Jump to content

Does malwarebytes help against backdoor virus?


polemisch

Recommended Posts

Hello,

I just use operagx since 1 month.
I just converted a youtube video with "notube" and downloaded it.
After that my windows defender told me there is a backdoor virus:
Backdoor:Win32/Bladabindi.YPS!MTB
file: C:\Users\nicol\Downloads\Opera_GX_x86_x64_CB-DL-Manager.exe

I just deleted it and after that I run 2 scans with adw cleaner and it found nothing.

So does it come from the downloadmanager that the virus just infected the downloader from operagx and I have to uninstall it or am I safe now?
How can I find out that Iam safe, because I heard backdoor virus are the most awful virus exist?
Should I buy malwarebytes premium to be safe from backdoor virus?

Link to post
Share on other sites

Hello polemisch and welcome to Malwarebytes,

Disable smart screen ONLY if it interferes with software we may have to use:

https://support.microsoft.com/en-us/microsoft-edge/what-is-smartscreen-and-how-can-it-help-protect-me-1c9a874a-6826-be5e-45b1-67fa445a74c8

Please remember to enable when we are finished....

Next,

Disable any Anti-virus software you have installed ONLY if it stops software we may use from working:

https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Please remember to enable AV software when we are finished running scans....

Next,

Lets grab some logs and see whats going on, continue with the following:

If you do not have Malwarebytes installed do the following:

Download Malwarebytes version 4 from the following link:

https://www.malwarebytes.com/mwb-download/thankyou/

Double click on the installer and follow the prompts.

When the install completes or Malwarebytes is already installed do the following:

Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab.

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Close out the settings window, this will take you back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes quarantine any found entries...

To get the log from Malwarebytes do the following:
 
  • Open Malwarebytes
  • Click on the Detection History tab > from main interface.
  • Then click on "History" that will open to a historical list
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Text file (*.txt), then name the file and save to a place of choice, recommend "Desktop" then attach to reply


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status... If English is not your primary language Right click on FRST/FRST64 and rename FRSTEnglish/FRST64English

 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Let me see those logs in your reply...

Thank you,

Kevin....
Link to post
Share on other sites

I mean.. Windows Defender already put the backdoor virus in quarantine and I deleted it after that.
Then I let adwcleaner scan my pc for several times and it found nothing.

So I just need to know if malwarebytes premium protect my from backdoor virus?
And Iam safe right now if it doesent found anything?

Link to post
Share on other sites

FRST.txt:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-09-2021
durchgeführt von nicol (Administrator) auf DESKTOP-I111G26 (Micro-Star International Co., Ltd. MS-7B93) (19-09-2021 13:10:01)
Gestartet von C:\Users\nicol\Downloads
Geladene Profile: nicol
Platform: Windows 10 Pro Version 21H1 19043.1237 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Opera
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
(Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0370882.inf_amd64_16efd232c9cc1313\B370998\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0370882.inf_amd64_16efd232c9cc1313\B370998\atiesrxx.exe
(Advanced Micro Devices, Inc.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe
(A-Volute SAS -> A-Volute) C:\Users\nicol\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE.exe
(Corsair Memory, Inc. -> Corsair) C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUEDevicePluginHost.exe <7>
(Discord Inc. -> Discord Inc.) C:\Users\nicol\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(Gaijin Network LTD -> Gaijin) C:\Users\nicol\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.56.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxApp_48.78.15001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21061.10121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Opera Software AS -> Opera Software) C:\Users\nicol\AppData\Local\Programs\Opera GX\78.0.4093.214\opera.exe <18>
(Opera Software AS -> Opera Software) C:\Users\nicol\AppData\Local\Programs\Opera GX\78.0.4093.214\opera_crashreporter.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [tvncontrol] => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
HKLM\...\Run: [CORSAIR iCUE 4 Software] => C:\Program Files\Corsair\CORSAIR iCUE 4 Software\iCUE Launcher.exe [321240 2021-07-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\Run: [Discord] => C:\Users\nicol\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282600 2021-09-14] (Valve -> Valve Corporation)
HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3145912 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\Run: [Gaijin.Net Updater] => C:\Users\nicol\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2374376 2020-12-03] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1079184 2021-09-11] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\Run: [com.blitz.app] => C:\Users\nicol\AppData\Local\Programs\Blitz\Blitz.exe --autostart
HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443296 2021-09-16] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\nicol\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [4490960 2021-08-25] (Opera Software AS -> Opera Software)
GroupPolicy: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0AD229F5-237F-40FF-8F89-B6B0E09A73C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0ADBED93-DE69-4905-A055-E059F2F06E2E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63960 2021-08-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {19BD4F42-31D1-4A40-B3D7-19907A9D5378} - System32\Tasks\Opera GX scheduled Autoupdate 1630437129 => C:\Users\nicol\AppData\Local\Programs\Opera GX\launcher.exe [41841360 2021-09-06] (Opera Software AS -> Opera Software)
Task: {35CA0EBB-4D84-4B9E-948C-5D09DBBDE384} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [619992 2021-08-24] (Advanced Micro Devices Inc. -> AMD)
Task: {403A3979-22B8-40F2-B6E6-D1813124902A} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {41ED8001-A23A-4D4F-A9CC-AAE1369F970D} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2272380971-2486202214-448488098-500 => C:\Users\nicol\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {577DA5E3-E561-4D19-8253-C87A300FA19A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {777F7D31-5F7D-4254-A90F-5264EB53CAAA} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe
Task: {7CEF8E94-1ED0-458E-8E65-16E07B2A63E6} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1630437132 => C:\Users\nicol\AppData\Local\Programs\Opera GX\launcher.exe [41841360 2021-09-06] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\nicol\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {8B8EE899-6487-49C1-87B0-4948679174F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9434C0A3-2BD0-425C-9205-928E5C73E20D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B442DF15-3D3F-4F67-94DA-E2E6BE1C2A19} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {B96EEFBC-ADD1-4311-A877-6EE8B01B0FD0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CA941EC5-A4B0-467C-863E-494A3A75E721} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63960 2021-08-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E26B7162-4280-4037-B3A2-0EC4C885FB1D} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [47104 2021-08-24] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
Task: {F91B0A54-CE47-4F68-BC29-870195842726} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [269272 2021-08-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{038ada97-04f6-4acb-a479-555724473cc2}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\nicol\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-19]

FireFox:
========
FF DefaultProfile: i2kob1rv.default
FF ProfilePath: C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\i2kob1rv.default [2021-03-10]
FF ProfilePath: C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\ffvfr8qc.default-release [2021-09-19]
FF Extension: (Chrome Remote Desktop) - C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\ffvfr8qc.default-release\Extensions\remotedesktop@google.com.xpi [2021-06-04] [UpdateUrl:hxxps://www.gstatic.com/chromoting/firefox_extension/update.json]
FF Extension: (uBlock Origin) - C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\ffvfr8qc.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-05-16]
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2019-03-14] (Adobe Systems, Inc.) [Datei ist nicht signiert]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert]
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\nicol\AppData\Local\Google\Chrome\User Data\Default [2021-09-02]
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (ProxFlow) - C:\Users\nicol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2021-06-04]
CHR Extension: (Präsentationen) - C:\Users\nicol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-04]
CHR Extension: (Material Incognito Dark Theme) - C:\Users\nicol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahifcnpnjgbadkjdhagpfjfkmlapfoel [2021-06-04]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\nicol\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-01]
CHR Extension: (Tabellen) - C:\Users\nicol\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-04]
CHR Extension: (I don't care about cookies) - C:\Users\nicol\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2021-08-11]
CHR Extension: (Google Docs Offline) - C:\Users\nicol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (AdBlock – der beste Ad-Blocker) - C:\Users\nicol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-08-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\nicol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-04]
CHR Extension: (Chrome Media Router) - C:\Users\nicol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-22]

