bits] - {E97DEC16-A50D-49bb-AE24-CF682282E08D} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) – C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nv3dappshext.dll =>.NVIDIA Corporation®
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Allgemeine Windows-Shell-DLL.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH3: FileLocksmithExt [64Bits] - {84D68575-E186-46AD-B0CB-BAEB45EE29C0} . (.Microsoft Corporation - PowerToys File Locksmith Static Library.) – C:\Program Files\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll =>.Microsoft®
O108 - CMH3: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Shellerweiterungen für Freigaben.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH3: NextcloudContextMenuHandler [64Bits] - {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} . (.Nextcloud GmbH - Windows Shell Context Menu Handler.) – C:\Program Files\Nextcloud\shellext\NCContextMenu.dll {00980C39AA679AD337FB40CF706DB769C8}. =>.Nextcloud GmbH
O108 - CMH3: PowerRenameExt [64Bits] - {0440049F-D1DC-4E46-B27B-98393D79486B} . (.Microsoft Corporation - PowerToys PowerRenameExt.) – C:\Program Files\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll =>.Microsoft®
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Allgemeine Windows-Shell-DLL.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Allgemeine Windows-Shell-DLL.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH4: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client-Shellerweiterung.) – C:\Program Files\Windows Defender\shellext.dll =>.Microsoft®
O108 - CMH4: RecuvaShellExt [64Bits] - {435E5DF5-2510-463C-B223-BDA47006D002} . (.Piriform Software Ltd - Recuva shell extensions.) – C:\Program Files\Recuva\RecuvaShell64.dll =>.PIRIFORM SOFTWARE LIMITED®
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shellerweiterungen für Freigaben.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Arbeitsordner-Shellerweiterun.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Allgemeine Windows-Shell-DLL.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) – C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvshext.dll =>.NVIDIA Corporation®
O108 - CMH5: PowerRenameExt [64Bits] - {0440049F-D1DC-4E46-B27B-98393D79486B} . (.Microsoft Corporation - PowerToys PowerRenameExt.) – C:\Program Files\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll =>.Microsoft®
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shellerweiterungen für Freigaben.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Arbeitsordner-Shellerweiterun.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Allgemeine Windows-Shell-DLL.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - App-Resolver.) – C:\Windows\System32\appresolver.dll =>.Microsoft®
O108 - CMH6: RecuvaShellExt [64Bits] - {435E5DF5-2510-463C-B223-BDA47006D002} . (.Piriform Software Ltd - Recuva shell extensions.) – C:\Program Files\Recuva\RecuvaShell64.dll =>.PIRIFORM SOFTWARE LIMITED®
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows-Shellerweiterungs-DLL für erweitert.) – C:\Windows\System32\EhStorShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH7: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client-Shellerweiterung.) – C:\Program Files\Windows Defender\shellext.dll =>.Microsoft®
O108 - CMH7: FileLocksmithExt [64Bits] - {84D68575-E186-46AD-B0CB-BAEB45EE29C0} . (.Microsoft Corporation - PowerToys File Locksmith Static Library.) – C:\Program Files\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll =>.Microsoft®
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shellerweiterungen für Freigaben.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation

—\ Image File Execution Options (12) - 0s
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE-Hilfsprogramm für Pro-Benutzerinitalisie.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - Hilfsprogramm für unbeaufsichtigte Installa.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\LSASS.exe - (.Microsoft Corporation - Local Security Authority Process.) [AuditLevel\8] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows-Tool zum Entfernen bösart.) [CFGOptions\1] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R)-HTML-Anwendungshost.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\notepad.exe - (.Microsoft Corporation - Editor.) [UseFilter\1] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation-Host.) [MitigationOptions\1118481] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\2097152] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\4294967296] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spoolersubsystem-Anwendung.) [MitigationOptions\2097152] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Hostprozess für Windows-Dienste.) [MinimumStackCommitInBytes\32768] =>.Microsoft®

