Diverse Funde

The_Game_ · 24.09.2024, 20:02

Hallo,

nachdem mein Computer immer langsamer wurde, hatte ich mein Antivirenprogramm Avira durchlaufen lassen. Leider ohne Erfolg! Daraufhin habe Eset Online Scanner und AdwCleaner auf die Suche geschickt und einige Sachen gefunden. Diese sind nun in Quarantäne. Wie soll ich nun weiter vor gehen?

Logfile Eset

Code:

ATTFilter

24.09.2024 01:08:07
Geprüfte Dateien: 691150
Erkannte Dateien: 7
Gesäuberte Dateien: 7
Scandauer gesamt 01:08:33
Scanstatus: Abgeschlossen
C:\Windows\ServiceProfiles\LocalService\winhttp\1683328287.cache	JS/ProxyChanger.EF trojan	cleaned by deleting

C:\Windows\ServiceProfiles\LocalService\winhttp\1769398645.cache	JS/ProxyChanger.EF trojan	cleaned by deleting

C:\Windows\ServiceProfiles\LocalService\winhttp\1775478256.cache	JS/ProxyChanger.EF trojan	cleaned by deleting

C:\Windows\ServiceProfiles\LocalService\winhttp\3831022528.cache	JS/ProxyChanger.EF trojan	cleaned by deleting

C:\Windows\ServiceProfiles\LocalService\winhttp\4164206225.cache	JS/ProxyChanger.EF trojan	cleaned by deleting

C:\Windows\ServiceProfiles\LocalService\winhttp\456592475.cache	JS/ProxyChanger.EF trojan	cleaned by deleting

D:\Program Files (x86)\Origin Games\FIFA Manager 13\rld.dll	Win32/HackTool.Crack.BB potentially unsafe application	cleaned by deleting

Logfile AdwCleaner

Code:

ATTFilter

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-24-2024
# Duration: 00:00:01
# OS:       Windows 10 (Build 19045.4894)
# Cleaned:  6
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\Stefa\AppData\Local\Downloaded Installations\{DAD82379-C684-4D04-83D5-2B9934A9C362}

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service
Deleted       HKLM\System\CurrentControlSet\Services\EventLog\Application\server

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31E55944-8B6E-4812-821C-6FD14CF5F91D} 
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task
Deleted       Preinstalled.LenovoPowerDVD   Task   C:\Windows\System32\Tasks\PDVDSERV12 TASK


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2041 octets] - [22/09/2024 15:04:55]
AdwCleaner[C00].txt - [2210 octets] - [22/09/2024 15:05:57]
AdwCleaner[S01].txt - [2163 octets] - [24/09/2024 01:08:38]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

cosinus · 24.09.2024, 20:09

Zitat:

D:\Program Files (x86)\Origin Games\FIFA Manager 13\rld.dll Win32/HackTool.Crack.BB

Cracks, Keygens und andere illegale Software

Bitte lesen => Cracks, Keygens und andere illegale Software

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

The_Game_ · 25.09.2024, 17:23

Habe ich entfernt.

cosinus · 25.09.2024, 17:25

Nicht nur den Crack. Auch alle installierten Programme und Spiele.

The_Game_ · 25.09.2024, 18:26

Zitat:

Zitat von cosinus

Nicht nur den Crack. Auch alle installierten Programme und Spiele.

Habe ich und es ist eigentlich kein Crack/Hack sondern eher ein Mod (Erweiterung) zu einer früheren Version. War erhältlich auf der Seite https://www.fm-zocker.net/

cosinus · 25.09.2024, 18:41

Das Teil wurde klar als Crack erkannt.

Was ist mit den FRST-Logs?

The_Game_ · 25.09.2024, 19:57

Zitat:

Zitat von cosinus

Das Teil wurde klar als Crack erkannt.

Was ist mit den FRST-Logs?

Hier ist der FRST-Log

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by SYSTEM on MININT-4L80ODJ (25-09-2024 20:45:49)
Running from g:\\FRST64.exe
Platform: Windows 10 Home Version 22H2 19045.4894 (X64) Language: Deutsch (Deutschland) -> Deutsch (Deutschland)
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.