Opera: 
=======
StartMenuInternet: (HKU\S-1-5-21-2272380971-2486202214-448488098-1001) Opera GXStable - "C:\Users\nicol\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe [510936 2021-08-24] (Advanced Micro Devices Inc. -> AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8914856 2021-07-02] (BattlEye Innovations e.K. -> )
R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616360 2021-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CueLLAccessService.exe [456416 2021-07-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairMsiPluginService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairMsiPluginService.exe [451800 2021-07-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\Corsair.Service.exe [80608 2021-07-26] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-08-26] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [553264 2021-05-30] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQU8_36; C:\ProgramData\EQU8\Splitgate\bin\anticheat.x64.equ8.exe [6161552 2021-09-02] (Int3 Software AB -> Int3 Software AB)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2021-06-02] (FUTUREMARK INC -> Futuremark)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10831776 2021-09-16] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7785656 2021-09-19] (Malwarebytes Inc -> Malwarebytes)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1675392 2021-05-27] (A-Volute SAS -> Nahimic)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475672 2021-09-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2021-03-14] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1716632 2021-05-20] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14673704 2021-05-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [41536 2021-07-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0370882.inf_amd64_16efd232c9cc1313\B370998\amdkmdag.sys [81609032 2021-09-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60328 2021-05-18] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R2 CorsairLLAccessC2D033F14715AA7325305EA42FBFC65BF867CC1D; C:\Program Files\Corsair\CORSAIR iCUE 4 Software\CorsairLLAccess64.sys [21752 2021-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45984 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21920 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz150; C:\Windows\temp\cpuz150\cpuz150_x64.sys [44832 2021-09-19] (CPUID S.A.R.L.U. -> CPUID)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 EQU8_HELPER_36; C:\Windows\system32\DRIVERS\EQU8_HELPER_36.sys [38032 2021-09-02] (Int3 Software AB -> )
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [160176 2021-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [37200 2021-08-20] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [25928 2021-08-20] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66896 2021-08-20] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210344 2021-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-09-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198888 2021-09-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [68528 2021-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-09-19] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [149424 2021-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-09-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [433384 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-09-19 13:10 - 2021-09-19 13:10 - 000025618 _____ C:\Users\nicol\Downloads\FRST.txt
2021-09-19 13:08 - 2021-09-19 13:10 - 000000000 ____D C:\FRST
2021-09-19 13:08 - 2021-09-19 13:08 - 002304000 _____ (Farbar) C:\Users\nicol\Downloads\FRST64.exe
2021-09-19 11:22 - 2021-09-19 11:22 - 000198888 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-09-19 11:22 - 2021-09-19 11:22 - 000149424 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-09-19 11:22 - 2021-09-19 11:22 - 000068528 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-09-19 11:16 - 2021-09-19 11:16 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-09-19 11:16 - 2021-09-19 11:16 - 000210344 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-09-19 11:16 - 2021-09-19 11:16 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-09-19 11:16 - 2021-09-19 11:16 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-09-19 11:16 - 2021-09-19 11:16 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-09-19 11:16 - 2021-09-19 11:16 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-09-19 11:16 - 2021-09-19 11:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-09-19 11:15 - 2021-09-19 11:15 - 000000000 ____D C:\Program Files\Malwarebytes
2021-09-19 11:10 - 2021-09-19 11:10 - 006673184 _____ (EnigmaSoft Limited) C:\Users\nicol\Downloads\SpyHunter-5.10-5-6628-Installer.exe
2021-09-18 23:43 - 2021-09-19 11:13 - 085983232 _____ C:\Windows\system32\config\SOFTWARE
2021-09-18 23:41 - 2021-09-18 23:43 - 000000000 ____D C:\Windows\Microsoft Antimalware
2021-09-18 22:15 - 2021-09-18 22:16 - 000000000 ____D C:\AdwCleaner
2021-09-18 22:15 - 2021-09-18 22:15 - 008553680 _____ (Malwarebytes) C:\Users\nicol\Downloads\adwcleaner_8.3.0.exe
2021-09-18 22:12 - 2021-09-18 22:12 - 029244988 _____ C:\Users\nicol\Desktop\BAESIDE   AC Slayer.mp4
2021-09-17 17:39 - 2021-09-17 17:39 - 000003304 _____ C:\Windows\system32\Tasks\StartCNBM
2021-09-17 17:39 - 2021-09-17 17:39 - 000003194 _____ C:\Windows\system32\Tasks\StartAUEP
2021-09-17 17:38 - 2021-09-17 17:38 - 000000000 ____D C:\Users\nicol\AppData\LocalLow\AMD
2021-09-17 17:37 - 2021-09-17 17:37 - 000002620 _____ C:\Windows\system32\Tasks\AMDRyzenMasterSDKTask
2021-09-17 17:37 - 2021-09-17 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-09-17 17:37 - 2021-09-17 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Link For Windows
2021-09-17 17:37 - 2021-09-17 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2021-09-17 17:36 - 2021-09-09 06:25 - 001877328 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-09-17 17:36 - 2021-09-09 06:25 - 001877328 _____ C:\Windows\system32\vulkaninfo.exe
2021-09-17 17:36 - 2021-09-09 06:25 - 001456976 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-09-17 17:36 - 2021-09-09 06:25 - 001456976 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-09-17 17:36 - 2021-09-09 06:25 - 001115168 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 001115168 _____ C:\Windows\system32\vulkan-1.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000967848 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000967848 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000745272 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000629560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000508216 _____ C:\Windows\system32\dgtrayicon.exe
2021-09-17 17:36 - 2021-09-09 06:25 - 000505144 _____ C:\Windows\system32\GameManager64.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000441144 _____ C:\Windows\system32\EEURestart.exe
2021-09-17 17:36 - 2021-09-09 06:25 - 000355128 _____ C:\Windows\system32\clinfo.exe
2021-09-17 17:36 - 2021-09-09 06:25 - 000195408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000174928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000165200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000150872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000099128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000083792 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000055096 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000052024 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2021-09-17 17:36 - 2021-09-09 06:25 - 000027920 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 083192136 _____ C:\Windows\system32\amd_comgr.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 072873288 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 068453704 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 001545016 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiacm64.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 001345864 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000949560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000840504 _____ (AMD) C:\Windows\system32\atieclxx.exe
2021-09-17 17:36 - 2021-09-09 06:24 - 000777032 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000497992 _____ C:\Windows\system32\amdgfxinfo64.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000477000 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000474952 _____ C:\Windows\system32\amdlogum.exe
2021-09-17 17:36 - 2021-09-09 06:24 - 000464712 _____ C:\Windows\system32\atieah64.exe
2021-09-17 17:36 - 2021-09-09 06:24 - 000360248 _____ C:\Windows\SysWOW64\atieah32.exe