—\ Liste der Treiber des Systems (453) - 10s
O58 - SDL:2023/12/04 07:16:57 A . (.Microsoft Corporation - 1394 OpenHCI Driver.) – C:\WINDOWS\System32\drivers\1394ohci.sys [299008] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:03 A . (.LSI - LSI 3ware SCSI Storport Driver.) – C:\WINDOWS\System32\drivers\3ware.sys [108376] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - ACPI-Treiber für NT.) – C:\WINDOWS\System32\drivers\acpi.sys [755160] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - ACPI Devices Driver.) – C:\WINDOWS\System32\drivers\AcpiDev.sys [57344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - ACPIEx Driver.) – C:\WINDOWS\System32\drivers\acpiex.sys [169448] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - ACPI Processor Aggregator Device Driver.) – C:\WINDOWS\System32\drivers\acpipagr.sys [49152] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:02 A . (.Microsoft Corporation - ACPI Power Metering Driver.) – C:\WINDOWS\System32\drivers\acpipmi.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - ACPI Wake Alarm.) – C:\WINDOWS\System32\drivers\acpitime.sys [57344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - Audio KMDF Class Extension.) – C:\WINDOWS\System32\drivers\Acx01000.sys [733184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:03 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) – C:\WINDOWS\System32\drivers\adp80xx.sys [1136472] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:53 A . (.Microsoft Corporation - Treiber für zusätzliche WinSock-Funktionen.) – C:\WINDOWS\System32\drivers\afd.sys [697840] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:42 A . (.Microsoft Corporation - AF_UNIX socket provider.) – C:\WINDOWS\System32\drivers\afunix.sys [81920] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:21 A . (.Microsoft Corporation - RAS Agile Vpn Miniport Call Manager.) – C:\WINDOWS\System32\drivers\agilevpn.sys [147456] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:13 A . (.Microsoft Corporation - Application Compatibility Cache.) – C:\WINDOWS\System32\drivers\ahcache.sys [376832] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/03/16 05:39:50 A . (.Advanced Micro Devices, Inc - AMD GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\amdgpio2.sys [46344] =>.Advanced Micro Devices INC.®
O58 - SDL:2020/03/09 08:07:38 A . (.Advanced Micro Devices, Inc - AMD GPIO Driver.) – C:\WINDOWS\System32\drivers\amdgpio3.sys [24520] =>.AMD PMP-PE CB Code Signer v20160415®
O58 - SDL:2022/05/07 06:19:00 A . (.Advanced Micro Devices, Inc - AMD I2C Controller Driver.) – C:\WINDOWS\System32\drivers\amdi2c.sys [45568] [Unsigned] =>.Advanced Micro Devices, Inc
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\amdk8.sys [259456] =>.Microsoft®
O58 - SDL:2021/06/18 18:01:56 A . (.Advanced Micro Devices - AMD PCI Device driver.) – C:\WINDOWS\System32\drivers\AMDPCIDev.sys [41184] =>.Advanced Micro Devices INC.®
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\amdppm.sys [267632] =>.Microsoft®
O58 - SDL:2020/03/24 20:41:18 A . (.Advanced Micro Devices, Inc. - amdpsp sys.) – C:\WINDOWS\System32\drivers\amdpsp.sys [135184] =>.Advanced Micro Devices, Inc.®
O58 - SDL:2022/05/07 06:19:03 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) – C:\WINDOWS\System32\drivers\amdsata.sys [84312] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:03 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\WINDOWS\System32\drivers\amdsbs.sys [260440] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:03 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\WINDOWS\System32\drivers\amdxata.sys [28008] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:59 A . (.Microsoft Corporation - AppID Driver.) – C:\WINDOWS\System32\drivers\appid.sys [247264] =>.Microsoft®
O58 - SDL:2020/10/09 12:53:30 A . (.Apple Inc. - Apple Mobile Device USB Device.) – C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032] =>.WDKTestCert build,132303256403278908®
O58 - SDL:2020/10/09 12:53:32 A . (.Apple Inc. - Apple Mobile Device USB Device.) – C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976] =>.WDKTestCert build,132303256403278908®
O58 - SDL:2022/05/07 06:19:00 A . (.Apple Inc. - Apple Solid State Drive Device.) – C:\WINDOWS\System32\drivers\AppleSSD.sys [113496] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:59 A . (.Microsoft Corporation - Applocker Filter.) – C:\WINDOWS\System32\drivers\applockerfltr.sys [49152] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:03 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\WINDOWS\System32\drivers\arcsas.sys [132968] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:43 A . (.Microsoft Corporation - MS Remote Access serial network driver.) – C:\WINDOWS\System32\drivers\asyncmac.sys [61440] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [62832] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - ATAPI Driver Extension.) – C:\WINDOWS\System32\drivers\ataport.sys [259552] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:29 A . (.Microsoft Corporation - BAM Kernel Driver.) – C:\WINDOWS\System32\drivers\bam.sys [116056] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - Battery Class Driver.) – C:\WINDOWS\System32\drivers\battc.sys [107880] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:00 A . (. - BCM Function 2 Device Driver.) – C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] [Unsigned] =>.Broadcom Corporation
O58 - SDL:2022/05/07 06:19:45 A . (.Microsoft Corporation - BEEP Driver.) – C:\WINDOWS\System32\drivers\beep.sys [40960] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:38 A . (.Microsoft Corporation - BFS-Filtertreiber.) – C:\WINDOWS\System32\drivers\bfs.sys [91520] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:35 A . (.Microsoft Corporation - Windows Bind Filter Driver.) – C:\WINDOWS\System32\drivers\bindflt.sys [173544] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:10 A . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) – C:\WINDOWS\System32\drivers\bowser.sys [155648] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:19:28 A . (.Microsoft Corporation - MAC Bridge Driver.) – C:\WINDOWS\System32\drivers\bridge.sys [159744] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:00 A . (.Microsoft Corporation - Microsoft Bluetooth Audio Multiprofile Mana.) – C:\WINDOWS\System32\drivers\BtaMPM.sys [73728] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:52 A . (.Microsoft Corporation - Bluetooth A2DP Driver.) – C:\WINDOWS\System32\drivers\BthA2dp.sys [544768] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - Bluetooth-Bus-Extender.) – C:\WINDOWS\System32\drivers\bthenum.sys [143360] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:52 A . (.Microsoft Corporation - Bluetooth Hands-free Audio Device Driver.) – C:\WINDOWS\System32\drivers\BthHfAud.sys [110592] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:52 A . (.Microsoft Corporation - Bluetooth Hands-Free Audio and Call Control.) – C:\WINDOWS\System32\drivers\BthHfEnum.sys [188416] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - Bluetooth Transport Extensibility Miniport.) – C:\WINDOWS\System32\drivers\BthMini.SYS [86016] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:01 A . (.Microsoft Corporation - Bluetooth Communications Driver.) – C:\WINDOWS\System32\drivers\bthmodem.sys [106496] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - Bluetooth Personal Area Networking.) – C:\WINDOWS\System32\drivers\bthpan.sys [159744] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - Bluetooth-Bustreiber.) – C:\WINDOWS\System32\drivers\bthport.sys [2101248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - Bluetooth-Miniporttreiber.) – C:\WINDOWS\System32\drivers\BTHUSB.SYS [139264] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:05 A . (.Microsoft Corporation - VHD BTT Filter Driver.) – C:\WINDOWS\System32\drivers\bttflt.sys [79184] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - Button Converter Driver.) – C:\WINDOWS\System32\drivers\buttonconverter.sys [90112] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:02 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) – C:\WINDOWS\System32\drivers\bxvbda.sys [534872] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:01 A . (.Microsoft Corporation - Charge Arbiration Driver.) – C:\WINDOWS\System32\drivers\CAD.sys [99672] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:25 A . (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\cdfs.sys [131072] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:03 A . (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\cdrom.sys [204800] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:20 A . (.Microsoft Corporation - Event Aggregation Kernel Mode Library.) – C:\WINDOWS\System32\drivers\CEA.sys [107880] =>.Microsoft®
O58 - SDL:2023/11/16 18:07:32 A . (.www.winchiphead.com - WDM_64 for CH341 serial, by W.ch.) – C:\WINDOWS\System32\drivers\CH341S64.SYS [58368] [Unsigned] =>.www.winchiphead.com
O58 - SDL:2022/05/07 06:19:04 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) – C:\WINDOWS\System32\drivers\cht4dx64.sys [145256] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) – C:\WINDOWS\System32\drivers\cht4sx64.sys [320880] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Chelsio Communications - VF library for Chelsio ® T5/T6 Chipset.) – C:\WINDOWS\System32\drivers\cht4vfx.sys [28672] [Unsigned] =>.Chelsio Communications
O58 - SDL:2022/05/07 06:19:04 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) – C:\WINDOWS\System32\drivers\cht4vx64.sys [1854832] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:23 A . (.Microsoft Corporation - CimFS driver.) – C:\WINDOWS\System32\drivers\cimfs.sys [173424] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:01 A . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) – C:\WINDOWS\System32\drivers\circlass.sys [90112] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:50 A . (.Microsoft Corporation - SCSI Class System Dll.) – C:\WINDOWS\System32\drivers\Classpnp.sys [488816] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:01 A . (.Microsoft Corporation - Cloud Files Mini Filter Driver.) – C:\WINDOWS\System32\drivers\cldflt.sys [569344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:04 A . (.Microsoft Corporation - Common Log File System Driver.) – C:\WINDOWS\System32\drivers\clfs.sys [456176] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:17 A . (.Microsoft Corporation - CLIP Service.) – C:\WINDOWS\System32\drivers\ClipSp.sys [1140192] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - Control Method Battery Driver.) – C:\WINDOWS\System32\drivers\CmBatt.sys [73728] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - Kernelkonfigurations-Manager: Hostexporttre.) – C:\WINDOWS\System32\drivers\cmimcext.sys [71024] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:50 A . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) – C:\WINDOWS\System32\drivers\cng.sys [782384] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:23 A . (.Microsoft Corporation - CNG Hardware Assist algorithm provider.) – C:\WINDOWS\System32\drivers\cnghwassist.sys [75088] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:23 A . (.Microsoft Corporation - Console Driver.) – C:\WINDOWS\System32\drivers\condrv.sys [87376] =>.Microsoft®
O58 - SDL:2020/07/06 14:50:42 A . (.Corsair - Corsair virtual bus driver.) – C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984] =>.Microsoft®
O58 - SDL:2020/07/06 14:50:44 A . (.Corsair - Corsair virtual device driver.) – C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:03 A . (.Microsoft Corporation - Crash Dump Driver.) – C:\WINDOWS\System32\drivers\crashdmp.sys [157168] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:09 A . (.Microsoft Corporation - DAM Kernel Driver.) – C:\WINDOWS\System32\drivers\dam.sys [140784] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:52 A . (.Microsoft Corporation - Xbox Device Authentication Driver.) – C:\WINDOWS\System32\drivers\devauthe.sys [86016] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:04 A . (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\dfsc.sys [184320] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - PnP Disk Driver.) – C:\WINDOWS\System32\drivers\disk.sys [140784] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:35 A . (.Microsoft Corporation - Crash Dump Disk Driver.) – C:\WINDOWS\System32\drivers\Diskdump.sys [79200] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:35 A . (.Microsoft Corporation - Boot Over USB Dump Driver.) – C:\WINDOWS\System32\drivers\Dmpusbstor.sys [57344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:20:16 A . (.Microsoft Corporation - Dynamischer Arbeitsspeicher.) – C:\WINDOWS\System32\drivers\dmvsc.sys [99664] =>.Microsoft®
O58 - SDL:2021/11/26 13:10:30 A . (.Dokan Project - Dokan Driver.) – C:\WINDOWS\System32\drivers\dokan1.sys [386552] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:54 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) – C:\WINDOWS\System32\drivers\drmk.sys [143360] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:54 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) – C:\WINDOWS\System32\drivers\drmkaud.sys [51008] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:33 A . (.Microsoft Corporation - ATAPI Dump Driver.) – C:\WINDOWS\System32\drivers\Dumpata.sys [79216] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:59 A . (.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) – C:\WINDOWS\System32\drivers\dumpfve.sys [133656] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - SD Crashdump Port Driver.) – C:\WINDOWS\System32\drivers\dumpsd.sys [230744] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:23 A . (.Microsoft Corporation - SD Host Controller Crashdump Port Driver.) – C:\WINDOWS\System32\drivers\dumpsdport.sys [73728] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:35 A . (.Microsoft Corporation - Storport Dump Driver.) – C:\WINDOWS\System32\drivers\Dumpstorport.sys [79184] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:18 A . (.Microsoft Corporation - DirectX Graphics Kernel.) – C:\WINDOWS\System32\drivers\dxgkrnl.sys [4703616] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:18 A . (.Microsoft Corporation - DirectX Graphics MMS.) – C:\WINDOWS\System32\drivers\dxgmms1.sys [566656] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:18 A . (.Microsoft Corporation - DirectX Graphics MMS.) – C:\WINDOWS\System32\drivers\dxgmms2.sys [1148392] =>.Microsoft®
O58 - SDL:2019/03/19 05:43:34 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) – C:\WINDOWS\System32\drivers\e1i65x64.sys [553984] [Unsigned] =>.Intel Corporation
O58 - SDL:2022/05/06 14:08:00 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) – C:\WINDOWS\System32\drivers\e1i68x64.sys [576000] [Unsigned] =>.Intel Corporation
O58 - SDL:2022/05/07 06:20:05 A . (.Microsoft Corporation - Enhanced Storage Class driver for IEEE 1667.) – C:\WINDOWS\System32\drivers\EhStorClass.sys [152944] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:53 A . (.Microsoft Corporation - Microsoft driver for storage devices suppor.) – C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys [165344] =>.Microsoft®
O58 - SDL:2019/05/22 06:44:08 A . (…) – C:\WINDOWS\System32\drivers\ene.sys [17624] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - Error Device Driver.) – C:\WINDOWS\System32\drivers\errdev.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:02 A . (.QLogic Corporation - QLogic 10 GigE VBD.) – C:\WINDOWS\System32\drivers\evbd0a.sys [3424104] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:02 A . (.Marvell Semiconductor Inc. - QLogic 10 GigE VBD.) – C:\WINDOWS\System32\drivers\evbda.sys [3441512] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:56 A . (.Microsoft Corporation - CPU Scheduler for High Performance I/O.) – C:\WINDOWS\System32\drivers\ExecutionContext.sys [75136] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:49 A . (.Microsoft Corporation - Microsoft Extended FAT File System.) – C:\WINDOWS\System32\drivers\exfat.sys [452080] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:49 A . (.Microsoft Corporation - Fast FAT File System Driver.) – C:\WINDOWS\System32\drivers\fastfat.sys [456048] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - Floppy Disk Controller Driver.) – C:\WINDOWS\System32\drivers\fdc.sys [69632] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:02 A . (.Microsoft Corporation - Windows sandboxing and encryption filter.) – C:\WINDOWS\System32\drivers\filecrypt.sys [90112] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:33 A . (.Microsoft Corporation - FileInfo Filter Driver.) – C:\WINDOWS\System32\drivers\fileinfo.sys [124240] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:33 A . (.Microsoft Corporation - File Trace Filter Driver.) – C:\WINDOWS\System32\drivers\filetrace.sys [73728] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - Floppy Driver.) – C:\WINDOWS\System32\drivers\flpydisk.sys [65536] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:50 A . (.Microsoft Corporation - Microsoft Dateisystem-Filter-Manager.) – C:\WINDOWS\System32\drivers\fltMgr.sys [505320] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - File System Dependency Manager Mini Filter.) – C:\WINDOWS\System32\drivers\fsdepends.sys [103808] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:30 A . (.Microsoft Corporation - File System Recognizer Driver.) – C:\WINDOWS\System32\drivers\fs_rec.sys [71008] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:59 A . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) – C:\WINDOWS\System32\drivers\fvevol.sys [882032] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:56 A . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) – C:\WINDOWS\System32\drivers\FWPKCLNT.SYS [546160] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:54 A . (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\hdaudbus.sys [192512] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:54 A . (.Microsoft Corporation - High Definition Audio Function Driver.) – C:\WINDOWS\System32\drivers\HdAudio.sys [528384] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - Hid Battery Driver.) – C:\WINDOWS\System32\drivers\hidbatt.sys [71016] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - Bluetooth-Miniporttreiber für HID-Geräte.) – C:\WINDOWS\System32\drivers\hidbth.sys [151552] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - HID-Klassenbibliothek.) – C:\WINDOWS\System32\drivers\hidclass.sys [278528] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - I2C HID Miniport Driver.) – C:\WINDOWS\System32\drivers\hidi2c.sys [102400] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - HID Button over Interrupt Driver.) – C:\WINDOWS\System32\drivers\hidinterrupt.sys [91472] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:01 A . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) – C:\WINDOWS\System32\drivers\hidir.sys [81920] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - Hid Parsing Library.) – C:\WINDOWS\System32\drivers\hidparse.sys [90112] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - SPI HID Miniport Driver.) – C:\WINDOWS\System32\drivers\hidspi.sys [139264] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:36 A . (.Microsoft Corporation - HidSpi KMDF Class Extension.) – C:\WINDOWS\System32\drivers\HidSpiCx.sys [126976] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) – C:\WINDOWS\System32\drivers\hidusb.sys [77824] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:03 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\WINDOWS\System32\drivers\HpSAMD.sys [65360] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:08 A . (.Microsoft Corporation - HSP Device Driver.) – C:\WINDOWS\System32\drivers\Hsp.sys [124264] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:49 A . (.Microsoft Corporation - HTTP-Protokollstapel.) – C:\WINDOWS\System32\drivers\http.sys [1721728] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:16 A . (.Microsoft Corporation - Hyper-V Crashdump.) – C:\WINDOWS\System32\drivers\hvcrash.sys [75112] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:02 A . (.Microsoft Corporation - Hypervisor Boot Driver.) – C:\WINDOWS\System32\drivers\hvservice.sys [91624] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:44 A . (.Microsoft Corporation - Microsoft Hyper-V Socket Provider.) – C:\WINDOWS\System32\drivers\hvsocket.sys [181632] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:30 A . (.Microsoft Corporation - Hardware Policy Driver.) – C:\WINDOWS\System32\drivers\hwpolicy.sys [79200] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:16 A . (.Microsoft Corporation - Microsoft VMBus Synthetic Keyboard Driver.) – C:\WINDOWS\System32\drivers\hyperkbd.sys [62800] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:16 A . (.Microsoft Corporation - Microsoft VMBus Video Device Miniport Drive.) – C:\WINDOWS\System32\drivers\HyperVideo.sys [79200] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - i8042-Anschlusstreiber.) – C:\WINDOWS\System32\drivers\i8042prt.sys [159744] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:00 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iagpio.sys [36352] [Unsigned] =>.Intel(R) Corporation
O58 - SDL:2022/05/07 06:19:00 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) – C:\WINDOWS\System32\drivers\iai2c.sys [91136] [Unsigned] =>.Intel(R) Corporation
O58 - SDL:2022/05/07 06:19:00 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360] [Unsigned] =>.Intel Corporation
O58 - SDL:2022/05/07 06:19:00 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [93184] [Unsigned] =>.Intel Corporation
O58 - SDL:2022/05/07 06:19:00 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128] [Unsigned] =>.Intel Corporation
O58 - SDL:2022/05/07 06:19:00 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256] [Unsigned] =>.Intel Corporation
O58 - SDL:2022/05/07 06:19:00 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520] [Unsigned] =>.Intel Corporation
O58 - SDL:2022/05/07 06:19:00 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104] [Unsigned] =>.Intel Corporation
O58 - SDL:2022/05/07 06:19:00 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152] [Unsigned] =>.Intel Corporation
O58 - SDL:2022/05/07 06:19:00 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664] [Unsigned] =>.Intel Corporation
O58 - SDL:2022/05/07 06:19:02 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2022/05/07 06:19:01 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] [Unsigned] =>.Intel Corporation
O58 - SDL:2022/05/07 06:19:04 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) – C:\WINDOWS\System32\drivers\iaStorAVC.sys [885584] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\WINDOWS\System32\drivers\iaStorV.sys [413008] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Mellanox - InfiniBand Fabric Bus Driver.) – C:\WINDOWS\System32\drivers\ibbus.sys [559976] =>.Microsoft®
O58 - SDL:2019/09/12 04:11:00 A . (.Intel Corporation - Intel(R) Wireless Bluetooth(R) Filter Drive.) – C:\WINDOWS\System32\drivers\ibtusb.sys [2113312] =>.Intel(R) Wireless Connectivity Solutions®
O58 - SDL:2023/12/04 07:17:35 A . (.Microsoft Corporation - Indirect displays kernel-mode filter driver.) – C:\WINDOWS\System32\drivers\IndirectKmd.sys [86016] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - Intel PCI IDE Driver.) – C:\WINDOWS\System32\drivers\intelide.sys [58736] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - Intel Power Engine Plugin.) – C:\WINDOWS\System32\drivers\intelpep.sys [558728] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:00 A . (.Microsoft Corporation - Intel Power Limit Driver.) – C:\WINDOWS\System32\drivers\intelpmax.sys [65536] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - Intel Platform Monitoring Driver.) – C:\WINDOWS\System32\drivers\IntelPMT.sys [91784] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\intelppm.sys [296320] =>.Microsoft®
O58 - SDL:2021/01/04 00:18:08 A . (.Microsoft Corporation - Intel Telemetry Driver.) – C:\WINDOWS\System32\drivers\IntelTA.sys [26608] =>.Microsoft®
O58 - SDL:2022/05/07 06:18:58 A . (.Microsoft Corporation - Filter zur Steuerung der E/A-Rate.) – C:\WINDOWS\System32\drivers\iorate.sys [87392] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:43 A . (.Microsoft Corporation - IP FILTER DRIVER.) – C:\WINDOWS\System32\drivers\ipfltdrv.sys [118784] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - WMI IPMI-TREIBER.) – C:\WINDOWS\System32\drivers\IPMIDrv.sys [148864] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:35 A . (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\ipnat.sys [258048] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:00 A . (.Microsoft Corporation - IPT Driver.) – C:\WINDOWS\System32\drivers\ipt.sys [99688] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - PNP-ISA-Bustreiber.) – C:\WINDOWS\System32\drivers\isapnp.sys [54624] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:03 A . (.Avago Technologies - Avago SAS Gen3.5 Driver (StorPort).) – C:\WINDOWS\System32\drivers\ItSas35i.sys [187224] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - Tastaturklassentreiber.) – C:\WINDOWS\System32\drivers\kbdclass.sys [95576] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - HID-Tastaturfiltertreiber.) – C:\WINDOWS\System32\drivers\kbdhid.sys [73728] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:31 A . (.Microsoft Corporation - Microsoft Kernel Debugger Network Miniport.) – C:\WINDOWS\System32\drivers\kdnic.sys [70992] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - Kernel Mode Power Dependency Coordinator.) – C:\WINDOWS\System32\drivers\kmpdc.sys [71024] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:49 A . (.Microsoft Corporation - Network Power Dependency Broker.) – C:\WINDOWS\System32\drivers\KNetPwrDepBroker.sys [73728] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:13 A . (.Microsoft Corporation - Kernel CSA Library.) – C:\WINDOWS\System32\drivers\ks.sys [544768] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:51 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) – C:\WINDOWS\System32\drivers\ksecdd.sys [189808] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:55 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) – C:\WINDOWS\System32\drivers\ksecpkg.sys [218584] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:38 A . (.Microsoft Corporation - Kernel Streaming WOW Thunk Service.) – C:\WINDOWS\System32\drivers\ksthunk.sys [65536] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:08 A . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) – C:\WINDOWS\System32\drivers\lltdio.sys [102400] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/23 08:56:54 A . (…) – C:\WINDOWS\System32\drivers\lpsport.sys [61304] =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2022/05/07 06:19:03 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas.sys [109920] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:03 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas2i.sys [125280] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:03 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas3i.sys [138600] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:13 A . (.Microsoft Corporation - LUA-Filtertreiber zur Dateivirtualisierung.) – C:\WINDOWS\System32\drivers\luafv.sys [167936] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2012/10/26 09:42:20 A . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Dr.) – C:\WINDOWS\System32\drivers\lvrs64.sys [351520] =>.Logitech, Inc.®
O58 - SDL:2012/10/26 09:42:20 A . (.Logitech Inc. - Logitech USB Video Class Driver.) – C:\WINDOWS\System32\drivers\lvuvc64.sys [4758176] =>.Logitech, Inc.®
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - MA-USB Host Controller Driver.) – C:\WINDOWS\System32\drivers\mausbhost.sys [566632] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - MA-USB IP Driver.) – C:\WINDOWS\System32\drivers\mausbip.sys [99664] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:49 A . (.Microsoft Corporation - Windows Mobile Broadband Class Extension.) – C:\WINDOWS\System32\drivers\MbbCx.sys [454656] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:45 A . (.Microsoft Corporation - Medium changer class driver.) – C:\WINDOWS\System32\drivers\mcd.sys [61440] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:03 A . (.Avago Technologies - MEGASAS2i RAID Controller Driver for Window.) – C:\WINDOWS\System32\drivers\MegaSas2i.sys [81752] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:03 A . (.Broadcom Inc - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\megasas35i.sys [101224] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:03 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\WINDOWS\System32\drivers\megasr.sys [576856] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:52 A . (.Microsoft Corporation - Microsoft Bluetooth-AVRCP-Transporttreiber.) – C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [98304] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - Legacy Bluetooth LE Bus Enumerator.) – C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [143360] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:04 A . (.Mellanox - MLX4 Bus Driver.) – C:\WINDOWS\System32\drivers\mlx4_bus.sys [1132392] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:52 A . (.Microsoft Corporation - MMCSS Driver.) – C:\WINDOWS\System32\drivers\mmcss.sys [90112] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:19:42 A . (.Microsoft Corporation - Modemgerätetreiber.) – C:\WINDOWS\System32\drivers\modem.sys [81920] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:55 A . (.Microsoft Corporation - Monitor Driver.) – C:\WINDOWS\System32\drivers\monitor.sys [122880] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - Mausklassentreiber.) – C:\WINDOWS\System32\drivers\mouclass.sys [95592] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - HID-Mausfiltertreiber.) – C:\WINDOWS\System32\drivers\mouhid.sys [69632] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:50 A . (.Microsoft Corporation - Bereitstellungspunkt-Manager.) – C:\WINDOWS\System32\drivers\mountmgr.sys [136688] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:03 A . (.Broadcom Limited - Broadcom MPI 3.0 Driver (StorPort).) – C:\WINDOWS\System32\drivers\mpi3drvi.sys [90472] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:14 A . (.Microsoft Corporation - Microsoft Protection Service Driver.) – C:\WINDOWS\System32\drivers\mpsdrv.sys [110592] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:20:16 A . (.Microsoft Corporation - Windows NT WebDav Minirdr.) – C:\WINDOWS\System32\drivers\mrxdav.sys [196608] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:04 A . (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\WINDOWS\System32\drivers\mrxsmb.sys [660864] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:04 A . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) – C:\WINDOWS\System32\drivers\mrxsmb20.sys [329104] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:52 A . (.Microsoft Corporation - Mailslot driver.) – C:\WINDOWS\System32\drivers\msfs.sys [79216] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:19 A . (.Microsoft Corporation - GPIO Class Extension Driver.) – C:\WINDOWS\System32\drivers\msgpioclx.sys [218480] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:12 A . (.Microsoft Corporation - GPIO Button Driver.) – C:\WINDOWS\System32\drivers\msgpiowin32.sys [95728] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:23 A . (.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) – C:\WINDOWS\System32\drivers\mshidkmdf.sys [49152] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:13 A . (.Microsoft Corporation - Pass-Through-Treiber für die HID-UMDF-Schni.) – C:\WINDOWS\System32\drivers\mshidumdf.sys [49152] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:23 A . (.Microsoft Corporation - Hardware Notification Class Extension Drive.) – C:\WINDOWS\System32\drivers\mshwnclx.sys [61440] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - ISA Driver.) – C:\WINDOWS\System32\drivers\msisadrv.sys [54608] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:57 A . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) – C:\WINDOWS\System32\drivers\msiscsi.sys [333288] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:13 A . (.Microsoft Corporation - MS KS Server.) – C:\WINDOWS\System32\drivers\mskssrv.sys [73728] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:18 A . (.Microsoft Corporation - Treiber für das Microsoft-Verbindungsschich.) – C:\WINDOWS\System32\drivers\mslldp.sys [102400] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:38 A . (.Microsoft Corporation - MS Proxy Clock.) – C:\WINDOWS\System32\drivers\mspclock.sys [49152] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:38 A . (.Microsoft Corporation - MS Proxy Quality Manager.) – C:\WINDOWS\System32\drivers\mspqm.sys [49152] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:53 A . (.Microsoft Corporation - Microsoft® QUIC Library.) – C:\WINDOWS\System32\drivers\msquic.sys [420208] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:52 A . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) – C:\WINDOWS\System32\drivers\msrpc.sys [415200] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - System Management BIOS Driver.) – C:\WINDOWS\System32\drivers\mssmbios.sys [79216] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:38 A . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) – C:\WINDOWS\System32\drivers\mstee.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:03 A . (.Microsoft Corporation - HID-Treiber für Mehrfingereingabe von Micro.) – C:\WINDOWS\System32\drivers\MTConfig.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:04 A . (.Microsoft Corporation - Treiber für mehrere UNC-Anbieter.) – C:\WINDOWS\System32\drivers\mup.sys [169328] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:03 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) – C:\WINDOWS\System32\drivers\mvumis.sys [64872] =>.Microsoft®
O58 - SDL:2022/06/03 00:19:12 A . (. - A-Volute Mirroring VAD driver.) – C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [94784] =>.A-Volute SAS®
O58 - SDL:2022/05/07 06:19:04 A . (.Mellanox - NetworkDirect Support Filter Driver.) – C:\WINDOWS\System32\drivers\ndfltr.sys [147304] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:52 A . (.Microsoft Corporation - NDIS (Network Driver Interface Specificatio.) – C:\WINDOWS\System32\drivers\ndis.sys [1631616] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:14 A . (.Microsoft Corporation - Microsoft NDIS Packet Capture Filter Driver.) – C:\WINDOWS\System32\drivers\ndiscap.sys [86016] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:18 A . (.Microsoft Corporation - Microsoft Network Adapter Multiplexor.) – C:\WINDOWS\System32\drivers\NdisImPlatform.sys [167936] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:21 A . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) – C:\WINDOWS\System32\drivers\ndistapi.sys [65536] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:31 A . (.Microsoft Corporation - E/A-Treiber für NDIS-Benutzermodus.) – C:\WINDOWS\System32\drivers\ndisuio.sys [102400] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:42 A . (.Microsoft Corporation - Enumerator für virtuelle Microsoft-Netzwerk.) – C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [57344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:21 A . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) – C:\WINDOWS\System32\drivers\ndiswan.sys [237568] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:20:14 A . (…) – C:\WINDOWS\System32\drivers\NDKPerf.sys [83288] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:14 A . (.Microsoft Corporation - RDMA Sample Driver.) – C:\WINDOWS\System32\drivers\NDKPing.sys [107872] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:21 A . (.Microsoft Corporation - NDIS Proxy.) – C:\WINDOWS\System32\drivers\ndproxy.sys [122880] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:19:01 A . (.Microsoft Corporation - Windows Network Data Usage Monitoring Drive.) – C:\WINDOWS\System32\drivers\Ndu.sys [188416] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:56 A . (.Microsoft Corporation - Network Adapter Class Extension for WDF.) – C:\WINDOWS\System32\drivers\NetAdapterCx.sys [398720] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:18 A . (.Microsoft Corporation - NetBIOS interface driver.) – C:\WINDOWS\System32\drivers\netbios.sys [95728] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:18 A . (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netbt.sys [327680] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:52 A . (.Microsoft Corporation - Network I/O Subsystem.) – C:\WINDOWS\System32\drivers\netio.sys [664960] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:44 A . (.Microsoft Corporation - Virtueller NDIS-Miniport.) – C:\WINDOWS\System32\drivers\netvsc.sys [329072] =>.Microsoft®
O58 - SDL:2019/03/19 05:43:34 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) – C:\WINDOWS\System32\drivers\Netwtw06.sys [8723968] [Unsigned] =>.Intel Corporation
O58 - SDL:2024/01/23 14:23:48 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) – C:\WINDOWS\System32\drivers\Netwtw08.sys [8896696] {0DA3866568FDA2C70D45B0F37403604B}. =>.Intel Corporation
O58 - SDL:2023/12/04 07:17:52 A . (.Microsoft Corporation - NPFS Driver.) – C:\WINDOWS\System32\drivers\npfs.sys [120176] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:32 A . (.Microsoft Corporation - Named pipe service triggers.) – C:\WINDOWS\System32\drivers\npsvctrig.sys [65536] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:31 A . (.Microsoft Corporation - NSI Proxy.) – C:\WINDOWS\System32\drivers\nsiproxy.sys [77824] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:50 A . (.Microsoft Corporation - NT-Dateisystemtreiber.) – C:\WINDOWS\System32\drivers\ntfs.sys [3335656] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:39 A . (.Microsoft Corporation - NTOS extension host driver.) – C:\WINDOWS\System32\drivers\ntosext.sys [58704] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:30 A . (.Microsoft Corporation - NULL Driver.) – C:\WINDOWS\System32\drivers\null.sys [45056] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:05 A . (.Microsoft Corporation - NVDIMM-Gerätetreiber.) – C:\WINDOWS\System32\drivers\nvdimm.sys [206160] =>.Microsoft®
O58 - SDL:2020/10/07 13:33:50 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) – C:\WINDOWS\System32\drivers\nvhda64v.sys [230720] =>.NVIDIA Corporation®
O58 - SDL:2022/05/07 06:19:03 A . (.Microsoft Corporation - Nvme Disk Driver.) – C:\WINDOWS\System32\drivers\nvmedisk.sys [91496] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\WINDOWS\System32\drivers\nvraid.sys [151392] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\WINDOWS\System32\drivers\nvstor.sys [167256] =>.Microsoft®
O58 - SDL:2019/04/17 08:42:48 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) – C:\WINDOWS\System32\drivers\nvvad64v.sys [69840] =>.NVIDIA Corporation®
O58 - SDL:2019/08/22 19:35:34 A . (.NVIDIA Corporation - Virtual USB Host Controller driver.) – C:\WINDOWS\System32\drivers\nvvhci.sys [75600] =>.NVIDIA Corporation®
O58 - SDL:2023/12/04 07:17:06 A . (.Microsoft Corporation - Systemeigener WiFi-Miniporttreiber.) – C:\WINDOWS\System32\drivers\nwifi.sys [757760] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:20:18 A . (.Microsoft Corporation - Plan 9 redirector.) – C:\WINDOWS\System32\drivers\p9rdr.sys [148816] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:28 A . (.Microsoft Corporation - QoS-Paketplaner.) – C:\WINDOWS\System32\drivers\pacer.sys [185840] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - Treiber für parallelen Anschluss.) – C:\WINDOWS\System32\drivers\parport.sys [135168] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:51 A . (.Microsoft Corporation - Partition driver.) – C:\WINDOWS\System32\drivers\partmgr.sys [218608] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - NT-Plug & Play PCI-Enumerator.) – C:\WINDOWS\System32\drivers\pci.sys [579056] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) – C:\WINDOWS\System32\drivers\pciide.sys [54640] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) – C:\WINDOWS\System32\drivers\pciidex.sys [91520] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:01 A . (.Microsoft Corporation - PCMCIA-Treiber.) – C:\WINDOWS\System32\drivers\pcmcia.sys [157016] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:50 A . (.Microsoft Corporation - Performance Counters for Windows Driver.) – C:\WINDOWS\System32\drivers\pcw.sys [99712] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - Power Dependency Coordinator Driver.) – C:\WINDOWS\System32\drivers\pdc.sys [202112] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:01 A . (.Microsoft Corporation - Protected Environment Authentication and Au.) – C:\WINDOWS\System32\drivers\PEAuth.sys [856064] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:04 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas2i.sys [59752] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas3i.sys [69464] =>.Microsoft®
O58 - SDL:2020/03/18 18:55:02 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) – C:\WINDOWS\System32\drivers\phantomtap.sys [45056] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2023/12/04 07:19:41 A . (.Microsoft Corporation - Paketmonitortreiber.) – C:\WINDOWS\System32\drivers\PktMon.sys [177520] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - Treiber für Datenträger mit persistentem Sp.) – C:\WINDOWS\System32\drivers\pmem.sys [181616] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:02 A . (.Microsoft Corporation - Plug & Play-Speichertreiber.) – C:\WINDOWS\System32\drivers\pnpmem.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:23 A . (.Microsoft Corporation - Port Device Class Configuration Filter Driv.) – C:\WINDOWS\System32\drivers\portcfg.sys [61440] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:54 A . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) – C:\WINDOWS\System32\drivers\portcls.sys [471040] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - Processor Device Driver.) – C:\WINDOWS\System32\drivers\processr.sys [271744] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:23 A . (.Microsoft Corporation - Time Travel Debugging Process Launch Monito.) – C:\WINDOWS\System32\drivers\ProcLaunchMon.sys [79896] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.VMware, Inc. - VMware PVSCSI StorPort driver (64-bit).) – C:\WINDOWS\System32\drivers\pvscsii.sys [45408] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:18 A . (.Microsoft Corporation - Supporttreiber für verbessertes Microsoft W.) – C:\WINDOWS\System32\drivers\qwavedrv.sys [86016] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:02 A . (.Microsoft Corporation - RAM Disk Driver.) – C:\WINDOWS\System32\drivers\ramdisk.sys [75104] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:43 A . (.Microsoft Corporation - RAS Automatic Connection Driver.) – C:\WINDOWS\System32\drivers\rasacd.sys [57344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:21 A . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\rasl2tp.sys [151552] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:22 A . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\raspppoe.sys [122880] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:21 A . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) – C:\WINDOWS\System32\drivers\raspptp.sys [139264] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:21 A . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) – C:\WINDOWS\System32\drivers\rassstp.sys [122880] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:04 A . (.Microsoft Corporation - Subsystemtreiber für Pufferung des umgeleit.) – C:\WINDOWS\System32\drivers\rdbss.sys [497024] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:41 A . (.Microsoft Corporation - Microsoft RDP Bus Device driver.) – C:\WINDOWS\System32\drivers\rdpbus.sys [65536] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:20:14 A . (.Microsoft Corporation - Geräte-Redirector für Microsoft RDP.) – C:\WINDOWS\System32\drivers\rdpdr.sys [196608] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:19:39 A . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) – C:\WINDOWS\System32\drivers\rdpvideominiport.sys [66928] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:44 A . (.Microsoft Corporation - ReadyBoost Driver.) – C:\WINDOWS\System32\drivers\rdyboost.sys [329088] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:00 A . (.Microsoft Corporation - Treiber für NT ReFS FS.) – C:\WINDOWS\System32\drivers\refs.sys [2950616] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:00 A . (.Microsoft Corporation - Treiber für NT ReFS FS.) – C:\WINDOWS\System32\drivers\refsv1.sys [1000832] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - Bluetooth RFCOMM Driver.) – C:\WINDOWS\System32\drivers\rfcomm.sys [249856] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - ResourceHub Proxy Driver.) – C:\WINDOWS\System32\drivers\rhproxy.sys [147456] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:19:36 A . (.Microsoft Corporation - Reliable Multicast Transport.) – C:\WINDOWS\System32\drivers\rmcast.sys [192512] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:43 A . (.Microsoft Corporation - Remote NDIS Miniport.) – C:\WINDOWS\System32\drivers\RNDISMP.sys [69632] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:20:15 A . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) – C:\WINDOWS\System32\drivers\rootmdm.sys [49152] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:19:01 A . (…) – C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304] [Unsigned]
O58 - SDL:2023/12/04 07:18:08 A . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) – C:\WINDOWS\System32\drivers\rspndr.sys [118784] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:53 A . (.Realtek - Realtek PCIe GBE Family Controller Flight.) – C:\WINDOWS\System32\drivers\rteth.sys [86016] [Unsigned] =>.Realtek
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - SBP-2 Protocol Driver.) – C:\WINDOWS\System32\drivers\sbp2port.sys [148848] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:24 A . (.Microsoft Corporation - Filtertreiber für Smartcard-Leser von Micro.) – C:\WINDOWS\System32\drivers\scfilter.sys [77824] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - Treiber für Speicherklassen-Speicherbus.) – C:\WINDOWS\System32\drivers\scmbus.sys [222592] =>.Microsoft®
O58 - SDL:2013/05/19 01:02:52 A . (.Scarlet.Crush Productions - Scp Virtual Bus Driver.) – C:\WINDOWS\System32\drivers\ScpVBus.sys [39168] =>.Bruce James®
O58 - SDL:2022/05/07 06:19:45 A . (.Microsoft Corporation - SCSI Port Driver.) – C:\WINDOWS\System32\drivers\scsiport.sys [226656] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - SecureDigital-Bustreiber.) – C:\WINDOWS\System32\drivers\sdbus.sys [341336] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:02 A . (.Microsoft Corporation - SDF Reflector.) – C:\WINDOWS\System32\drivers\SDFRd.sys [71016] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - SD Host Controller Port Driver.) – C:\WINDOWS\System32\drivers\sdport.sys [140776] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:38 A . (.Microsoft Corporation - SFF-Speicherklassentreiber.) – C:\WINDOWS\System32\drivers\sdstor.sys [132480] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:23 A . (.Microsoft Corporation - Serial Class Extension.) – C:\WINDOWS\System32\drivers\SerCx.sys [120144] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:36 A . (.Microsoft Corporation - Serial Class Extension V2.) – C:\WINDOWS\System32\drivers\SerCx2.sys [202096] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - Serial Port Enumerator.) – C:\WINDOWS\System32\drivers\serenum.sys [65536] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - Serieller Gerätetreiber.) – C:\WINDOWS\System32\drivers\serial.sys [122880] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - Serieller Mausfiltertreiber.) – C:\WINDOWS\System32\drivers\sermouse.sys [65536] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:04 A . (.Microsoft Corporation - SCSI Floppy Driver.) – C:\WINDOWS\System32\drivers\sfloppy.sys [57344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:19:01 A . (.Microsoft Corporation - System Guard Runtime Monitor Agent Driver.) – C:\WINDOWS\System32\drivers\SgrmAgent.sys [124272] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid2.sys [45920] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid4.sys [82784] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Microsemi Corportation - Storport Miniport Driver for SmartRAID/Smar.) – C:\WINDOWS\System32\drivers\SmartSAMD.sys [210784] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:44 A . (.Microsoft Corporation - Smart Card Driver Library.) – C:\WINDOWS\System32\drivers\smclib.sys [65536] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - Storage Spaces Dump Driver.) – C:\WINDOWS\System32\drivers\spacedump.sys [284136] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:02 A . (.Microsoft Corporation - Storage Spaces Parser driver.) – C:\WINDOWS\System32\drivers\spaceparser.sys [81920] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:56 A . (.Microsoft Corporation - Storage Spaces Driver.) – C:\WINDOWS\System32\drivers\spaceport.sys [935392] =>.Microsoft®
O58 - SDL:2022/05/07 11:39:25 A . (.Microsoft Corporation - Holographic Spatial Graph Filter.) – C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [132448] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:36 A . (.Microsoft Corporation - SPB Class Extension.) – C:\WINDOWS\System32\drivers\SpbCx.sys [124392] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:04 A . (.Microsoft Corporation - Smb 2.0-Servertreiber.) – C:\WINDOWS\System32\drivers\srv2.sys [868352] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:04 A . (.Microsoft Corporation - Server Network driver.) – C:\WINDOWS\System32\drivers\srvnet.sys [368640] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:04 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) – C:\WINDOWS\System32\drivers\stexstor.sys [32080] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - MS AHCI Storport Miniport Driver.) – C:\WINDOWS\System32\drivers\storahci.sys [214400] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - Microsoft NVM Express Storport Miniport Dri.) – C:\WINDOWS\System32\drivers\stornvme.sys [251360] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - Microsoft Storage Port Driver.) – C:\WINDOWS\System32\drivers\storport.sys [1164656] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:36 A . (.Microsoft Corporation - QoS-Filter für Speicher.) – C:\WINDOWS\System32\drivers\storqosflt.sys [120176] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - MS UFS Storport Miniport Driver.) – C:\WINDOWS\System32\drivers\storufs.sys [112088] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:44 A . (.Microsoft Corporation - Storage VSC Driver.) – C:\WINDOWS\System32\drivers\storvsc.sys [87424] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:45 A . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) – C:\WINDOWS\System32\drivers\stream.sys [118784] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2016/04/21 10:10:04 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) – C:\WINDOWS\System32\drivers\tap0901.sys [27136] [Unsigned] =>.The OpenVPN Project
O58 - SDL:2022/05/07 06:19:45 A . (.Microsoft Corporation - SCSI Tape Class Driver.) – C:\WINDOWS\System32\drivers\tape.sys [69632] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:04 A . (.Microsoft Corporation - Export driver for kernel mode TPM API.) – C:\WINDOWS\System32\drivers\tbs.sys [75120] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:56 A . (.Microsoft Corporation - TCP/IP-Treiber.) – C:\WINDOWS\System32\drivers\tcpip.sys [3311064] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:56 A . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) – C:\WINDOWS\System32\drivers\tcpipreg.sys [81920] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:31 A . (.Microsoft Corporation - TDI Wrapper.) – C:\WINDOWS\System32\drivers\tdi.sys [79184] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:01 A . (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [157056] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:12 A . (.Microsoft Corporation - Terminal Server Input Driver.) – C:\WINDOWS\System32\drivers\terminpt.sys [75104] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:04 A . (.Microsoft Corporation - Kernel Transaction Manager Driver.) – C:\WINDOWS\System32\drivers\tm.sys [177536] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:38 A . (.Microsoft Corporation - TPM-Gerätetreiber.) – C:\WINDOWS\System32\drivers\tpm.sys [366064] =>.Microsoft®
O58 - SDL:2024/03/07 12:20:45 A . (…) – C:\WINDOWS\System32\drivers\truesight.sys [54208] {169D2C94309C0380414BCFDD93A6B27D}.
O58 - SDL:2022/05/07 06:19:02 A . (.Microsoft Corporation - USB-Hub-Filtertreiber für Remotedesktop.) – C:\WINDOWS\System32\drivers\TsUsbFlt.sys [98304] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:03 A . (.Microsoft Corporation - Remote Desktop Generic USB Driver.) – C:\WINDOWS\System32\drivers\TsUsbGD.sys [69632] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:18 A . (.Microsoft Corporation - Microsoft-Tunnelschnittstellentreiber.) – C:\WINDOWS\System32\drivers\tunnel.sys [167936] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - Microsoft Uasp Driver.) – C:\WINDOWS\System32\drivers\uaspstor.sys [116096] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:36 A . (.Microsoft Corporation - USB Connector Manager KMDF Class Extension.) – C:\WINDOWS\System32\drivers\UcmCx.sys [212992] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:36 A . (.Microsoft Corporation - UCM-TCPCI KMDF Class Extension.) – C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [217088] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - UCM-UCSI ACPI Client Driver.) – C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [86016] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:36 A . (.Microsoft Corporation - UCM-UCSI KMDF Class Extension.) – C:\WINDOWS\System32\drivers\UcmUcsiCx.sys [200704] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:53 A . (.Microsoft Corporation - User Choice Protection Driver.) – C:\WINDOWS\System32\drivers\UCPD.sys [33792] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - USB Controller Extension.) – C:\WINDOWS\System32\drivers\Ucx01000.sys [296416] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:05 A . (.Microsoft Corporation - “udecx.DRIVER”.) – C:\WINDOWS\System32\drivers\Udecx.sys [90112] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:19:42 A . (.Microsoft Corporation - UDF File System Driver.) – C:\WINDOWS\System32\drivers\udfs.sys [393216] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:36 A . (.Microsoft Corporation - USB Function Driver Class Extension.) – C:\WINDOWS\System32\drivers\ufx01000.sys [361952] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - UFX Synopsys Client Driver.) – C:\WINDOWS\System32\drivers\ufxsynopsys.sys [198128] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - Generic pass-through driver.) – C:\WINDOWS\System32\drivers\umpass.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:36 A . (.Microsoft Corporation - USB Role-Switch Class Extension.) – C:\WINDOWS\System32\drivers\urscx01000.sys [112000] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:43 A . (.Microsoft Corporation - Remote NDIS USB Driver.) – C:\WINDOWS\System32\drivers\usb8023.sys [57344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:54 A . (.Microsoft Corporation - USB Audio Class Driver.) – C:\WINDOWS\System32\drivers\USBAUDIO.sys [282624] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:01 A . (.Microsoft Corporation - Microsoft USB Audio Class 2.0 Driver.) – C:\WINDOWS\System32\drivers\usbaudio2.sys [397312] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:29 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) – C:\WINDOWS\System32\drivers\USBCAMD2.sys [81920] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:37 A . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) – C:\WINDOWS\System32\drivers\usbccgp.sys [226672] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:01 A . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) – C:\WINDOWS\System32\drivers\usbcir.sys [143360] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:38 A . (.Microsoft Corporation - Universal Serial Bus Driver.) – C:\WINDOWS\System32\drivers\usbd.sys [71024] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:38 A . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) – C:\WINDOWS\System32\drivers\usbehci.sys [120176] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:38 A . (.Microsoft Corporation - Standardhubtreiber für USB.) – C:\WINDOWS\System32\drivers\usbhub.sys [558576] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:38 A . (.Microsoft Corporation - USB3-Hubtreiber.) – C:\WINDOWS\System32\drivers\USBHUB3.SYS [726504] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:38 A . (.Microsoft Corporation - OHCI USB Miniport Driver.) – C:\WINDOWS\System32\drivers\usbohci.sys [65536] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:23 A . (.Microsoft Corporation - USB Policy Manager Kernel-Mode Library.) – C:\WINDOWS\System32\drivers\UsbPmApi.sys [94208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:38 A . (.Microsoft Corporation - USB 1.1 & 2.0-Porttreiber.) – C:\WINDOWS\System32\drivers\usbport.sys [505320] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:55 A . (.Microsoft Corporation - USB Printer driver.) – C:\WINDOWS\System32\drivers\usbprint.sys [110592] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:55 A . (.Microsoft Corporation - USB Scanner Driver.) – C:\WINDOWS\System32\drivers\usbscan.sys [81920] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - USB Serial Driver.) – C:\WINDOWS\System32\drivers\usbser.sys [131072] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - USB-Massenspeichergerät-Klassentreiber.) – C:\WINDOWS\System32\drivers\USBSTOR.SYS [173392] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:38 A . (.Microsoft Corporation - UHCI USB Miniport Driver.) – C:\WINDOWS\System32\drivers\usbuhci.sys [73728] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:55 A . (.Microsoft Corporation - USB Video Class Driver.) – C:\WINDOWS\System32\drivers\usbvideo.sys [382320] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:38 A . (.Microsoft Corporation - USB-XHCI-Treiber.) – C:\WINDOWS\System32\drivers\USBXHCI.SYS [677232] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:05 A . (.Microsoft Corporation - Virtual Drive Root Enumerator.) – C:\WINDOWS\System32\drivers\vdrvroot.sys [124248] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:52 A . (.Microsoft Corporation - Treiberüberprüfungserweiterung.) – C:\WINDOWS\System32\drivers\VerifierExt.sys [247280] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - VHD Miniport Driver.) – C:\WINDOWS\System32\drivers\vhdmp.sys [1021312] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:58 A . (.Microsoft Corporation - Virtual HID Framework (VHF) Driver.) – C:\WINDOWS\System32\drivers\vhf.sys [90112] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:19:00 A . (.Microsoft Corporation - Microsoft Hyper-V Virtualization Infrastruc.) – C:\WINDOWS\System32\drivers\Vid.sys [828896] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:35 A . (.Microsoft Corporation - Video Port Driver.) – C:\WINDOWS\System32\drivers\videoprt.sys [90112] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2020/12/14 14:52:24 A . (.Nefarius Software Solutions e.U. - Virtual Gamepad Emulation Framework Bus Dri.) – C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:43 A . (.Microsoft Corporation - Hyper-V VMBus KMCL.) – C:\WINDOWS\System32\drivers\vmbkmcl.sys [169328] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:44 A . (.Microsoft Corporation - Microsoft Hyper-V Virtual Machine Bus - unt.) – C:\WINDOWS\System32\drivers\vmbus.sys [206304] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:16 A . (.Microsoft Corporation - Microsoft VMBus HID Miniport.) – C:\WINDOWS\System32\drivers\VMBusHID.sys [71000] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:16 A . (.Microsoft Corporation - Virtual Machine Generation Counter.) – C:\WINDOWS\System32\drivers\vmgencounter.sys [58720] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:16 A . (.Microsoft Corporation - Virtual Machine Guest Infrastructure Driver.) – C:\WINDOWS\System32\drivers\vmgid.sys [58720] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:16 A . (.Microsoft Corporation - Microsoft S3 Emulated Device Cap Driver.) – C:\WINDOWS\System32\drivers\vms3cap.sys [54616] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:16 A . (.Microsoft Corporation - Filtertreiber für virtuellen Speicher.) – C:\WINDOWS\System32\drivers\vmstorfl.sys [87376] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:57 A . (.Microsoft Corporation - Volume Manager Driver.) – C:\WINDOWS\System32\drivers\volmgr.sys [124384] =>.Microsoft®
O58 - SDL:2022/05/07 06:20:03 A . (.Microsoft Corporation - Treiber für Erweiterung des Volume-Managers.) – C:\WINDOWS\System32\drivers\volmgrx.sys [419168] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:14 A . (.Microsoft Corporation - Volumeschattenkopie-Treiber.) – C:\WINDOWS\System32\drivers\volsnap.sys [468352] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:03 A . (.Microsoft Corporation - Volume driver.) – C:\WINDOWS\System32\drivers\volume.sys [54640] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:44 A . (.Microsoft Corporation - Virtual PCI Bus.) – C:\WINDOWS\System32\drivers\vpci.sys [120176] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\WINDOWS\System32\drivers\vsmraid.sys [167784] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) – C:\WINDOWS\System32\drivers\VSTXRAID.SYS [306512] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:11 A . (.Microsoft Corporation - Virtual Wireless Bus Driver.) – C:\WINDOWS\System32\drivers\vwifibus.sys [65536] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:11 A . (.Microsoft Corporation - Virtual WiFi Filter Driver.) – C:\WINDOWS\System32\drivers\vwififlt.sys [110592] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:11 A . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) – C:\WINDOWS\System32\drivers\vwifimp.sys [86016] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:03 A . (.Microsoft Corporation - Wacom HID-Treiber für seriellen Tablettstif.) – C:\WINDOWS\System32\drivers\wacompen.sys [65536] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:21 A . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) – C:\WINDOWS\System32\drivers\wanarp.sys [126976] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:18 A . (.Microsoft Corporation - Watchdog Driver.) – C:\WINDOWS\System32\drivers\watchdog.sys [139264] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:35 A . (.Microsoft Corporation - Windows Container Isolation FS Filter Drive.) – C:\WINDOWS\System32\drivers\wcifs.sys [251352] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:08 A . (.Microsoft Corporation - Microsoft antimalware boot driver.) – C:\WINDOWS\System32\drivers\WdBoot.sys [48536] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:08 A . (.Microsoft Corporation - Microsoft antimalware device filter driver.) – C:\WINDOWS\System32\drivers\WdDevFlt.sys [169232] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:51 A . (.Microsoft Corporation - Kernelmodustreiber-Frameworklaufzeit.) – C:\WINDOWS\System32\drivers\Wdf01000.sys [820704] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:08 A . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) – C:\WINDOWS\System32\drivers\WdFilter.sys [438544] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:51 A . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) – C:\WINDOWS\System32\drivers\WdfLdr.sys [103912] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:06 A . (.Microsoft Corporation - WDI Driver Framework Driver.) – C:\WINDOWS\System32\drivers\WdiWiFi.sys [1073152] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:26 A . (.Microsoft Corporation - WDM Companion Filter.) – C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [62800] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:08 A . (.Microsoft Corporation - Windows Defender Network Stream Filter.) – C:\WINDOWS\System32\drivers\WdNisDrv.sys [90384] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:56 A . (.Microsoft Corporation - Windows Error Reporting Kernel Driver.) – C:\WINDOWS\System32\drivers\werkernel.sys [99696] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:29 A . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) – C:\WINDOWS\System32\drivers\wfplwfs.sys [210392] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:06 A . (.Microsoft Corporation - Windows Wifi Class Extension.) – C:\WINDOWS\System32\drivers\WifiCx.sys [835584] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:18:01 A . (.Microsoft Corporation - Wim file system Driver.) – C:\WINDOWS\System32\drivers\wimmount.sys [71136] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:36 A . (.Microsoft Corporation - Windows Trusted Runtime Interface Driver.) – C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [108064] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:25 A . (.Microsoft Corporation - Windows Trusted Runtime Service Proxy Drive.) – C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [54784] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:43 A . (.Microsoft Corporation - Windows Hypervisor Interface Driver.) – C:\WINDOWS\System32\drivers\winhv.sys [75120] =>.Microsoft®
O58 - SDL:2023/12/04 07:19:02 A . (.Microsoft Corporation - Windows Hypervisor Root Interface Driver.) – C:\WINDOWS\System32\drivers\winhvr.sys [144864] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:04 A . (.Mellanox - Kernel WinMad.) – C:\WINDOWS\System32\drivers\winmad.sys [37224] =>.Microsoft®
O58 - SDL:2023/12/04 07:16:51 A . (.Microsoft Corporation - Windows-NAT-Treiber.) – C:\WINDOWS\System32\drivers\winnat.sys [303056] =>.Microsoft®
O58 - SDL:2019/10/07 03:55:51 A . (.Microsoft Corporation - Windows QUIC Driver.) – C:\WINDOWS\System32\drivers\winquic.sys [205112] =>.Microsoft Windows®
O58 - SDL:2024/03/06 13:51:38 A . (.Microsoft Corporation - SetupPlatform NEO Mini-Filter.) – C:\WINDOWS\System32\drivers\WinSetupBoot.sys [111960] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:38 A . (.Microsoft Corporation - Windows WinUSB Class Driver.) – C:\WINDOWS\System32\drivers\winusb.sys [139264] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:04 A . (.Mellanox - Kernel WinVerbs.) – C:\WINDOWS\System32\drivers\winverbs.sys [74096] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:05 A . (.Microsoft Corporation - Windows Management Interface for ACPI.) – C:\WINDOWS\System32\drivers\wmiacpi.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:30 A . (.Microsoft Corporation - WMILIB WMI support library Dll.) – C:\WINDOWS\System32\drivers\wmilib.sys [58704] =>.Microsoft®
O58 - SDL:2023/12/04 07:18:01 A . (.Microsoft Corporation - Windows-Überlappungsfilter.) – C:\WINDOWS\System32\drivers\wof.sys [284128] =>.Microsoft®
O58 - SDL:2022/05/07 11:39:27 A . (.Microsoft Corporation - Windows Portable Device Upper Class Filter.) – C:\WINDOWS\System32\drivers\WpdUpFltr.sys [71000] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:30 A . (.Microsoft Corporation - WPP Trace Recorder.) – C:\WINDOWS\System32\drivers\WppRecorder.sys [87384] =>.Microsoft®
O58 - SDL:2022/05/07 06:19:29 A . (.Microsoft Corporation - Winsock2-IFS-Schicht.) – C:\WINDOWS\System32\drivers\ws2ifsl.sys [57344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:02 A . (.Microsoft Corporation - Web Services Print Device Driver.) – C:\WINDOWS\System32\drivers\WSDPrint.sys [57344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:55 A . (.Microsoft Corporation - Web Service Based Scan Device Driver.) – C:\WINDOWS\System32\drivers\WSDScan.sys [61440] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:19:02 A . (.Microsoft Corporation - WTD Driver.) – C:\WINDOWS\System32\drivers\wtd.sys [128496] =>.Microsoft®
O58 - SDL:2023/12/04 07:17:52 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) – C:\WINDOWS\System32\drivers\WUDFPf.sys [167936] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:52 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) – C:\WINDOWS\System32\drivers\WUDFRd.sys [352256] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:52 A . (.Microsoft Corporation - Game Input Protocol Driver.) – C:\WINDOWS\System32\drivers\xboxgip.sys [401408] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:16:52 A . (.Microsoft Corporation - XINPUT filter driver for HID.) – C:\WINDOWS\System32\drivers\xinputhid.sys [86016] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:34 A . (.Microsoft Corporation - Multi-User Win32 Driver.) – C:\WINDOWS\System32\win32k.sys [692224] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:31 A . (.Microsoft Corporation - Basis-Win32k-Kerneltreiber.) – C:\WINDOWS\System32\win32kbase.sys [3198976] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:34 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) – C:\WINDOWS\System32\win32kfull.sys [3817472] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/05/07 06:19:23 A . (.Microsoft Corporation - Win32k non session driver.) – C:\WINDOWS\System32\win32kns.sys [69632] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2023/12/04 07:17:34 A . (.Microsoft Corporation - Win32k temporary session global driver.) – C:\WINDOWS\System32\win32ksgd.sys [49152] [Unsigned] =>.Microsoft Corporation