==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [831584 2016-11-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [] => [X]
HKU\Stefa\...\Run: [HP OfficeJet 3830 series (NET)] => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\Stefa\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2239256 2024-09-14] (Wargaming Group Limited -> Wargaming.net)
HKU\Stefa\...\Run: [] => [X]
HKU\Stefa\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1842952 2024-08-29] (Overwolf Ltd -> Overwolf Ltd.)
HKU\Stefa\...\Run: [Steam] => D:\Steam\steam.exe [4406632 2024-09-13] (Valve Corp. -> Valve Corporation)
HKU\Stefa\...\Run: [MicrosoftEdgeAutoLaunch_9DC56468E065DAA99E27C3CB0FB06F76] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3798464 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\Stefa\...\RunOnce: [Application Restart #3] => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\OneClick.exe [7383048 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\Stefa\...\RunOnce: [Application Restart #4] => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\OneClick.exe [7383048 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\Stefa\...\RunOnce: [Application Restart #5] => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\OneClick.exe [7383048 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\Stefa\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [155136 2024-05-16] (Microsoft Corporation)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP OfficeJet 3830 series): C:\Windows\system32\HPDiscoPME511.dll [807432 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\Windows\system32\hpinkstsE511LM.dll [399368 2023-09-24] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\PDF Architect 9 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\architect_pdfpmon_v.6.23.0.2.dll [974120 2024-08-31] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [196096 2023-05-21] (pdfforge GmbH)
HKLM\...\Print\Monitors\Soda PDF Desktop 14 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\soda_pdfpmon_v.6.23.0.2.dll [974120 2024-08-31] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION

==================== Scheduled Tasks (All) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {D3600B0A-38AD-485E-AA9F-506BC6960249} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DE24A4B1-3C38-4929-8777-FAC911ACCB86} - System32\Tasks\Agent Activation Runtime\S-1-5-21-3758623145-1266260989-3540530203-1001 => C:\Windows\System32\AgentActivationRuntimeStarter.exe [13312 2023-10-11] ()
Task: {801210C1-1761-4785-81A1-D556502AFB34} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\App Notification => C:\Program Files\PDF Architect 9\architect-launcher.exe [2343872 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {61C65471-84BA-43F1-A04E-7689FEC6ED5D} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\App Notification Logon => C:\Program Files\PDF Architect 9\architect-launcher.exe [2343872 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {FFED27E1-3AB1-4053-A8C5-447CA111E1DE} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\Installer updater => C:\ProgramData\PDF Architect 9\Installation\PDF_Architect_9_Installer.exe [12086712 2024-08-29] (pdfforge GmbH -> )
Task: {B6E4B966-7AC5-48EE-9D5E-7513E3AE4EE8} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3636672 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {8038C571-7ECE-4A47-A548-439CD2E86253} - System32\Tasks\Avanquest Software\Soda PDF Desktop 14\App Notification => D:\Soda PDF Desktop 14\soda-launcher.exe [2195424 2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
Task: {8D604B43-1258-4197-B19F-9B1E532E26F9} - System32\Tasks\Avanquest Software\Soda PDF Desktop 14\App Notification Logon => D:\Soda PDF Desktop 14\soda-launcher.exe [2195424 2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
Task: {EB5E79F9-1AE1-477E-AC79-9C9DABFE7BCD} - System32\Tasks\Avanquest Software\Soda PDF Desktop 14\Installer updater => C:\ProgramData\Soda PDF Desktop 14\Installation\SodaPDFDesktop14.exe [11922384 2024-08-31] (Avanquest Software (7270356 Canada Inc) -> )
Task: {889BB0D0-B5EF-4831-A47C-6081E65BE513} - System32\Tasks\Avanquest Software\Soda PDF Desktop 14\Update => D:\Soda PDF Desktop 14\soda.exe [3694560 2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
Task: {7A3FAB71-427E-4198-9B28-4BB9EABD4F5F} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\System32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {83632D50-AD9E-4284-8768-A237AEB08FD4} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {83632D50-AD9E-4284-8768-A237AEB08FD4} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {83632D50-AD9E-4284-8768-A237AEB08FD4} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {CC2DE6C9-6431-487F-A1B8-AE13F7F9B6B6} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259944 2024-08-12] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {ED4B0EC4-2494-4DFE-91DB-CF9FABDC235D} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1775464 2024-08-12] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {F3EE2A15-6A9E-4241-A2FB-7921DAAE45A7} - System32\Tasks\Avira_Security_Update => C:\Windows\System32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {51B94CE3-6740-482C-AF8D-0FD2D9765612} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5786440 2024-09-01] (Microsoft Windows -> Microsoft Corporation)
Task: {0F912048-2F32-418E-8D3B-BCDC41F9142F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Stefa\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-09-22] (ESET, spol. s r.o. -> ESET)
Task: {324B7915-6DB2-4A78-988A-E6E11FD153A9} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Stefa\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-09-22] (ESET, spol. s r.o. -> ESET)
Task: {1A278C31-9F1A-42C9-988D-7E93BA7E8985} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{B77F026C-BD7A-4FD2-9D5C-6DF0E4661D87} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {21EA4186-7D52-473D-9B31-ADE464A4DBCD} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4922296 2023-12-19] (Intel Corporation -> Intel Corporation)
Task: {137C4E6C-AAA6-404D-88EE-67A955B47D05} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4922296 2023-12-19] (Intel Corporation -> Intel Corporation)
Task: {7CD60741-B058-4ED8-A7E3-16B1C112A238} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe  --automatic (No File)
