Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Kein Windows update nach Hackerangriff

Kein Windows update nach Hackerangriff


Log-Analyse und Auswertung: Kein Windows update nach Hackerangriff

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 21.11.2023, 06:03   #1
Mab7
 
Kein Windows update nach Hackerangriff - Standard

Kein Windows update nach Hackerangriff


Hallo zusammen,

vor 3 Wochen hat es mich erwischt, habe mir ein tool runtergeladen für ein Spiel, in der selben Nacht ging es dann los.
Steam acc, gehackt, Paypal, email adressen usw.
Habe danach sämtliche Passwörter von der Arbeit geändert und vieles Geld zurückgebucht.
Ich instalierte mir am nächsten Abend Avira und Malware bytes.
Danach schien ruhe zu sein vor ein paar Tagen bekam ich dann eine böse erpressermail er ist immer noch in meinen Systemen und hat mir einen Screenshot und meine Passwörter geschickt mit meiner Device ID, das ganze ist allerdings der Stand am Tag des Hacks.
Seitdem kann ich keine Windoes Updates mehr durchführen und mir scheint der PC immer ncoch etwas langsam.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
durchgeführt von Sir (Administrator) auf MABPAVILLON (HP HP Pavilion Gaming Laptop 17-cd1xxx) (21-11-2023 05:12:26)
Gestartet von C:\Users\sirto\Downloads\FRST64.exe
Geladene Profile: Sir
Plattform: Microsoft Windows 11 Pro Version 23H2 22635.2483 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\BridgeCommunication.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(HP Inc. -> ) C:\Program Files\HP\Overlay\OMENOverlay.exe
(Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_43e3600968234e87\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_e00420cc358cbd11\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_e3868713e3d137ef\esif_uf.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d60a3faa7932ec00\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d60a3faa7932ec00\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.2419_none_e94552be42e14cae\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe [1201448 2020-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [471432 2020-05-15] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [292104 2023-09-25] (Intel Corporation -> Intel)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY (Keine Datei)
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [536624 2023-05-12] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2189592 2023-11-16] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [GameCenter] => C:\Users\sirto\AppData\Local\GameCenter\GameCenter.exe [10611912 2022-10-29] (VK Play LLC -> VK Play LLC)
HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [HP OfficeJet Pro 8710 (NET)] => C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\ScanToPCActivationApp.exe [3770504 2018-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [QMxNetworkSync] => C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe (Keine Datei)
HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-11-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [MicrosoftEdgeAutoLaunch_B96F7B7310ED7E0A1C0CE5220A7ADB8E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3818024 2023-11-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2594208 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [CrosshairX] => C:\Program Files (x86)\Steam\steamapps\common\CrosshairX\CrosshairX.exe [154311680 2023-11-10] (GitHub, Inc.) [Datei ist nicht signiert]
HKU\S-1-5-21-1727595607-4285960842-485942036-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [180224 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Startup: C:\Users\sirto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ElsterAuthenticator 53.0.0.lnk [2022-04-24]
ShortcutTarget: ElsterAuthenticator 53.0.0.lnk -> C:\Users\sirto\AppData\Local\ElsterAuthenticator\ElsterAuthenticator.exe (Bayerisches Landesamt fuer Steuern -> )
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {B1969100-93A9-4931-AFDA-F2C8A6292DCC} - System32\Tasks\AppData => %ProgramFiles%\WindowsAps\MicrosoftXboxGamingOverlay\uTorrent.exe  (Keine Datei)
Task: {0B3062D9-1CAB-45B2-9239-078F2A5B6AB9} - System32\Tasks\Avira_FallbackUpdater => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {2282C909-E132-49DA-A12A-AFB758FAC2C0} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {EAA92282-85DB-45E9-A501-5F085C9D4B72} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError
Task: {BAF9FAC2-7CD1-49EE-95BA-CD73D771ECAB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest
Task: {7F23D4A7-A0ED-441E-9D1B-56343F70C227} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {45BACE03-7FF7-4861-80B2-304D43A006EB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {6E86832E-85E9-4723-A6EE-D65CB2DDA196} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {59E621E2-71BF-4011-9D16-0660ABC5929C} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {03DC5711-4DF8-4146-8F15-97917A091B42} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {26C2DA1B-8344-49F6-A6B5-48916A7B304F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {17508398-2EA7-4B54-BB67-B397AB100EB7} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckTest
Task: {E9819769-1DFA-40D1-91CB-FA3F4054B638} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [702512 2023-06-30] (HP Inc. -> HP Inc.)
Task: {BAA023B4-B788-4C2D-A141-64DD5A9B2EAC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-06-30] (HP Inc. -> HP Inc.)
Task: {780D4F1A-E620-4399-90AC-2219C17B8979} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [230960 2023-06-30] (HP Inc. -> HP Inc.)
Task: {2847D50C-3761-4624-A8DB-A8DA4C877102} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-06-30] (HP Inc. -> HP Inc.)