—\ Verbände Shell Laichen (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe [Unsigned] =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Startprogramm für Ereignisanzeige-Snap-In.) – C:\Windows\System32\eventvwr.exe [Unsigned] =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft®
O67 - Shell Spawning: <.js> [HKLM..\open\Command] (…) – C:\Windows\System32\WScript.exe “%1” %* =>.Default.Value
O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registrierungs-Editor.) – C:\Windows\regedit.exe [Unsigned] =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S =>.Default.Value

—\ Startmenü Internet (12) - 0s
O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft®
O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft®
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) – C:\WINDOWS\System32\ie4ushowIE.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE-Hilfsprogramm für Pro-Benutzerinitalisie.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) – C:\WINDOWS\System32\ie4ushowIE.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Microsoft Edge.) – C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe =>.Microsoft Corporation

—\ Suche 'Ansteckung in Internet-Browsern (1) - 0s
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com

—\ Liste den Dienststart von Svchost (49) - 1s
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Serverdienst-DLL.) – C:\WINDOWS\System32\srvsvc.dll [344064] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Gruppenrichtlinienclient.) – C:\Windows\System32\gpsvc.dll [1376256] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE-Erweiterung.) – C:\Windows\System32\IKEEXT.DLL [1531904] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Dienst, der IPv6-Konnektivität über ein IPv.) – C:\Windows\System32\iphlpsvc.dll [843776] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL für sekundären Anmeldedienst.) – C:\Windows\System32\seclogon.dll [53248] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI-Ermittlungsdienst.) – C:\Windows\System32\iscsiexe.dll [180224] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost-Dienst.) – C:\Windows\System32\eapsvc.dll [122880] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Aufgabenplanungsdienst.) – C:\Windows\System32\schedsvc.dll [811008] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\System32\wbem\WMIsvc.dll [245760] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remotedesktop-Konfigurationsdienst.) – C:\Windows\System32\SessEnv.dll [598016] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problemberichte.) – C:\Windows\System32\wercplsupport.dll [102400] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft®-Kontodienst.) – C:\Windows\System32\wlidsvc.dll [2064384] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - Benutzer-Manager.) – C:\Windows\System32\usermgr.dll [1662976] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Dienst für natürliche Authentifizierung.) – C:\Windows\System32\NaturalAuth.dll [434176] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows-Shelldesigndienste-DLL.) – C:\Windows\System32\themeservice.dll [114688] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) – C:\Windows\System32\XblAuthManager.dll [1044480] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows-Verwaltungsdienst-DLL.) – C:\Windows\System32\Windows.Internal.Management.dll [1191936] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) – C:\Windows\System32\XblGameSave.dll [1040384] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Tokenbroker.) – C:\Windows\System32\TokenBroker.dll [1826816] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation-Dienst.) – C:\Windows\System32\lfsvc.dll [86016] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) – C:\Windows\System32\Windows.SharedPC.AccountManager.dll [241664] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - RAS-Verwaltung für automatisches Wählen.) – C:\Windows\System32\rasauto.dll [135168] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - RAS-Verbindungsverwaltung.) – C:\Windows\System32\rasmans.dll [1097728] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamischer Schnittstellen-Manager.) – C:\Windows\System32\mprdim.dll [512000] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Benachrichtigungsdienst für Systemereigniss.) – C:\Windows\System32\Sens.dll [98304] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT-Hilfskomponenten.) – C:\Windows\System32\ipnathlp.dll [720504] =>.Microsoft®
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft(R) Windows(R) Telefonieserver.) – C:\Windows\System32\tapisrv.dll [339968] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\Windows\System32\wuaueng.dll [130528] =>.Microsoft®
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\Windows\System32\qmgr.dll [1388544] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows-Shelldienste-DLL.) – C:\Windows\System32\shsvcs.dll [270336] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) – C:\Windows\System32\dmwappushsvc.dll [143360] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight-Einstellungen.) – C:\Windows\System32\flightsettings.dll [1067480] =>.Microsoft®
O83 - Search Svchost Services: WManSvc (WManSvc) . (.Microsoft Corporation - Windows-Verwaltungsdienst-DLL.) – C:\Windows\System32\Windows.Management.Service.dll [1253376] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows-Pushbenachrichtigungssystemdienst.) – C:\Windows\System32\WpnService.dll [266240] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) – C:\Windows\System32\XboxNetApiSvc.dll [1392640] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Updatesitzung für Orchestrator Service.) – C:\Windows\System32\usosvc.dll [102400] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Netzwerkeinrichtungsdienst.) – C:\Windows\System32\NetSetupSvc.dll [315392] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) – C:\Windows\System32\InstallService.dll [2908160] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: LxpSvc (LxpSvc) . (.Microsoft Corporation - Stellt Infrastrukturunterstützung für die B.) – C:\Windows\System32\LanguageOverlayServer.dll [618496] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: TroubleshootingSvc (TroubleshootingSvc) . (.Microsoft Corporation - MitigationClient.) – C:\Windows\System32\MitigationClient.dll [536576] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Geräteinstallations-Manager.) – C:\Windows\System32\DeviceSetupManager.dll [315392] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: DcSvc (DcSvc) . (.Microsoft Corporation - dcsvc.) – C:\Windows\System32\dcsvc.dll [913408] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft-Netzwerkkonnektivitäts-Assistent.) – C:\Windows\System32\NcaSvc.dll [188416] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Anwendungsinformationsdienst.) – C:\Windows\System32\appinfo.dll [315392] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) – C:\Windows\System32\XboxGipSvc.dll [131072] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) – C:\Windows\System32\PushToInstall.dll [425984] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard-Zertifikatpropagierungs.) – C:\Windows\System32\certprop.dll [241664] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard-Zertifikatpropagierungs.) – C:\Windows\System32\certprop.dll [241664] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE-Dienst.) – C:\Windows\System32\bdesvc.dll [643072] [Unsigned] =>.Microsoft Corporation