Task: {F44EABDD-44D7-4112-B706-1B6AA91CCBB6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {BAF4B9A8-1B02-4B38-B231-7EA97230256B} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 => {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [23952 2022-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5A9F0F2-D7CA-4A2B-8871-C67F2CBEADF1} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 => {429BC048-379E-45E0-80E4-EB1977941B5C} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [23952 2022-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D44DA44-C6A2-454A-AD76-389CB7AB7B77} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical => {613FBA38-A3DF-4AB8-9674-5604984A299A} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [23952 2022-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {B750F9BA-94F7-495C-9AA5-9E0BFB0E1F63} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical => {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [23952 2022-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {F346D1E4-9974-4A5D-9E35-FE7079A30555} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) => {CF2CF428-325B-48D3-8CA8-7633E36E5A32} C:\Windows\system32\msdrm.dll [570368 2019-12-07] (Microsoft Corporation)
Task: {8E33F0A3-A31E-4E6C-AFF7-844A27E761B7} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) => {BF5CB148-7C77-4D8A-A53E-D81C70CF743C} C:\Windows\system32\msdrm.dll [570368 2019-12-07] (Microsoft Corporation)
Task: {5B885149-AF43-451C-A12F-0CD1E0A34023} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager => {DECA92E0-AF85-439E-9204-86679978DA08} C:\Windows\System32\AppLockerCsp.dll [391168 2024-07-10] (Microsoft Corporation)
Task: {4EBE9A38-6BE4-429E-8588-B460327DB327} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [160768 2023-11-15] (Microsoft Corporation)
Task: {4520E8A9-AF06-4122-859B-E4B655B29B36} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific => {9F2B0085-9218-42A1-88B0-9F0E65851666}
Task: {7A27D6E9-CB10-42F6-B75D-A53F78486290} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [50176 2024-05-16] (Microsoft Corporation)
Task: {D5ED92AB-C413-47D7-A090-F97B0D2AB4FC} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {D5ED92AB-C413-47D7-A090-F97B0D2AB4FC} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {D5ED92AB-C413-47D7-A090-F97B0D2AB4FC} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {7A5AFDB2-56EC-4352-AB44-069E7BF253A8} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [227832 2024-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0AEAC85B-5E40-413D-A138-CB5B3A95BAB1} - System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask => C:\Windows\system32\rundll32.exe [89600 2024-07-10] (Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaPatchSdbTask
Task: {73469C3A-0B60-4A11-AD8A-FC67A901B741} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [227832 2024-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D363385-64B8-4207-AC46-3EE180DD87F2} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [89600 2024-07-10] (Microsoft Corporation) -> Startupscan.dll,SusRunTask
Task: {B5108B49-C39A-43DE-AC49-06155873BAE9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [120320 2024-05-16] (Microsoft Corporation)
Task: {BA366117-6A44-44F3-9BAA-09C4ADA110CC} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [120320 2024-05-16] (Microsoft Corporation)
Task: {E003BEA4-7D11-4522-9834-25C3F9F93F53} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [89600 2024-07-10] (Microsoft Corporation) -> Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {F472261A-A57A-465B-A695-5F2E75E37782} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [13312 2023-11-15] (Microsoft Corporation)
Task: {D4E66947-0474-47DA-ABE3-8F7F5F9AA708} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\Windows\system32\AppListBackupLauncher.dll [94208 2024-05-16] (Microsoft Corporation)
Task: {5CDA56CF-0496-45B6-B17E-AE149B7E3D05} - System32\Tasks\Microsoft\Windows\AppListBackup\BackupNonMaintenance => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\Windows\system32\AppListBackupLauncher.dll [94208 2024-05-16] (Microsoft Corporation)
Task: {C9ABE41C-5E65-4E52-8BAD-4F1BCA3B5715} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\system32\rundll32.exe [89600 2024-07-10] (Microsoft Corporation) -> %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {91BA98A1-1F9E-40A0-956F-E6E5B33A45E4} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\Windows\system32\UCPDMgr.exe [66560 2024-07-28] (Microsoft Corporation)
Task: {36A78C3E-A142-4F86-903E-AE26291F646C} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\system32\rundll32.exe [89600 2024-07-10] (Microsoft Corporation) -> /d acproxy.dll,PerformAutochkOperations
Task: {34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2024-05-16] (Microsoft Corporation)
Task: {87094343-6C1F-4855-A6B9-305BA74AB761} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2024-05-16] (Microsoft Corporation)
Task: {AB05B368-13F7-468A-9B30-E553C06B5449} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [40448 2019-12-07] (Microsoft Corporation)