Task: {F64767D1-7B64-43AA-B961-FA5793A2CB17} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN7CJBT52N => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-06-30] (HP Inc. -> HP Inc.)
Task: {E15B7A7E-72A0-4F0E-A850-8A94639C0763} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-06-30] (HP Inc. -> HP Inc.)
Task: {D9EDF8CA-C5B2-4F14-A35A-0E823A43EBB7} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {646C3513-0394-40E5-9246-1B7A922EF198} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {535AADF1-BF9E-4359-BA5A-D4F783A93739} - System32\Tasks\Intel\Intel Telemetry 3 => C:\Program Files\Intel\Telemetry 3.0\lrio.exe [5900448 2023-09-20] (Intel Corporation -> Intel Corporation)
Task: {786462A1-95BA-4EDC-A7F3-56B61CD2B252} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4850904 2023-05-24] (Intel Corporation -> Intel Corporation)
Task: {912F5763-D23F-4CFF-8D3D-DBABAB3D8AF2} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4850904 2023-05-24] (Intel Corporation -> Intel Corporation)
Task: {E5AC7ACE-FF88-46FD-ACA8-450BA64E57BA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe  --automatic (Keine Datei)
Task: {C11712AF-BFBB-479E-946B-3EF7964BF082} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D84DED2-9D56-4C84-8B68-A374CAAEB04B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7198072B-BDD5-415C-AE53-14AD9A04564B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FF8AB66-58C9-46F0-9F4C-5F90A1CC4580} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D864768-A5BF-451A-952C-B2D5B3C4D8E9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Keine Datei)
Task: {A3063061-2323-4516-85A4-7A25E62958CB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC RebootDialog (Keine Datei)
Task: {2BF6550A-CA5A-4C27-99F8-E0CCB3927603} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery RebootDialog (Keine Datei)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Keine Datei)
Task: {779F024A-2D46-4717-85AC-2292912B7F33} - System32\Tasks\Microsoft\Windows\WaaSMedic\DeferredWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {E427F81A-0459-476D-8748-D62C3B87FB29} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {ABFB96F6-1DC9-47F3-811C-2057067959BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1DA63C69-AD6B-43EF-9B95-756A08DD5F8A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6FB80831-3D6D-4968-9ABC-20BC6E7ED6EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89A60ACA-F4B1-44EC-8DC1-D4869EFBE2A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7EA26A5C-41DD-420C-9C5C-773E45751E1C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676256 2023-11-08] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {A4B26CB0-BE31-485B-BF32-1790E5996C14} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [723872 2023-11-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {9D606831-279F-4811-BE37-43E1DB40C746} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D1E1BC5D-A14F-49D2-B29B-80E370871542} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4081222D-D5CF-4BC8-976B-BEFA79538874} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {96D3F396-DF86-4B8B-82A2-1F0F6D502581} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F42FDE15-DEAF-44BE-B42D-B4FE3F505C83} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8A981BFC-6131-4A64-958D-B2E56185D363} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF20FDC3-5C47-4846-861E-0A878A17D95C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1C5A79B2-1BCE-4F32-9986-CB7A32DDCFA9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F75B012C-D1E2-4F25-BF17-29CC780545EC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F5F836E6-B74A-43CC-AD38-A10C8B6F46BF} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [60912 2023-10-15] (HP Inc. -> HP Inc.)
Task: {B2DBF682-86A4-4836-86EF-4875A947C444} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [62960 2023-10-15] (HP Inc. -> HP Inc.)
Task: {E2658CA3-6958-4434-B981-C5AC503091A8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CA41019-9BE7-41D8-9B37-7AD59C3D9C1A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1727595607-4285960842-485942036-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {663E4E53-8C44-4FB5-9225-7780FC8B778D} - System32\Tasks\Opera scheduled Autoupdate 1697992780 => C:\Users\sirto\AppData\Local\Programs\Opera\launcher.exe  --scheduledautoupdate $(Arg0) (Keine Datei)
Task: {30ED8814-8CB3-4417-8509-07CCE76A502F} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [149488 2023-10-15] (HP Inc. -> HP Inc.)
Task: {022CF30D-1810-4434-BB94-2E50DD7CDB36} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [200704 2023-03-17] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3a0f8296-2382-4099-b86d-c2e6111b2769}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{70cf674e-511e-4d99-991c-baa23801891a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a1e43b3b-116d-4d41-838f-41fb41b44707}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\sirto\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-21]
Edge HomePage: Default -> about:blank
Edge Extension: (Avira Safe Shopping) - C:\Users\sirto\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-10-20]
Edge Extension: (Avira Password Manager) - C:\Users\sirto\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-11-15]
Edge Extension: (Google Docs Offline) - C:\Users\sirto\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-20]
Edge Extension: (Edge relevant text changes) - C:\Users\sirto\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-18]
Edge Profile: C:\Users\sirto\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-06-18]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]