—\ Liste der Ausnahmen in der Firewall (FirewallRules) (124) - 13s
O87 - FAEL: “{DD249D51-4DF7-4AB2-8CCD-88656633007A}” [In-None-P17-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) – C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
O87 - FAEL: “{8A573C64-1511-4BD4-A4AF-AB0BE1DAD849}” [In-None-P6-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) – C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
O87 - FAEL: “{153B85D9-E5D8-452A-9746-4901430233F3}” [In-None-P17-TRUE] .(…) – D:\Programme\Steam\steamapps\common\Big Ambitions\Big Ambitions.exe [Unsigned] =>.Steam SteamApps Games
O87 - FAEL: “{78E8F0F5-AC79-4418-B0D1-BFB5E7A1221B}” [In-None-P6-TRUE] .(…) – D:\Programme\Steam\steamapps\common\Big Ambitions\Big Ambitions.exe [Unsigned] =>.Steam SteamApps Games
O87 - FAEL: “{3DE411ED-C84C-4DFD-BF00-CDAA974F85F4}” [In-None-P17-TRUE] .(.Google LLC - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC®
O87 - FAEL: “{5AFEC480-363F-4323-AD7C-DCBDFE540457}” [In-None-P17-TRUE] .(.GIANTS Software GmbH - GIANTS Engine 9.0.0.) – D:\Programme\Steam\steamapps\common\Farming Simulator 22\x64\FarmingSimulator2022Game.exe =>.GIANTS Software GmbH®
O87 - FAEL: “{C4E667EE-64CF-4F90-8CDD-2183265666FE}” [In-None-P6-TRUE] .(.GIANTS Software GmbH - GIANTS Engine 9.0.0.) – D:\Programme\Steam\steamapps\common\Farming Simulator 22\x64\FarmingSimulator2022Game.exe =>.GIANTS Software GmbH®
O87 - FAEL: “{4037986D-C99D-4775-8AFC-BF55CE36CAC9}” [In-None-P17-TRUE] .(.Overwolf LTD - OverwolfBrowser.) – D:\Programme\Overwolf\0.242.0.12\OverwolfBrowser.exe {0DACC0F743C79D8A6464DC967AF3B039}. =>.Overwolf LTD
O87 - FAEL: “{0DC44328-1923-4AF2-867A-25D5C7ECE9F7}” [In-None-P6-TRUE] .(.Overwolf LTD - OverwolfBrowser.) – D:\Programme\Overwolf\0.242.0.12\OverwolfBrowser.exe {0DACC0F743C79D8A6464DC967AF3B039}. =>.Overwolf LTD
O87 - FAEL: “{B47387AD-2143-488F-B24F-E00E7DE32978}” [In-None-P6-FALSE] .(…) – D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “{AE99B29D-2626-46F7-9F22-501881F2E445}” [In-None-P17-FALSE] .(…) – D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “{53BE1FB6-6D7C-4016-9BE9-ACA17B30CAD8}” [In-None-P17-TRUE] .(…) – D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “{A7F73065-A310-4FA7-B8E8-AC28FEC462BB}” [In-None-P6-TRUE] .(…) – D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “{0E857EA6-A4E5-4ED8-9C54-64D13821B44E}” [Out-None-P17-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{C172A26F-78BB-48C2-BD26-EA96E4822135}” [Out-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{DFD79D3E-4338-4EEA-999C-528A5CAC8483}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{48E1678E-D52E-43C2-8FE4-5DC3EE9E5432}” [In-None-P17-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{35BF3957-EA38-4892-A47D-A78804388403}” [In-None-P17-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{DA8157EF-5A48-45D9-9F37-342773C8472F}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{8E5064E6-A832-42FF-B94D-F2C1C77EB730}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{689D3F45-EE85-48AF-8302-A98FEB500ABC}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{19D9484A-641B-45B8-B664-A9C371F01661}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{D852E223-3EF6-4721-BF19-6272F579654F}” [In-None-P6-TRUE] .(.Spotify Ltd - Spotify.) – C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe =>.Spotify AB®
O87 - FAEL: “{CE7704F2-FF6A-484C-A27E-40464706FE3A}” [In-None-P17-TRUE] .(…) – D:\Programme\Steam\steamapps\common\Supermarket Simulator\Supermarket Simulator.exe [Unsigned] =>.Steam SteamApps Games
O87 - FAEL: “{08C12255-4807-4EA2-B22B-5987EF309E67}” [In-None-P6-TRUE] .(…) – D:\Programme\Steam\steamapps\common\Supermarket Simulator\Supermarket Simulator.exe [Unsigned] =>.Steam SteamApps Games
O87 - FAEL: “{87149421-DD07-4E19-9819-17347BB6C14A}” [Out-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
O87 - FAEL: “{79068DF1-AF19-45E5-8157-7A928B4CB6D4}” [In-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
O87 - FAEL: “{ADFA4932-EA8F-4E46-AAAE-E58B935BE380}” [Out-None-P6-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
O87 - FAEL: “{5FD1FC2C-9153-4A41-A69D-61626F835630}” [In-None-P6-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
O87 - FAEL: “UDP Query User{82C35AEA-279C-4D8D-BE9A-1141D3EB63BD}C:\program files\logisim-evolution\logisim-evolution.exe” [In-None-P17-TRUE] .(…) – C:\program files\logisim-evolution\logisim-evolution.exe [Unsigned]
O87 - FAEL: “TCP Query User{B658F0F2-0674-4EAF-97A3-24F9862C0969}C:\program files\logisim-evolution\logisim-evolution.exe” [In-None-P6-TRUE] .(…) – C:\program files\logisim-evolution\logisim-evolution.exe [Unsigned]
O87 - FAEL: “UDP Query User{E6831222-A353-4556-8C88-C187BBE6FB54}C:\program files\altium\ad23\x2.exe” [In-None-P17-TRUE] .(.Altium LLC - Altium Designer.) – C:\program files\altium\ad23\x2.exe {09FEED19E3C973A65B3DEBAC2C6DCA59}.
O87 - FAEL: “TCP Query User{58C3F345-F0B7-4F88-B4FB-7D5FB56FF212}C:\program files\altium\ad23\x2.exe” [In-None-P6-TRUE] .(.Altium LLC - Altium Designer.) – C:\program files\altium\ad23\x2.exe {09FEED19E3C973A65B3DEBAC2C6DCA59}.
O87 - FAEL: “UDP Query User{4A6434BA-95EE-4311-802B-664A774B682E}C:\program files\orcaslicer\orca-slicer.exe” [In-None-P17-TRUE] .(.SoftFever - OrcaSlicer.) – C:\program files\orcaslicer\orca-slicer.exe [Unsigned]
O87 - FAEL: “TCP Query User{68E6CF3C-38A7-4EB9-96CC-F84EFFE857A4}C:\program files\orcaslicer\orca-slicer.exe” [In-None-P6-TRUE] .(.SoftFever - OrcaSlicer.) – C:\program files\orcaslicer\orca-slicer.exe [Unsigned]
O87 - FAEL: “{AF9965FD-F81F-44F1-AF57-9CC445DD513F}” [In-None-P6-TRUE] .(…) – C:\program files\ultimaker cura 5.3.1\ultimaker-cura.exe [Unsigned]
O87 - FAEL: “{F2FEF788-42EB-4946-BE43-66B4627CB7E6}” [In-None-P17-TRUE] .(…) – C:\program files\ultimaker cura 5.3.1\ultimaker-cura.exe [Unsigned]
O87 - FAEL: “UDP Query User{E0515BBA-3DB8-46D5-B642-49EA0C99180B}C:\program files\ultimaker cura 5.3.1\ultimaker-cura.exe” [In-None-P17-TRUE] .(…) – C:\program files\ultimaker cura 5.3.1\ultimaker-cura.exe [Unsigned]
O87 - FAEL: “TCP Query User{5286CD36-1CA4-4B8A-BFA6-9CCB2E7B2A50}C:\program files\ultimaker cura 5.3.1\ultimaker-cura.exe” [In-None-P6-TRUE] .(…) – C:\program files\ultimaker cura 5.3.1\ultimaker-cura.exe [Unsigned]
O87 - FAEL: “{5C710ECE-9777-4488-9D5E-CB7990EE78AA}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - CODESYS" Control" Service.) – C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlService.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{67625BC9-F345-4610-8730-700695486F99}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - CODESYS" Control" Service.) – C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlService.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{464A1A85-0515-435B-9086-C2EF53D93886}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - CODESYS" Control" Service.) – C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlService.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{B8951E4A-334B-4072-8C39-BED285225477}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - CODESYS" Control" Service.) – C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlService.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{D80E72AE-7250-42D7-846D-0FA9AA12ACE8}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - GATEWAYDDE.EXE.) – C:\Windows\SysWOW64\GatewayDDE.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{B852E5C9-F6BA-4C97-9785-569D1E33A681}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - GATEWAYDDE.EXE.) – C:\Windows\SysWOW64\GatewayDDE.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{3E8FC8EC-4359-4FAB-9653-F65D906A650A}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - GATEWAYDDE.EXE.) – C:\Windows\SysWOW64\GatewayDDE.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{EC09C64B-FC0B-4DB8-8905-631E7C445096}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - GATEWAYDDE.EXE.) – C:\Windows\SysWOW64\GatewayDDE.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{C0A7C768-654B-46F7-AA9E-6D111B46F844}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - GATEWAY.EXE.) – C:\Windows\SysWOW64\Gateway.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{DD5D6F82-F8CD-45DF-8BCD-4B52EE5C701F}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - GATEWAY.EXE.) – C:\Windows\SysWOW64\Gateway.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{6B8FB6D7-1CFB-412D-9CF5-23706446F401}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - GATEWAY.EXE.) – C:\Windows\SysWOW64\Gateway.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{CEE39792-4A68-4970-8615-FEBA29CF7019}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - GATEWAY.EXE.) – C:\Windows\SysWOW64\Gateway.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{FFE70F5B-1EAA-4C55-954C-E763DCD1E0B1}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - GatewayService.) – C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{91238EAC-87E7-4297-9329-E302BE237483}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - GatewayService.) – C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{F2BD632C-2FA0-4AAC-9024-26D7A1A99CEC}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - GatewayService.) – C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{AA40FF9F-72BC-42D8-A8C0-D330563CE228}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - GatewayService.) – C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{D6ED8DD3-E2F1-4B55-95B0-16309EE0B082}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - IPMCLI.) – C:\Program Files (x86)\3S CODESYS\CODESYS\Common\IPMCLI.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{2937A2BD-18E2-46CB-A6F2-83A475A1BF2D}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - IPMCLI.) – C:\Program Files (x86)\3S CODESYS\CODESYS\Common\IPMCLI.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{99C74BD9-106E-4CD6-A6C5-0E39F9097B6D}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - IPMCLI.) – C:\Program Files (x86)\3S CODESYS\CODESYS\Common\IPMCLI.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{CBB56258-647F-4608-8384-296265CCADBB}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - IPMCLI.) – C:\Program Files (x86)\3S CODESYS\CODESYS\Common\IPMCLI.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{8B99EB7C-E07A-4126-B1D6-52FF044E7862}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - RepTool.) – C:\Program Files (x86)\3S CODESYS\CODESYS\Common\RepTool.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{9BAB2765-B9DE-4A99-8182-1B1981DC23B1}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - RepTool.) – C:\Program Files (x86)\3S CODESYS\CODESYS\Common\RepTool.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{E3B1E9C9-200D-465E-AD9C-622FDA031CF3}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - RepTool.) – C:\Program Files (x86)\3S CODESYS\CODESYS\Common\RepTool.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{15ECB879-60C4-42F4-94BE-66A38BB6CC48}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - RepTool.) – C:\Program Files (x86)\3S CODESYS\CODESYS\Common\RepTool.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{395F3D88-3380-4201-873C-014EC07E72EE}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - CODESYS Development System.) – C:\Program Files (x86)\3S CODESYS\CODESYS\Common\CODESYS.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{475F8A65-BC13-4BB3-A1EA-1FF2C99EC3C5}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - CODESYS Development System.) – C:\Program Files (x86)\3S CODESYS\CODESYS\Common\CODESYS.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{015A8D3D-F40C-4BB5-A5A7-74AA118AAD76}” [In-None-P17-TRUE] .(.3S-Smart Software Solutions GmbH - CODESYS Development System.) – C:\Program Files (x86)\3S CODESYS\CODESYS\Common\CODESYS.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{5B29FA0B-29F5-416D-ABB2-290897BC05FA}” [In-None-P6-TRUE] .(.3S-Smart Software Solutions GmbH - CODESYS Development System.) – C:\Program Files (x86)\3S CODESYS\CODESYS\Common\CODESYS.exe =>.3S-Smart Software Solutions GmbH®
O87 - FAEL: “{08D56A1D-3837-4F57-90CF-849116B7E206}” [In-None-P17-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) – C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
O87 - FAEL: “{3D58B04D-AFD0-4482-A115-7571E50C4558}” [In-None-P6-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) – C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
O87 - FAEL: “{F0B59BBA-FB70-48B0-8CF3-9153EF7B7BC3}” [In-None-P6-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) – C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
O87 - FAEL: “UDP Query User{4CCC7730-F912-4056-BBA6-F50BE4F9EE6A}D:\programme\arduino\java\bin\javaw.exe” [In-None-P17-TRUE] .(.Oracle Corporation - Java™ Platform SE binary.) – D:\programme\arduino\java\bin\javaw.exe =>.Oracle America, Inc.®
O87 - FAEL: “TCP Query User{17BBF18F-A806-495E-93D3-6C38E8158BD2}D:\programme\arduino\java\bin\javaw.exe” [In-None-P6-TRUE] .(.Oracle Corporation - Java™ Platform SE binary.) – D:\programme\arduino\java\bin\javaw.exe =>.Oracle America, Inc.®
O87 - FAEL: “UDP Query User{EC39A673-930D-49EC-9135-9B866A1A0033}D:\programme\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe” [In-None-P17-TRUE] .(.Oracle Corporation - Java™ Platform SE binary.) – D:\programme\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe =>.Oracle America, Inc.®
O87 - FAEL: “TCP Query User{306288FF-4DE5-4EB1-8866-D00FE9C273A8}D:\programme\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe” [In-None-P6-TRUE] .(.Oracle Corporation - Java™ Platform SE binary.) – D:\programme\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe =>.Oracle America, Inc.®
O87 - FAEL: “{8F25C6C8-5F22-43F1-AD9A-25875FCB0E98}” [In-None-P17-TRUE] .(.Relic Entertainment - Age of Empires IV.) – D:\Programme\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe {0E692DD41D8C6868CF0994B5D4AEC94E}. =>.Relic Entertainment
O87 - FAEL: “{FF239137-D032-45F6-B263-143C815C103C}” [In-None-P6-TRUE] .(.Relic Entertainment - Age of Empires IV.) – D:\Programme\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe {0E692DD41D8C6868CF0994B5D4AEC94E}. =>.Relic Entertainment
O87 - FAEL: “{80574D36-E00A-4A9A-8191-87D405ED45C3}” [In-None-P17-TRUE] .(.Zoom Video Communications, Inc. - AirHost.) – C:\Users\eiko-\AppData\Roaming\Zoom\bin\airhost.exe {02BF28A0908D8CE88BEEEDBB50F1E685}. =>.Zoom Video Communications, Inc.
O87 - FAEL: “{7D17E545-BF8E-4FA8-A01A-08972AEF9CBB}” [In-None-P6-TRUE] .(.Zoom Video Communications, Inc. - AirHost.) – C:\Users\eiko-\AppData\Roaming\Zoom\bin\airhost.exe {02BF28A0908D8CE88BEEEDBB50F1E685}. =>.Zoom Video Communications, Inc.
O87 - FAEL: “{3268EFBE-4C81-49C9-AD48-EDC3335758F9}” [In-None-P17-TRUE] .(.Zoom Video Communications, Inc. - Zoom Meetings.) – C:\Users\eiko-\AppData\Roaming\Zoom\bin\Zoom.exe {02BF28A0908D8CE88BEEEDBB50F1E685}. =>.Zoom Video Communications, Inc.
O87 - FAEL: “{2AB7E746-53EB-4DAD-9654-236D5600CAD2}” [In-None-P17-TRUE] .(.Logitech, Inc. - LogiOptionsMgr.exe (UNICODE).) – C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE =>.Logitech Inc®
O87 - FAEL: “{C7F1E4E8-58A9-43F1-AA76-79CECBD2D03F}” [In-None-P17-TRUE] .(…) – D:\Programme\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe {63D16C0E824E01938C30390EBFDB4B32}. =>.Steam Games
O87 - FAEL: “{CE0A55A3-B0F5-40D0-A062-62FBE8739C3C}” [In-None-P6-TRUE] .(…) – D:\Programme\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe {63D16C0E824E01938C30390EBFDB4B32}. =>.Steam Games
O87 - FAEL: “{E46CE610-C8BD-47B6-8BD8-6F88F29BF20A}” [In-None-P17-TRUE] .(…) – D:\Programme\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe {63D16C0E824E01938C30390EBFDB4B32}. =>.Steam Games
O87 - FAEL: “{2E361E33-CE02-4280-9B42-54AA9EA954D8}” [In-None-P6-TRUE] .(…) – D:\Programme\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe {63D16C0E824E01938C30390EBFDB4B32}. =>.Steam Games
O87 - FAEL: “{F362C656-6E2B-41BC-BFBB-8CE01081C3C5}” [In-None-P6-TRUE] .(.Nadeo - TrackmaniaUplay.) – D:\Programme\Ubisoft Game Launcher\games\Trackmania\trackmania.exe =>.NADEO SASU®
O87 - FAEL: “{495F5E7C-5384-436C-B273-A178C723B2DD}” [In-None-P17-TRUE] .(.Nadeo - TrackmaniaUplay.) – D:\Programme\Ubisoft Game Launcher\games\Trackmania\trackmania.exe =>.NADEO SASU®
O87 - FAEL: “UDP Query User{2AA2A08E-9AD4-4EB0-B55E-469CDF39360F}D:\programme\arduino\java\bin\javaw.exe” [In-None-P17-TRUE] .(.Oracle Corporation - Java™ Platform SE binary.) – D:\programme\arduino\java\bin\javaw.exe =>.Oracle America, Inc.®
O87 - FAEL: “TCP Query User{CCA06AF5-66CF-4F13-AB71-F9C39825990B}D:\programme\arduino\java\bin\javaw.exe” [In-None-P6-TRUE] .(.Oracle Corporation - Java™ Platform SE binary.) – D:\programme\arduino\java\bin\javaw.exe =>.Oracle America, Inc.®
O87 - FAEL: “UDP Query User{936F2D13-DF5E-458B-A955-851D5B4FB563}D:\programme\minecraft\runtime\jre-x64\bin\javaw.exe” [In-None-P17-TRUE] .(.Oracle Corporation - Java™ Platform SE binary.) – D:\programme\minecraft\runtime\jre-x64\bin\javaw.exe =>.Oracle America, Inc.®
O87 - FAEL: “TCP Query User{D4BA32A3-FDF4-4C07-BC62-83B179C6506E}D:\programme\minecraft\runtime\jre-x64\bin\javaw.exe” [In-None-P6-TRUE] .(.Oracle Corporation - Java™ Platform SE binary.) – D:\programme\minecraft\runtime\jre-x64\bin\javaw.exe =>.Oracle America, Inc.®
O87 - FAEL: “{454E7A75-1C3C-4DFD-8207-0E864B2F1ABA}” [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{F871D8FB-3F4D-421D-AAE3-9F6B20048843}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{C66A0230-400B-493A-8C1B-F00C17D1BEF2}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{6E369597-3084-4050-B043-600D6ABA1FB8}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{5976B0C1-5ACC-4485-BDA9-EEA8754EEE6F}” [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) – C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{C41D44F6-ED97-461A-AA06-94A5A39A07A1}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) – C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{C6BB91F1-1D99-4F69-A490-B20D99D436CF}” [In-None-P6-TRUE] .(.Valve Corporation - Steam.) – D:\Programme\Steam\Steam.exe =>.Valve Corp.®
O87 - FAEL: “{9A7F8F80-CAB5-4216-8F4E-483D2684F91B}” [In-None-P17-TRUE] .(.Valve Corporation - Steam.) – D:\Programme\Steam\Steam.exe =>.Valve Corp.®
O87 - FAEL: “{7387F38A-6876-49EC-B2B0-9E71D96ECC72}” [In-None-P6-TRUE] .(.Futuremark - 3DMarkLauncher.) – D:\Programme\Steam\steamapps\common\3DMark\3DMarkLauncher.exe =>.FUTUREMARK INC®
O87 - FAEL: “{DBA546C7-062E-4537-BBAC-803DDD3D6A7E}” [In-None-P17-TRUE] .(.Futuremark - 3DMarkLauncher.) – D:\Programme\Steam\steamapps\common\3DMark\3DMarkLauncher.exe =>.FUTUREMARK INC®
O87 - FAEL: “{E9B135D1-5AEC-4E80-9760-758BC2ED25E5}” [In-None-P6-TRUE] .(.Valve Corporation - Steam Client WebHelper.) – D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe =>.Valve Corp.®
O87 - FAEL: “{DFC0EB80-5C53-4CFD-B783-86F6FE6C8D24}” [In-None-P17-TRUE] .(.Valve Corporation - Steam Client WebHelper.) – D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe =>.Valve Corp.®
O87 - FAEL: “{217F66B7-11A6-4DFD-80CC-B6D79F5CEC18}” [In-None-P6-TRUE] .(…) – D:\Programme\Steam\steamapps\common\Age of Mythology\Launcher.exe [Unsigned] =>.Steam Games
O87 - FAEL: “{EBF76231-D441-433F-8DAD-7CDFC8468D3E}” [In-None-P17-TRUE] .(…) – D:\Programme\Steam\steamapps\common\Age of Mythology\Launcher.exe [Unsigned] =>.Steam Games
O87 - FAEL: “{6B4D91F0-7455-4AC3-884B-98C1803A6167}” [In-None-P6-TRUE] .(.Microsoft Corp - Age of Mythology: Extended Edition.) – D:\Programme\Steam\steamapps\common\Age of Mythology\AoMX.exe [Unsigned] =>.Microsoft Corp
O87 - FAEL: “{91039128-6EF6-4727-9C42-C448B4C5D10F}” [In-None-P17-TRUE] .(.Microsoft Corp - Age of Mythology: Extended Edition.) – D:\Programme\Steam\steamapps\common\Age of Mythology\AoMX.exe [Unsigned] =>.Microsoft Corp
O87 - FAEL: “{055487D4-80A4-4764-B807-1424EE5FD5F4}” [In-None-P17-TRUE] .(.Ubisoft - Anno 1800.) – D:\Programme\Ubisoft Game Launcher\games\Anno 1800\Bin\Win64\Anno1800.exe {0A0BAA567D6E3CD3EBBA3E8B7D7D87F1}. =>.Ubisoft
O87 - FAEL: “{38F4B99D-25BE-4655-9C28-43100D3F530D}” [In-None-P17-TRUE] .(.Zoom Video Communications, Inc. - Zoom Meetings.) – C:\Users\eiko-\AppData\Roaming\Zoom\bin\Zoom.exe {02BF28A0908D8CE88BEEEDBB50F1E685}. =>.Zoom Video Communications, Inc.
O87 - FAEL: “TCP Query User{FCBF3D6D-D1A2-497A-AC73-647AAF1DA470}D:\programme\install\runtime\jre-x64\bin\javaw.exe” [In-None-P6-TRUE] .(.Oracle Corporation - Java™ Platform SE binary.) – D:\programme\install\runtime\jre-x64\bin\javaw.exe =>.Oracle America, Inc.®
O87 - FAEL: “UDP Query User{65184F1F-8F38-4CE4-AA73-22C8F93537CB}D:\programme\install\runtime\jre-x64\bin\javaw.exe” [In-None-P17-TRUE] .(.Oracle Corporation - Java™ Platform SE binary.) – D:\programme\install\runtime\jre-x64\bin\javaw.exe =>.Oracle America, Inc.®
O87 - FAEL: “TCP Query User{BE6CA684-F767-440E-B229-7C99913C3337}D:\programme\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe” [In-None-P6-TRUE] .(.Microsoft - OpenJDK Platform binary.) – D:\programme\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe [Unsigned] =>.Microsoft
O87 - FAEL: “UDP Query User{043ECEF8-8109-40B8-84AD-19CFAE5B6E76}D:\programme\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe” [In-None-P17-TRUE] .(.Microsoft - OpenJDK Platform binary.) – D:\programme\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe [Unsigned] =>.Microsoft
O87 - FAEL: “{F4CFF23C-172A-431D-B83E-990FD7F8C7F4}” [In-None-P6-TRUE] .(…) – D:\Programme\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe {63D16C0E824E01938C30390EBFDB4B32}. =>.Steam Games
O87 - FAEL: “{6B3EADBD-3708-4F4B-9EF5-06BA20CE694F}” [In-None-P17-TRUE] .(…) – D:\Programme\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe {63D16C0E824E01938C30390EBFDB4B32}. =>.Steam Games
O87 - FAEL: “{E1B86E19-0D33-4630-8FF7-277C68AABBFC}” [In-None-P6-TRUE] .(…) – D:\Programme\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe {63D16C0E824E01938C30390EBFDB4B32}. =>.Steam Games
O87 - FAEL: “{2B27175F-CF4D-4A4F-AD7D-65A0B35F8935}” [In-None-P17-TRUE] .(…) – D:\Programme\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe {63D16C0E824E01938C30390EBFDB4B32}. =>.Steam Games
O87 - FAEL: “TCP Query User{8D7F5CE9-0C93-4AA4-A37F-7964AA9BAD77}D:\programme\freefilesync\bin\freefilesync_x64.exe” [In-None-P6-TRUE] .(.FreeFileSync.org - FreeFileSync - Folder Comparison and Synchr.) – D:\programme\freefilesync\bin\freefilesync_x64.exe =>.Florian BAUER®
O87 - FAEL: “UDP Query User{8330EB73-AB1C-41CA-9755-39A390E36176}D:\programme\freefilesync\bin\freefilesync_x64.exe” [In-None-P17-TRUE] .(.FreeFileSync.org - FreeFileSync - Folder Comparison and Synchr.) – D:\programme\freefilesync\bin\freefilesync_x64.exe =>.Florian BAUER®
O87 - FAEL: “TCP Query User{5BDA5EB0-9575-4832-80AC-C853FD95A948}D:\programme\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe” [In-None-P6-TRUE] .(.Microsoft - OpenJDK Platform binary.) – D:\programme\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe [Unsigned] =>.Microsoft
O87 - FAEL: “UDP Query User{0F4A798B-5889-4F92-9609-5A18A87BE9D1}D:\programme\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe” [In-None-P17-TRUE] .(.Microsoft - OpenJDK Platform binary.) – D:\programme\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe [Unsigned] =>.Microsoft
O87 - FAEL: “TCP Query User{92CF064D-57DB-46A0-9AFF-4D88B7A620E5}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe” [In-None-P6-TRUE] .(.Azul Systems Inc. - Zulu Platform x64 Architecture.) – C:\program files\crucial\crucial storage executive\java\bin\javaw.exe =>.Azul Systems, Inc.®
O87 - FAEL: “UDP Query User{AD788EA4-4AC7-4DEB-AD15-60BB29596564}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe” [In-None-P17-TRUE] .(.Azul Systems Inc. - Zulu Platform x64 Architecture.) – C:\program files\crucial\crucial storage executive\java\bin\javaw.exe =>.Azul Systems, Inc.®
O87 - FAEL: “{81AACDE4-9800-490D-B67E-F513665C9918}” [In-None-P17-TRUE] .(.Azul Systems Inc. - Zulu Platform x64 Architecture.) – C:\program files\crucial\crucial storage executive\java\bin\javaw.exe =>.Azul Systems, Inc.®
O87 - FAEL: “{DC38C056-7BC6-402C-8C7E-0D09D1A7B84F}” [In-None-P6-TRUE] .(.Azul Systems Inc. - Zulu Platform x64 Architecture.) – C:\program files\crucial\crucial storage executive\java\bin\javaw.exe =>.Azul Systems, Inc.®

—\ Liste die Codes auf Produkte von Software (65) - 1s
O90 - PUC: “00006109C80000000100000000F01FEC” [HKLM] . (.Office 16 Click-to-Run Extensibility Component.) =>.Microsoft Corporation
O90 - PUC: “00006109C80070400100000000F01FEC” [HKLM] . (.Office 16 Click-to-Run Localization Component.) =>.Microsoft Corporation
O90 - PUC: “00006109E70000000100000000F01FEC” [HKLM] . (.Office 16 Click-to-Run Licensing Component.) =>.Microsoft Corporation
O90 - PUC: “00AFC51711222A74DA8878CE179B65E4” [HKLM] . (.VHDPlus IDE (64bit).) – C:\WINDOWS\Installer{715CFA00-2211-47A2-AD88-87EC71B9564E}\VHDP_IDE.ico
O90 - PUC: “06093EA0902F50D4BA7C458B9FFC3AE2” [HKLM] . (.Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938.) =>.Microsoft Corporation
O90 - PUC: “06F19D3949C797A468F3AE17D3E23B3F” [HKLM] . (.Nefarius Virtual Gamepad Emulation Bus Driver.) – C:\WINDOWS\Installer{93D91F60-7C94-4A79-863F-EA713D2EB3F3}\ViGEm.ico
O90 - PUC: “1926E8D15D0BCE53481466615F760A7F” [HKLM] . (.Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: “1af2a8da7e60d0b429d7e6453b3d0182” [HKLM] . (.Microsoft Visual C++ 2005 Redistributable (x64).) =>.bl.org
O90 - PUC: “1D5E3C0FEDA1E123187686FED06E995A” [HKLM] . (.Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: “218A10D01A28F1845864E8829E678FFD” [HKLM] . (.Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334.) =>.Microsoft Corporation
O90 - PUC: “21EE4A31AE32173319EEFE3BD6FDFFE3” [HKLM] . (.Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: “22BEFC8F7E2A1793E9ADB411DEFE1C58” [HKLM] . (.Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: “2AA37B1924B4F184E9DC30BAC90661FD” [HKLM] . (.CODESYS V3.5 SP10 Patch 4.) – C:\WINDOWS\Installer{91B73AA2-4B42-481F-9ECD-03AB9C6016DF}\ARPPRODUCTICON.exe
O90 - PUC: “2F0193F692ADC09418F13D96B131A416” [HKLM] . (.PowerToys (Preview).) – C:\WINDOWS\Installer{6F3910F2-DA29-490C-811F-D3691B134A61}\powertoys.exe
O90 - PUC: “345FE377F075647459A3C31BD9CF3B2E” [HKLM] . (.Microsoft .NET Host FX Resolver - 5.0.4 (x64).) =>.Microsoft Corporation
O90 - PUC: “3A2420C766B81D53F90E314B62CA6B90” [HKLM] . (.Microsoft Visual Studio 2010 Tools for Office Runtime (x64).) =>.Microsoft Corporation
O90 - PUC: “3EA73AD7EA8D1B94B9CD32ACA09BFF22” [HKLM] . (.Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938.) =>.Microsoft Corporation
O90 - PUC: “3FA6B2F1062C666895053EEFBD8C156D” [HKLM] . (.Microsoft GameInput.) =>.Microsoft Corporation
O90 - PUC: “3FC6593B5C6F7654CA83F14D34B213C9” [HKLM] . (.Windows-PC-Integritätsprüfung.) – C:\WINDOWS\Installer{B3956CF3-F6C5-4567-AC38-1FD4432B319C}\ArpIcon.ico
O90 - PUC: “40B7BAFB5388FC6378BD1D3E3A9104E6” [HKLM] . (.logisim-evolution.) – C:\WINDOWS\Installer{BFAB7B04-8835-36CF-87DB-D1E3A319406E}\JpARPPRODUCTICON
O90 - PUC: “469A3A563CD350100010121162216372” [HKLM] . (.Dokan Library 1.5.1.1000 (x64).) – C:\WINDOWS\Installer{65A3A964-3DC3-0105-0001-211126123627}\DokanIcon
O90 - PUC: “499C5C9F9B6F57D43B7EDA108B04379E” [HKLM] . (.Epic Games Launcher Prerequisites (x64).) – C:\WINDOWS\Installer{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}\UnrealEngineLauncher.ico =>.Legitimate
O90 - PUC: “4EA42017E9304AC4784BF2468140100F” [HKLM] . (.Java 8 Update 401 (64-bit).) – C:\Program Files\Java\jre-1.8\bin\javaws.exe =>.Sun Microsystems
O90 - PUC: “5469C9783FDA796419B5007BE6AB26F9” [HKLM] . (.Microsoft .NET Runtime - 5.0.4 (x64).) =>.Microsoft Corporation
O90 - PUC: “55CB3313DB0978B4282A66073BACBF18” [HKLM] . (.Microsoft Windows Desktop Runtime - 7.0.8 (x64).) =>.Microsoft Corporation
O90 - PUC: “62461378E33A9E1449B269E829A8A974” [HKLM] . (.ENE RGB HAL.)
O90 - PUC: “62DBF9290209B993A9A757D1160F9B24” [HKLM] . (.Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: “683109DD492A1FF46A38E0FFC56602A9” [HKLM] . (.Microsoft .NET Host - 5.0.4 (x64).) =>.Microsoft Corporation
O90 - PUC: “68AB67CA330133017706CB5110E47A00” [HKLM] . (.Adobe Acrobat (64-bit).) – C:\WINDOWS\Installer{AC76BA86-1033-1033-7760-BC15014EA700}_SC_Acrobat.ico =>.Adobe Inc.
O90 - PUC: “68AB67CA408033019195102844060176” [HKLM] . (.Adobe Refresh Manager.) – C:\WINDOWS\Installer{AC76BA86-0804-1033-1959-018244601067}\ARPPRODUCTICON.exe =>.Western Digital Technologies
O90 - PUC: “6D38C40A0CF290F419668E075E9A1E86” [HKLM] . (.Microsoft Windows Desktop Runtime - 5.0.4 (x64).) =>.Microsoft Corporation
O90 - PUC: “6E815EB96CCE9A53884E7857C57002F0” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161.) =>.bl.org
O90 - PUC: “6E8D947A316B3EB3F8F540C548BE2AB9” [HKLM] . (.Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: “76137D03C7DBA374FAF2BB1C49AF244D” [HKLM] . (.CORSAIR iCUE Software.) – C:\Windows\Installer{30D73167-BD7C-473A-AF2F-BBC194FA42D4}\ProgramIcon
O90 - PUC: “7C9F8B73BF303523781852719CD9C700” [HKLM] . (.Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: “7FA6BFB9C14625B428AC345F4ADF82E8” [HKLM] . (.Microsoft .NET Host - 5.0.4 (x86).) =>.Microsoft Corporation
O90 - PUC: “80505DBD57F5B61499D54C42330A9044” [HKLM] . (.AMD Ryzen Master SDK.) – C:\Windows\Installer{DBD50508-5F75-416B-995D-C42433A00944}\ARPPRODUCTICON.exe =>.Advanced Micro Devices Inc
O90 - PUC: “87C3084F13302EE4193033BF60372E3D” [HKLM] . (.Qalculate!.) – C:\WINDOWS\Installer{F4803C78-0331-4EE2-9103-33FB0673E2D3}_853F67D554F05449430E7E.exe
O90 - PUC: “8CF94C41B9E392F458626226B9C53FB0” [HKLM] . (.Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334.) =>.Microsoft Corporation
O90 - PUC: “9141F0180677E20478274B50F4AAB227” [HKLM] . (.Minecraft Launcher.) – C:\Windows\Installer{810F1419-7760-402E-8772-B4054FAA2B72}\minecraft.ico =>.Microsoft Corporation
O90 - PUC: “91D23D97841AE8E4CA13F29CC0BDFB8A” [HKLM] . (.Microsoft .NET Host FX Resolver - 5.0.4 (x86).) =>.Microsoft Corporation
O90 - PUC: “9C871DC194BB95E4D96AC351E2A28944” [HKLM] . (.ENE_EHD_M2_HAL.)
O90 - PUC: “9DBA3849277CB784DA8F9043C78F2F2D” [HKLM] . (.Epic Games Launcher.) – C:\WINDOWS\Installer{9483ABD9-C772-487B-ADF8-09347CF8F2D2}\Installer.ico =>.Epic Games
O90 - PUC: “AB77C54BE4B0BBF4999B7947CEEB02AA” [HKLM] . (.Microsoft .NET Runtime - 7.0.8 (x64).) =>.Microsoft Corporation
O90 - PUC: “B8D4B1F0C54556C4AB92F365C4F29651” [HKLM] . (.Microsoft Windows Desktop Runtime - 5.0.4 (x86).) =>.Microsoft Corporation
O90 - PUC: “BA659A75CCB46C54B90459E7E4215586” [HKLM] . (.Epic Online Services.) – C:\WINDOWS\Installer{57A956AB-4BCC-45C6-9B40-957E4E125568}\Installer.ico
O90 - PUC: “C025571B2A687A53689168CD7369889B” [HKLM] . (.Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: “c1c4f01781cc94c4c8fb1542c0981a2a” [HKLM] . (.Microsoft Visual C++ 2005 Redistributable.) =>.bl.org
O90 - PUC: “C3AEB2FCAE628F23AAB933F1E743AB79” [HKLM] . (.Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: “C7D0E4719C2F2A9438BF590AEFF60A32” [HKLM] . (.Microsoft .NET Host FX Resolver - 7.0.8 (x64).) =>.Microsoft Corporation
O90 - PUC: “D20352A90C039D93DBF6126ECE614057” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17.) =>.bl.org
O90 - PUC: “DBCBE7262C17EDF4B9AEA37F0FF3EB01” [HKLM] . (.CodeMeter Runtime Kit v6.30d.) – C:\WINDOWS\Installer{627EBCBD-71C2-4FDE-9BEA-3AF7F03FBE10}\CodeMeter.ico =>.Legitimate
O90 - PUC: “DC8A59DBF9D1DA5389A1E3975220E6BB” [HKLM] . (.Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: “DD634B9F84D8E034AB988FD5AF54C255” [HKLM] . (.SAP Crystal Reports runtime engine for .NET Framework (64-bit).) – C:\WINDOWS\Installer{F9B436DD-8D48-430E-BA89-F85DFA452C55}\CR.ico =>.Microsoft Corporation
O90 - PUC: “DFF2150D4916E2D469E7528BA23322FF” [HKLM] . (.ENE IO Driver.)
O90 - PUC: “E116DF6CEFE7C8840A0E79C490FE4637” [HKLM] . (.Microsoft Update Health Tools.) =>.Microsoft Corporation
O90 - PUC: “E893325DEE0D19F4EA182A27226A12AD” [HKLM] . (.Microsoft .NET Runtime - 5.0.4 (x86).) =>.Microsoft Corporation
O90 - PUC: “F59E5A95AEBAFB843BCA9B7AA8711E44” [HKLM] . (.Virtual-C IDE.) – C:\WINDOWS\Installer{59A5E95F-ABEA-48BF-B3AC-B9A78A17E144}\winicon.exe
O90 - PUC: “F60730A4A66673047777F5728467D401” [HKLM] . (.Java Auto Updater.) =>.Sun Microsystems
O90 - PUC: “F60C38537E14F203AA6189F03A487889” [HKLM] . (.Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU.) =>.Microsoft Corporation
O90 - PUC: “F6A69572F05769945A2C9A0825E21D4C” [HKLM] . (.Nextcloud.) – C:\WINDOWS\Installer{27596A6F-750F-4996-A5C2-A980522ED1C4}\Nextcloud.ico
O90 - PUC: “F70ECF9157A2CA44E95AE892EFF2D8EB” [HKLM] . (.Microsoft .NET Host - 7.0.8 (x64).) =>.Microsoft Corporation
O90 - PUC: “FB8A4E26B3F50E94E9EC13040C94AF43” [HKLM] . (.Fritzing.) – C:\WINDOWS\Installer{62E4A8BF-5F3B-49E0-9ECE-3140C049FA34}\Fritzing.exe
O90 - PUC: “3A37BA7A01BC5AA4D983A6FEBFEDC419” [HKCU] . (.Microsoft Teams Meeting Add-in for Microsoft Office.) =>.Microsoft Corporation
O90 - PUC: “3A37BA7A01BC5AA4D983A6FEBFEDC419” [HKU] . (.Microsoft Teams Meeting Add-in for Microsoft Office.) =>.Microsoft Corporation