Task: {077333D6-06BA-4EA4-BDF4-1CD1439558F2} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask => {E984D939-0E00-4DD9-AC3A-7ACA04745521}
Task: {F0BE4F3E-F4F0-4B98-88EE-57290DDF6CB2} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\Windows\system32\ngctasks.dll [279040 2024-05-16] (Microsoft Corporation)
Task: {F67BF9CD-2696-4F2D-9D78-BB8C84A53C1E} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\Windows\system32\ngctasks.dll [279040 2024-05-16] (Microsoft Corporation)
Task: {2F63CF7F-0537-4E2A-9F8A-B763EFE907F5} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask => {47E30D54-DAC1-473A-AFF7-2355BF78881F} C:\Windows\system32\ngctasks.dll [279040 2024-05-16] (Microsoft Corporation)
Task: {50DDDD38-168C-486B-966F-A23226488295} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\Windows\system32\dimsjob.dll [44544 2019-12-07] (Microsoft Corporation)
Task: {0EDEA23A-3DEC-41C3-B03E-BC7A3356D6BC} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\Windows\system32\dimsjob.dll [44544 2019-12-07] (Microsoft Corporation)
Task: {78FC1447-DCFF-4832-A268-0ABA89022F48} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam => {58FB76B9-AC85-4E55-AC04-427593B1D060} C:\Windows\system32\dimsjob.dll [44544 2019-12-07] (Microsoft Corporation)
Task: {57C76B66-AD3C-4221-81FA-55045859B06F} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan => {CF4270F5-2E43-4468-83B3-A8C45BB33EA1} C:\Windows\System32\pstask.dll [16384 2019-12-07] (Microsoft Corporation)
Task: {3FC4BE91-4A96-48F5-8858-1628CB88EFB5} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [263168 2024-07-10] (Microsoft Corporation) -> %windir% /sysrepair
Task: {5B0ED9ED-6704-45F8-B8C1-93C5A3B5F4FF} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [1167872 2024-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {12514C9A-1DE5-40CE-B66C-D6838DA9A169} - System32\Tasks\Microsoft\Windows\CloudExperienceHost\CreateObjectTask => {E4544ABA-62BF-4C54-AAB2-EC246342626C} C:\Windows\System32\CloudExperienceHostBroker.exe [70016 2024-05-16] (Microsoft Windows -> Microsoft Corporation)
Task: {50D5842C-70F8-4ED6-9C97-F1E7801F3647} - System32\Tasks\Microsoft\Windows\CloudRestore\Backup => {722D0F89-B69C-4700-AE8C-4A44350E4876} C:\WINDOWS\System32\CloudRestoreLauncher.dll [829952 2024-09-01] (Microsoft Corporation)
Task: {9EB639AA-5DA6-4D27-B4C4-FD9FC1676231} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82AA0895-198A-4C1B-B2D1-C16894218AFB} C:\Windows\System32\unifiedconsent.dll [339456 2024-09-01] (Microsoft Corporation)
Task: {ED77AEE0-EAFB-4133-B544-9E7C5632D902} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [120320 2024-05-16] (Microsoft Corporation)
Task: {7572B7F9-BE9D-43BF-9A4E-F82023EDBD33} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip => {C27F6B1D-FE0B-45E4-9257-38799FA69BC8} C:\Windows\System32\usbceip.dll [119808 2019-12-07] (Microsoft Corporation)
Task: {304D2127-E6ED-4C82-B9B3-63B3B54A4D66} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [317440 2024-05-16] (Microsoft Corporation)
Task: {90F68E39-00DE-4159-BCDB-5C5759A5CF53} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [317440 2024-05-16] (Microsoft Corporation)
Task: {EAD9ED20-AC69-4E97-8CCB-E8F62CA707B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery => {DCFD3EA8-D960-4719-8206-490AE315F94F} C:\Windows\System32\discan.dll [317440 2024-05-16] (Microsoft Corporation)
Task: {CA349D1E-41F9-43B7-87D8-4291D9F36282} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [210432 2023-11-15] (Microsoft Corp.)
Task: {4F41B4A1-8822-4B02-90CD-202A0099FFAE} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [70656 2024-07-28] (Microsoft Corporation)
Task: {F278A444-BDB4-4CD1-A2F0-7A2284C32800} - System32\Tasks\Microsoft\Windows\Device Information\Device User => C:\Windows\system32\devicecensus.exe [70656 2024-07-28] (Microsoft Corporation)
Task: {082F4875-D88C-40EA-8706-87480962C446} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh => {23C1F3CF-C110-4512-ACA9-7B6174ECE888} C:\Windows\System32\DeviceSetupManagerAPI.dll [162816 2024-05-16] (Microsoft Corporation)