FireFox:
========
FF DefaultProfile: j96tyhyi.default
FF ProfilePath: C:\Users\sirto\AppData\Roaming\Mozilla\Firefox\Profiles\j96tyhyi.default [2023-10-22]
FF ProfilePath: C:\Users\sirto\AppData\Roaming\Mozilla\Firefox\Profiles\ort7sulc.default-release [2023-11-21]
FF Notifications: Mozilla\Firefox\Profiles\ort7sulc.default-release -> hxxps://www.vergleich.org
FF Extension: (uBlock Origin) - C:\Users\sirto\AppData\Roaming\Mozilla\Firefox\Profiles\ort7sulc.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-11-03]
FF Extension: (Mobile View Switcher) - C:\Users\sirto\AppData\Roaming\Mozilla\Firefox\Profiles\ort7sulc.default-release\Extensions\{fa247c57-77ac-41cd-b942-332051e15ced}.xpi [2022-07-30]
FF ProfilePath: C:\Users\sirto\AppData\Roaming\kompozer.net\KompoZer\Profiles\8mxjgbw4.default [2022-07-03]
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-06-18]
CHR Profile: C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-11-15]
CHR Notifications: Profile 1 -> hxxps://bestellen.dominos.de; hxxps://business.facebook.com; hxxps://flyeralarm-sports.pushengage.com; hxxps://postimg.cc; hxxps://reverscaptcha.com; hxxps://spark.adobe.com; hxxps://web.skype.com; hxxps://web.whatsapp.com; hxxps://www.autoscout24.de; hxxps://www.donaukurier.de; hxxps://www.facebook.com; hxxps://www.gesundheit.de; hxxps://www.giga.de; hxxps://www.instagram.com; hxxps://www.kino.de; hxxps://www.netflix.com; hxxps://www.rtl.de; hxxps://www.schulferien.org; hxxps://www.tui.com; hxxps://www.youtube.com
CHR HomePage: Profile 1 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
CHR StartupUrls: Profile 1 -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1"
CHR DefaultSearchURL: Profile 1 -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Profile 1 -> poshukach engin search
CHR DefaultSuggestURL: Profile 1 -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Avira Password Manager) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-11-04]
CHR Extension: (Avira Safe Shopping) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-11-13]
CHR Extension: (Avira Browserschutz) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-06]
CHR Profile: C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 5 [2023-11-10]
CHR Notifications: Profile 5 -> hxxps://myrust.de; hxxps://www.lieferando.de; hxxps://www.netflix.com; hxxps://www.youtube.com
CHR HomePage: Profile 5 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
CHR StartupUrls: Profile 5 -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1"
CHR DefaultSearchURL: Profile 5 -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Profile 5 -> poshukach engin search
CHR DefaultSuggestURL: Profile 5 -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Avira Password Manager) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-11-04]
CHR Extension: (Avira Safe Shopping) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-11-04]
CHR Extension: (Avira Browserschutz) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-10-24]
CHR Extension: (Google Docs Offline) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-30]
CHR Profile: C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 6 [2023-10-25]
CHR HomePage: Profile 6 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
CHR StartupUrls: Profile 6 -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1"
CHR DefaultSearchURL: Profile 6 -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Profile 6 -> poshukach engin search
CHR DefaultSuggestURL: Profile 6 -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Avira Safe Shopping) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-10-24]
CHR Extension: (Avira Browserschutz) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-10-24]
CHR Extension: (Google Docs Offline) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-05]
CHR Profile: C:\Users\sirto\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-18]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