2021-09-17 17:36 - 2021-09-09 06:24 - 000253752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000221496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000190648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000175416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000174904 _____ (AMD) C:\Windows\system32\atimuixx.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000166904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000158536 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000149304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000144200 _____ C:\Windows\system32\atidxx64.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000141624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000139632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000139592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000122704 _____ C:\Windows\SysWOW64\atidxx32.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000121656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2021-09-17 17:36 - 2021-09-09 06:24 - 000078664 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2021-09-17 17:36 - 2021-09-09 06:23 - 001708992 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2021-09-17 17:36 - 2021-09-09 06:23 - 001385504 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-09-17 17:36 - 2021-09-09 06:23 - 000559752 _____ C:\Windows\system32\amdmiracast.dll
2021-09-17 17:36 - 2021-09-09 06:23 - 000388408 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2021-09-17 17:36 - 2021-09-09 06:23 - 000145352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2021-09-17 17:36 - 2021-09-09 06:23 - 000139624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2021-09-17 17:36 - 2021-09-09 06:23 - 000129512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2021-09-17 17:36 - 2021-09-09 06:23 - 000117376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2021-09-17 17:36 - 2021-09-09 06:23 - 000117352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2021-09-17 17:36 - 2021-09-09 05:57 - 058037336 _____ C:\Windows\system32\amdxc64.so
2021-09-17 17:36 - 2021-09-09 05:57 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2021-09-17 17:36 - 2021-09-09 05:57 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2021-09-17 17:36 - 2021-09-09 05:57 - 000562464 _____ C:\Windows\SysWOW64\atiapfxx.blb
2021-09-17 17:36 - 2021-09-09 05:57 - 000562464 _____ C:\Windows\system32\atiapfxx.blb
2021-09-17 13:26 - 2021-09-17 13:26 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2021-09-17 13:26 - 2021-09-17 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-09-17 13:26 - 2021-09-17 13:26 - 000000000 ____D C:\Program Files\LGHUB
2021-09-16 16:13 - 2021-09-16 16:13 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll
2021-09-16 16:13 - 2021-09-16 16:13 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-09-16 16:13 - 2021-09-16 16:13 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll
2021-09-16 16:13 - 2021-09-16 16:13 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-09-16 16:13 - 2021-09-16 16:13 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-09-16 16:13 - 2021-09-16 16:13 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-09-16 16:13 - 2021-09-16 16:13 - 001313608 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-09-16 16:13 - 2021-09-16 16:13 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE
2021-09-16 16:13 - 2021-09-16 16:13 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-09-16 16:13 - 2021-09-16 16:13 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-09-16 16:13 - 2021-09-16 16:13 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-09-16 16:13 - 2021-09-16 16:13 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-09-16 16:13 - 2021-09-16 16:13 - 000426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-09-16 16:13 - 2021-09-16 16:13 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-09-16 16:13 - 2021-09-16 16:13 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-09-16 16:13 - 2021-09-16 16:13 - 000170496 _____ C:\Windows\system32\DeviceUpdateCenterCsp.dll
2021-09-16 16:13 - 2021-09-16 16:13 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-09-16 16:13 - 2021-09-16 16:13 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2021-09-16 16:13 - 2021-09-16 16:13 - 000122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2021-09-16 16:13 - 2021-09-16 16:13 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-09-16 16:13 - 2021-09-16 16:13 - 000011355 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-09-16 16:10 - 2021-09-16 16:10 - 000000000 ___HD C:\$WinREAgent
2021-09-14 17:53 - 2021-09-14 17:53 - 000000222 _____ C:\Users\nicol\Desktop\Insurgency Sandstorm.url
2021-09-11 12:53 - 2021-09-11 12:53 - 000000000 ____D C:\Users\nicol\Documents\FeedbackHub
2021-09-08 18:46 - 2021-09-08 18:46 - 000000000 ____D C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP
2021-09-08 18:46 - 2021-09-08 18:46 - 000000000 ____D C:\Users\nicol\AppData\LocalLow\M7 production _ Attrito
2021-09-08 18:46 - 2021-09-08 18:46 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-09-08 18:46 - 2021-09-08 18:46 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2021-09-06 22:15 - 2021-09-06 22:49 - 000000000 ____D C:\Users\nicol\Documents\Assetto Corsa Competizione
2021-09-06 22:15 - 2021-09-06 22:15 - 000000000 ____D C:\Users\nicol\AppData\Local\AC2
2021-09-05 13:44 - 2021-09-05 13:44 - 000038549 _____ C:\Users\nicol\Downloads\server_config.cfg.txt
2021-09-05 12:40 - 2021-09-05 12:42 - 000000500 _____ C:\Users\nicol\Desktop\servdiscount root.txt
2021-09-05 10:51 - 2021-09-05 10:51 - 000044533 _____ C:\Users\nicol\Downloads\rechnung_H01938476.pdf
2021-09-02 22:20 - 2021-09-02 22:24 - 000000000 ____D C:\ProgramData\EQU8
2021-09-02 22:20 - 2021-09-02 22:20 - 000038032 _____ C:\Windows\system32\Drivers\EQU8_HELPER_36.sys
2021-09-02 22:20 - 2021-09-02 22:20 - 000000000 ____D C:\Users\nicol\AppData\Local\PortalWars
2021-09-02 22:09 - 2021-09-02 22:12 - 000000000 ____D C:\Users\nicol\AppData\Local\Ubisoft Game Launcher
2021-09-02 22:09 - 2021-09-02 22:09 - 149934184 _____ (Ubisoft) C:\Users\nicol\Downloads\UbisoftConnectInstaller.exe
2021-09-02 22:09 - 2021-09-02 22:09 - 000001323 _____ C:\Users\nicol\Desktop\Ubisoft Connect.lnk
2021-09-02 22:09 - 2021-09-02 22:09 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2021-09-02 22:09 - 2021-09-02 22:09 - 000000000 ____D C:\ProgramData\Ubisoft
2021-09-02 22:09 - 2021-09-02 22:09 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2021-09-01 21:26 - 2021-09-01 21:26 - 000000000 ____D C:\Users\nicol\Documents\Paradox Interactive
2021-09-01 21:03 - 2021-09-01 21:12 - 000000000 ____D C:\Users\nicol\Documents\Humankind
2021-09-01 21:03 - 2021-09-01 21:03 - 000000000 ____D C:\Users\nicol\AppData\LocalLow\AMPLITUDE Studios
2021-09-01 20:21 - 2021-09-01 20:21 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2021-08-31 21:12 - 2021-09-13 14:52 - 000004244 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1630437129
2021-08-31 21:12 - 2021-09-13 14:52 - 000001434 _____ C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Opera GX.lnk
2021-08-31 21:12 - 2021-08-31 21:12 - 000004482 _____ C:\Windows\system32\Tasks\Opera GX scheduled assistant Autoupdate 1630437132
2021-08-31 21:12 - 2021-08-31 21:12 - 000001438 _____ C:\Users\nicol\Desktop\Browser Opera GX.lnk
2021-08-31 21:12 - 2021-08-31 21:12 - 000000000 ____D C:\Users\nicol\AppData\Local\Opera Software
2021-08-31 21:11 - 2021-08-31 21:11 - 200682262 _____ C:\Users\nicol\Downloads\Opera_GX_x86_x64.zip
2021-08-31 21:11 - 2021-08-31 21:11 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Opera Software
2021-08-27 18:23 - 2021-08-27 18:23 - 000000000 ____D C:\Users\nicol\AppData\Local\NineToFive
2021-08-25 16:25 - 2021-08-25 16:25 - 000001171 _____ C:\Users\Public\Desktop\iCUE.lnk
2021-08-25 16:25 - 2021-08-25 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair
2021-08-25 16:25 - 2021-08-25 16:25 - 000000000 ____D C:\Program Files\Corsair
2021-08-20 19:22 - 2021-08-20 20:37 - 000000000 ____D C:\Users\nicol\Documents\Beamng
2021-08-20 19:19 - 2021-08-20 19:19 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeamMP Launcher
2021-08-20 19:18 - 2021-08-20 19:18 - 015464292 _____ C:\Users\nicol\Downloads\BeamMP_Installer.zip
2021-08-20 19:18 - 2021-08-20 19:18 - 015464292 _____ C:\Users\nicol\Downloads\BeamMP_Installer (1).zip
2021-08-20 15:36 - 2021-09-19 11:14 - 000000000 ____D C:\Users\nicol\AppData\Roaming\LGHUB
2021-08-20 15:36 - 2021-09-19 11:14 - 000000000 ____D C:\Users\nicol\AppData\Local\LGHUB
2021-08-20 15:36 - 2021-08-20 15:36 - 000066896 _____ (Logitech) C:\Windows\system32\Drivers\logi_joy_xlcore.sys
2021-08-20 15:36 - 2021-08-20 15:36 - 000045904 _____ (Logitech) C:\Windows\system32\Drivers\logi_joy_hid_lo.sys
2021-08-20 15:36 - 2021-08-20 15:36 - 000037200 _____ (Logitech) C:\Windows\system32\Drivers\logi_joy_bus_enum.sys
2021-08-20 15:36 - 2021-08-20 15:36 - 000025928 _____ (Logitech) C:\Windows\system32\Drivers\logi_joy_vir_hid.sys
2021-08-20 15:36 - 2021-08-20 15:36 - 000000000 ____D C:\ProgramData\Logishrd
2021-08-20 15:36 - 2021-08-20 15:36 - 000000000 ____D C:\ProgramData\LGHUB
2021-08-20 15:32 - 2021-08-20 15:32 - 041268640 _____ (Logitech, Inc.) C:\Users\nicol\Downloads\lghub_installer.exe