Task: {9D87DBE9-E563-4708-A9E9-1A6EE5951EC2} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {0016B09F-CFDA-4F5B-A70B-84A75599B89B} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {61B4D08B-1B23-4CC8-869E-CF0B7996EF5F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {6AAEEF1D-9661-4720-B127-27C975871238} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {9ECD9F35-130A-4C0C-A551-9D3335B165D7} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {EA82AA60-4BB0-41D9-AA1A-D64D739F55DE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {5E0DF2C3-3D26-4759-9E02-FB7F4DCD159B} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {114EC267-55F2-45DA-9AB6-B98CA9DC0D01} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {AF73DAAA-53AE-4CC8-8671-BE29D886B057} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {C660D735-E9F2-4190-9B4E-97ADF1AFFA16} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {8AF55306-4EFD-437B-BDBA-55FDD6A41914} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {A2FFCE6E-7F06-494A-8C84-6EFCAEB075BB} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice => {AE31B729-D5FD-401E-AF42-784074835AFE} C:\Windows\system32\DeviceDirectoryClient.dll [287744 2024-07-10] (Microsoft Corporation)
Task: {68968CAA-9B33-4114-B038-AA822DD8387C} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => {AD08DCC2-4E35-4486-9D49-547CBD30942D} C:\Windows\System32\MitigationClient.dll [512512 2024-07-10] (Microsoft Corporation)
Task: {C3944556-15CF-467E-89E2-29D4BFD3EC5A} - System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled => {C1F85EF8-BCC2-4606-BB39-70C523715EB3} C:\Windows\System32\sdiagschd.dll [68096 2024-05-16] (Microsoft Corporation)
Task: {55B1C85E-5BEF-4EDB-ADD0-ECEAEF261E7C} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\Windows\system32\directxdatabaseupdater.exe [303616 2024-09-01] (Microsoft Corporation)
Task: {0CBABB27-6DFC-4155-BAE7-AE919B92FEF2} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [249344 2024-09-01] (Microsoft Corporation)
Task: {6AA2E298-C47C-45AE-BF6F-E2D9A555345C} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [299008 2024-05-16] (Microsoft Corporation) -> /autoclean /d %systemdrive%
Task: {B97C7632-DD50-4F07-8E4E-F1450795BF78} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\system32\rundll32.exe [89600 2024-07-10] (Microsoft Corporation) -> dfdts.dll,DfdGetDefaultPolicyAndSMART
Task: {3A4032F6-6063-4D54-BAE3-F8A4A5110CDA} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [54784 2019-12-07] (Microsoft Corporation)
Task: {C9EC268B-1D36-4AF0-A1EB-2C1BC3B455D9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [85504 2023-11-15] (Microsoft Corporation)
Task: {117E2D01-1275-4560-90E9-A34BB4EE69A3} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense => {AB2A519B-03B0-43CE-940A-A73DF850B49A} C:\Windows\system32\StorageUsage.dll [161792 2024-09-11] (Microsoft Corporation)
Task: {69D15B8E-729C-4C1C-A0E7-6DCA5E963E60} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [40960 2024-05-16] (Microsoft Corporation)
Task: {EF4B8F07-FA4B-4CD0-84BC-4A758127E3DD} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2024-05-16] (Microsoft Corporation)
Task: {3789A597-BD62-4A2F-8F57-AE2D504E0E98} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2024-05-16] (Microsoft Corporation)
Task: {0E2DCCB3-7B11-40CF-B973-90F22732E317} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2024-05-16] (Microsoft Corporation)
Task: {66A3F618-0C70-4F70-9BBA-735CCDB43A09} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task => {61BCD1B9-340C-40EC-9D41-D7F1C0632F05} C:\Windows\System32\edptask.dll [72192 2024-05-16] (Microsoft Corporation)
Task: {B9E96119-515B-4D19-8357-D54B747395AD} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [169472 2024-09-01] (Microsoft Corporation)
Task: {A357560A-829D-4228-B0C7-117A251F8C45} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE}
Task: {289506F0-3996-4F46-9DF9-64D684EDF263} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92}
Task: {F8FEDA28-6261-4385-844A-684E6C988577} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh => {711001CD-CC1D-4470-9B7E-1EF73849C79E} C:\Windows\System32\MitigationConfiguration.dll [86528 2024-05-16] (Microsoft Corporation)
Task: {92FFE795-C628-4324-AB97-06F804352DB6} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [120832 2024-05-16] (Microsoft Corporation)
Task: {7617E03F-109E-435B-9B4C-0282CD5BE4A9} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\Windows\system32\dmclient.exe [120832 2024-05-16] (Microsoft Corporation)
Task: {2EE7F450-D2B6-4D5E-AFE0-A8699149E79E} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) => {89917B7C-A1A6-11DF-8BF6-18A90531A85A} C:\Windows\System32\fhtask.dll [61952 2023-11-15] (Microsoft Corporation)
Task: {FFB933CC-0A20-4709-817A-F98B34195B29} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures => {59EECBFE-C2F5-4419-9B99-13FE05FF2675} C:\Windows\System32\fcon.dll [473088 2024-09-01] (Microsoft Corporation)
Task: {4011A66C-489C-4863-A478-C7796CDC3FA7} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing => {99EFDAD1-0F11-4A6B-A702-4E1C37D1A3EF} C:\Windows\System32\fcon.dll [473088 2024-09-01] (Microsoft Corporation)