Opera: 
=======
OPR DefaultProfile: Opera Stable
OPR Profile: C:\Users\sirto\AppData\Roaming\Opera Software\Opera Stable [2023-10-23]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\sirto\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-10-23]
OPR Extension: (Opera Wallet) - C:\Users\sirto\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-10-23]
OPR Extension: (Aria) - C:\Users\sirto\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-10-23]
OPR Extension: (Cashback Assistant) - C:\Users\sirto\AppData\Roaming\Opera Software\Opera Stable\Extensions\ompjkhnkeoicimmaehlcmgmpghobbjoj [2023-10-23]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6576104 2023-11-15] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [266936 2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [297392 2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH)
S3 BITS_bkp; C:\WINDOWS\System32\qmgr.dll [1388544 2023-10-17] (Microsoft Windows -> Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
S3 CloudBackupRestoreSvc; C:\WINDOWS\System32\CloudRestoreLauncher.dll [1261568 2023-10-17] (Microsoft Windows -> Microsoft Corporation)
S3 dosvc; C:\WINDOWS\System32\svchost.exe [79920 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)
S3 dosvc; C:\WINDOWS\SysWOW64\svchost.exe [48096 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)
U2 dosvc_bkp; C:\WINDOWS\system32\dosvc.dll [90112 2023-10-17] (Microsoft Windows -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [43784 2023-09-25] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [240392 2023-09-25] (Intel Corporation -> Intel)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943016 2023-04-23] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438664 2020-05-15] (Express Vpn LLC -> ExpressVPN)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncHelper.exe [3513248 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
S3 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\AppHelperCap.exe [888272 2023-08-29] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\DiagsCap.exe [886736 2023-08-29] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\NetworkCap.exe [883152 2023-08-29] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_e00420cc358cbd11\x64\OmenCap\OmenCap.exe [755656 2023-03-16] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-07-14] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\SysInfoCap.exe [886840 2023-08-29] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_43e3600968234e87\x64\TouchpointAnalyticsClientService.exe [497744 2023-08-02] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-06] (Malwarebytes Inc. -> Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\NVDisplay.Container.exe [1275544 2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.231.1107.0002\OneDriveUpdaterService.exe [3850256 2023-11-21] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-10-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group)
S2 UsoSvc_bkp; C:\WINDOWS\system32\usosvc.dll [102400 2023-10-17] (Microsoft Windows -> Microsoft Corporation)
S3 WaaSMedicSvc_bkp; C:\WINDOWS\System32\WaaSMedicSvc.dll [90112 2023-10-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 wuauserv_bkp; C:\WINDOWS\system32\wuaueng.dll [130520 2023-10-17] (Microsoft Windows -> Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AmPeStorU; C:\WINDOWS\system32\drivers\AmPeStorU.sys [242984 2021-06-24] (Alcorlink Corp. -> )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin2\brynhildr.sys [2188544 2022-05-26] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [28440 2020-05-15] (ExprsVPN LLC -> ExpressVPN)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
R2 HpReadHWData; C:\WINDOWS\system32\drivers\HpReadHWData.sys [52176 2023-08-19] (HP Inc. -> Windows (R) Win 7 DDK provider)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222800 2023-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-10-24] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [595896 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107960 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
R3 MpKslb78925b2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{798EB2F8-FE20-4DFC-AF2E-84AA9C40DCF9}\MpKslDrv.sys [263560 2023-11-21] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [67496 2023-03-23] (Realtek Semiconductor Corp. -> Realtek)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [44304 2020-05-15] (ExprsVPN LLC -> The OpenVPN Project)
S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-08-19] (Microsoft Windows -> Microsoft Corporation)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-08] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U1 aswbdisk; kein ImagePath
S3 etdsupp_16.0; \??\C:\Users\sirto\AppData\Local\Temp\etdsupp_16.0.sys [X] <==== ACHTUNG
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-11-21 05:12 - 2023-11-21 05:13 - 000046479 _____ C:\Users\sirto\Downloads\FRST.txt
2023-11-21 05:12 - 2023-11-21 05:12 - 000000000 ____D C:\FRST
2023-11-21 05:03 - 2023-11-21 05:03 - 002383872 _____ (Farbar) C:\Users\sirto\Downloads\FRST64.exe
2023-11-19 14:31 - 2023-11-19 14:31 - 000803640 _____ C:\WINDOWS\system32\perfh007.dat
2023-11-19 14:31 - 2023-11-19 14:31 - 000175500 _____ C:\WINDOWS\system32\perfc007.dat