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-09-19 13:03 - 2021-03-10 22:32 - 000000000 ____D C:\Program Files (x86)\Steam
2021-09-19 12:48 - 2020-11-19 00:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-09-19 12:39 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-19 12:14 - 2021-03-10 22:32 - 000000000 ____D C:\Users\nicol\AppData\Roaming\discord
2021-09-19 12:14 - 2021-03-10 22:32 - 000000000 ____D C:\Users\nicol\AppData\Local\Discord
2021-09-19 11:22 - 2021-03-10 22:06 - 001723792 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-19 11:22 - 2019-12-07 16:51 - 000743952 _____ C:\Windows\system32\perfh007.dat
2021-09-19 11:22 - 2019-12-07 16:51 - 000150374 _____ C:\Windows\system32\perfc007.dat
2021-09-19 11:22 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-09-19 11:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-09-19 11:14 - 2021-07-29 22:19 - 000000000 ____D C:\Users\nicol\AppData\Local\D3DSCache
2021-09-19 11:14 - 2021-05-16 12:32 - 000000000 ____D C:\Program Files\TeamViewer
2021-09-19 11:14 - 2021-03-16 20:03 - 000000000 ____D C:\Users\nicol\AppData\Local\Battle.net
2021-09-19 11:14 - 2021-03-10 23:48 - 000000000 ____D C:\Users\nicol\AppData\Local\Origin
2021-09-19 11:14 - 2021-03-10 23:48 - 000000000 ____D C:\ProgramData\Origin
2021-09-19 11:14 - 2021-03-10 22:01 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-19 11:14 - 2020-11-19 01:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-19 11:14 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2021-09-19 11:13 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-09-18 23:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-18 23:04 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-09-18 21:52 - 2021-06-09 16:10 - 000000000 ____D C:\Users\nicol\Desktop\Musik
2021-09-18 20:09 - 2021-06-04 14:04 - 000002292 ____H C:\Users\nicol\Documents\Default.rdp
2021-09-18 10:54 - 2020-11-19 01:53 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-17 20:20 - 2021-03-10 22:06 - 000000000 ____D C:\Users\nicol\AppData\Local\Packages
2021-09-17 19:35 - 2021-03-10 23:21 - 000000000 ____D C:\Users\nicol\Documents\My Games
2021-09-17 19:35 - 2020-11-19 01:54 - 000000000 ____D C:\ProgramData\Packages
2021-09-17 19:22 - 2021-03-11 00:30 - 000000000 ____D C:\Users\nicol\AppData\Local\PlaceholderTileLogoFolder
2021-09-17 18:11 - 2021-03-10 22:27 - 000000000 ____D C:\Users\nicol\AppData\Local\AMD_Common
2021-09-17 17:40 - 2021-05-16 16:37 - 000000000 ____D C:\Users\nicol\AppData\Local\AMD
2021-09-17 17:39 - 2021-05-28 22:28 - 000000032 _____ C:\Users\nicol\AppData\Roaming\.machineId
2021-09-17 17:39 - 2021-04-10 17:18 - 000000000 ____D C:\Program Files\AMD
2021-09-17 17:37 - 2021-07-05 23:08 - 000003118 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2021-09-17 17:37 - 2021-06-27 17:13 - 000003106 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2021-09-17 17:37 - 2021-06-27 17:12 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2021-09-17 17:37 - 2021-06-27 17:12 - 000003080 _____ C:\Windows\system32\Tasks\StartDVR
2021-09-17 17:36 - 2021-07-29 22:19 - 000000000 ____D C:\AMD
2021-09-16 22:24 - 2020-11-19 00:50 - 000258000 _____ C:\Windows\system32\FNTCACHE.DAT
2021-09-16 22:23 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-09-16 22:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-09-16 22:23 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-09-16 16:15 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-09-16 16:10 - 2021-03-10 22:17 - 000000000 ____D C:\Windows\system32\MRT
2021-09-16 16:09 - 2021-03-10 22:17 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-15 19:31 - 2021-03-10 23:48 - 000000000 ____D C:\Program Files (x86)\Origin
2021-09-13 21:02 - 2021-03-24 22:44 - 000000000 ____D C:\Users\nicol\AppData\Local\CrashDumps
2021-09-12 09:59 - 2021-03-16 20:03 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-09-09 13:37 - 2020-11-19 01:51 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-09-09 06:25 - 2021-07-29 22:21 - 000388432 _____ C:\Windows\SysWOW64\GameManager32.dll
2021-09-09 06:25 - 2021-07-29 22:21 - 000027944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2021-09-09 06:24 - 2021-07-29 22:21 - 001765192 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2021-09-09 06:24 - 2021-07-29 22:21 - 001345864 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2021-09-09 06:24 - 2021-07-29 22:21 - 000210704 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2021-09-09 06:24 - 2021-07-29 22:21 - 000178240 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2021-09-08 16:54 - 2021-05-30 03:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2021-09-06 22:15 - 2021-03-14 02:13 - 000000000 ____D C:\Users\nicol\AppData\Local\UnrealEngine
2021-09-05 10:16 - 2021-03-10 22:18 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-02 21:25 - 2021-06-04 13:57 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-01 22:42 - 2021-03-10 22:05 - 000000000 ____D C:\Users\nicol
2021-08-31 18:28 - 2021-03-10 22:17 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-08-27 18:59 - 2021-08-05 22:54 - 000000000 ____D C:\Users\nicol\AppData\Roaming\EasyAntiCheat
2021-08-26 21:31 - 2021-08-12 23:33 - 000000000 ____D C:\Users\nicol\Documents\Euro Truck Simulator 2
2021-08-25 16:40 - 2021-03-10 22:31 - 000000000 ____D C:\Users\nicol\AppData\LocalLow\Mozilla
2021-08-25 16:27 - 2021-03-10 22:31 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-25 16:26 - 2021-06-04 13:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-25 01:04 - 2021-05-16 16:37 - 002443640 _____ (AMD Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe
2021-08-20 19:22 - 2021-06-20 16:28 - 000000000 ____D C:\Users\nicol\AppData\Local\BeamNG.drive
2021-08-20 19:21 - 2021-06-20 15:34 - 000000000 ____D C:\Users\nicol\AppData\Roaming\BeamMP Launcher
2021-08-20 19:19 - 2021-06-20 15:34 - 000002048 _____ C:\Users\nicol\Desktop\BeamMP-Launcher.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2021-05-28 22:28 - 2021-09-17 17:39 - 000000032 _____ () C:\Users\nicol\AppData\Roaming\.machineId