Task: {1C928E66-7023-4E5E-9452-461B5A5B586F} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting => {BBFCD054-8AAC-45DE-A1EB-7B246C9028AF} C:\Windows\System32\fcon.dll [473088 2024-09-01] (Microsoft Corporation)
Task: {8D703B79-0413-46EA-97AD-4F485EAFC613} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache => {E07647F7-AED2-48D9-9720-939BC24A8A3C} C:\Windows\System32\wosc.dll [436224 2024-09-01] (Microsoft Corporation)
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [511488 2024-07-10] ()
Task: {CADF1293-5495-426F-8E37-A30F69274AF4} - System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable => {8E7C2AFB-72B9-415C-9AC2-5037693309B7} C:\Windows\System32\InputCloudStore.dll [231424 2024-07-10] (Microsoft Corporation)
Task: {DA42085F-11E4-4EE1-A363-1898204812F5} - System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [231424 2024-07-10] (Microsoft Corporation)
Task: {4A0DEFDA-A2B8-4736-88E1-A578E00D9704} - System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [231424 2024-07-10] (Microsoft Corporation)
Task: {7C4733D2-81D6-4CA3-B30C-E00B496B9857} - System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable => {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA} C:\Windows\System32\InputCloudStore.dll [231424 2024-07-10] (Microsoft Corporation)
Task: {A08D6A77-C926-4E78-9ED0-09836E2769AE} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates => {A558C6A5-B42B-4C98-B610-BF9559143139} C:\Windows\System32\InstallServiceTasks.dll [234496 2024-09-01] (Microsoft Corporation)
Task: {A2FADBDF-6855-42F7-BDFC-F0C510EDA9BC} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser => {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} C:\Windows\System32\InstallServiceTasks.dll [234496 2024-09-01] (Microsoft Corporation)
Task: {44AF7ADA-1C0D-43B1-A063-9E7581F7730B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry => {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} C:\Windows\System32\InstallServiceTasks.dll [234496 2024-09-01] (Microsoft Corporation)
Task: {9B29B882-A95C-438B-BF91-E7C31B1D82D1} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates => {0DC331EE-8438-49D5-A721-E10B937CE459} C:\Windows\System32\InstallServiceTasks.dll [234496 2024-09-01] (Microsoft Corporation)
Task: {EC3EFE4E-A2E4-4C66-975C-CA2EFD0D42CD} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates => {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} C:\Windows\System32\InstallServiceTasks.dll [234496 2024-09-01] (Microsoft Corporation)
Task: {A60D9ECB-A6F4-4FE1-9BD7-B049487A67E7} - System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings => {10D62541-90D0-42FE-848C-0DBC1AC42EDA} C:\Windows\System32\CoreGlobConfig.dll [218000 2024-07-10] (Microsoft Windows -> Microsoft Corporation)
Task: {7A7B60AA-BA42-409F-BC97-7BCFEFAD6308} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation => {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE} C:\Windows\System32\LanguageComponentsInstaller.dll [181248 2024-05-16] (Microsoft Corporation)
Task: {A499FA48-7057-4AC1-9702-44C6FD924058} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources => {D0582E3B-3126-4CAA-9155-AC37C912A489}
Task: {9520602D-5D35-49BC-B397-5251EC6364E8} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation => {6F58F65F-EC0E-4ACA-99FE-FC5A1A25E4BE} C:\Windows\System32\LanguageComponentsInstaller.dll [181248 2024-05-16] (Microsoft Corporation)
Task: {A28E2F31-2C6D-426C-A2AC-2F9F6952D916} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange => {77646A68-AD14-4D53-897D-7BE4DDE5F929} C:\Windows\System32\TempSignedLicenseExchangeTask.dll [74752 2023-11-15] (Microsoft Corporation)
Task: {E88D9B2C-DDEA-47B2-9582-085153004DB5} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [71168 2024-05-16] (Microsoft Corporation)
Task: {E32B86AB-ABAA-45A7-9BE7-9BB2E6B7837D} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [62464 2024-05-16] (Microsoft Corporation)
Task: {6F063424-E8AD-40FA-92B9-CD047EC2A92A} - System32\Tasks\Microsoft\Windows\Maintenance\WinSAT => {A9A33436-678B-4C9C-A211-7CC38785E79D} C:\Windows\system32\WinSATAPI.dll [377856 2023-11-15] (Microsoft Corporation)
Task: {CA9E23E8-725C-457D-BBFA-BD0C90471398} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [200704 2024-07-10] (Microsoft Corporation)
Task: {F5B5DDB3-71B5-4336-9CFA-28ECE7DD45B4} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [200704 2024-07-10] (Microsoft Corporation)
Task: {E38739C8-A84F-4F9B-8913-DCA75BC35C79} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [87040 2024-05-16] (Microsoft Corporation)
Task: {80436C26-BC19-4930-9051-F06F0E0BA960} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [87040 2024-05-16] (Microsoft Corporation)