2023-11-17 16:27 - 2023-11-17 16:27 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2023-11-17 16:23 - 2023-11-17 16:23 - 000000017 _____ C:\Users\sirto\AppData\Local\resmon.resmoncfg
2023-11-15 23:04 - 2023-11-16 00:33 - 000000000 ____D C:\Users\sirto\AppData\Local\Sysinternals
2023-11-15 22:33 - 2023-11-15 22:33 - 000000000 ____D C:\Users\sirto\Downloads\TCP418View
2023-11-15 22:32 - 2023-11-15 22:33 - 000000000 ____D C:\ProgramData\SystemExplorer
2023-11-15 22:32 - 2023-11-15 22:32 - 000001162 _____ C:\Users\Public\Desktop\System Explorer.lnk
2023-11-15 22:32 - 2023-11-15 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2023-11-15 22:32 - 2023-11-15 22:32 - 000000000 ____D C:\Program Files (x86)\System Explorer
2023-11-15 18:12 - 2023-11-15 18:12 - 000003706 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater
2023-11-15 17:51 - 2023-11-15 17:51 - 000000000 ___HD C:\$SysReset
2023-11-15 17:27 - 2023-11-15 17:27 - 000000000 ___HD C:\$Windows.~WS
2023-11-15 17:27 - 2023-11-15 17:27 - 000000000 ____D C:\$WINDOWS.~BT
2023-11-11 19:06 - 2023-11-11 19:06 - 000000000 ___HD C:\OneDriveTemp
2023-11-09 23:03 - 2023-11-09 23:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2023-11-09 22:35 - 2023-11-09 22:35 - 000000000 ____D C:\Users\sirto\Doctor Web
2023-11-09 11:25 - 2023-11-09 22:58 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2023-11-09 11:24 - 2023-11-09 11:24 - 000000000 ____D C:\WINDOWS\pss
2023-11-05 20:13 - 2023-11-05 20:13 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2023-11-05 15:45 - 2023-11-05 15:45 - 000000000 ____D C:\ProgramData\Intel Telemetry
2023-11-05 07:11 - 2023-11-05 07:11 - 000003670 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2023-11-05 07:11 - 2023-09-25 17:59 - 000047240 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2023-11-04 19:17 - 2023-11-04 19:17 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2023-11-04 19:17 - 2023-11-04 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2023-11-04 03:08 - 2023-11-04 03:08 - 000000000 ____D C:\Users\sirto\AppData\LocalLow\NVIDIA
2023-11-04 03:07 - 2023-11-04 03:07 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2023-11-04 03:04 - 2023-10-30 11:37 - 001424080 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-11-04 03:04 - 2023-10-30 11:37 - 001424080 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-11-04 03:04 - 2023-10-30 11:37 - 001246408 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-11-04 03:04 - 2023-10-30 11:37 - 001246408 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-11-04 03:04 - 2023-10-30 11:37 - 000850640 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-11-04 03:04 - 2023-10-30 11:37 - 000850640 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-11-04 03:04 - 2023-10-30 11:37 - 000731344 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-11-04 03:04 - 2023-10-30 11:37 - 000731344 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-11-04 03:04 - 2023-10-30 11:36 - 001487920 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-11-04 03:04 - 2023-10-30 11:36 - 001226776 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-11-04 03:04 - 2023-10-30 11:33 - 000670248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2023-11-04 03:04 - 2023-10-30 11:33 - 000504856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2023-11-04 03:04 - 2023-10-30 11:32 - 058720920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2023-11-04 03:04 - 2023-10-30 11:32 - 001540744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-11-04 03:04 - 2023-10-30 11:32 - 001198744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-11-04 03:04 - 2023-10-30 11:32 - 000958088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-11-04 03:04 - 2023-10-30 11:31 - 002171016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-11-04 03:04 - 2023-10-30 11:31 - 001624616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-11-04 03:04 - 2023-10-30 11:31 - 000997416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-11-04 03:04 - 2023-10-30 11:31 - 000810536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-11-04 03:04 - 2023-10-30 11:31 - 000773656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-11-04 03:04 - 2023-10-30 11:30 - 015095424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-11-04 03:04 - 2023-10-30 11:30 - 012375600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-11-04 03:04 - 2023-10-30 11:30 - 006462088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-11-04 03:04 - 2023-10-30 11:30 - 005862424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-11-04 03:04 - 2023-10-30 11:30 - 005860480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-11-04 03:04 - 2023-10-30 11:30 - 003620400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-11-04 03:04 - 2023-10-30 11:30 - 000459824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-11-04 03:04 - 2023-10-30 11:29 - 000853128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-11-04 03:04 - 2023-10-30 11:28 - 006745768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-11-04 03:04 - 2023-10-27 02:29 - 000113883 _____ C:\WINDOWS\system32\nvinfo.pb
2023-11-03 19:54 - 2023-11-03 19:54 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-11-02 02:35 - 2023-11-02 02:35 - 000000000 ____D C:\AdwCleaner