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

Link to post
Share on other sites

Addition.txt

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-09-2021
durchgeführt von nicol (19-09-2021 13:10:49)
Gestartet von C:\Users\nicol\Downloads
Windows 10 Pro Version 21H1 19043.1237 (X64) (2021-03-10 20:02:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-2272380971-2486202214-448488098-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2272380971-2486202214-448488098-503 - Limited - Disabled)
Gast (S-1-5-21-2272380971-2486202214-448488098-501 - Limited - Disabled)
nicol (S-1-5-21-2272380971-2486202214-448488098-1001 - Administrator - Enabled) => C:\Users\nicol
WDAGUtilityAccount (S-1-5-21-2272380971-2486202214-448488098-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Shockwave Player 12.3 (HKLM-x32\...\{4487064C-F31E-4499-A1EF-9B8E809A0358}) (Version: 12.3.5.205 - Adobe, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.17.25.506 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.2.1818 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.8.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{9bbdaa84-1315-4bcf-ac55-57449b4228f1}) (Version: 2.17.25.506 - Advanced Micro Devices, Inc.) Hidden
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.7.1 - Electronic Arts, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.64.43202 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Battlestate Games Launcher 12.10.0.1564 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 12.10.0.1564 - Battlestate Games)
BeamMP Launcher (HKLM\...\{0D8B7A7C-5EA7-41FF-8736-FEF9CF648661}) (Version: 1.80.5 - BeamMP) Hidden
BeamMP Launcher (HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\BeamMP Launcher 1.80.5) (Version: 1.80.5 - BeamMP)
Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden
Call of Duty Black Ops Cold War (HKLM-x32\...\Call of Duty Black Ops Cold War) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
CORSAIR iCUE 4 Software (HKLM\...\{FBD8EF63-ECFB-497B-8563-DE4763221170}) (Version: 4.14.179 - Corsair)
CPUID CPU-Z 1.96 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.96 - CPUID, Inc.)
CrystalDiskInfo 8.12.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.4 - Crystal Dew World)
Discord (HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{10C99DF4-CDE1-43BD-9094-96D863A108C7}) (Version: 1.2.11.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.11.2.14290 - Battlestate Games)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileZilla Client 3.54.1 (HKLM-x32\...\FileZilla Client) (Version: 3.54.1 - Tim Kosse)
Futuremark SystemInfo (HKLM-x32\...\{8177AD80-8B92-4921-8B93-1A61A49E8C46}) (Version: 5.40.908.0 - Futuremark)
Geeks3D FurMark 1.26.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.26.0.0 - Geeks3D)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2245.0 - Rockstar Games)
HWiNFO64 Version 7.04 (HKLM\...\HWiNFO64_is1) (Version: 7.04 - Martin Malik - REALiX)
Java 8 Update 301 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.9.7463 - Logitech)
Malwarebytes version 4.4.6.132 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.6.132 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4ffaf7b8-a84a-4813-840c-8b1f1343ae54}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Mozilla Firefox 89.0 (x64 de) (HKLM\...\Mozilla Firefox 89.0 (x64 de)) (Version: 89.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 86.0 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Opera GX Stable 78.0.4093.214 (HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\Opera GX 78.0.4093.214) (Version: 78.0.4093.214 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.104.48966 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
RAGE Multiplayer (HKLM-x32\...\RAGE Multiplayer) (Version: 0.0.1.1 - )
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.40.358 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games)
RSI Launcher 1.4.10 (HKLM\...\81bfc699-f883-50c7-b674-2483b6baae23) (Version: 1.4.10 - Cloud Imperium Games)
RyzenMasterSDK (HKLM\...\{17BE94CF-FF53-4C12-81F5-E10EB6844849}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.18.5 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 125.0.10582 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
War Thunder Launcher 1.0.3.261 (HKU\S-1-5-21-2272380971-2486202214-448488098-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Network)
WinRAR 6.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
Cinebench -> C:\Program Files\WindowsApps\MAXONComputerGmbH.Cinebench_23.2.0.0_x64__rsne5bsk8s7tj [2021-07-06] (MAXON Computer GmbH)
Crusader Kings III -> C:\Program Files\WindowsApps\ParadoxInteractive.ProjectTitus_1.0.108.0_x64__zfnrdv2de78ny [2021-09-01] (Paradox Interactive)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Nitrado -> C:\Program Files\WindowsApps\marbisGmbH.Nitrado_1.9.20.0_neutral__ntn371j05xzh0 [2021-08-19] (marbis GmbH)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.104.2646.2_x64__8wekyb3d8bbwe [2021-08-26] (ms-resource:PublisherDisplayName)
XboxInsiderHub -> C:\Program Files\WindowsApps\Microsoft.XboxInsider_1.2107.21001.0_x64__8wekyb3d8bbwe [2021-09-17] (Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2272380971-2486202214-448488098-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\nicol\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-09-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