—\ Suche Pakete WindowsInstaller (53) - 176s
[MD5.2A08127CB509B3A8AEB4F5A495AEEE02] [WIS][2021/10/05 13:57:31] (.Adobe - Installers.) – C:\WINDOWS\Installer\1060257.msi [11624448] =>.Adobe
[MD5.7A2CF04AC0C504A8EA5AED805DDE484D] [WIS][2023/12/10 17:50:11] (.Epic Games, Inc. - Epic Games Launcher.) – C:\WINDOWS\Installer\106c923.msi [185073664] =>.Epic Games, Inc.
[MD5.1B44609A0998BAE367A4700EA7F5D6B2] [WIS][2023/10/24 21:21:28] (.Epic Games, Inc. - Epic Online Services.) – C:\WINDOWS\Installer\106c929.msi [134049792] =>.Epic Games, Inc.
[MD5.4D5C9A709F332236559D3BCB27BB81B1] [WIS][2020/06/18 11:28:42] (.Epic Games, Inc. - Epic Games Launcher Prerequisites (x64).) – C:\WINDOWS\Installer\106c92f.msi [11530240] =>.Epic Games, Inc.
[MD5.1E37B7C1B726C065C959C7A7C7BBD897] [WIS][2015/01/18 21:32:30] (.Open Design Alliance.) – C:\WINDOWS\Installer\11443a7.msi [22331392] =>.Open Design Alliance
[MD5.EDAA211E1B46774859A8BF289387105E] [WIS][2020/01/07 22:03:13] (.Advanced Micro Devices, Inc. - AMD Ryzen Master SDK.) – C:\WINDOWS\Installer\124a3.msi [3097088] =>.Advanced Micro Devices, Inc.
[MD5.21E759D35E8EB60586A62B1AA3EF014A] [WIS][2019/06/19 09:37:40] (.ENE TECHNOLOGY INC. - ENE IO Driver.) – C:\WINDOWS\Installer\124a8.msi [106496] =>.ENE TECHNOLOGY INC.
[MD5.56AB0BDC54E83B7955F6AA213CEC76AB] [WIS][2019/06/19 10:36:44] (.Ene Tech. - ENE RGB HAL.) – C:\WINDOWS\Installer\124ad.msi [548864] =>.Ene Tech.
[MD5.D6E48AB1946E65BF0E29EF2983B5E6F8] [WIS][2019/06/28 10:55:50] (.ENE TECHNOLOGY INC. - Ene EHD M2 Driver RGB LED ctrl.) – C:\WINDOWS\Installer\124b2.msi [675840] =>.ENE TECHNOLOGY INC.
[MD5.4B80C230492AEDAB6757F904167B4E17] [WIS][2024/01/16 21:56:20] (.Oracle Corporation - Java SE Runtime Environment 8 Update 401.) – C:\WINDOWS\Installer\19a660f.msi [63909888] =>.Oracle Corporation
[MD5.F68B337AB20AF8A00436ECDDA4371749] [WIS][2024/01/16 21:56:20] (.Oracle Corporation - Java Auto Updater.) – C:\WINDOWS\Installer\19a661c.msi [1069056] =>.Oracle Corporation
[MD5.A222F924588C8CABB9D59FBC4F3EA80E] [WIS][2020/01/07 21:30:28] (.Corsair - * CORSAIR iCUE Software 3.24.52.) – C:\WINDOWS\Installer\1dbd6f.msi [384921600] =>.Corsair
[MD5.911898A7329AA9EF58593E37971F4ABA] [WIS][2020/01/08 16:24:08] (.Mojang - Minecraft Launcher.) – C:\WINDOWS\Installer\240784.msi [2306048] =>.Mojang
[MD5.788C3D14E09C33E4198A2BABE4F8BD09] [WIS][2023/05/22 11:56:43] (.WIBU-SYSTEMS AG - CodeMeter Runtime Installer.) – C:\WINDOWS\Installer\24a6c5.msi [42369024] =>.WIBU-SYSTEMS AG
[MD5.98264255F6E857A6B1844609E786D34B] [WIS][2023/05/22 11:57:23] (.3S-Smart Software Solutions GmbH - CODESYS V3.) – C:\WINDOWS\Installer\24a6d5.msi [851608064] =>.3S-Smart Software Solutions GmbH
[MD5.910C2771CC11E19EFECC8B79437DF6F0] [WIS][2021/11/26 13:12:14] (.Dokany Project - Dokan Library 1.5.1.1000 (x64).) – C:\WINDOWS\Installer\2ace32b.msi [12484608] =>.Dokany Project
[MD5.F043C85601DC46E2039E206864BA9ACA] [WIS][2021/12/06 09:46:08] (.VirtualC - Virtual-C IDE.) – C:\WINDOWS\Installer\2e3ef.msi [15595520]
[MD5.DC545097AD8302748A8D97980F0BE1B8] [WIS][2023/05/17 18:06:54] (.Inkscape - Inkscape.) – C:\WINDOWS\Installer\36314c.msi [147637330] =>.Inkscape
[MD5.D8D2CFF2EAE7F1D956E3F8A2EDAF891D] [WIS][2021/04/06 15:27:41] (.Nefarius Software Solutions e.U. - Nefarius Virtual Gamepad Emulation Bus Driv.) – C:\WINDOWS\Installer\44f9d.msi [876544] =>.Nefarius Software Solutions e.U.
[MD5.8B1DE3E93A78F7CFCED34535E191F9D0] [WIS][2023/10/25 08:37:55] (.Hanna Knutsson.) – C:\WINDOWS\Installer\48fd5f.msi [61353984]
[MD5.486EB7FFBC7A4AC85648E17BF107F80D] [WIS][2019/05/17 14:14:48] (.SAP - SAP Crystal Reports runtime engine for .NET.) – C:\WINDOWS\Installer\6dab7f.msi [86295552] =>.SAP
[MD5.6E2BE10E7CE332137CFDF2498BE2DE71] [WIS][2022/05/02 16:58:52] (.Nextcloud GmbH - Nextcloud 3.4.1stable-Win64 (build 20211221.) – C:\WINDOWS\Installer\88e655.msi [100536320] =>.Nextcloud GmbH
[MD5.013C9EBE19B55B90C9E4736356067CE4] [WIS][2024/02/15 21:13:14] (.Adobe Systems Incorporated - Adobe ARM Installer.) – C:\WINDOWS\Installer\8c23c.msi [1054208] =>.Adobe Systems Incorporated
[MD5.DCD81A25F10107C2E1378813BD8414AF] [WIS][2023/04/21 18:33:51] (.Fritzing GmbH - Fritzing.) – C:\WINDOWS\Installer\a2c4d6.msi [71035904] =>.Fritzing GmbH
[MD5.4A24ABDAB924483C3C774711CCD6E365] [WIS][2024/01/10 12:16:04] (.logisim-evolution developers - Digital logic design tool and simulator.) – C:\WINDOWS\Installer\e620aa.msi [73977888]
[MD5.4F594980DE1E0362150A5492C6E0B68F] [WIS][2023/06/02 07:20:49] (.VHDPlus - FPGA Programming made easy.) – C:\WINDOWS\Installer\eb0c0.msi [80613376]
[MD5.81F7633F359C7BC2AA9FB2C5527D7613] [WIS][2021/12/24 22:41:36] (.Adobe Inc..) – C:\WINDOWS\Installer\1049575.msp [183558144] =>.Adobe Inc.
[MD5.1124B65C79FF863154BC3B1B416DFF9E] [WIS][2021/10/05 13:57:55] (.Adobe Inc..) – C:\WINDOWS\Installer\1060258.msp [223842304] =>.Adobe Inc.
[MD5.6049D0E498510FD3904A79308F00AE46] [WIS][2022/09/29 09:06:19] (.Adobe Inc..) – C:\WINDOWS\Installer\16d3748.msp [199811072] =>.Adobe Inc.
[MD5.CEE31BEFD23037527A2BA4237C2FBC1C] [WIS][2022/10/16 21:35:27] (.Adobe Inc..) – C:\WINDOWS\Installer\366641.msp [130744320] =>.Adobe Inc.
[MD5.9D655F34CE959E02D9DB7A5983B98956] [WIS][2022/12/24 08:46:24] (.Adobe Inc..) – C:\WINDOWS\Installer\432db.msp [256380928] =>.Adobe Inc.
[MD5.1FB9BABDB465CABF6320667DFCEA5080] [WIS][2023/04/04 23:07:19] (.Adobe Inc..) – C:\WINDOWS\Installer\46d47.msp [323149824] =>.Adobe Inc.
[MD5.0175539DFC1B00BC87D609AA6897FDFF] [WIS][2023/02/14 04:06:21] (.Adobe Inc..) – C:\WINDOWS\Installer\4d42be.msp [66363392] =>.Adobe Inc.
[MD5.4E6720890196EBAE963EAE9E81792F7F] [WIS][2023/08/01 09:51:05] (.Adobe Inc..) – C:\WINDOWS\Installer\4f802.msp [79806464] =>.Adobe Inc.
[MD5.1D14D261AA0BDC4F039BFE2ABD9B453E] [WIS][2022/08/03 01:38:41] (.Adobe Inc..) – C:\WINDOWS\Installer\579f7.msp [64937984] =>.Adobe Inc.
[MD5.372536BF13E51B494DCA602533FF613F] [WIS][2022/09/08 03:24:49] (.Adobe Inc..) – C:\WINDOWS\Installer\7afdf.msp [65650688] =>.Adobe Inc.
[MD5.D996A85372465FAAF4212202C0CAC805] [WIS][2022/07/05 08:25:58] (.Adobe Inc..) – C:\WINDOWS\Installer\85118.msp [67080192] =>.Adobe Inc.
[MD5.E340B1CDFDF1797F4F05DD993CDC6D70] [WIS][2023/10/10 00:10:52] (.Adobe Inc..) – C:\WINDOWS\Installer\88907.msp [130416640] =>.Adobe Inc.
[MD5.E5100D0116E1CB18C4AE18C43675CBC7] [WIS][2022/06/05 04:07:23] (.Adobe Inc..) – C:\WINDOWS\Installer\8afa8.msp [132579328] =>.Adobe Inc.
[MD5.2C1B23C637E1F8314D5F855DC828A5C8] [WIS][2023/09/07 03:57:43] (.Adobe Inc..) – C:\WINDOWS\Installer\8c36e.msp [153894912] =>.Adobe Inc.
[MD5.8C76CC67931590E408EB3C1F81F5D480] [WIS][2023/05/05 01:23:28] (.Adobe Inc..) – C:\WINDOWS\Installer\95b4a.msp [77373440] =>.Adobe Inc.
[MD5.01FF5C54B8930757425B33C5D3A05F6A] [WIS][2024/01/02 20:29:41] (.Adobe Inc..) – C:\WINDOWS\Installer\9acb7.msp [159318016] =>.Adobe Inc.
[MD5.16B7FA257A67AEC44C1D7E2FCFD1C10A] [WIS][2024/02/23 02:21:43] (.Adobe Inc..) – C:\WINDOWS\Installer\a2e16.msp [104718336] =>.Adobe Inc.
[MD5.DB373473B96BD661649BCCD6C1E8C064] [WIS][2023/08/19 09:46:54] (.Adobe Inc..) – C:\WINDOWS\Installer\c4801.msp [70483968] =>.Adobe Inc.
[MD5.41EB6051ECB639F09615E8D87B76C6A7] [WIS][2024/02/10 20:36:04] (.Adobe Inc..) – C:\WINDOWS\Installer\c5268.msp [154316800] =>.Adobe Inc.
[MD5.C933AB8A40A086E0A8180FDFF9754945] [WIS][2023/07/03 08:29:00] (.Adobe Inc..) – C:\WINDOWS\Installer\c6f1c.msp [113807360] =>.Adobe Inc.
[MD5.5B7DA0BBB67AFF3BA49FAE9A0BA7147D] [WIS][2022/03/03 01:13:53] (.Adobe Inc..) – C:\WINDOWS\Installer\c975f.msp [174493696] =>.Adobe Inc.
[MD5.3720BDF8A9A9930067035BC3AD04F44A] [WIS][2022/04/07 10:59:57] (.Adobe Inc..) – C:\WINDOWS\Installer\c9b17.msp [101658624] =>.Adobe Inc.
[MD5.AC57B0CD6401F4C717B52D403CB6892E] [WIS][2023/01/21 09:08:41] (.Adobe Inc..) – C:\WINDOWS\Installer\cbe4b6.msp [69443584] =>.Adobe Inc.
[MD5.6C8685062E2DF1B1B0DF25B0BFD17D4A] [WIS][2024/01/13 23:46:08] (.Adobe Inc..) – C:\WINDOWS\Installer\cc76c.msp [110985216] =>.Adobe Inc.
[MD5.1847D6B520A3CBC4FE0891534A223F0A] [WIS][2022/11/14 23:20:35] (.Adobe Inc..) – C:\WINDOWS\Installer\cce50a.msp [69357568] =>.Adobe Inc.
[MD5.A11A971CBDC0F252F3BF5199D8B28D0C] [WIS][2023/06/15 01:11:52] (.Adobe Inc..) – C:\WINDOWS\Installer\cda22.msp [324608000] =>.Adobe Inc.
[MD5.4734AEAD6C5EDA895B023DE9EC66FFD2] [WIS][2023/11/05 07:45:57] (.Adobe Inc..) – C:\WINDOWS\Installer\de5b2.msp [89821184] =>.Adobe Inc.

—\ FEATURE CONTROL. (153) - 0s
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:Activation.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:FoxitPhantomPDF.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:AASIapp.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:Acrobat.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:AcroLicApp.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:Acrodist.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:CODESYS.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:CODESYSControlService.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:RemoteTargetVisu.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:CODESYSHMI.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPfewgsrv.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGUI.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGuiIT.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLgPad.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLOGON.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:Scale_for_R3.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:ieuser.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:devenv.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:dexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]:msiexec.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:cs.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:waol.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:wm.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]:wlmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:outlook.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]:communicator.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:outlook.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:excel.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:powerpnt.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:winword.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:msn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:VSTOInstaller.exe =>.Legitimate

—\ Beobachter der Ereignisse (75) - 7s

Application.Error: Application Hang (4)
~Numéro: 307
~Date: 03/07/2024 12:46:55 PM
~ID: 1002
~Description: Das Programm SecHealthUI.exe Version 10.0.22621.1 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.
~Suggestion: Essayer les commandes suivantes ipconfig /release et ipconfig / renew.

Application.Warning: Microsoft-Windows-RestartManager (1)
~Numéro: 268
~Date: 03/07/2024 12:32:53 PM
~ID: 10010
~Description: Die Anwendung “D:\Programme\Dragon Center\Mystic_Light\LEDKeeper2.exe’”(PID 9388) kann nicht neu gestartet werden - 1.
~Suggestion: Redémarrer manuellement l’application ou le service

Application.Error: CertEnroll (8)
~Numéro: 245
~Date: 03/07/2024 12:20:52 PM
~ID: 86
~Description: WORKGROUP\DESKTOP-OSDJ7D2$https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scepGetCACapsGetCACaps: Not Found{“Message”:"The authority "amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azu
~Suggestion: Aucune

Application.Warning: Outlook (2)
~Numéro: 199
~Date: 03/06/2024 08:58:28 PM
~ID: 25
~Description: Es wird nun eine lokale Kopie Ihres Postfachs eingerichtet. Es kann mehrere Minuten dauern, bis alle Ihre Daten abrufbar sind.

Application.Warning: Microsoft-Windows-WMI (38)
~Numéro: 40
~Date: 03/06/2024 01:52:38 PM
~ID: 63
~Description: Der Anbieter “DSCCoreProviders” wurde im Namespace “ROOT\Microsoft\Windows\DesiredStateConfiguration” der Windows-Verwaltungsinstrumentation zur Verwendung des Kontos “LocalSystem” registriert. Dieses Konto ist ein privilegiertes Konto. Der Anbieter
~Suggestion: Généralement LocalSystem n’est pas nécessaire et le contexte de sécurité NetworkServiceHost est plus approprié.

System.Error: DCOM (53)
~Numéro: 764
~Date: 03/07/2024 12:51:59 PM
~Description: {CC66E708-C687-42EA-806E-83D41C9D1A5F}

System.Error: Service Control Manager (32)
~Numéro: 594
~Date: 03/07/2024 12:20:49 PM
~ID: 7034
~Description: Dienst “GameInput Service” wurde unerwartet beendet. Dies ist bereits 6 Mal passiert.

System.Error: NETLOGON (2)
~Numéro: 538
~Date: 03/07/2024 12:20:44 PM
~ID: 3095
~Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser Konfiguration nicht gestartet zu sein.

System.Warning: LsaSrv (20)
~Numéro: 534
~Date: 03/07/2024 12:20:43 PM
~ID: 6155
~Description: Das LSA-Paket ist nicht wie erwartet signiert. Dies kann zu unerwartetem Verhalten bei Credential Guard führen. Paketname: msv1_0

System.Warning: Microsoft-Windows-Wininit (2)
~Numéro: 523
~ID: 15
~Description: Credential Guard und/oder VBS Key Isolation sind konfiguriert, aber der sichere Kernel wird nicht ausgeführt. Fahren Sie ohne sie fort.

System.Warning: e1i68x64 (1)
~Numéro: 520
~Date: 03/07/2024 12:20:41 PM
~ID: 27
~Description: Intel(R) I211 Gigabit Network Connection Network link is disconnected.

System.Warning: Microsoft-Windows-WLAN-AutoConfig (1)
~Numéro: 473
~Date: 03/07/2024 12:20:57 AM
~ID: 10002
~Description: Das WLAN-Erweiterungsmodul wurde beendet. Modulpfad: C:\WINDOWS\system32\IntelIHVRouter08.dll
~Suggestion: 1)Désactivez/Réactiver la connexion réseau sans fil. ou 2) Redémarrer le service WLAN AutoConfig

System.Warning: Microsoft-Windows-DNS-Client (1)
~Numéro: 411
~Date: 03/06/2024 08:56:37 PM
~ID: 1014
~Description: Timeout bei der Namensauflösung für den Namen autodiscover.hawhamburg.de, nachdem keiner der konfigurierten DNS-Server geantwortet hat. Client-PID 22940.
~Suggestion: Event ID 1014: Microsoft Windows DNS Client | Microsoft Learn

System.Error: Microsoft-Windows-WindowsUpdateClient (1)
~Numéro: 239
~Date: 03/06/2024 02:11:12 PM
~ID: 20
~Description: 0x80073d029MSSGKG348SP-MicrosoftWindows.Client.WebExperience{48f88aa1-5e13-4158-9d35-a5704260e6d9}1{855e8a7c-ecb4-4ca3-b045-1dfa50104289}
~Suggestion: EventTracker KB --Event Id: 20 Source: Microsoft-Windows-WindowsUpdateClient

—\ Zusätzliche Scan (O88) (50) - 7s
C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn =>Hijacker.Browser
C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc =>.SUP.Discord
C:\Users\eiko-\AppData\Local\Temp\mat-debug-10324.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-10380.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-11568.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-12452.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-12672.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-13172.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-13488.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-13776.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-14252.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-14812.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-14824.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-14840.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-15512.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-16600.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-16884.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-17520.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-17996.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-18048.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-18484.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-19124.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-19268.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-19620.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-19872.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-19916.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-19944.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-20300.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-20456.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-20828.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-21168.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-21424.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-21608.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-22064.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-22164.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-23052.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-23836.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-2532.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-2564.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-2736.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-4596.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-5028.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-5384.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-6028.log =>.SUP.Temporary.Microsoft
C:\Users\eiko-\AppData\Local\Temp\mat-debug-7704.log =>.SUP.Temporary.Microsoft
Nicht gelöscht [:MBAM.Zone.Identifier] C:\Users\eiko-\Desktop\RogueKiller_setup.exe:MBAM.Zone.Identifier =>.SUP.FileADS
Nicht gelöscht [:MBAM.Zone.Identifier] C:\Users\eiko-\Desktop\ZHPSuite.exe:MBAM.Zone.Identifier =>.SUP.FileADS
Nicht gelöscht [:MBAM.Zone.Identifier] C:\Users\eiko-\Downloads\AccountProfileFixer.exe:MBAM.Zone.Identifier =>.SUP.FileADS
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\eiko-\Desktop\AutoLogger\AutoLogger\AV\av_z.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\eiko-\Desktop\AutoLogger\AutoLogger\AV\av_z.exe.FriendlyAppName =>.Unsigned

—\ Zusammenfassung der Elemente gefunden auf Ihrer workstation (8) - 0s
Zone Anti-Malware - ZAM =>Hijacker.Browser
Zone Anti-Malware - ZAM =>Adware.CrossRider
Zone Anti-Malware - ZAM =>.SUP.Discord
Zone Anti-Malware - ZAM =>.SUP.Orphan
Zone Anti-Malware - ZAM =>Warning.EventLogApp
Zone Anti-Malware - ZAM =>Warning.EventLogSys
Zone Anti-Malware - ZAM =>.SUP.Temporary.Microsoft
Zone Anti-Malware - ZAM =>.SUP.FileADS