2023-11-02 02:23 - 2023-11-02 02:23 - 000000000 ____D C:\Users\sirto\AppData\Local\OO Software
2023-11-02 02:21 - 2023-11-15 18:07 - 000000000 ____D C:\Program Files\QuickCPU
2023-11-02 02:21 - 2023-11-02 17:35 - 000000000 ____D C:\Users\sirto\AppData\Local\Coderbag
2023-11-02 02:21 - 2023-11-02 02:21 - 000000957 _____ C:\Users\Public\Desktop\QuickCPU.lnk
2023-11-02 02:21 - 2023-11-02 02:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickCPU64
2023-10-26 22:37 - 2023-10-26 22:37 - 000027376 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_141294693833722.dll
2023-10-26 14:44 - 2023-11-08 00:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-10-24 23:25 - 2023-11-21 05:10 - 000000000 ____D C:\Users\sirto\AppData\Local\Malwarebytes
2023-10-24 23:25 - 2023-10-24 23:25 - 000002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-10-24 23:25 - 2023-10-24 23:25 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-10-24 23:25 - 2023-10-24 23:25 - 000000000 ____D C:\Users\sirto\AppData\Local\mbam
2023-10-24 23:24 - 2023-10-24 23:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-10-24 23:24 - 2023-10-24 23:24 - 000000000 ____D C:\Program Files\Malwarebytes
2023-10-24 01:49 - 2023-10-24 01:49 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Microsoft\CLR Security Config
2023-10-23 23:20 - 2023-10-23 23:20 - 000027376 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_1288069833075.dll
2023-10-23 11:14 - 2023-10-23 11:14 - 000001168 _____ C:\Users\sirto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon.lnk
2023-10-23 01:10 - 2023-10-23 01:10 - 000000000 ____D C:\tmp1
2023-10-23 01:06 - 2022-12-23 00:53 - 001185656 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2023-10-22 17:39 - 2023-11-02 16:43 - 000003600 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1697992780
2023-10-22 17:39 - 2023-10-22 17:39 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Opera Software
2023-10-22 17:39 - 2023-10-22 17:39 - 000000000 ____D C:\Users\sirto\AppData\Local\Opera Software
2023-10-22 17:37 - 2023-10-22 17:40 - 000000000 ____D C:\Users\sirto\AppData\Roaming\stubinstaller
2023-10-22 17:36 - 2023-10-22 17:36 - 000367096 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2023-11-21 05:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-21 05:10 - 2023-08-27 01:50 - 000000000 ____D C:\Users\sirto\AppData\Roaming\CrosshairX
2023-11-21 05:10 - 2023-04-23 17:46 - 000000000 ____D C:\Program Files (x86)\Steam
2023-11-21 05:10 - 2022-10-09 03:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-21 05:10 - 2020-08-16 15:58 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-21 05:09 - 2022-10-09 03:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-21 05:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-11-21 05:09 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-21 05:09 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-11-21 05:09 - 2022-02-08 16:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-11-21 05:09 - 2022-01-25 17:24 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-11-21 05:09 - 2020-12-12 23:23 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2023-11-21 05:09 - 2020-08-16 15:49 - 000000000 ____D C:\Intel
2023-11-21 05:09 - 2020-05-06 09:58 - 000012288 ___SH C:\DumpStack.log.tmp
2023-11-21 05:08 - 2020-12-03 16:44 - 000000000 ____D C:\Users\sirto\AppData\Roaming\vlc
2023-11-21 05:00 - 2022-10-09 03:57 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1727595607-4285960842-485942036-1001
2023-11-21 05:00 - 2022-10-09 03:57 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-11-21 05:00 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-21 05:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-21 05:00 - 2022-01-23 16:50 - 000002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-21 01:01 - 2022-10-09 03:57 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5A9BA50D-6393-4B83-BFD7-93A06E53A4FC}
2023-11-21 00:54 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-11-20 09:22 - 2023-06-18 13:44 - 000000000 ____D C:\Users\sirto\AppData\Local\OGH
2023-11-20 05:42 - 2020-12-03 15:19 - 000000000 ____D C:\Users\sirto\AppData\Local\D3DSCache
2023-11-20 03:54 - 2020-12-07 02:15 - 000000000 ____D C:\Users\sirto\AppData\Local\CrashDumps
2023-11-19 20:13 - 2022-07-20 15:45 - 000000000 ____D C:\Users\sirto\OneDrive\Dokumente\Outlook-Dateien
2023-11-19 20:13 - 2020-12-07 00:37 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Microsoft\Word
2023-11-19 17:54 - 2021-12-14 17:16 - 000000000 ____D C:\Users\sirto\AppData\Roaming\discord
2023-11-19 17:54 - 2021-01-20 22:32 - 000000000 ____D C:\Program Files\Microsoft Office
2023-11-19 17:46 - 2022-09-03 17:23 - 000000000 ____D C:\Users\sirto\AppData\Local\Discord
2023-11-19 14:31 - 2022-10-09 03:56 - 001919168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-18 00:39 - 2021-09-21 17:36 - 000000000 ____D C:\Users\sirto\AppData\Local\Steam
2023-11-17 16:25 - 2022-10-09 03:52 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Microsoft\Windows
2023-11-16 05:07 - 2022-10-09 03:52 - 000000000 ____D C:\Users\sirto