==================== Verknüpfungen & WMI ========================

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2021-09-17 13:26 - 2021-09-16 21:08 - 000634880 _____ () [Datei ist nicht signiert] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2021-03-09 19:47 - 2021-03-09 19:47 - 000017920 _____ () [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 003567616 _____ () [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-03-19 06:40 - 2020-03-19 06:40 - 000912896 _____ () [Datei ist nicht signiert] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2020-03-19 06:40 - 2020-03-19 06:40 - 003109888 _____ () [Datei ist nicht signiert] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2021-07-07 06:37 - 2021-07-07 06:37 - 000562688 _____ (Advanced Micro Devices) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Device.dll
2021-07-07 06:37 - 2021-07-07 06:37 - 000058880 _____ (Advanced Micro Devices) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Platform.dll
2021-08-24 18:38 - 2021-08-24 18:38 - 001704960 _____ (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2021-06-23 17:37 - 2021-06-23 17:37 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files\Corsair\CORSAIR iCUE 4 Software\SiUSBXp.dll
2021-03-10 23:49 - 2021-05-16 10:38 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-03-10 23:49 - 2021-05-16 10:38 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2021-03-10 23:49 - 2021-05-16 10:38 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-09-15 19:31 - 2021-05-16 10:38 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-09-15 19:31 - 2021-05-16 10:38 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-09-15 19:31 - 2021-05-16 10:38 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-09-15 19:31 - 2021-05-16 10:38 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-09-15 19:31 - 2021-05-16 10:38 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-09-15 19:31 - 2021-05-16 10:38 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000057856 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000031744 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000039424 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000031744 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000414720 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000025088 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000024576 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000023552 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000532992 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 001441792 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 001189888 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000134656 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 006184448 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 006867456 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000735232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000120832 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 001104896 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000325120 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 003668480 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000517120 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000051712 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 004228608 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000171008 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 001085440 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000480256 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000205824 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000329728 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000127488 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000390656 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 095598080 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 005587968 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000462848 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000188928 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 002878464 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000055808 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000059392 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000262144 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000017920 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000017920 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000284160 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000333824 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000136704 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000090112 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000313856 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000017920 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-03-09 19:47 - 2021-03-09 19:47 - 000091648 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\nicol:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5868]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_301\bin\ssv.dll [2021-07-29] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-07-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-07-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-07-29] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2272380971-2486202214-448488098-1001\Control Panel\Desktop\\Wallpaper -> c:\users\nicol\desktop\khyzyl-saleem-r32-new-76-finalweb.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
 ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{D6113425-BBD5-4352-91D7-21A31BED8583}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B211FA9A-60C3-4806-A367-E313E3AB1A36}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{72B786CE-5BF0-4CA2-9A29-05EBEA11FEDA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6D325ED3-2EA3-4B15-9150-058E5E3C1CEB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5C445E8E-8571-413A-B04F-C9AAEB512D2B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{82E2A7A4-45BE-4CF3-A863-51CFB5DCFCC1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DB036F74-1D71-429B-B9EB-3A9D178DFA0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{622254BE-EE53-4517-9BA1-BAF234004BB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{C573C5E6-7685-4498-B53C-4B79174D0967}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{FBDA81D1-19A0-4526-90EE-F116B3D07445}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{58890C14-CAAE-4E10-A61D-8996911AD8E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wreckfest\Wreckfest_x64.exe () [Datei ist nicht signiert]
FirewallRules: [{0CA04B5E-6EC1-4265-B2C1-040B7AFC063E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wreckfest\Wreckfest_x64.exe () [Datei ist nicht signiert]
FirewallRules: [{7B6E9683-4776-47DF-84A0-F853D06B29A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wreckfest\Wreckfest.exe () [Datei ist nicht signiert]
FirewallRules: [{B9F632A5-C556-42BB-A177-FCBE67C57777}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wreckfest\Wreckfest.exe () [Datei ist nicht signiert]
FirewallRules: [{F192EA9A-118C-46A4-9E81-17A1071E90FF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{D7CD5CF6-85E4-41C4-B5FC-CD7754955783}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{CB60BAB3-DC42-4AEB-AAAB-88E76ED52860}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{87F605DF-42EC-4B95-9165-D9375F8844C6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{616EABDF-1D4B-4BD5-9C2D-5CC5044E52DE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{E2AFBD24-A2B4-4AF6-981D-D53AC3FB0FEF}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{83FBE99F-29ED-4568-8A77-52ADA5BD3F9C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{4E64A55E-7AD3-4D61-86F5-C2ACC99C939F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{93638624-0ED5-48AE-AE1E-CC1CD8D4F794}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{87CCA4B6-C352-411F-BB0A-6F2678929724}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{FF858279-5053-44B2-8089-DEA88C3D258D}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{B3962E5A-4D09-4036-9D4B-48863D24E694}C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{C1C2E7B1-ECCC-41DC-82CB-6C11F9782C08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert]
FirewallRules: [{E9974FF3-F41A-4C86-98B6-EA03E172D3EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{CB5FA748-5639-4C78-8546-FDEC5064181F}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{761720D1-1382-443A-B984-D9B50C4726CC}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{766AAA6D-5EAE-44A8-8870-971904F85FAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{20503F0F-2E78-463A-A567-CA9F8BA864B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [TCP Query User{5D74F42A-7798-4291-A130-5BD7E65657F6}C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [UDP Query User{E758DFE8-C197-4756-BBAC-84B6F4705404}C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [{A9253400-0D0E-4D68-8EDE-113E91FA0BE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{5A9A6320-4B61-4D79-97FE-59D850D29F50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{2A25ABF9-ABAC-4A95-A73E-8EEAF5CBD3F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{5DCDB15C-EA96-405E-B11C-1952E0CCDB93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{FDD218FB-AE5E-4A69-9A58-B4432AC415A4}C:\program files (x86)\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{8E830D2E-ABE3-499F-BECB-C450A7641408}C:\program files (x86)\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F04F2B81-D4BC-4C45-A2DE-3EC024EBEC0C}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{AB7E5B4D-A7F1-4E72-9338-506B17096205}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{88555888-C22C-42DA-BA73-AEA48968A591}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{CD1DE176-B0CA-46B1-AC93-3B117783DE97}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{84E4D1EF-1EA4-4BBB-B7B7-C41611F73DD6}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{971BC0B4-DB48-4560-8BA6-2619C81FBD5C}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe (Cloud Imperium Games Corp.) [Datei ist nicht signiert]
FirewallRules: [{E42A1A93-999B-458D-879A-ACF14339E08F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{D97BD041-2035-4AB4-BA9D-B39C6653E1C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{32353D73-3E43-412D-AD86-80ECCC3EE5B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2.exe => Keine Datei
FirewallRules: [{E5F5DAD5-A564-4B0F-A07C-AC5F02C89CDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2.exe => Keine Datei
FirewallRules: [{83D7CE82-3088-46B3-B504-F8C31F6ABF9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments) [Datei ist nicht signiert]
FirewallRules: [{4BFC2993-23B3-46C1-A9A9-78E75FA44059}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe (Frontier Developments) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{A96D324C-2E30-4079-A0DA-BD9BBE6104E7}C:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe (Frontier Developments plc) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{484B22C2-89C2-44BC-BBD2-898199D67376}C:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe (Frontier Developments plc) [Datei ist nicht signiert]
FirewallRules: [{703D72EF-ECC9-4358-8C16-83F772505E4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{DBB1C4DC-6362-4E79-B411-EB0FF90A6F64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mordhau\Mordhau.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{FD5609DA-62CB-434F-8124-FCADE6009916}C:\program files (x86)\steam\steamapps\common\ittakestwo\nuts\binaries\win64\ittakestwo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ittakestwo\nuts\binaries\win64\ittakestwo.exe (Hazelight Studios AB -> Hazelight Studios)
FirewallRules: [UDP Query User{80656E2D-98F1-43E8-AFD8-C92F14A92200}C:\program files (x86)\steam\steamapps\common\ittakestwo\nuts\binaries\win64\ittakestwo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ittakestwo\nuts\binaries\win64\ittakestwo.exe (Hazelight Studios AB -> Hazelight Studios)
FirewallRules: [{BABFF72F-6125-4242-B557-444C133A9975}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => Keine Datei
FirewallRules: [{C550C5F0-E571-4F12-A92A-BDEF44C33B24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{B08D21CB-AC16-4513-AE99-725C0F436DB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{25B1979F-93F9-45D1-A0D0-13040F05CF66}C:\users\nicol\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\nicol\appdata\local\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [UDP Query User{208AE987-01E8-4C27-AE47-5DE6F581BB4E}C:\users\nicol\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\nicol\appdata\local\enlisted\launcher.exe (Gaijin Network LTD -> Gaijin)
FirewallRules: [{426737E7-EE55-4C5C-AC80-2E0CC83703C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hell Let Loose\Launch_HLL.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C3E91624-F5FB-4F6F-A03A-8721DA2B5CB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hell Let Loose\Launch_HLL.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{C274F48C-EF5E-4D08-B7FD-76C890D987A3}C:\program files (x86)\steam\steamapps\common\hell let loose\hll\binaries\win64\hll-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hell let loose\hll\binaries\win64\hll-win64-shipping.exe (BLACK MATTER PTY. LTD.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{8FA50513-F06D-4105-AD8A-83D73709DD36}C:\program files (x86)\steam\steamapps\common\hell let loose\hll\binaries\win64\hll-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hell let loose\hll\binaries\win64\hll-win64-shipping.exe (BLACK MATTER PTY. LTD.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{F604C11A-BA9C-4860-9A11-E666F1D82B18}C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{41D512F5-2EDB-4473-B47F-58E5DD2CF5D5}C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [Datei ist nicht signiert]