—\ Serial Number
[00980C39AA679AD337FB40CF706DB769C8] [21/12/2021] (.Nextcloud GmbH.) - C:\Program Files\Nextcloud\nextcloud.exe =>.Not verified
[00980C39AA679AD337FB40CF706DB769C8] [21/12/2021] (.Nextcloud GmbH.) - C:\Program Files\Nextcloud\shellext\NCContextMenu.dll =>.Not verified
[00980C39AA679AD337FB40CF706DB769C8] [21/12/2021] (.Nextcloud GmbH.) - C:\Program Files\Nextcloud\shellext\NCOverlays.dll =>.Not verified
[00E7D14424B9A863F6E62D940DDF005FF7] [09/07/2008] (.OPC Foundation, Inc..) - C:\Windows\SysWOW64\OpcEnum.exe =>.Not verified
[00E7E6FE263192D15EAC485B4198E64488] [05/10/2020] (.Jernej Simončič.) - C:\Program Files\GIMP 2\bin\gimp-2.10.exe =>.Jernej Simončič
[00E7E6FE263192D15EAC485B4198E64488] [18/12/2020] (.Jernej Simončič.) - C:\Program Files\GIMP 2\uninst\unins000.exe =>.Jernej Simončič
[0119496D699B5C9A0542428C9DAD5EBA] [09/04/2022] (.Shenzhen Snapmaker Technologies Co., Ltd..) - D:\Programme\Snapmaker Luban\Uninstall Snapmaker Luban.exe =>.Not verified
[011F39A2261A993DD15176DA6FE4FBEA] [05/10/2021] (.Adobe Inc..) - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe =>.Adobe Inc.
[0222A8D60B06B04FAFFBDA53EFFD5795] [19/01/2024] (.HP Inc..) - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe =>.HP Inc.
[0222A8D60B06B04FAFFBDA53EFFD5795] [19/01/2024] (.HP Inc..) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe =>.HP Inc.
[02BF28A0908D8CE88BEEEDBB50F1E685] [25/01/2024] (.Zoom Video Communications, Inc..) - C:\Users\eiko-\AppData\Roaming\Zoom\bin\airhost.exe =>.Not verified
[02BF28A0908D8CE88BEEEDBB50F1E685] [25/01/2024] (.Zoom Video Communications, Inc..) - C:\Users\eiko-\AppData\Roaming\Zoom\bin\Zoom.exe =>.Not verified
[0407ABB64E9990180789EACB81F5F914] [08/11/2022] (.VideoLAN.) - D:\Programme\VLC\vlc.exe =>.VideoLAN
[04292E45125096FE6D57AB7C648AA118] [21/06/2023] (.Martin Prikryl.) - C:\Program Files (x86)\WinSCP\WinSCP.exe =>.Not verified
[04292E45125096FE6D57AB7C648AA118] [22/08/2023] (.Martin Prikryl.) - C:\Program Files (x86)\WinSCP\unins000.exe =>.Not verified
[0575E1F7EC9BD8A67A3F6189C63E97BB] [02/06/2023] (.PIRIFORM SOFTWARE LIMITED.) - C:\Program Files\Recuva\recuva64.exe =>.PIRIFORM SOFTWARE LIMITED
[0575E1F7EC9BD8A67A3F6189C63E97BB] [02/06/2023] (.PIRIFORM SOFTWARE LIMITED.) - C:\Program Files\Recuva\RecuvaShell64.dll =>.PIRIFORM SOFTWARE LIMITED
[05813C7ADFD852AF7274FEECF7938AFA] [09/04/2021] (.NADEO SASU.) - D:\Programme\Ubisoft Game Launcher\games\Trackmania\trackmania.exe =>.NADEO SASU
[05B9E5C73998821D2E591A368995B191] [06/07/2023] (.ADAPP SASU.) - C:\ProgramData\Package Cache{05c046de-f751-48c8-b8d3-77259ea88eb7}\DokanSetup.exe =>.Not verified
[05B9E5C73998821D2E591A368995B191] [26/11/2021] (.ADAPP SASU.) - C:\Program Files\Dokan\Dokan Library-1.5.1\dokanctl.exe =>.Not verified
[060E2F8F9E1B8BE518D5FE2B69CFCCB1] [19/12/2023] (.Oracle America, Inc..) - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Not verified
[060E2F8F9E1B8BE518D5FE2B69CFCCB1] [19/12/2023] (.Oracle America, Inc..) - C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll =>.Not verified
[060E2F8F9E1B8BE518D5FE2B69CFCCB1] [19/12/2023] (.Oracle America, Inc..) - C:\Program Files\Java\jre-1.8\bin\ssv.dll =>.Not verified
[068033EE736CDDF17B241B41E65EF935] [02/06/2023] (.Piriform Software Ltd.) - C:\Program Files\Recuva\uninst.exe =>.Piriform Software Ltd
[0689B3BCEB4409890A32D71976B132A4] [29/02/2024] (.Valve Corp..) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve Corp.
[0689B3BCEB4409890A32D71976B132A4] [29/02/2024] (.Valve Corp..) - D:\Programme\Steam\bin\cef\cef.win7x64\steamwebhelper.exe =>.Valve Corp.
[0689B3BCEB4409890A32D71976B132A4] [29/02/2024] (.Valve Corp..) - D:\Programme\Steam\steam.exe =>.Valve Corp.
[06AEA76BAC46A9E8CFE6D29E45AAF033] [07/01/2020] (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google LLC
[06E578A81BC98E28AB7B05B191C99A2D] [21/12/2020] (.Nefarius Software Solutions e.U..) - C:\Program Files\Nefarius Software Solutions\Virtual Gamepad Emulation Bus Driver\devcon.exe =>.Nefarius Software Solutions e.U.
[07EC0CF3D333673B2602D410FE0C4D21] [24/03/2020] (.Advanced Micro Devices, Inc..) - C:\WINDOWS\System32\drivers\amdpsp.sys =>.Advanced Micro Devices, Inc.
[084CAF4DF499141D404B7199AA2C2131] [22/05/2018] (.Valve.) - D:\Programme\Steam\uninstall.exe =>.Valve
[0860CF737268C8DA80ECAA1F845A3D21] [07/01/2020] (.ENE TECHNOLOGY INC..) - C:\ProgramData\Package Cache{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}\AacSetup.exe =>.ENE TECHNOLOGY INC.
[0860CF737268C8DA80ECAA1F845A3D21] [07/01/2020] (.ENE TECHNOLOGY INC..) - C:\ProgramData\Package Cache{fe81cfd3-9db4-409d-b0f9-26707d1423c6}\AacSetup.exe =>.ENE TECHNOLOGY INC.
[08FC2A6C411D88E7253C3D99170EAE62] [09/06/2021] (.Logitech Inc.) - C:\Program Files\Logitech\LogiOptions\CreateShortcut.exe =>.Logitech Inc
[08FC2A6C411D88E7253C3D99170EAE62] [09/06/2021] (.Logitech Inc.) - C:\Program Files\Logitech\LogiOptions\LogiOptions.exe =>.Logitech Inc
[08FC2A6C411D88E7253C3D99170EAE62] [09/06/2021] (.Logitech Inc.) - C:\Program Files\Logitech\LogiOptions\uninstaller.exe =>.Logitech Inc
[08FC2A6C411D88E7253C3D99170EAE62] [09/06/2021] (.Logitech Inc.) - C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe =>.Logitech Inc
[08FC2A6C411D88E7253C3D99170EAE62] [09/06/2021] (.Logitech Inc.) - C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe =>.Logitech Inc
[0942FCB8A736EC41CD37568CC5B88C49] [21/12/2019] (.Corsair Memory, Inc..) - D:\Programme\Corsair\CORSAIR iCUE Software\Corsair.Service.exe =>.Corsair Memory, Inc.
[0942FCB8A736EC41CD37568CC5B88C49] [21/12/2019] (.Corsair Memory, Inc..) - D:\Programme\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe =>.Corsair Memory, Inc.
[095FA6A28C6799DF3F58823715F9AAE8] [01/08/2023] (.Ubisoft Entertainment Sweden AB.) - D:\Programme\Ubisoft Game Launcher\Uninstall.exe =>.Ubisoft Entertainment Sweden AB
[095FA6A28C6799DF3F58823715F9AAE8] [01/08/2023] (.Ubisoft Entertainment Sweden AB.) - D:\Programme\Ubisoft Game Launcher\upc.exe =>.Ubisoft Entertainment Sweden AB
[09FEED19E3C973A65B3DEBAC2C6DCA59] [09/11/2023] (.Altium LLC.) - C:\Program Files\Altium\AD23\AltiumMS.exe =>.Not verified
[09FEED19E3C973A65B3DEBAC2C6DCA59] [09/11/2023] (.Altium LLC.) - C:\Program Files\Altium\AD23\System\Installation\AltiumInstaller.exe =>.Not verified
[09FEED19E3C973A65B3DEBAC2C6DCA59] [09/11/2023] (.Altium LLC.) - C:\program files\altium\ad23\x2.exe =>.Not verified
[0A0BAA567D6E3CD3EBBA3E8B7D7D87F1] [31/07/2023] (.UBISOFT ENTERTAINMENT INC..) - D:\Programme\Ubisoft Game Launcher\games\Anno 1800\Bin\Win64\Anno1800.exe =>.Not verified
[0A15B5C63D9C303E3309B7F596A8D1D1] [20/09/2022] (.Shenzhen Snapmaker Technologies Co., Ltd..) - C:\Program Files\Snapmaker Luban\Snapmaker Luban.exe =>.Not verified
[0A15B5C63D9C303E3309B7F596A8D1D1] [20/09/2022] (.Shenzhen Snapmaker Technologies Co., Ltd..) - C:\Program Files\Snapmaker Luban\Uninstall Snapmaker Luban.exe =>.Not verified
[0B574A4107AA92E59F287861B02A6EC5] [15/02/2022] (.Azul Systems, Inc..) - C:\program files\crucial\crucial storage executive\java\bin\javaw.exe =>.Azul Systems, Inc.
[0CA6A7A3916ECDE96F5EA62A34148760] [01/01/2024] (.A-Volute SAS.) - C:\Users\eiko-\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe =>.A-Volute SAS
[0CA6A7A3916ECDE96F5EA62A34148760] [01/01/2024] (.A-Volute SAS.) - C:\WINDOWS\System32\NahimicService.exe =>.A-Volute SAS
[0CA6A7A3916ECDE96F5EA62A34148760] [03/06/2022] (.A-Volute SAS.) - C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys =>.A-Volute SAS
[0CFFC287F2283076A2809E401A30120A] [10/10/2020] (.FUTUREMARK INC.) - D:\Programme\Steam\steamapps\common\3DMark\3DMarkLauncher.exe =>.FUTUREMARK INC
[0D1A340F78D7D000E089FDBAAD6522DF] [22/02/2024] (.Adobe Inc..) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe =>.Adobe Inc.
[0D1A340F78D7D000E089FDBAAD6522DF] [31/01/2024] (.Adobe Inc..) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Inc.
[0D683E6AD0CDA9B4475CF8AE1D7D2133] [10/12/2023] (.BattlEye Innovations e.K..) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.
[0D78CB77821B2F887CAACF9EF37E3C42] [27/04/2023] (.Anaconda, Inc..) - C:\ProgramData\anaconda3\Uninstall-Anaconda3.exe =>.Not verified
[0DACC0F743C79D8A6464DC967AF3B039] [29/02/2024] (.Overwolf Ltd.) - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe =>.Not verified
[0DACC0F743C79D8A6464DC967AF3B039] [29/02/2024] (.Overwolf Ltd.) - D:\Programme\Overwolf\0.242.0.12\OverwolfBrowser.exe =>.Not verified
[0DACC0F743C79D8A6464DC967AF3B039] [29/02/2024] (.Overwolf Ltd.) - D:\Programme\Overwolf\OWUninstaller.exe =>.Not verified
[0DFE7BA482F076DB90BCC22B2C487CBD] [02/08/2023] (.Epic Games Inc..) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe =>.Epic Games Inc.
[0DFE7BA482F076DB90BCC22B2C487CBD] [11/12/2023] (.Epic Games Inc..) - C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe =>.Epic Games Inc.
[0E4418E2DEDE36DD2974C3443AFB5CE5] [01/02/2024] (.Google LLC.) - C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [01/02/2024] (.Google LLC.) - C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [04/03/2024] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.95\Installer\chrmstp.exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [04/03/2024] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.95\Installer\setup.exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [27/02/2024] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.95\elevation_service.exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [27/02/2024] (.Google LLC.) - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google LLC
[0E692DD41D8C6868CF0994B5D4AEC94E] [14/01/2023] (.RELIC ENTERTAINMENT, INC..) - D:\Programme\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe =>.Not verified
[0F47B39D1C995E5CF1FEB06BE6BCF039] [06/09/2022] (.Prusa Research a.s..) - C:\Program Files\Prusa3D\PrusaSlicer\prusa-gcodeviewer.exe =>.Prusa Research a.s.
[0F47B39D1C995E5CF1FEB06BE6BCF039] [06/09/2022] (.Prusa Research a.s..) - C:\Program Files\Prusa3D\PrusaSlicer\prusa-slicer.exe =>.Prusa Research a.s.
[0F8130D104BA79BFB3D35BDEE06E7398] [07/02/2023] (.Micron Technology, Inc..) - C:\Program Files\Crucial\Crucial Storage Executive\msecli.exe =>.Micron Technology, Inc.
[0FAB670A61BF4B7DAFD559356B5BCCFF] [29/02/2024] (.Spotify AB.) - C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe =>.Spotify AB
[112158044863E4DC19CF29A85668B7F45842] [29/07/2016] (.MICRO-STAR INTERNATIONAL CO., LTD..) - C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys =>.MICRO-STAR INTERNATIONAL CO., LTD.
[1121A559B50EF9848661F0FAEB7421BBDD2C] [11/11/2013] (.MICRO-STAR INTERNATIONAL CO., LTD..) - C:\ProgramData\MSI\Super_Charger\ipadtst_64.sys =>.MICRO-STAR INTERNATIONAL CO., LTD.
[1121DECFC72375D79E37441D787BA3C6092E] [15/05/2017] (.3S-Smart Software Solutions GmbH.) - C:\Program Files (x86)\3S CODESYS\CODESYS\Common\CODESYS.exe =>.3S-Smart Software Solutions GmbH
[1121DECFC72375D79E37441D787BA3C6092E] [15/05/2017] (.3S-Smart Software Solutions GmbH.) - C:\Program Files (x86)\3S CODESYS\CODESYS\Common\IPMCLI.exe =>.3S-Smart Software Solutions GmbH
[1121DECFC72375D79E37441D787BA3C6092E] [15/05/2017] (.3S-Smart Software Solutions GmbH.) - C:\Program Files (x86)\3S CODESYS\CODESYS\Common\RepTool.exe =>.3S-Smart Software Solutions GmbH
[1121DECFC72375D79E37441D787BA3C6092E] [15/05/2017] (.3S-Smart Software Solutions GmbH.) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlService.exe =>.3S-Smart Software Solutions GmbH
[1121DECFC72375D79E37441D787BA3C6092E] [15/05/2017] (.3S-Smart Software Solutions GmbH.) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlSysTray.exe =>.3S-Smart Software Solutions GmbH
[1121DECFC72375D79E37441D787BA3C6092E] [15/05/2017] (.3S-Smart Software Solutions GmbH.) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe =>.3S-Smart Software Solutions GmbH
[1121DECFC72375D79E37441D787BA3C6092E] [15/05/2017] (.3S-Smart Software Solutions GmbH.) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewaySysTray.exe =>.3S-Smart Software Solutions GmbH
[1121DECFC72375D79E37441D787BA3C6092E] [15/05/2017] (.3S-Smart Software Solutions GmbH.) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\ServiceControl.exe =>.3S-Smart Software Solutions GmbH
[1121DECFC72375D79E37441D787BA3C6092E] [18/04/2017] (.3S-Smart Software Solutions GmbH.) - C:\Windows\SysWOW64\Gateway.exe =>.3S-Smart Software Solutions GmbH
[1121DECFC72375D79E37441D787BA3C6092E] [18/04/2017] (.3S-Smart Software Solutions GmbH.) - C:\Windows\SysWOW64\GatewayDDE.exe =>.3S-Smart Software Solutions GmbH
[1121DECFC72375D79E37441D787BA3C6092E] [22/05/2023] (.3S-Smart Software Solutions GmbH.) - C:\Program Files (x86)\InstallShield Installation Information{91B73AA2-4B42-481F-9ECD-03AB9C6016DF}\setup.exe =>.3S-Smart Software Solutions GmbH
[1121F611BAE8352E9201C65095879D7BDAB1] [19/05/2013] (.Bruce James.) - C:\WINDOWS\System32\drivers\ScpVBus.sys =>.Bruce James
[112C3F3ACD305D62BA1D39BB64CF209A] [16/12/2022] (.Ankitects Pty Ltd.) - D:\Programme\Anki\anki.exe =>.Not verified
[112C3F3ACD305D62BA1D39BB64CF209A] [16/12/2022] (.Ankitects Pty Ltd.) - D:\Programme\Anki\uninstall.exe =>.Not verified
[12F0277E0F233B39F9419B06E8CDE352] [08/01/2020] (.Oracle America, Inc..) - D:\programme\minecraft\runtime\jre-x64\bin\javaw.exe =>.Oracle America, Inc.
[12F0277E0F233B39F9419B06E8CDE352] [11/02/2022] (.Oracle America, Inc..) - D:\programme\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe =>.Oracle America, Inc.
[12F0277E0F233B39F9419B06E8CDE352] [13/12/2020] (.Oracle America, Inc..) - D:\programme\install\runtime\jre-x64\bin\javaw.exe =>.Oracle America, Inc.
[14781BC862E8DC503A559346F5DCC518] [07/12/2019] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys =>.NVIDIA Corporation
[169D2C94309C0380414BCFDD93A6B27D] [07/03/2024] (.ADLICE (Julien Ascoet).) - C:\Windows\System32\drivers\truesight.sys =>.Not verified
[1839AF8574AA0E80C371D9803461DD7B] [01/03/2024] (.ADLICE.) - C:\Program Files\RogueKiller\unins000.exe =>.ADLICE
[1839AF8574AA0E80C371D9803461DD7B] [19/02/2024] (.ADLICE.) - C:\Program Files\RogueKiller\RogueKiller64.exe =>.ADLICE
[1839AF8574AA0E80C371D9803461DD7B] [19/02/2024] (.ADLICE.) - C:\Program Files\RogueKiller\RogueKillerSvc.exe =>.ADLICE
[1885B7E188D8FAFD38A43D48967D7488] [16/03/2020] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\amdgpio2.sys =>.Advanced Micro Devices INC.
[1885B7E188D8FAFD38A43D48967D7488] [18/06/2021] (.Advanced Micro Devices INC..) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys =>.Advanced Micro Devices INC.
[1885B7E188D8FAFD38A43D48967D7488] [31/07/2019] (.Advanced Micro Devices INC..) - C:\Program Files\AMD\RyzenMasterSDK\AMDRyzenMasterCLI\bin-prebuilt\AMDRyzenMasterCLI.exe =>.Advanced Micro Devices INC.
[18A9744E95AB6770D0C9CCCBC851D573] [22/08/2019] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvhci.sys =>.NVIDIA Corporation
[1BE0505B24B2BC3940E30634] [07/01/2020] (.MICRO-STAR INTERNATIONAL CO., LTD..) - D:\Programme\Dragon Center\Mystic_Light\LEDKeeper2.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.
[1BE0505B24B2BC3940E30634] [07/01/2020] (.MICRO-STAR INTERNATIONAL CO., LTD..) - D:\Programme\Dragon Center\Mystic_Light\LightKeeperService.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.
[1BE0505B24B2BC3940E30634] [07/01/2020] (.MICRO-STAR INTERNATIONAL CO., LTD..) - D:\Programme\Dragon Center\unins000.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.
[1BE0505B24B2BC3940E30634] [11/09/2018] (.MICRO-STAR INTERNATIONAL CO., LTD..) - D:\Programme\Dragon Center\StorageMonitor\StorageMonitor.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.
[1BE0505B24B2BC3940E30634] [21/08/2019] (.MICRO-STAR INTERNATIONAL CO., LTD..) - D:\Programme\Dragon Center\CC_Engine_x64.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.
[1BE0505B24B2BC3940E30634] [24/07/2019] (.MICRO-STAR INTERNATIONAL CO., LTD..) - D:\Programme\Dragon Center\APP_Dragon_Center_Keeper.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.
[1BE0505B24B2BC3940E30634] [29/08/2019] (.MICRO-STAR INTERNATIONAL CO., LTD..) - D:\Programme\Dragon Center\DragonCenter_Service.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.
[1FDD06412B027853B8C4BC51] [20/06/2023] (.Shenzhen Anycubic Technology Co., Ltd..) - C:\Program Files\AnycubicPhotonWorkshop\AnycubicPhotonWorkshop.exe =>.Not verified
[26504E0645C8DDDC8C28CC15] [10/12/2023] (.EasyAntiCheat Oy.) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe =>.EasyAntiCheat Oy
[266D333EDE17A8B472053E4FA3934572] [23/12/2021] (.AVG Technologies CZ, s.r.o..) - C:\WINDOWS\System32\drivers\lpsport.sys =>.AVG Technologies CZ, s.r.o.
[286F227F6B58BCFFD70DF7A5] [01/03/2024] (.GIANTS Software GmbH.) - D:\Programme\Steam\steamapps\common\Farming Simulator 22\x64\FarmingSimulator2022Game.exe =>.GIANTS Software GmbH
[2F930689E02D929C085823F12E809E27] [29/09/2016] (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG
[2F930689E02D929C085823F12E809E27] [29/09/2016] (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe =>.WIBU-SYSTEMS AG
[31F8F5FB790C592476CE0F3320DC4AF1] [18/02/2024] (.Stanislav Polshyn.) - C:\Users\eiko-\Desktop\AutoLogger\AutoLogger\CheckBrowsersLNK\Check Browsers LNK.exe =>.Not verified
[326A7C3DBAB1332971BB3EBB4CA7FC7D] [13/12/2023] (.Notion Labs, Inc..) - C:\Users\eiko-\AppData\Local\Programs\Notion\Notion.exe =>.Not verified
[3300000304C103197EC605E404000000000304] [06/07/2023] (..NET.) - C:\ProgramData\Package Cache{d260fcb6-95b8-4c81-8e07-ce75876ffca2}\windowsdesktop-runtime-7.0.8-win-x64.exe =>..NET
[3300000304C103197EC605E404000000000304] [19/06/2023] (..NET.) - C:\Program Files\dotnet\dotnet.exe =>..NET
[3300000304C103197EC605E404000000000304] [24/03/2023] (..NET.) - C:\Program Files\VHDPlus\createdump.exe =>..NET
[330000038BF0FCEC2C8F35652C00000000038B] [24/02/2024] (.Skype Software Sarl.) - C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl
[352CB174D3737071385E8FBF60E68896] [03/10/2023] (.JGraph Ltd.) - C:\Program Files\draw.io\draw.io.exe =>.Not verified
[352CB174D3737071385E8FBF60E68896] [03/10/2023] (.JGraph Ltd.) - C:\Program Files\draw.io\Uninstall draw.io.exe =>.Not verified
[3F4CB0BFEBD39172FA4790E72E4D55BF] [26/10/2012] (.Logitech, Inc..) - C:\WINDOWS\System32\DRIVERS\lvrs64.sys =>.Logitech, Inc.
[3F4CB0BFEBD39172FA4790E72E4D55BF] [26/10/2012] (.Logitech, Inc..) - C:\WINDOWS\System32\DRIVERS\lvuvc64.sys =>.Logitech, Inc.
[4C862D2340DCDFF769F4FFF5D1858E3D] [02/04/2023] (.Florian BAUER.) - D:\programme\freefilesync\bin\freefilesync_x64.exe =>.Florian BAUER
[4C862D2340DCDFF769F4FFF5D1858E3D] [02/04/2023] (.Florian BAUER.) - D:\Programme\FreeFileSync\FreeFileSync.exe =>.Florian BAUER
[4C862D2340DCDFF769F4FFF5D1858E3D] [18/04/2023] (.Florian BAUER.) - D:\Programme\FreeFileSync\Uninstall\unins000.exe =>.Florian BAUER
[4FBE0A02426EBD20C26244B5ECA652A3] [17/04/2019] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvvad64v.sys =>.NVIDIA Corporation
[51029B3B9CB48FA076FA2DA87A91DB42] [10/12/2023] (.Epic Games Inc..) - C:\ProgramData\Package Cache{43a03b9c-4770-409c-a999-587b60700b63}\LauncherPrereqSetup_x64.exe =>.Epic Games Inc.
[560000089D2953A788A5B8886900000000089D] [12/09/2019] (.Intel(R) Wireless Connectivity Solutions.) - C:\WINDOWS\System32\drivers\ibtusb.sys =>.Intel(R) Wireless Connectivity Solutions
[597E4E45CBC115BBA6402602E89CBF45] [11/02/2020] (.Oracle America, Inc..) - D:\programme\arduino\java\bin\javaw.exe =>.Oracle America, Inc.
[610AF5D800060000004C] [09/03/2020] (.AMD PMP-PE CB Code Signer v20160415.) - C:\WINDOWS\System32\drivers\amdgpio3.sys =>.AMD PMP-PE CB Code Signer v20160415
[62E745E92165213C971F5C490AEA12A5] [07/10/2020] (.NVIDIA Corporation.) - C:\WINDOWS\System32\drivers\nvhda64v.sys =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [07/10/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [07/10/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nv3dappshext.dll =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [07/10/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvlddmkm.sys =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [07/10/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvshext.dll =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [07/10/2020] (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nvppc.inf_amd64_1bea1a9a02d425f4\UcmCxUcsiNvppc.sys =>.NVIDIA Corporation
[63D16C0E824E01938C30390EBFDB4B32] [23/11/2022] (.Underwriters Laboratories Inc..) - D:\Programme\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe =>.Not verified
[63D16C0E824E01938C30390EBFDB4B32] [23/11/2022] (.Underwriters Laboratories Inc..) - D:\Programme\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe =>.Not verified
[71E68684F7A885A24ABF921CBBF4E0C3] [05/12/2019] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation
[71E68684F7A885A24ABF921CBBF4E0C3] [07/12/2019] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.NVIDIA Corporation
[71E68684F7A885A24ABF921CBBF4E0C3] [08/12/2019] (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe =>.NVIDIA Corporation
[72F0C9305FD97A974DC024A6980E6886] [09/10/2020] (.WDKTestCert build,132303256403278908.) - C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys =>.WDKTestCert build,132303256403278908
[72F0C9305FD97A974DC024A6980E6886] [09/10/2020] (.WDKTestCert build,132303256403278908.) - C:\WINDOWS\System32\drivers\AppleLowerFilter.sys =>.WDKTestCert build,132303256403278908
[76BA9423DDBCE7B145A95F01EE015F17] [18/03/2020] (.Avira Operations GmbH & Co. KG.) - C:\WINDOWS\System32\drivers\phantomtap.sys =>.Avira Operations GmbH & Co. KG
[7B70689C80A3B5B20BDE0B06301B7E1C] [30/11/2022] (.geek software GmbH.) - D:\Programme\PDF24\pdf24.exe =>.Not verified
[7CEFF3A1D1FBB760FE85774A8BC65117] [22/05/2023] (.Raspberry Pi Limited.) - C:\Program Files (x86)\Raspberry Pi Imager\fat32format.exe =>.Not verified
[7D467C5AC99420F6A7E2A89ED61472B4] [18/10/2023] (.Johannes Schindelin.) - C:\Program Files\Git\unins000.exe =>.Not verified

~ Unselected Options: O38, O82,
~ End of the scan, 18566 items in 05mn26s (2706)(0)
                                        Security Check:

                                        Code:
                                        SecurityCheck by glax24 & Severnyj v.1.4.0.57 [24.01.24]
WebSite: www.safezone.cc
DateLog: 07.03.2024 12:56:21
Path starting: C:\Users\eiko-\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck
IsAdmin: True
User: eiko-
VersionXML: 10.98is-02.03.2024
[HR][/HR]
Windows 11(6.3.22631) (x64) Core Release: 23H2 Lang: German(0407)
Installation date OS: 06.03.2024 12:55:04
LicenseStatus: Office 19, Office19ProPlus2019VL_MAK_AE edition The machine is permanently activated.
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [929.9 Gb] Used: [276.5 Gb] Free: [653.4 Gb]
------------------------------- [ Windows ] -------------------------------
User Account Control disabled
[b]^It is recommended to enable (default): Win+R typing UserAccountControlSettings and Enter[1]
Sicherheitscenter (wscsvc) - The service is running
Remoteregistrierung (RemoteRegistry) - The service has stopped
SSDP-Suche (SSDPSRV) - The service is running
Remotedesktopdienste (TermService) - The service has stopped
Windows-Remoteverwaltung (WS-Verwaltung) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Defender Firewall (mpssvc) - The service is running
-------------------------- [ SecurityUtilities ] --------------------------
RogueKiller version 15.15.2.0 v.15.15.2.0
--------------------------- [ OtherUtilities ] ----------------------------
Git v.2.42.0.2 Warning! Download Update
Microsoft Office Professional Plus 2019 - de-de v.16.0.10407.20032 Warning! Download Update
How Install Office updates?
NVIDIA GeForce Experience 3.20.2.34 v.3.20.2.34 Warning! Download Update
Steam v.2.10.91.91
WinSCP 6.1.1 v.6.1.1 Warning! Download Update
Epic Games Launcher v.1.3.93.0
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 v.14.34.31938.0 Warning! Download Update
------------------------------- [ Backup ] --------------------------------
Microsoft OneDrive v.24.042.0227.0001 [b]
------------------------------- [ Imaging ] -------------------------------
GIMP 2.10.22 v.2.10.22 Warning! Download Update
Inkscape v.1.2.2
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 401 (64-bit) v.8.0.4010.10
-------------------------------- [ Media ] --------------------------------
VLC media player v.3.0.18 Warning! Download Update
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Acrobat (64-bit) v.23.008.20555
------------------------------- [ Browser ] -------------------------------
Google Chrome v.122.0.6261.95
Microsoft Edge v.123.0.2420.20 [b]
------------------ [ AntivirusFirewallProcessServices ] -------------------
C:\Program Files\RogueKiller\RogueKiller64.exe v.15.15.2.0
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe v.4.18.24010.12
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe v.4.18.24010.12
Microsoft Defender Antivirus-Dienst (WinDefend) - The service is running
Microsoft Defender Antivirus-Netzwerkinspektionsdienst (WdNisSvc) - The service is running
---------------------------- [ UnwantedApps ] -----------------------------
VHDPlus IDE (64bit) v.0.11.1.0 Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
----------------------------- [ End of Log ] ------------------------------
                                        FRST Fixlog:
                                        [HEADING=1]
                                        Code:
                                        Fix result of Farbar Recovery Scan Tool (x64) Version: 05.03.2024
Ran by eiko- (07-03-2024 12:57:50) Run:10
Running from C:\Users\eiko-\Desktop
Loaded Profiles: eiko-
Boot Mode: Normal[/HEADING]
fixlist content:
[HR][/HR]
Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
C:\WINDOWS\system32\perfh009.dat
C:\WINDOWS\system32\perfh007.dat
C:\WINDOWS\system32\perfc009.dat
C:\WINDOWS\system32\perfc007.dat
C:\Program Files\Bonjour
C:\WINDOWS\System32\drivers\avkmgr.sys
C:\WINDOWS\System32\drivers\avipbb.sys
C:\WINDOWS\System32\drivers\avdevprot.sys
C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG → The OpenVPN Project)
C:\WINDOWS\System32\drivers\phantomtap.sys
C:\WINDOWS\system32\Tasks\Avira
Unlock: C:\ProgramData\cm-lock
C:\ProgramData\cm-lock
C:\Users\eiko-\AppData\Local\Resmon.ResmonCfg
C:\Users\eiko-\AppData\Roaming\LTspiceXVII.ini
C:\Users\eiko-\AppData\Local\recently-used.xbel
C:\Users\eiko-\AppData\Roaming\EQATEC Analytics
2024-03-06 13:57 - 2024-03-06 13:57 - 000758838 _____ C:\WINDOWS\system32\perfh007.dat
2024-03-06 13:57 - 2024-03-06 13:57 - 000157058 _____ C:\WINDOWS\system32\perfc007.dat
AlternateDataStreams: C:\Windows:CM_2a732c3f1e3eb40b63fe062d0180f157c71684af0a0442ab953224075801bb78 [74]
AlternateDataStreams: C:\Windows:CM_bf41c588bad5a092a453669c0d3c66d1ec2c072fbf5c15cc6acda24c9e4d0955 [74]
AlternateDataStreams: C:\Users\eiko-\Desktop\RogueKiller_setup.exe:MBAM.Zone.Identifier [187]
AlternateDataStreams: C:\Users\eiko-\Desktop\ZHPSuite.exe:MBAM.Zone.Identifier [77]
AlternateDataStreams: C:\Users\eiko-\Downloads\AccountProfileFixer.exe:MBAM.Zone.Identifier [131]
C:\Windows:CM_2a732c3f1e3eb40b63fe062d0180f157c71684af0a0442ab953224075801bb78
C:\Windows:CM_bf41c588bad5a092a453669c0d3c66d1ec2c072fbf5c15cc6acda24c9e4d0955
FirewallRules: [{B47387AD-2143-488F-B24F-E00E7DE32978}] => (Block) D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe => No File
FirewallRules: [{AE99B29D-2626-46F7-9F22-501881F2E445}] => (Block) D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe => No File
FirewallRules: [{53BE1FB6-6D7C-4016-9BE9-ACA17B30CAD8}] => (Allow) D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe => No File
FirewallRules: [{A7F73065-A310-4FA7-B8E8-AC28FEC462BB}] => (Allow) D:\Programme\Overwolf\0.241.0.10\OverwolfBrowser.exe => No File
FirewallRules: [{FA0975BD-7405-4180-8338-3EDF5836A071}] => (Allow) LPort=26820
FirewallRules: [{564C2F60-F3C5-4645-A9C6-44F56CBC52DD}] => (Allow) LPort=26822
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: del /s /q “%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache*.*”
VirusTotal: C:\Windows\system32\drivers\ene.sys
File: C:\Windows\system32\drivers\ene.sys
File: C:\Windows\system32\p9rdrservice.dll
Virustotal: C:\Windows\system32\p9rdrservice.dll
startpowershell:
get-service
Endpowershell:
CMD: net start
emptytemp:
Reboot:
End::
[HR][/HR]
Processes closed successfully.
SystemRestore: On => completed
Restore point was successfully created.

========= RemoveProxy: =========

“HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings” => removed successfully
“HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings” => removed successfully
“HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings” => removed successfully
“HKU\S-1-5-21-1421055718-2087356316-1872245878-1012\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings” => removed successfully

========= End of RemoveProxy: =========

C:\WINDOWS\system32\perfh009.dat => moved successfully
C:\WINDOWS\system32\perfh007.dat => moved successfully
C:\WINDOWS\system32\perfc009.dat => moved successfully
C:\WINDOWS\system32\perfc007.dat => moved successfully
“C:\Program Files\Bonjour” => not found
“C:\WINDOWS\System32\drivers\avkmgr.sys” => not found
“C:\WINDOWS\System32\drivers\avipbb.sys” => not found
“C:\WINDOWS\System32\drivers\avdevprot.sys” => not found

“C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn” folder move:

C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn => moved successfully
phantomtap => Unable to stop service.
HKLM\System\CurrentControlSet\Services\phantomtap => removed successfully
phantomtap => service removed successfully
C:\WINDOWS\System32\drivers\phantomtap.sys => moved successfully

“C:\WINDOWS\system32\Tasks\Avira” folder move:

C:\WINDOWS\system32\Tasks\Avira => moved successfully
“C:\ProgramData\cm-lock” => not found
“C:\ProgramData\cm-lock” => not found
C:\Users\eiko-\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\Users\eiko-\AppData\Roaming\LTspiceXVII.ini => moved successfully
C:\Users\eiko-\AppData\Local\recently-used.xbel => moved successfully

“C:\Users\eiko-\AppData\Roaming\EQATEC Analytics” folder move:

C:\Users\eiko-\AppData\Roaming\EQATEC Analytics => moved successfully
“C:\WINDOWS\system32\perfh007.dat” => not found
“C:\WINDOWS\system32\perfc007.dat” => not found
C:\Windows => “:CM_2a732c3f1e3eb40b63fe062d0180f157c71684af0a0442ab953224075801bb78” ADS removed successfully
C:\Windows => “:CM_bf41c588bad5a092a453669c0d3c66d1ec2c072fbf5c15cc6acda24c9e4d0955” ADS removed successfully
C:\Users\eiko-\Desktop\RogueKiller_setup.exe => “:MBAM.Zone.Identifier” ADS removed successfully
C:\Users\eiko-\Desktop\ZHPSuite.exe => “:MBAM.Zone.Identifier” ADS removed successfully
C:\Users\eiko-\Downloads\AccountProfileFixer.exe => “:MBAM.Zone.Identifier” ADS removed successfully
“C:\Windows:CM_2a732c3f1e3eb40b63fe062d0180f157c71684af0a0442ab953224075801bb78” => not found
“C:\Windows:CM_bf41c588bad5a092a453669c0d3c66d1ec2c072fbf5c15cc6acda24c9e4d0955” => not found
“HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{B47387AD-2143-488F-B24F-E00E7DE32978}” => removed successfully
“HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{AE99B29D-2626-46F7-9F22-501881F2E445}” => removed successfully
“HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{53BE1FB6-6D7C-4016-9BE9-ACA17B30CAD8}” => removed successfully
“HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{A7F73065-A310-4FA7-B8E8-AC28FEC462BB}” => removed successfully
“HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{FA0975BD-7405-4180-8338-3EDF5836A071}” => not found
“HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{564C2F60-F3C5-4645-A9C6-44F56CBC52DD}” => not found

========= netsh advfirewall reset =========

OK.

========= End of CMD: =========

========= netsh advfirewall set allprofiles state ON =========

OK.

========= End of CMD: =========

========= del /s /q “%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache*.*” =========

Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000033
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000038
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003f
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000040
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041
Datei wurde gelöscht - C:\Users\eiko-\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\index

========= End of CMD: =========

VirusTotal: C:\Windows\system32\drivers\ene.sys => Error: No automatic fix found for this entry.

========================= File: C:\Windows\system32\drivers\ene.sys ========================

C:\Windows\system32\drivers\ene.sys
File is digitally signed
MD5: FD80C3D38669B302DE4B4B736941C0D1
Creation and modification date: 2020-01-07 22:07 - 2019-05-22 06:44
Size: 000017624
Attributes: ----A
Company Name: Microsoft Windows Hardware Compatibility Publisher → 
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
Jotti: ene.sys - Jotti's malware scan

====== End of File: ======

========================= File: C:\Windows\system32\p9rdrservice.dll ========================

C:\Windows\system32\p9rdrservice.dll
Catalog: C:\WINDOWS\system32\CatRoot{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Lxss-Optional-merged-Package~31bf3856ad364e35~amd64~~10.0.22621.2506.cat
File is digitally signed
MD5: 59679F5FCDB4E1C12A30F885837FA908
Creation and modification date: 2023-12-04 07:19 - 2023-12-04 07:19
Size: 000122880
Attributes: ----A
Company Name: Microsoft Windows → Microsoft Corporation
Internal Name: p9rdrservice.dll
Original Name: p9rdrservice.dll
Product: Microsoft® Windows® Operating System
Description: Plan9 Redirector Service DLL
File Version: 10.0.22621.2506 (WinBuild.160101.0800)
Product Version: 10.0.22621.2506
Copyright: © Microsoft Corporation. All rights reserved.
Jotti: Error:(3)422

====== End of File: ======

Virustotal: C:\Windows\system32\p9rdrservice.dll => Error: No automatic fix found for this entry.

========= Powershell: =========

Status Name DisplayName
[HR][/HR]
Stopped AarSvc_5d5ae AarSvc_5d5ae
Stopped AdobeARMservice Adobe Acrobat Update Service
Stopped AJRouter AllJoyn-Routerdienst
Stopped ALG Gatewaydienst auf Anwendungsebene
Stopped AppIDSvc Anwendungsidentität
Running Appinfo Anwendungsinformationen
Stopped AppReadiness App-Vorbereitung
Running AppXSvc AppX-Bereitstellungsdienst (AppXSVC)
Running AudioEndpointBu… Windows-Audio-Endpunkterstellung
Running Audiosrv Windows-Audio
Stopped autotimesvc Mobilfunkzeit
Stopped AxInstSV ActiveX-Installer (AxInstSV)
Stopped BcastDVRUserSer… BcastDVRUserService_5d5ae
Stopped BDESVC BitLocker-Laufwerkverschlüsselungsd…
Stopped BEService BattlEye Service
Running BFE Basisfiltermodul
Stopped BITS Background Intelligent Transfer Ser…
Running BluetoothUserSe… BluetoothUserService_5d5ae
Running BrokerInfrastru… Infrastrukturdienst für Hintergrund…
Running BTAGService Bluetooth-Audiogateway-Dienst
Running BthAvctpSvc AVCTP-Dienst
Running bthserv Bluetooth-Unterstützungsdienst
Running camsvc Manager-Dienst für den Funktionszug…
Stopped CaptureService_… CaptureService_5d5ae
Running cbdhsvc_5d5ae cbdhsvc_5d5ae
Running CDPSvc Plattformdienst für verbundene Geräte
Running CDPUserSvc_5d5ae CDPUserSvc_5d5ae
Stopped CertPropSvc Zertifikatverteilung
Running ClickToRunSvc Microsoft Office-Klick-und-Los-Dienst
Running ClipSVC Clientlizenzdienst (ClipSVC)
Stopped CloudBackupRest… CloudBackupRestoreSvc_5d5ae
Stopped CodeMeter.exe CodeMeter Runtime Server
Stopped CODESYS Control… CODESYS Control Win V3 Version 3.5…
Stopped CODESYS Gateway V3 CODESYS Gateway V3 Version 3.5.10.40
Stopped CODESYS Service… CODESYS ServiceControl Version 3.5…
Stopped COMSysApp COM±Systemanwendung
Stopped ConsentUxUserSv… ConsentUxUserSvc_5d5ae
Running CoreMessagingRe… CoreMessaging
Stopped CorsairService Corsair Service
Stopped CredentialEnrol… CredentialEnrollmentManagerUserSvc_…
Running CryptSvc Kryptografiedienste
Running DcomLaunch DCOM-Server-Prozessstart
Stopped dcsvc dcsvc
Stopped defragsvc Laufwerke optimieren
Stopped DeviceAssociati… DeviceAssociationBrokerSvc_5d5ae
Running DeviceAssociati… Gerätezuordnungsdienst
Running DeviceInstall Geräteinstallationsdienst
Stopped DevicePickerUse… DevicePickerUserSvc_5d5ae
Running DevicesFlowUser… DevicesFlowUserSvc_5d5ae
Running DevQueryBroker Broker für DevQuery-Hintergrundermi…
Running Dhcp DHCP-Client
Stopped diagnosticshub… Standardsammlungsdienst des Microso…
Stopped diagsvc Diagnostic Execution Service
Running DiagTrack Benutzererfahrungen und Telemetrie …
Running DispBrokerDeskt… Anzeigerichtliniendienst
Stopped DisplayEnhancem… Anzeigeverbesserungsdienst
Stopped DmEnrollmentSvc Registrierungsdienst für die Geräte…
Stopped dmwappushservice WAP-Push-Nachrichten Routing-Dienst…
Running Dnscache DNS-Client
Running DoSvc Übermittlungsoptimierung
Stopped dot3svc Automatische Konfiguration (verkabelt)
Running DPS Diagnoserichtliniendienst
Stopped DragonCenter_Se… Dragon Center Service
Running DsmSvc Geräteinstallations-Manager
Stopped DsSvc Datenfreigabedienst
Running DusmSvc Datennutzung
Stopped EapHost Extensible Authentication-Protokoll
Stopped EasyAntiCheat_EOS Easy Anti-Cheat (Epic Online Services)
Stopped edgeupdate Microsoft Edge Update Service (edge…
Stopped edgeupdatem Microsoft Edge Update Service (edge…
Running EFS Verschlüsselndes Dateisystem (EFS)
Stopped embeddedmode Eingebetteter Modus
Stopped EntAppSvc Verwaltungsdienst für Unternehmens-…
Stopped EpicOnlineServices Epic Online Services
Running EventLog Windows-Ereignisprotokoll
Running EventSystem COM±Ereignissystem
Running fdPHost Funktionssuchanbieter-Host
Running FDResPub Funktionssuche-Ressourcenveröffentl…
Stopped fhsvc Dateiversionsverlauf-Dienst
Running FontCache Windows-Dienst für Schriftartencache
Stopped FontCache3.0.0.0 Windows Presentation Foundation-Sch…
Stopped FrameServer Windows-Kamera-FrameServer
Stopped FrameServerMonitor Windows-Kamera-Frame-Server-Monitor
Stopped GameInput Service GameInput Service
Stopped GameInputSvc GameInput Service
Running GamingServices Gaming Services
Stopped GamingServicesNet Gaming Services
Stopped GoogleChromeEle… Google Chrome Elevation Service (Go…
Running gpsvc Gruppenrichtlinienclient
Stopped GraphicsPerfSvc GraphicsPerfSvc
Stopped gupdate Google Update-Dienst (gupdate)
Stopped gupdatem Google Update-Dienst (gupdatem)
Running hidserv Eingabegerätedienst
Running HPPrintScanDoct… HP Print Scan Doctor Service
Stopped HvHost HV-Hostdienst
Stopped icssvc Windows-Dienst für mobile Hotspots
Running IKEEXT IKE- und AuthIP IPsec-Schlüsselerst…
Running InstallService Microsoft Store-Installationsdienst
Running InventorySvc Inventur- und Kompatibilitätssentit…
Running iphlpsvc IP-Hilfsdienst
Stopped IpxlatCfgSvc Konfigurationsdienst für die IP-Übe…
Running KeyIso CNG-Schlüsselisolation
Stopped KtmRm KtmRm für Distributed Transaction C…
Running LanmanServer Server
Running LanmanWorkstation Arbeitsstationsdienst
Running lfsvc Geolocation-Dienst
Running LicenseManager Windows-Lizenz-Manager-Dienst
Stopped LightKeeperService LightKeeperService
Stopped lltdsvc Verbindungsschicht-Topologieerkennu…
Running lmhosts TCP/IP-NetBIOS-Hilfsdienst
Running LSM Lokaler Sitzungs-Manager
Stopped LxpSvc Sprachumgebungsdienst
Stopped MapsBroker Manager für heruntergeladene Karten
Stopped McpManagementSe… McpManagementService
Stopped MessagingServic… MessagingService_5d5ae
Stopped MicrosoftEdgeEl… Microsoft Edge Elevation Service (M…
Stopped MixedRealityOpe… Windows Mixed Reality-Dienst für Op…
Running mpssvc Windows Defender Firewall
Stopped MSDTC Distributed Transaction Coordinator
Stopped MSiSCSI Microsoft iSCSI-Initiator-Dienst
Running msiserver Windows Installer
Running NahimicService Nahimic service
Stopped NaturalAuthenti… Natürliche Authentifizierung
Stopped NcaSvc Netzwerkkonnektivitäts-Assistent
Running NcbService Netzwerkverbindungsbroker
Running NcdAutoSetup Autom. Setup von Geräten, die mit d…
Stopped Netlogon Anmeldedienst
Stopped Netman Netzwerkverbindungen
Running netprofm Netzwerklistendienst
Running NetSetupSvc Netzwerkeinrichtungsdienst
Stopped NetTcpPortSharing Net.Tcp-Portfreigabedienst
Running NgcCtnrSvc Microsoft Passport-Container
Running NgcSvc Microsoft Passport
Stopped NlaSvc NLA (Network Location Awareness)
Running NPSMSvc_5d5ae NPSMSvc_5d5ae
Running nsi Netzwerkspeicher-Schnittstellendienst
Running NvContainerLoca… NVIDIA LocalSystem Container
Stopped NvContainerNetw… NVIDIA NetworkService Container
Running NVDisplay.Conta… NVIDIA Display Container LS
Running OneSyncSvc_5d5ae OneSyncSvc_5d5ae
Stopped OpcEnum OpcEnum
Stopped ose64 Office 64 Source Engine
Stopped OverwolfUpdater Overwolf Updater Windows SCM
Stopped p2pimsvc Peer Networking Identity Manager
Stopped p2psvc Peernetzwerk-Gruppenzuordnung
Stopped P9RdrService_5d5ae P9RdrService_5d5ae
Running PcaSvc Programmkompatibilitäts-Assistent-D…
Stopped PDF24 PDF24
Stopped PenService_5d5ae PenService_5d5ae
Stopped perceptionsimul… Windows Perception Simulation Service
Stopped PerfHost Leistungsindikator-DLL-Host
Running PhoneSvc Telefondienst
Running PimIndexMainten… PimIndexMaintenanceSvc_5d5ae
Stopped pla Leistungsprotokolle und -warnungen
Running PlugPlay Plug & Play
Stopped PNRPAutoReg PNRP-Computernamenveröffentlichungs…
Stopped PNRPsvc Peer Name Resolution-Protokoll
Running PolicyAgent IPsec-Richtlinien-Agent
Running Power Stromversorgung
Stopped PrintNotify Druckererweiterungen und -benachric…
Stopped PrintWorkflowUs… PrintWorkflowUserSvc_5d5ae
Running ProfSvc Benutzerprofildienst
Stopped PushToInstall Windows PushToInstall-Dienst
Stopped QWAVE Verbessertes Windows-Audio/Video-St…
Stopped RasAuto Verwaltung für automatische RAS-Ver…
Running RasMan RAS-Verbindungsverwaltung
Stopped RemoteAccess Routing und RAS
Stopped RemoteRegistry Remoteregistrierung
Stopped RetailDemo Dienst für Einzelhandelsdemos
Running rkrtservice RogueKiller RTP
Running RmSvc Funkverwaltungsdienst
Running RpcEptMapper RPC-Endpunktzuordnung
Stopped RpcLocator RPC-Locator
Running RpcSs Remoteprozeduraufruf (RPC)
Running SamSs Sicherheitskonto-Manager
Stopped SCardSvr Smartcard
Stopped ScDeviceEnum Smartcard-Geräteaufzählungsdienst
Running Schedule Aufgabenplanung
Stopped SCPolicySvc Richtlinie zum Entfernen der Scmart…
Stopped SDRSVC Windows-Sicherung
Stopped seclogon Sekundäre Anmeldung
Stopped SecurityHealthS… Windows-Sicherheitsdienst
Stopped SEMgrSvc Zahlungs- und NFC/SE-Manager
Running SENS Benachrichtigungsdienst für Systeme…
Stopped SensorDataService Sensordatendienst
Stopped SensorService Sensordienst
Stopped SensrSvc Sensorüberwachungsdienst
Stopped SessionEnv Konfiguration für Remotedesktops
Stopped SgrmBroker Broker für Laufzeitüberwachung der …
Stopped SharedAccess Gemeinsame Nutzung der Internetverb…
Stopped SharedRealitySvc Dienst für räumliche Daten
Running ShellHWDetection Shellhardwareerkennung
Stopped shpamsvc Shared PC Account Manager
Running smphost Microsoft-SMP für Speicherplätze
Stopped SmsRouter Microsoft Windows SMS-Routerdienst.
Stopped SNMPTrap SNMP-Trap
Stopped spectrum Windows Perception Service
Running Spooler Druckwarteschlange
Stopped sppsvc Software Protection
Running SSDPSRV SSDP-Suche
Stopped ssh-agent OpenSSH Authentication Agent
Running SstpSvc SSTP-Dienst
Running StateRepository StateRepository-Dienst
Stopped Steam Client Se… Steam Client Service
Running StiSvc Windows-Bilderfassung (WIA)
Running StorSvc Speicherdienst
Stopped svsvc Echtzeit-Datenträgerprüfung
Running swprv Microsoft-Softwareschattenkopie-Anb…
Running SysMain SysMain
Running SystemEventsBroker Systemereignissebroker
Stopped TapiSrv Telefonie
Stopped TermService Remotedesktopdienste
Running TextInputManage… Texteingabeverwaltungsdienst
Running Themes Designs
Stopped TieringEngineSe… Storage Tiers Management
Running TimeBrokerSvc Zeitbroker
Running TokenBroker Web Account Manager
Running TrkWks Überwachung verteilter Verknüpfunge…
Stopped TroubleshootingSvc Dienst für empfohlene Problembehand…
Stopped TrustedInstaller Windows Modules Installer
Stopped tzautoupdate Automatische Zeitzonenaktualisierung
Running UdkUserSvc_5d5ae UdkUserSvc_5d5ae
Stopped UmRdpService Anschlussumleitung für Remotedeskto…
Running UnistoreSvc_5d5ae UnistoreSvc_5d5ae
Running upnphost UPnP-Gerätehost
Running UserDataSvc_5d5ae UserDataSvc_5d5ae
Running UserManager Benutzer-Manager
Running UsoSvc Update Orchestrator Service
Stopped VacSvc Volumetric Audio Compositor-Dienst
Running VaultSvc Anmeldeinformationsverwaltung
Stopped vds Virtueller Datenträger
Stopped vmicguestinterface Hyper-V-Gastdienstschnittstelle
Stopped vmicheartbeat Hyper-V-Taktdienst
Stopped vmickvpexchange Hyper-V-Datenaustauschdienst
Stopped vmicrdv Hyper-V-Remotedesktopvirtualisierun…
Stopped vmicshutdown Hyper-V-Dienst zum Herunterfahren d…
Stopped vmictimesync Hyper-V-Dienst für Zeitsynchronisie…
Stopped vmicvmsession Hyper-V PowerShell Direct-Dienst
Stopped vmicvss Hyper-V-Volumeschattenkopie-Anforderer
Running VSS Volumeschattenkopie
Stopped W32Time Windows-Zeitgeber
Stopped WaaSMedicSvc WaaSMedicSvc
Stopped WalletService WalletService
Stopped WarpJITSvc Warp JIT Service
Stopped wbengine Blockebenen-Sicherungsmodul
Stopped WbioSrvc Windows-Biometriedienst
Running Wcmsvc Windows-Verbindungs-Manager
Stopped wcncsvc Windows-Sofortverbindung - Konfigur…
Stopped WdiServiceHost Diagnosediensthost
Running WdiSystemHost Diagnosesystemhost
Running WdNisSvc Microsoft Defender Antivirus-Netzwe…
Stopped WebClient WebClient
Running webthreatdefsvc Web Threat Defense-Dienst
Running webthreatdefuse… webthreatdefusersvc_5d5ae
Stopped Wecsvc Windows-Ereignissammlung
Stopped WEPHOSTSVC Hostdienst für Windows Encryption P…
Stopped wercplsupport Unterstützung in der Systemsteuerun…
Stopped WerSvc Windows-Fehlerberichterstattungsdienst
Stopped WFDSConMgrSvc Verbindungs-Manager-Dienst von Wi-F…
Stopped WiaRpc Ereignisse zum Abrufen von Standbil…
Running WinDefend Microsoft Defender Antivirus-Dienst
Running WinHttpAutoProx… WinHTTP-Web Proxy Auto-Discovery-Di…
Running Winmgmt Windows-Verwaltungsinstrumentation
Stopped WinRM Windows-Remoteverwaltung (WS-Verwal…
Running wisvc Windows-Insider-Dienst
Running WlanSvc Automatische WLAN-Konfiguration
Running wlidsvc Anmelde-Assistent für Microsoft-Konten
Stopped wlpasvc Dienst “Assistent für lokale Profile”
Stopped WManSvc Windows-Verwaltungsdienst
Stopped wmiApSrv WMI-Leistungsadapter
Stopped WMPNetworkSvc Windows Media Player-Netzwerkfreiga…
Stopped workfolderssvc Arbeitsordner
Stopped WpcMonSvc Jugendschutz
Stopped WPDBusEnum Enumeratordienst für tragbare Geräte
Running WpnService Windows-Pushbenachrichtigungssystem…
Running WpnUserService_… WpnUserService_5d5ae
Running wscsvc Sicherheitscenter
Running WSearch Windows Search
Running wuauserv Windows Update
Stopped WwanSvc WWAN - automatische Konfiguration
Running XblAuthManager Xbox Live Authentifizierungs-Manager
Stopped XblGameSave Xbox Live-Spiele speichern
Stopped XboxGipSvc Xbox Accessory Management Service
Stopped XboxNetApiSvc Xbox Live-Netzwerkservice