2023-11-16 02:29 - 2022-10-30 04:45 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2023-11-15 22:18 - 2020-12-05 00:49 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-15 18:12 - 2023-10-18 20:59 - 000000000 ____D C:\Program Files (x86)\Avira
2023-11-15 18:10 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-15 18:08 - 2023-10-18 21:01 - 011537360 _____ C:\WINDOWS\system32\rtp.db
2023-11-15 18:08 - 2023-10-18 20:59 - 000000000 ____D C:\ProgramData\Avira
2023-11-15 18:08 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-11-15 18:08 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-11-15 17:59 - 2020-12-03 15:09 - 000000000 ____D C:\Users\sirto\AppData\Local\Packages
2023-11-15 17:59 - 2020-08-16 15:52 - 000000000 ____D C:\ProgramData\Packages
2023-11-15 17:44 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-15 17:31 - 2023-07-06 11:18 - 000000000 ____D C:\WINDOWS\Panther
2023-11-15 17:31 - 2020-12-19 23:44 - 000000000 ____D C:\ESD
2023-11-15 16:52 - 2020-12-03 18:07 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Microsoft\MMC
2023-11-15 14:14 - 2020-12-03 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2023-11-15 14:14 - 2020-12-03 23:34 - 000000000 ____D C:\Program Files\Common Files\MAGIX Services
2023-11-15 14:11 - 2020-12-07 00:37 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Microsoft\Office
2023-11-14 22:35 - 2021-10-24 16:19 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-14 02:15 - 2021-01-20 22:23 - 000001046 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2023-11-14 02:15 - 2021-01-20 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2023-11-12 18:43 - 2020-12-26 16:22 - 000000000 ____D C:\Users\sirto\AppData\Local\ElevatedDiagnostics
2023-11-11 20:51 - 2023-06-18 13:44 - 000003748 _____ C:\WINDOWS\system32\Tasks\SystemOptimizer
2023-11-09 23:00 - 2020-06-13 00:54 - 000000000 ____D C:\Program Files\HP
2023-11-09 22:37 - 2020-08-16 15:58 - 000000000 ____D C:\ProgramData\Package Cache
2023-11-09 11:30 - 2020-12-03 16:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-09 05:16 - 2020-12-03 15:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-11-08 22:17 - 2020-05-06 09:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-08 02:30 - 2023-10-18 21:00 - 000001085 _____ C:\Users\Public\Desktop\Avira.lnk
2023-11-08 02:30 - 2023-10-18 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2023-11-08 00:20 - 2020-12-03 15:17 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-11-05 15:45 - 2020-08-16 16:02 - 000000000 ____D C:\ProgramData\Intel
2023-11-05 07:11 - 2022-10-09 03:57 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2023-11-05 07:11 - 2022-10-09 03:57 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2023-11-04 19:17 - 2022-10-09 03:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2023-11-04 19:17 - 2020-12-08 01:48 - 000000000 ____D C:\Program Files\Intel
2023-11-04 19:08 - 2021-12-14 15:35 - 000000000 ____D C:\ProgramData\Avast Software
2023-11-04 03:08 - 2020-12-03 16:56 - 000000000 ____D C:\Users\sirto\AppData\Local\NVIDIA
2023-11-04 02:37 - 2023-10-18 21:03 - 000000000 ____D C:\Users\Public\Security Sessions
2023-11-02 16:43 - 2023-09-15 00:32 - 000002700 _____ C:\WINDOWS\system32\Tasks\OmenOverlay
2023-11-02 16:43 - 2023-09-05 13:44 - 000002760 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitor
2023-11-02 16:43 - 2022-10-09 03:57 - 000003682 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-11-02 16:43 - 2022-10-09 03:57 - 000003458 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-11-02 16:43 - 2022-10-09 03:57 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-02 16:43 - 2022-10-09 03:57 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-02 16:43 - 2022-10-09 03:57 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2023-11-02 16:43 - 2022-10-09 03:57 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-02 16:43 - 2022-10-09 03:57 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-02 16:43 - 2022-10-09 03:57 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-02 16:43 - 2022-10-09 03:57 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-02 16:43 - 2022-10-09 03:57 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-02 16:43 - 2022-10-09 03:57 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-02 16:43 - 2022-10-09 03:57 - 000002766 _____ C:\WINDOWS\system32\Tasks\HPAudioSwitch
2023-11-02 16:43 - 2022-10-09 03:57 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-02 13:57 - 2020-08-16 15:51 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2023-11-02 02:38 - 2021-01-12 16:28 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2023-11-02 02:38 - 2020-12-03 15:29 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Hewlett-Packard
2023-11-02 02:38 - 2020-05-27 00:34 - 000000000 ___HD C:\hp
2023-11-01 16:18 - 2022-05-22 00:48 - 000000000 ____D C:\SWSetup
2023-11-01 16:03 - 2020-12-03 17:09 - 000000000 ____D C:\Users\sirto\AppData\Local\HP_Inc
2023-10-31 15:54 - 2020-12-03 15:14 - 000000000 ____D C:\Users\sirto\AppData\Local\PlaceholderTileLogoFolder
2023-10-30 11:28 - 2022-07-04 10:01 - 007866464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-10-25 22:36 - 2023-09-24 12:15 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Samsung Magician
2023-10-25 22:36 - 2022-02-09 14:24 - 000000000 ____D C:\ProgramData\Battle.net