FirewallRules: [{352C6853-4C35-44AE-9413-C58ED933F49C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hired Ops\hops.exe (Battlestate Games Limited -> )
FirewallRules: [{E58D1D09-0210-40AA-8556-07D4F9591D24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hired Ops\hops.exe (Battlestate Games Limited -> )
FirewallRules: [{0F3EFCDA-D0E6-4713-AC31-354E3FA4985A}] => (Allow) D:\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{3CBDF4C8-992A-41CF-805A-7F4C605C5F5D}] => (Allow) D:\Steam\steamapps\common\Among Us\Among Us.exe () [Datei ist nicht signiert]
FirewallRules: [{35F308D0-EA2C-4004-A3C2-194B95AD5F87}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{A2B71F48-C8CA-42A3-ADFC-096C8CBC0D88}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{0644A38F-6663-44E5-81DE-DB0A1330AC04}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{170C6FDD-F1FE-4796-8FB0-BE47EC2C141E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield V\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{DF97F601-1C36-4B68-B0BB-D8AC76B39C38}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{4E2F9872-2A5F-48DD-808C-E6186E81256D}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{60A31FDA-95C0-44AA-B627-3842A627F973}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{493D5B3A-1691-4715-B83A-12DEE0DF069B}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{7C8D290F-E7C1-4A58-9968-607FA88E4FE3}C:\users\nicol\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\nicol\appdata\local\programs\blitz\blitz.exe => Keine Datei
FirewallRules: [UDP Query User{86958EC5-7785-4FCE-B531-E6E2014C72D2}C:\users\nicol\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\nicol\appdata\local\programs\blitz\blitz.exe => Keine Datei
FirewallRules: [{D7D2EB50-2777-4408-8A39-80175339F510}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{F8D3A41D-7880-40ED-8F5A-D16D360B762D}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{1F4D8340-55BE-4632-B886-540BF94A5BFA}] => (Allow) D:\Steam\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{E49807AE-CE11-40E5-B631-9F2608408D2B}] => (Allow) D:\Steam\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{1AF97352-5989-43E8-8FBD-D2BBF96DBB1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Squad\squad_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{6E2B0D78-E2D6-4C9B-838D-70C39FA543A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Squad\squad_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{039D5C4C-B6FE-4009-8E36-F40EE80E53A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scavengers\Scavengers_Launcher.exe (Epic Games, Inc) [Datei ist nicht signiert]
FirewallRules: [{F962DC20-B921-419B-97CB-975BB34B4E1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scavengers\Scavengers_Launcher.exe (Epic Games, Inc) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{72C7283F-B9E6-42AF-B170-0E9EB7644339}C:\program files (x86)\steam\steamapps\common\scavengers\scavenger\binaries\win64\scavenger-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\scavengers\scavenger\binaries\win64\scavenger-win64-shipping.exe (Midwinter Entertainment) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{89EE11D8-E0AF-4FE0-B4DD-D23F3FE9E2BC}C:\program files (x86)\steam\steamapps\common\scavengers\scavenger\binaries\win64\scavenger-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\scavengers\scavenger\binaries\win64\scavenger-win64-shipping.exe (Midwinter Entertainment) [Datei ist nicht signiert]
FirewallRules: [{AC7EB7AB-CD5B-484F-B583-787ECBF58E0C}] => (Allow) D:\Steam\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{47D7024A-BF7F-4810-8D19-716DF392A697}] => (Allow) D:\Steam\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{4F993276-17B3-4EB9-B5E9-A3170566F0C3}D:\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe (New World Interactive LLC -> New World Interactive) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{EA2DA2DC-56E1-4E60-B87E-67CE3D47D21A}D:\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe (New World Interactive LLC -> New World Interactive) [Datei ist nicht signiert]
FirewallRules: [{376327E0-5E61-4CA0-99B2-3D9C8B5A520D}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{83B9318B-FA7C-40A5-9B5A-66A863BAFF92}] => (Allow) D:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Datei ist nicht signiert]
FirewallRules: [{9E39F0CD-9F8A-491D-8443-D80D4F8CACF8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{62766BC1-7643-4CBD-9A5D-A9D8CFA8F8F2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9BF0848B-0312-43BD-BB7D-31F0F1BD8063}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{99AE05B3-775B-45B3-9A2F-E0D8703C1891}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F1AE470F-06C0-415F-97D0-2642CEC195E6}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{36B21146-9576-4B05-9F97-677FB2A44D6F}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [TCP Query User{9DC47E47-BF66-4847-804A-ACB9C425C14A}C:\program files (x86)\steam\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe (Offworld Industries -> Offworld Industries Ltd.)
FirewallRules: [UDP Query User{95422F28-8416-40E8-BE72-9B4049210D3E}C:\program files (x86)\steam\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe (Offworld Industries -> Offworld Industries Ltd.)
FirewallRules: [{5188692E-662C-4E0F-991D-6EC4B2F90D60}] => (Allow) D:\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe (BeamNG GmbH -> BeamNG GmbH)
FirewallRules: [{4CC6DC07-F2BE-4E9D-905E-17B7A5F58E2D}] => (Allow) D:\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe (BeamNG GmbH -> BeamNG GmbH)
FirewallRules: [TCP Query User{99C29319-9CFE-4FF8-9791-2360935664C7}C:\users\nicol\appdata\roaming\beammp launcher\beammp-launcher.exe] => (Allow) C:\users\nicol\appdata\roaming\beammp launcher\beammp-launcher.exe (BeamMP Mod Team -> BeamMP Mod Team) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{638FE051-6FAB-47C2-9662-CC87AC849438}C:\users\nicol\appdata\roaming\beammp launcher\beammp-launcher.exe] => (Allow) C:\users\nicol\appdata\roaming\beammp launcher\beammp-launcher.exe (BeamMP Mod Team -> BeamMP Mod Team) [Datei ist nicht signiert]
FirewallRules: [{16D94090-ED13-4A01-9B86-4EEA3ACA9CD0}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{71DA18E8-2F5D-4E33-B73D-ED09C3318D9B}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9812D247-20D7-46F5-A415-B9338B35C283}] => (Allow) C:\Battlestate Games\EFT\EscapeFromTarkov.exe (BATTLESTATE GAMES LIMITED -> )
FirewallRules: [TCP Query User{26C74DC2-1B68-420B-A0B9-3BEE0FD4325A}D:\steam\steamapps\common\new world closed beta\bin64\newworld.exe] => (Allow) D:\steam\steamapps\common\new world closed beta\bin64\newworld.exe => Keine Datei
FirewallRules: [UDP Query User{23B87EA0-A952-46E8-9CB6-1BE769D3717F}D:\steam\steamapps\common\new world closed beta\bin64\newworld.exe] => (Allow) D:\steam\steamapps\common\new world closed beta\bin64\newworld.exe => Keine Datei
FirewallRules: [{79CCA1F6-9063-40D7-BB1E-6DF5D88863F4}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2 Demo\bin\win_x64\eurotrucks2.exe => Keine Datei
FirewallRules: [{4E9539B5-E28D-4523-8908-5AC43B953ECF}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2 Demo\bin\win_x64\eurotrucks2.exe => Keine Datei
FirewallRules: [{67489C99-C6FB-44B3-918D-B5BD91FB7A27}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{926AFE0B-2ECF-4D99-B63F-704983E3343A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8633F174-94AA-4C0E-BD27-43B2422B54C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CF21E8A9-B637-4273-8867-09208068776E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C628F61-FD8F-4B87-B9BC-7F57F3E9AA2A}] => (Allow) D:\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [Datei ist nicht signiert]
FirewallRules: [{8DC711DF-DD96-4520-AAC3-FD25503EC358}] => (Allow) D:\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{6CD7384E-461A-4478-8868-AA60B3AF72D6}D:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\steam\steamapps\common\assettocorsa\acs.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{4736A954-3B7B-4FBB-9D5A-ADE1713FBD0E}D:\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) D:\steam\steamapps\common\assettocorsa\acs.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{98F1CDE2-B7AE-4A96-A874-F77E58D053C8}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{83C8892D-6984-4C97-BB11-52FEA9C46716}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{3133EE07-B211-4738-BE7C-D5FE9F88B735}D:\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe] => (Allow) D:\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe (BeamNG GmbH -> BeamNG GmbH)
FirewallRules: [UDP Query User{F8AB11E5-B2A9-42F8-9048-9C9371A1EE48}D:\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe] => (Allow) D:\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe (BeamNG GmbH -> BeamNG GmbH)
FirewallRules: [{E2DE2023-F105-419D-AEF8-630E711E6CB0}] => (Allow) C:\Users\nicol\AppData\Local\Programs\Opera GX\78.0.4093.186\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{39788CE7-331D-4EB9-A020-FB33097FE965}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C64E8748-E449-4AD4-A9D3-7C69C9F68C34}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8A1ECF77-8548-4635-A5EE-F9EE724EA947}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8B8119DF-AA3D-44D4-840B-456BBDF59F0E}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B1C7A1A9-4C1B-422F-8311-A3853CBFCB63}] => (Allow) D:\Steam\steamapps\common\Splitgate\equ8-launcher.exe (Int3 Software AB -> Int3 Software AB)
FirewallRules: [{7D0E9C51-86AB-431C-9D8B-E9BD6F47C895}] => (Allow) D:\Steam\steamapps\common\Splitgate\equ8-launcher.exe (Int3 Software AB -> Int3 Software AB)
FirewallRules: [{B31232C1-EC6D-40BB-A121-BE1197852B65}] => (Allow) D:\Steam\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe (1047 Games, LLC -> Epic Games, Inc.)
FirewallRules: [{5D73B0A1-CBAF-49C7-9D9C-F2412985D4AF}] => (Allow) D:\Steam\steamapps\common\Splitgate\PortalWars\Binaries\Win64\PortalWars-Win64-Shipping.exe (1047 Games, LLC -> Epic Games, Inc.)
FirewallRules: [{6A6BC725-CF7A-487A-A19F-D36809A23F65}] => (Allow) D:\Steam\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe (Sector3 Studios AB -> Simbin Studios AB)
FirewallRules: [{B7FE579B-6AEE-4D6B-9994-3AB4572EE309}] => (Allow) D:\Steam\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe (Sector3 Studios AB -> Simbin Studios AB)
FirewallRules: [{596EDEE2-DAFF-4BB2-8ABC-9E66A982460C}] => (Allow) D:\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe (Sector3 Studios AB -> Simbin Studios AB)
FirewallRules: [{DAB317CD-EA35-48AF-8B9E-A4DFA5FF1AD7}] => (Allow) D:\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe (Sector3 Studios AB -> Simbin Studios AB)
FirewallRules: [{31F13589-CD69-42A5-9C0E-4BEC6517D3C0}] => (Allow) D:\Steam\steamapps\common\Assetto Corsa Competizione\acc.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{CB758E48-482D-4185-B28B-D837923004DD}] => (Allow) D:\Steam\steamapps\common\Assetto Corsa Competizione\acc.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{6585720C-5C2B-4009-BF9C-DB3B38AF333E}D:\steam\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe (Kunos Simulazioni) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{164DD44B-D69B-4D6D-9844-855606883D8D}D:\steam\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe (Kunos Simulazioni) [Datei ist nicht signiert]
FirewallRules: [{0ED76C33-0C0C-4783-9D09-8326456B00A2}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{B6768CA5-B0D0-475F-B4D1-5B3CE65F0479}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{8A646B4A-79D2-4C30-B1B4-0AB0F803A15A}] => (Allow) D:\Steam\steamapps\common\Zero Hour\Zero Hour.exe () [Datei ist nicht signiert]
FirewallRules: [{C75A1CFA-347E-4523-AE1E-B884556E91F5}] => (Allow) D:\Steam\steamapps\common\Zero Hour\Zero Hour.exe () [Datei ist nicht signiert]
FirewallRules: [{E0D6A78B-D05B-4A05-9231-6532A1EC5032}] => (Allow) C:\Users\nicol\AppData\Local\Programs\Opera GX\78.0.4093.214\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{C4BFC143-E860-47A8-978A-D70BD30CF165}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{ADD0F411-91BF-4F1A-909E-880AA3809ED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{192D7B26-6CAA-4414-A33C-EFF34F4CC607}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{14AB59CD-AC07-447B-BEAE-81C00224B584}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{A7727736-AA48-4594-BEA8-FFE3BEF9A0B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{5A3F7514-A292-4B8F-8A50-F6A44DE18239}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [Datei ist nicht signiert]
FirewallRules: [{D784549D-CD3C-43F6-8143-1929343AD9FB}] => (Allow) D:\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe (TaleWorlds Entertainment -> TaleWorlds Entertainment) [Datei ist nicht signiert]
FirewallRules: [{6B711E2E-8161-4A52-9E10-C95C7E4CB356}] => (Allow) D:\Steam\steamapps\common\Mount & Blade II Bannerlord\bin\Win64_Shipping_Client\TaleWorlds.MountAndBlade.Launcher.exe (TaleWorlds Entertainment -> TaleWorlds Entertainment) [Datei ist nicht signiert]
FirewallRules: [{FFD11FF7-3921-490E-9C8D-A69DBF8B3279}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\93.0.961.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