========= End of Powershell: =========

========= net start =========

Folgende Windows-Dienste sind gestartet:

Anmelde-Assistent fr Microsoft-Konten
Anmeldeinformationsverwaltung
Anwendungsinformationen
Anzeigerichtliniendienst
AppX-Bereitstellungsdienst (AppXSVC)
Arbeitsstationsdienst
Aufgabenplanung
Autom. Setup von Ger„ten, die mit dem Netzwerk verbunden sind
Automatische WLAN-Konfiguration
AVCTP-Dienst
Basisfiltermodul
Benachrichtigungsdienst fr Systemereignisse
Benutzer-Manager
Benutzererfahrungen und Telemetrie im verbundenen Modus
Benutzerprofildienst
Bluetooth-Audiogateway-Dienst
Bluetooth-Untersttzungsdienst
BluetoothUserService_5d5ae
Broker fr DevQuery-Hintergrundermittlung
cbdhsvc_5d5ae
CDPUserSvc_5d5ae
Clientlizenzdienst (ClipSVC)
CNG-Schlsselisolation
COM±Ereignissystem
CoreMessaging
Datennutzung
DCOM-Server-Prozessstart
Designs
DevicesFlowUserSvc_5d5ae
DHCP-Client
Diagnoserichtliniendienst
Diagnosesystemhost
DNS-Client
Druckwarteschlange
Eingabeger„tedienst
Funktionssuchanbieter-Host
Funktionssuche-Ressourcenver”ffentlichung
Funkverwaltungsdienst
Gaming Services
Geolocation-Dienst
Ger„teinstallations-Manager
Ger„teinstallationsdienst
Ger„tezuordnungsdienst
Gruppenrichtlinienclient
HP Print Scan Doctor Service
IKE- und AuthIP IPsec-Schlsselerstellungsmodule
Infrastrukturdienst fr Hintergrundaufgaben
Inventur- und Kompatibilit„tssentit„tsdienst
IP-Hilfsdienst
IPsec-Richtlinien-Agent
Kryptografiedienste
Lokaler Sitzungs-Manager
Manager-Dienst fr den Funktionszugriff
Microsoft Defender Antivirus-Dienst
Microsoft Defender Antivirus-Netzwerkinspektionsdienst
Microsoft Office-Klick-und-Los-Dienst
Microsoft Passport
Microsoft Passport-Container
Microsoft Store-Installationsdienst
Microsoft-SMP fr Speicherpl„tze
Microsoft-Softwareschattenkopie-Anbieter
Nahimic service
Netzwerkeinrichtungsdienst
Netzwerklistendienst
Netzwerkspeicher-Schnittstellendienst
Netzwerkverbindungsbroker
NPSMSvc_5d5ae
NVIDIA Display Container LS
NVIDIA LocalSystem Container
OneSyncSvc_5d5ae
PimIndexMaintenanceSvc_5d5ae
Plattformdienst fr verbundene Ger„te
Plug & Play
Programmkompatibilit„ts-Assistent-Dienst
RAS-Verbindungsverwaltung
Remoteprozeduraufruf (RPC)
RogueKiller RTP
RPC-Endpunktzuordnung
Server
Shellhardwareerkennung
Sicherheitscenter
Sicherheitskonto-Manager
Speicherdienst
SSDP-Suche
SSTP-Dienst
StateRepository-Dienst
Stromversorgung
SysMain
Systemereignissebroker
TCP/IP-NetBIOS-Hilfsdienst
Telefondienst
Texteingabeverwaltungsdienst
UdkUserSvc_5d5ae
UnistoreSvc_5d5ae
Update Orchestrator Service
UPnP-Ger„tehost
UserDataSvc_5d5ae
Verschlsselndes Dateisystem (EFS)
Volumeschattenkopie
Web Account Manager
Web Threat Defense-Dienst
webthreatdefusersvc_5d5ae
Windows Defender Firewall
Windows Installer
Windows Search
Windows Update
Windows-Audio
Windows-Audio-Endpunkterstellung
Windows-Bilderfassung (WIA)
Windows-Dienst fr Schriftartencache
Windows-Ereignisprotokoll
Windows-Insider-Dienst
Windows-Lizenz-Manager-Dienst
Windows-Pushbenachrichtigungssystemdienst
Windows-Verbindungs-Manager
Windows-Verwaltungsinstrumentation
WinHTTP-Web Proxy Auto-Discovery-Dienst
WpnUserService_5d5ae
Xbox Live Authentifizierungs-Manager
Zeitbroker
šbermittlungsoptimierung
šberwachung verteilter Verknpfungen (Client)

Der Befehl wurde erfolgreich ausgefhrt.

========= End of CMD: =========

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16821568 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 372123474 B
Windows/system/drivers => 5475619 B
Edge => 0 B
Chrome => 7120321 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
eiko- => 16323058 B

RecycleBin => 0 B
EmptyTemp: => 400 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 12:58:08 ====
                                        ClearLNK:

                                        Code:
                                        ClearLNK by Alex Dragokas ver. 2.9.0.18

OS: x64 Windows 10 Home, 10.0.22631.2861, Service Pack: 0
Time: 07.03.2024 - 13:04
Language: OS: de-DE (0x407). Display: de-DE (0x407). Non-Unicode: de-DE (0x407)
Elevated: Yes
User: eiko- (group: Administrator)

_____________________________ Logbeginn ______________________________
.
[ OK ] 2 “C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\VoiceAccess.lnk” → [ “C:\WINDOWS\system32\voiceaccess.exe” ] (Icon ist wiederhergestellt)
[ OK ] 3 “C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk” → [ “C:\WINDOWS\system32\osk.exe” ] (Icon ist wiederhergestellt)
[ OK ] 4 “C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk” → [ “C:\WINDOWS\system32\narrator.exe” ] (Icon ist wiederhergestellt)
[ OK ] 5 “C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\LiveCaptions.lnk” → [ “C:\WINDOWS\system32\LiveCaptions.exe” ] (Icon ist wiederhergestellt)
.
[DEL ] 1 “C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TV & Radio.lnk” (Ziel ist nicht wiederhergestellt)
.
[WARN] 6 “C:\Users\eiko-\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk” → [ “C:\WINDOWS\system32\mblctr.exe” ] (bereits geheilt)
.
___________________________ Symbolanordnung __________________________
.
[ OK ] “C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\VoiceAccess.lnk” → [ “.”, index=1 ] (Methode: 3)
[ OK ] “C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk” → [ “.”, index=1 ] (Methode: 3)
[ OK ] “C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk” → [ “.”, index=1 ] (Methode: 3)
[ OK ] “C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\LiveCaptions.lnk” → [ “.”, index=1 ] (Methode: 3)
.
_____________________________ Statistik ______________________________
Die Heilung wird ausgeführt: 1 mal pro Tag.

Insgesamt verarbeitet: 6

Geheilt: 4
Gelöscht: 1
Warnungen: 1
____________________________ Berichtsende ____________________________
                                        After running HijackThis!, I only found one of the listed ones in the scan results and was able to access it. This was this one:
                                        O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\Sy stem Speedup (empty)

                                        HiJackThis!:

                                        Code:
                                        Logfile of HiJackThis+ (Plus) build 2024-02-08 Alpha v.3.4.0.4

Platform: x64 Windows 11 (Home), 10.0.22631.2861 (ReleaseId: 2009, 23H2), Service Pack: 0
Time: 07.03.2024 - 13:06 (UTC+01:00)
Language: OS: German (0x407). Display: German (0x407). Non-Unicode: German (0x407)
Memory: 26658 MiB Free. Loading RAM (20 %), CPU (0 %)
Elevated: Yes
Ran by: eiko- (group: Administrators; type: Microsoft) on DESKTOP-OSDJ7D2, FirstRun: yes

Chrome: 122.0.6261.95
Internet Explorer: 11.0.22621.1
Default: “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: Off)

Running processes:
Number | Path
1 C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe
1 C:\Program Files (x86)\3S CODESYS\GatewayPLC\ServiceControl.exe
1 C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
8 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
10 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
19 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.66\msedgewebview2.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
1 C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
1 C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\RogueKiller\RogueKiller64.exe
1 C:\Program Files\RogueKiller\RogueKillerSvc.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2401.26.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24021.105.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\MicrosoftTeams_24047.202.2704.38_x64__8wekyb3d8bbwe\msteams.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.290.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.290.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
1 C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe\ms-teams.exe
1 C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
1 C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
1 C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\24.042.0227.0001\FileCoAuth.exe
1 C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\eiko-\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
1 C:\Users\eiko-\Desktop\AutoLogger\AutoLogger\HiJackThis\HiJackThis.exe
2 C:\Windows\explorer.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
4 C:\Windows\System32\dllhost.exe
2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\NahimicService.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
7 C:\Windows\System32\RuntimeBroker.exe
2 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
89 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WMIADAP.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\SysWOW64\dllhost.exe
1 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
1 D:\Programme\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
1 D:\Programme\Dragon Center\APP_Dragon_Center_Keeper.exe
1 D:\Programme\Dragon Center\CC_Engine_x64.exe
1 D:\Programme\Dragon Center\DragonCenter_Service.exe
1 D:\Programme\Dragon Center\Mystic_Light\LEDKeeper2.exe
1 D:\Programme\Dragon Center\Mystic_Light\LightKeeperService.exe
1 D:\Programme\PDF24\pdf24.exe

O2 - HKLM..\BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll (sign: ‘Oracle America, Inc.’)
O2 - HKLM..\BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre-1.8\bin\ssv.dll (sign: ‘Oracle America, Inc.’)
O4 - ActiveSetup: HKLM..{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.95\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: ‘Google LLC’)
O4 - ActiveSetup: HKLM..{9459C573-B17A-45AE-9F64-1857B5D58CEE}: [StubPath] = C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.20\Installer\setup.exe --configure-user-settings --verbose-logging --system-level --msedge --channel=beta (sign: ‘Microsoft’)
O4 - HKCU..\Run: [MicrosoftEdgeAutoLaunch_322C183E72E821C8032805843FDA8DCC] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (sign: ‘Microsoft’)
O4 - HKCU..\Run: [OneDrive] = C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (sign: ‘Microsoft’)
O4 - HKLM..\Run: [LogiOptions] = C:\Program Files\Logitech\LogiOptions\LogiOptions.exe /noui (sign: ‘Logitech Inc’)
O4 - HKLM..\Session Manager: [PendingFileRenameOperations] = C:\WINDOWS\AppCompat\Programs\Amcache.hve.tmp → C:\WINDOWS\AppCompat\Programs\Amcache.hve
O4 - HKLM..\StartupApproved\Run: [PDF24] = D:\Programme\PDF24\pdf24.exe (2023/01/16) (sign: ‘geek software GmbH’)
O4 - HKLM..\StartupApproved\Run32: [CODESYSControlSysTray] = C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlSysTray.exe (2023/06/08) (sign: ‘3S-Smart Software Solutions GmbH’)
O4 - HKLM..\StartupApproved\Run32: [CORSAIR iCUE Software] = D:\Programme\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe --autorun (2022/02/22) (sign: ‘Corsair Memory, Inc.’)
O4 - HKLM..\StartupApproved\Run32: [GatewaySysTray] = C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewaySysTray.exe (2023/06/08) (sign: ‘3S-Smart Software Solutions GmbH’)
O4 - HKLM..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk → C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (2023/06/08) (sign: ‘WIBU-SYSTEMS AG’)
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User ‘Local service’) (sign: ‘Microsoft’)
O4 - HKU\S-1-5-19..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User ‘Local service’) (sign: ‘Microsoft’)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User ‘Network service’) (sign: ‘Microsoft’)
O4 - HKU\S-1-5-20..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User ‘Network service’) (sign: ‘Microsoft’)
O4 - Startup: C:\Users\eiko-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk → C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (file missing) /tsr
O4-32 - HKLM..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (sign: ‘Oracle America, Inc.’)
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [ConsentPromptBehaviorAdmin] = -1
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [EnableLUA] = 0
O17 - DHCP DNS 1: 192.168.178.1
O21 - HKLM..\ShellIconOverlayIdentifiers\ - C:\Program Files\Nextcloud\shellext\NCOverlays.dll (sign: ‘Nextcloud GmbH’)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe (sign: ‘Microsoft’)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP\HP Print Scan Doctor (empty)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: ‘Microsoft’)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: ‘Microsoft’)
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-1421055718-2087356316-1872245878-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe (sign: ‘Microsoft’)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: ‘Microsoft’)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: ‘Microsoft’)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: ‘Microsoft’)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: ‘Microsoft’)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: ‘Microsoft’)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: ‘Microsoft’)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: ‘Microsoft’)
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (sign: ‘Microsoft’)
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (sign: ‘Microsoft’)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: ‘Microsoft’)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: ‘Microsoft’)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: ‘Microsoft’)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: ‘’)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: ‘Microsoft’)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: ‘Microsoft’)
O22 - Tasks: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks: \Microsoft\Windows\EnterpriseMgmt\Schedule created by enrollment client to reattest client certificate - C:\WINDOWS\system32\deviceenroller.exe -InitiateReattest (sign: ‘Microsoft’)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \PowerToys\Autorun for eiko- - C:\Program Files\PowerToys\PowerToys.exe (sign: ‘Microsoft’)
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: ‘Adobe Inc.’)
O22 - Tasks: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: ‘Google LLC’)
O22 - Tasks: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: ‘Google LLC’)
O22 - Tasks: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d “C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log (sign: ‘NVIDIA Corporation’)
O22 - Tasks: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d “C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log (sign: ‘NVIDIA Corporation’)
O22 - Tasks: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler (sign: ‘NVIDIA Corporation’)
O22 - Tasks: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1001 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1002 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1008 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1009 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1010 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1011 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1012 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks: Overwolf Updater Task - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (sign: ‘Overwolf Ltd’)
O22 - Tasks_Migrated: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (damaged) OneDrive Standalone Update Task-S-1-5-21-1421055718-2087356316-1872245878-1002 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (user missing) (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (damaged) OneDrive Standalone Update Task-S-1-5-21-1421055718-2087356316-1872245878-1008 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (user missing) (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (damaged) OneDrive Standalone Update Task-S-1-5-21-1421055718-2087356316-1872245878-1009 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (user missing) (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (damaged) OneDrive Standalone Update Task-S-1-5-21-1421055718-2087356316-1872245878-1010 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (user missing) (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (damaged) OneDrive Standalone Update Task-S-1-5-21-1421055718-2087356316-1872245878-1011 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (user missing) (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (disabled) \Agent Activation Runtime\S-1-5-21-1421055718-2087356316-1872245878-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: ‘Microsoft’)
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks_Migrated: \Microsoft\Windows\EnterpriseMgmt\Schedule created by enrollment client to reattest client certificate - C:\WINDOWS\system32\deviceenroller.exe -InitiateReattest (sign: ‘Microsoft’)
O22 - Tasks_Migrated: \PowerToys\Autorun for eiko- - C:\Program Files\PowerToys\PowerToys.exe (sign: ‘Microsoft’)
O22 - Tasks_Migrated: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: ‘Adobe Inc.’)
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: ‘Google LLC’)
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: ‘Google LLC’)
O22 - Tasks_Migrated: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d “C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log (sign: ‘NVIDIA Corporation’)
O22 - Tasks_Migrated: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d “C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log (sign: ‘NVIDIA Corporation’)
O22 - Tasks_Migrated: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks_Migrated: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler (sign: ‘NVIDIA Corporation’)
O22 - Tasks_Migrated: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks_Migrated: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (sign: ‘NVIDIA Corporation’)
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1001 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1002 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1008 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1009 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1010 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1011 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1421055718-2087356316-1872245878-1012 - C:\Users\eiko-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: ‘Microsoft’)
O22 - Tasks_Migrated: Overwolf Updater Task - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (sign: ‘Overwolf Ltd’)
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (sign: ‘Adobe Inc.’)
O23 - Service R2: CodeMeter Runtime Server - (CodeMeter.exe) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (sign: ‘WIBU-SYSTEMS AG’)
O23 - Service R2: CODESYS Gateway V3 Version 3.5.10.40 - (CODESYS Gateway V3) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\GatewayService.exe (sign: ‘3S-Smart Software Solutions GmbH’)
O23 - Service R2: CODESYS ServiceControl Version 3.5.10.0 - (CODESYS ServiceControl) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\ServiceControl.exe (sign: ‘3S-Smart Software Solutions GmbH’)
O23 - Service R2: Corsair Service - (CorsairService) - D:\Programme\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (sign: ‘Corsair Memory, Inc.’)
O23 - Service R2: Dragon Center Service - (DragonCenter_Service) - D:\Programme\Dragon Center\DragonCenter_Service.exe (sign: ‘MICRO-STAR INTERNATIONAL CO., LTD.’)
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: ‘Microsoft’)
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: ‘Microsoft’)
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (sign: ‘HP Inc.’)
O23 - Service R2: LightKeeperService - D:\Programme\Dragon Center\Mystic_Light\LightKeeperService.exe (sign: ‘MICRO-STAR INTERNATIONAL CO., LTD.’)
O23 - Service R2: Nahimic service - (NahimicService) - C:\WINDOWS\system32\NahimicService.exe (sign: ‘A-Volute SAS’)
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem (sign: ‘NVIDIA Corporation’)
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f “C:\ProgramData\NVIDIA\NvContainerLocalSystem.log” -l 3 -d “C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem” -r -p 30000 -st “C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll” (sign: ‘NVIDIA Corporation’)
O23 - Service R2: PDF24 - D:\Programme\PDF24\pdf24.exe -service (sign: ‘geek software GmbH’)
O23 - Service R2: RogueKiller RTP - (rkrtservice) - C:\Program Files\RogueKiller\RogueKillerSvc.exe (sign: ‘ADLICE’)
O23 - Service S2: Google Update-Dienst (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: ‘Google LLC’)
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (sign: ‘BattlEye Innovations e.K.’)
O23 - Service S3: CODESYS Control Win V3 Version 3.5.10.40 - (CODESYS Control Win V3) - C:\Program Files (x86)\3S CODESYS\GatewayPLC\CODESYSControlService.exe (sign: ‘3S-Smart Software Solutions GmbH’)
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (sign: ‘EasyAntiCheat Oy’)
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe (sign: ‘Epic Games Inc.’)
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.95\elevation_service.exe (sign: ‘Google LLC’)
O23 - Service S3: Google Update-Dienst (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: ‘Google LLC’)
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f “C:\ProgramData\NVIDIA\NvContainerNetworkService.log” -l 3 -d “C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService” -r -p 30000 -st “C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll” (sign: ‘NVIDIA Corporation’)
O23 - Service S3: OpcEnum - C:\WINDOWS\SysWOW64\OpcEnum.exe (sign: ‘OPC Foundation, Inc.’)
O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe /RunningFrom SCM (sign: ‘Overwolf Ltd’)
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService (sign: ‘Valve Corp.’)
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\WINDOWS\System32\drivers\amdpsp.sys (sign: ‘Advanced Micro Devices, Inc.’)
O23 - Driver R1: dokan1 - C:\WINDOWS\system32\DRIVERS\dokan1.sys (+safe mode) (sign: ‘Microsoft’ - Dokan Project)
O23 - Driver R1: Nefarius Virtual Gamepad Emulation Service - (ViGEmBus) - C:\WINDOWS\System32\drivers\ViGEmBus.sys (sign: ‘Microsoft’ - Nefarius Software Solutions e.U.)
O23 - Driver R3: ___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit - (Netwtw08) - C:\WINDOWS\System32\drivers\Netwtw08.sys (+safe mode) (sign: ‘Intel Corporation’)
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\WINDOWS\System32\drivers\amdgpio2.sys (sign: ‘Advanced Micro Devices INC.’)
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\WINDOWS\System32\drivers\amdgpio3.sys (invalid sign: CERT_E_CHAINING - Advanced Micro Devices, Inc - 0FC5F8864D2E9F6AE7D7AC9AC5CD04824ACF5D84)
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys (sign: ‘Advanced Micro Devices INC.’)
O23 - Driver R3: Corsair Bus - (CorsairVBusDriver) - C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys (sign: ‘Microsoft’ - Corsair)
O23 - Driver R3: Corsair virtual device - (CorsairVHidDriver) - C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys (sign: ‘Microsoft’ - Corsair)
O23 - Driver R3: Intel(R) Wireless Bluetooth(R) - (ibtusb) - C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_a7d139945f8b60a7\ibtusb.sys (+safe mode) (sign: ‘Intel Corporation’)
O23 - Driver R3: Nahimic mirroring device - Driver - (Nahimic_Mirroring) - C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys (sign: ‘A-Volute SAS’)
O23 - Driver R3: NTIOLib_CC_COMM - D:\Programme\Dragon Center\Lib\SYS\NTIOLib_X64.sys (sign: ‘MICRO-STAR INTERNATIONAL CO., LTD.’)
O23 - Driver R3: NTIOLib_CC_CPU - D:\Programme\Dragon Center\Lib\Super_Charger\NTIOLib_X64.sys (sign: ‘MICRO-STAR INTERNATIONAL CO., LTD.’)
O23 - Driver R3: NTIOLib_MysticLight - D:\Programme\Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys (sign: ‘MICRO-STAR INTERNATIONAL CO., LTD.’)
O23 - Driver R3: NVIDIA USB Type-C PPC Service - (UcmCxUcsiNvppc) - C:\WINDOWS\System32\DriverStore\FileRepository\nvppc.inf_amd64_1bea1a9a02d425f4\UcmCxUcsiNvppc.sys (sign: ‘NVIDIA Corporation’)
O23 - Driver R3: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - (nvvad_WaveExtensible) - C:\WINDOWS\system32\drivers\nvvad64v.sys (sign: ‘NVIDIA Corporation’)
O23 - Driver R3: nvlddmkm - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvlddmkm.sys (sign: ‘NVIDIA Corporation’)
O23 - Driver R3: NVVHCI Enumerator Service - (nvvhci) - C:\WINDOWS\System32\drivers\nvvhci.sys (sign: ‘NVIDIA Corporation’)
O23 - Driver R3: Scp Virtual Bus Driver - (ScpVBus) - C:\WINDOWS\System32\drivers\ScpVBus.sys (sign: ‘Bruce James’)
O23 - Driver R3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\WINDOWS\system32\drivers\nvhda64v.sys (sign: ‘NVIDIA Corporation’)
O23 - Driver R3: TrueSight - C:\Windows\System32\drivers\truesight.sys (sign: ‘ADLICE (Julien Ascoet)’)
O23 - Driver S1: EneIo - C:\Windows\system32\drivers\ene.sys (sign: ‘Microsoft’ - no company)
O23 - Driver S1: WinSetupMon - C:\WINDOWS\system32\DRIVERS\WinSetupMon.sys (file missing)
O23 - Driver S2: CorsairLLAccess2C5180972F76443B27B6BE38ADBF2AE99B374496 - D:\Programme\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys (sign: ‘Microsoft’ - Corsair Memory, Inc.)
O23 - Driver S3: @oem13.inf,%PID_0825_DD%(UVC);Logitech HD Webcam C270(UVC) - (LVUVC64) - C:\WINDOWS\system32\DRIVERS\lvuvc64.sys (sign: ‘Logitech, Inc.’)
O23 - Driver S3: Apple KMDF Filter Driver - (AppleKmdfFilter) - C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys (sign: ‘Microsoft’ - Apple Inc.)
O23 - Driver S3: Apple Lower Filter Driver - (AppleLowerFilter) - C:\WINDOWS\System32\drivers\AppleLowerFilter.sys (sign: ‘Microsoft’ - Apple Inc.)
O23 - Driver S3: Bluetooth Modem Communications Driver - (BTHMODEM) - C:\WINDOWS\System32\drivers\bthmodem.sys (not signed - Microsoft Corporation - 4F9AFC33289DADF4FC78FC744B3B163810C7ECD1)
O23 - Driver S3: CH341SER_A64 - C:\WINDOWS\System32\Drivers\CH341S64.SYS (not signed - vvv.winchiphead.com - 4E158E8D2D8BD8BC87D92AD103875DB860F70068)
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: ‘Intel Corporation - Client Components Group’)
O23 - Driver S3: ipadtst - C:\ProgramData\MSI\Super_Charger\ipadtst_64.sys (sign: ‘MICRO-STAR INTERNATIONAL CO., LTD.’)
O23 - Driver S3: ipadtst2 - C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys (sign: ‘MICRO-STAR INTERNATIONAL CO., LTD.’)
O23 - Driver S3: Logitech RightSound Filter Driver - (lvrs64) - C:\WINDOWS\system32\DRIVERS\lvrs64.sys (sign: ‘Logitech, Inc.’)
O23 - Driver S3: NVIDIA KMS - (NvStreamKms) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (sign: ‘NVIDIA Corporation’)
O23 - Driver S3: TAP-Windows Adapter V9 - (tap0901) - C:\WINDOWS\System32\drivers\tap0901.sys (+safe mode) (not signed - The OpenVPN Project - DAEBE266073616E5FC931C319470FCF42A06867A)
O23 - Dependency: Microsoft Service Group ‘NDIS’ contains unknown service: ‘Netwtw08’
O23 - Dependency: Microsoft Service Group ‘NDIS’ contains unknown service: ‘tap0901’

–
End of file - Time spent: 30,4 sec. - 73024 bytes, CRC32: FFFFFFFF. Sign: 喙뒗
                                        1. /b ↩︎
                                        [/HEADING]

                                          Comment

                                          • Malnutrition
                                            PCHF Moderator
                                            • Jul 2016
                                            • 7045
                                            #26
                                            Zhp cleaner is different from zhp diag. Can you provide that log. I’ll check this when I get home.

                                              Comment

                                              • Urenis
                                                PCHF Member
                                                • Feb 2024
                                                • 14
                                                #27
                                                I cannot download zhp cleaner in various browsers the file is blocked because a virus was detected. Downloading zhp cleaner from the official website Anti-Malware-Zone – ZAM led to the same problem
                                                [ATTACH type=“full”]13503[/ATTACH]

                                                  Comment

                                                  • Malnutrition
                                                    PCHF Moderator
                                                    • Jul 2016
                                                    • 7045
                                                    #28
                                                    I’ll take a look after work today I was pretty tired yesterday.

                                                      Comment

                                                      • Urenis
                                                        PCHF Member
                                                        • Feb 2024
                                                        • 14
                                                        #29
                                                        Okay, no problem. I’ll be traveling again over the weekend and will be back on Sunday afternoon.

                                                          Comment

                                                          • Malnutrition
                                                            PCHF Moderator
                                                            • Jul 2016
                                                            • 7045
                                                            #30
                                                            Ok. I’ll have a reply tomorrow morning. I am away from home as well.

                                                              Comment

                                                              Previous 1 2 3 template Next
                                                              Working...

                                                                We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.

                                                                By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.

                                                                I Agree