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2020-12-04 01:02 - 2021-10-23 23:13 - 000276480 _____ () C:\Users\sirto\AppData\Roaming\cookies.sqlite
2021-03-27 18:12 - 2022-09-20 20:59 - 000017408 _____ () C:\Users\sirto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-11-17 16:23 - 2023-11-17 16:23 - 000000017 _____ () C:\Users\sirto\AppData\Local\resmon.resmoncfg
2022-12-02 16:47 - 2022-12-02 16:47 - 000000019 _____ () C:\Users\sirto\AppData\Local\tkeyf.txt
2020-12-04 17:50 - 2022-09-29 21:35 - 000000019 _____ () C:\Users\sirto\AppData\Local\tkeys.txt
2022-10-16 21:30 - 2023-03-12 19:57 - 000000019 _____ () C:\Users\sirto\AppData\Local\tkeysss.txt
2022-12-03 19:07 - 2023-01-12 21:21 - 000000019 _____ () C:\Users\sirto\AppData\Local\tky.txt

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

 

Themen zu Kein Windows update nach Hackerangriff
avast, avira, defender, desktop, email, firefox, format, geld, google, homepage, internet, malware, mozilla, performance, prozesse, realtek, registry, rundll, scan, security, services.exe, software, svchost.exe, updates, windows


« Win10 pro - Schadsoftware (?) erstellt Phishing eMails in meiner Outlook Inbox | ARP Flooding und HTTP 1.1 im Wireshark »


Ähnliche Themen: Kein Windows update nach Hackerangriff


  1. Windows 10 - schwarzer Bildschirm nach Anmeldung (trat nach Windows-Update auf)
    Alles rund um Windows - 15.11.2020 (15)
  2. Windows 7 Update erst kein Dienst, jetzt kein Aufrufen mehr möglich
    Alles rund um Windows - 23.12.2017 (16)
  3. Nach Windows-Insider Update kein Rollback möglich
    Alles rund um Windows - 20.10.2017 (3)
  4. Nach Flashplayer Update kein Internet mehr
    Log-Analyse und Auswertung - 15.05.2017 (17)
  5. Windows 7 kein Update möglich
    Alles rund um Windows - 09.02.2017 (10)
  6. nach windows 7 update lässt sich kein Virenschutz mehr aktivieren
    Log-Analyse und Auswertung - 16.01.2016 (24)
  7. Windows 7 32 Bit: Kein abgesicherter Modus, Kein Avast möglich, WIN-Update streikt USW.
    Plagegeister aller Art und deren Bekämpfung - 30.06.2015 (16)
  8. Facebook: Ausfall war kein Hackerangriff
    Nachrichten - 27.01.2015 (0)
  9. kann kein Windows Update durchführen
    Alles rund um Windows - 22.04.2014 (3)
  10. Rootkit.0Access.64 in C:\\Windows\Installer\ --> kein Windows Update?
    Plagegeister aller Art und deren Bekämpfung - 08.10.2012 (17)
  11. GoDaddy: Kein Hackerangriff für Ausfälle verantwortlich
    Nachrichten - 12.09.2012 (0)
  12. Kein update für Antivir und Windows, kein Virusscan möglich
    Plagegeister aller Art und deren Bekämpfung - 22.12.2010 (0)
  13. Windows 7 - 80072EFE - kein Windows Update mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 02.09.2010 (15)
  14. Nach Trojaner-Beseitgung kein WinXP-Update mehr möglich!
    Alles rund um Windows - 31.10.2008 (4)
  15. Kein Netzwerk nach XP-Update
    Alles rund um Windows - 30.10.2006 (7)
  16. Nach Anti-Vir-Update kein Internetzugang mehr & Rechner fährt nicht runter
    Antiviren-, Firewall- und andere Schutzprogramme - 03.02.2006 (6)
  17. Kann kein Windows Update machen :-(
    Alles rund um Windows - 10.12.2004 (17)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Kein Windows update nach Hackerangriff - Hallo zusammen, vor 3 Wochen hat es mich erwischt, habe mir ein tool runtergeladen für ein Spiel, in der selben Nacht ging es dann los. Steam acc, gehackt, Paypal, email - Kein Windows update nach Hackerangriff...
Archiv
Du betrachtest: Kein Windows update nach Hackerangriff auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131