10-09-2021 22:54:19 Geplanter Prüfpunkt
16-09-2021 16:10:21 Windows Modules Installer
17-09-2021 17:37:05 Radeon Installer

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (09/19/2021 11:31:02 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_ON.

Error: (09/19/2021 11:31:01 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_ON.

Error: (09/19/2021 11:30:57 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_ON.

Error: (09/19/2021 11:30:56 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_ON.

Error: (09/19/2021 11:30:52 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_ON.

Error: (09/19/2021 11:30:51 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_ON.

Error: (09/19/2021 11:30:47 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_ON.

Error: (09/19/2021 11:30:46 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des -Status auf SECURITY_PRODUCT_STATE_ON.


Systemfehler:
=============
Error: (09/19/2021 11:14:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMDRyzenMasterDriverV17" wurde aufgrund folgenden Fehlers nicht gestartet: 
Eine Datei kann nicht erstellt werden, wenn sie bereits vorhanden ist.

Error: (09/18/2021 10:43:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMDRyzenMasterDriverV17" wurde aufgrund folgenden Fehlers nicht gestartet: 
Eine Datei kann nicht erstellt werden, wenn sie bereits vorhanden ist.

Error: (09/18/2021 09:18:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMDRyzenMasterDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Eine Datei kann nicht erstellt werden, wenn sie bereits vorhanden ist.

Error: (09/18/2021 01:18:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMDRyzenMasterDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Eine Datei kann nicht erstellt werden, wenn sie bereits vorhanden ist.

Error: (09/18/2021 09:18:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMDRyzenMasterDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Eine Datei kann nicht erstellt werden, wenn sie bereits vorhanden ist.

Error: (09/17/2021 09:44:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMDRyzenMasterDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Eine Datei kann nicht erstellt werden, wenn sie bereits vorhanden ist.

Error: (09/17/2021 09:44:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMDRyzenMasterDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Eine Datei kann nicht erstellt werden, wenn sie bereits vorhanden ist.

Error: (09/17/2021 05:44:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMDRyzenMasterDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
Eine Datei kann nicht erstellt werden, wenn sie bereits vorhanden ist.


Windows Defender:
================
Date: 2021-09-18 22:47:53
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Ymacco.AAE0&threatid=280474&enterprise=0
Name: Program:Win32/Ymacco.AAE0
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\PhantomFiles\Miscellaneous\pData\pl.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: 
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.349.967.0, AS: 1.349.967.0, NIS: 1.349.967.0
Modulversion: AM: 1.1.18500.10, NIS: 1.1.18500.10

Date: 2021-09-18 22:47:53
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Ymacco.AAE0&threatid=280474&enterprise=0
Name: Program:Win32/Ymacco.AAE0
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\PhantomFiles\Miscellaneous\pData\pl.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: 
Prozessname: C:\Windows\System32\RuntimeBroker.exe
Sicherheitsversion: AV: 1.349.967.0, AS: 1.349.967.0, NIS: 1.349.967.0
Modulversion: AM: 1.1.18500.10, NIS: 1.1.18500.10

Date: 2021-09-18 22:47:53
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Ymacco.AAE0&threatid=280474&enterprise=0
Name: Program:Win32/Ymacco.AAE0
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\PhantomFiles\Miscellaneous\pData\pl.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: 
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.349.967.0, AS: 1.349.967.0, NIS: 1.349.967.0
Modulversion: AM: 1.1.18500.10, NIS: 1.1.18500.10

Date: 2021-09-18 22:47:53
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Ymacco.AAE0&threatid=280474&enterprise=0
Name: Program:Win32/Ymacco.AAE0
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\PhantomFiles\Miscellaneous\pData\pl.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: 
Prozessname: C:\Windows\System32\RuntimeBroker.exe
Sicherheitsversion: AV: 1.349.967.0, AS: 1.349.967.0, NIS: 1.349.967.0
Modulversion: AM: 1.1.18500.10, NIS: 1.1.18500.10

Date: 2021-09-18 22:47:53
Description: 
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Ymacco.AAE0&threatid=280474&enterprise=0
Name: Program:Win32/Ymacco.AAE0
Schweregrad: Niedrig
Kategorie: Potenziell unerwünschte Software
Pfad: file:_C:\PhantomFiles\Miscellaneous\pData\pl.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: 
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.349.967.0, AS: 1.349.967.0, NIS: 1.349.967.0
Modulversion: AM: 1.1.18500.10, NIS: 1.1.18500.10

CodeIntegrity:
===============
Date: 2021-09-19 12:52:10
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends International, LLC. 1.B0 01/20/2021
Hauptplatine: Micro-Star International Co., Ltd. MPG X570 GAMING PRO CARBON WIFI (MS-7B93)
Prozessor: AMD Ryzen 7 5800X 8-Core Processor 
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 32689.86 MB
Verfügbarer physikalischer RAM: 25568.2 MB
Summe virtueller Speicher: 37553.86 MB
Verfügbarer virtueller Speicher: 27230.11 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:1862.39 GB) (Free:439.67 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:536.34 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:931.38 GB) NTFS

\\?\Volume{3ebac3ad-745e-48ad-b361-6d2797aebad0}\ () (Fixed) (Total:0.52 GB) (Free:0.1 GB) NTFS
\\?\Volume{53774c0f-97f3-91a6-bdd5-41ada54d852a}\ () (Fixed) (Total:5.48 GB) (Free:0 GB) NTFS
\\?\Volume{3f590cec-e8f7-4b18-be24-03fae0a818fe}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E9D24FEF)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E9D24F10)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.

==================== Ende von Addition.txt =======================

I cant post the second log because it tells me I would do spam.

Link to post
Share on other sites

Hiya polemisch,

Thanks for the logs, continue:

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.

NOTE. It's important that both files, FRST or FRSTEnglish, and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1: This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed.

The following directories are emptied:Download "Microsoft's Safety Scanner" and save direct to the desktop

Ensure to get the correct version for your system....

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download


Right click on the Tool, select Run as Administrator the tool will expand to the options Window
In the "Scan Type" window, select Quic Scan
Perform a scan and Click Finish when the scan is done.


Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\msert.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

 
  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin


Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

user posted image

The system will be rebooted after the fix has run.

Next,

Download "Microsoft's Safety Scanner" and save direct to the desktop

Ensure to get the correct version for your system....

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download


Right click on the Tool, select Run as Administrator the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.


Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\msert.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Let me see those logs in your reply...

Thank you,

Kevin

 

fixlist.txt

Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.