Task: {2AD5F8AE-8128-49DD-AB67-7D9052D0C609} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Retry => C:\Windows\system32\ProvTool.exe [87040 2024-05-16] (Microsoft Corporation)
Task: {E91D1CC3-09DF-45F0-8208-474AEE6B0A16} - System32\Tasks\Microsoft\Windows\Management\Provisioning\RunOnReboot => C:\Windows\system32\ProvTool.exe [87040 2024-05-16] (Microsoft Corporation)
Task: {701473A3-4C61-4063-AAC6-871E22A29FE7} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask => {9885AEF2-BD9F-41E0-B15E-B3141395E803} C:\Windows\System32\mapstoasttask.dll [54272 2024-05-16] (Microsoft Corporation)
Task: {E577C99D-E5DD-43E8-9E9F-2D291B431572} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask => {B9033E87-33CF-4D77-BC9B-895AFBBA72E4} C:\Windows\System32\mapsupdatetask.dll [45568 2024-05-16] (Microsoft Corporation)
Task: {88A9C7AF-67D3-45D7-973E-A311B095F0DC} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents => {8168e74a-b39f-46d8-adcd-7bed477b80a3} C:\Windows\System32\MemoryDiagnostic.dll [33792 2024-03-16] (Microsoft Corporation)
Task: {2C0F0F91-8445-49FB-AB1B-4344C2D2E18F} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic => {8168e74a-b39f-46d8-adcd-7bed477b80a3} C:\Windows\System32\MemoryDiagnostic.dll [33792 2024-03-16] (Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [119296 2019-12-07] (Microsoft Corporation)
Task: {6EE3AFA8-CBB1-4E6E-B0B4-ABFF3127206C} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [72704 2024-05-16] (Microsoft Corporation)
Task: {9486DC81-1119-4559-9110-1A771DEC137A} - System32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService => {2DEA658F-54C1-4227-AF9B-260AB5FC3543} C:\Windows\System32\PlaySndSrv.dll [90112 2023-11-15] (Microsoft Corporation)
Task: {3A6DB6F9-A355-420A-B6E0-7C54D12F4033} - System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => C:\Windows\system32\gatherNetworkInfo.vbs [88781 2019-12-07] ()
Task: {C34E99FC-E9DA-45EE-AF9B-77AAD0B1B25F} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\Windows\System32\WiFiTask.exe [133608 2023-11-15] (Microsoft Windows -> Microsoft Corporation)
Task: {F869FA9A-08A2-471F-880C-FF927EC23913} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\Windows\system32\SecureBootEncodeUEFI.exe [98816 2024-06-12] (Microsoft Corporation)
Task: {EABFDF4A-69A0-4DB7-8B42-2CB8A911AFBF} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [467456 2024-09-01] (Microsoft Corporation)
Task: {CA2C5BEC-C052-4E6C-8ACD-BB39D3CD1530} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [467456 2024-09-01] (Microsoft Corporation)
Task: {C0467AB3-5004-4E13-BD2C-8DDF2AB880B5} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy => {60400283-B242-4FA8-8C25-CAF695B88209} C:\Windows\System32\pnppolicy.dll [91648 2024-05-16] (Microsoft Corporation)
Task: {4E3AEDFB-B76C-4C12-A54F-3BD72A10C434} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required => {48794782-6A1F-47B9-BD52-1D5F95D49C1B} C:\Windows\System32\pnpui.dll [49664 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup => {DEF03232-9688-11E2-BE7F-B4B52FD966FF}
Task: {DF27E6F5-E07E-4744-981B-BB5BC982261C} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [347648 2024-09-01] (Microsoft Corporation)
Task: {D9353C30-D505-4F11-8F95-55F3DDA1E214} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => {927EA2AF-1C54-43D5-825E-0074CE028EEE} C:\Windows\System32\energytask.dll [26624 2023-11-15] (Microsoft Corporation)
Task: {35525E8D-FD60-47BF-8D11-FA4F778C57C3} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [100352 2024-05-16] (Microsoft Corporation)
Task: {A654D0D0-3A49-4771-BA7A-4E3F3769C584} - System32\Tasks\Microsoft\Windows\Printing\PrinterCleanupTask => {C56F065E-DE49-4E42-BE7C-305C45609D25} C:\WINDOWS\System32\PrinterCleanupTask.dll [86528 2024-08-15] (Microsoft Corporation)
Task: {21C5FF22-C3E2-48AA-A7B1-46D34433BAF0} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start pushtoinstall login
Task: {59618A81-2BC4-469B-BBD5-5AF9FF39FBE6} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start pushtoinstall registration
Task: {C0E197F6-2E40-46FD-83DA-BE8704EF2CE5} - System32\Tasks\Microsoft\Windows\Ras\MobilityManager => {C463A0FC-794F-4FDF-9201-01938CEACAFA} C:\Windows\system32\rasmbmgr.dll [61952 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {F0FCA53B-F391-48AD-91F6-D1994846E55E} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE => {89D1D0C2-A3CF-490C-ABE3-B86CDE34B047} C:\Windows\System32\ReAgentTask.dll [13824 2019-12-07] (Microsoft Corporation)
Task: {00446CF1-8668-472D-BEDD-D0BB88DBA009} - System32\Tasks\Microsoft\Windows\Registry\RegIdleBackup => {CA767AA8-9157-4604-B64B-40747123D5F2} C:\Windows\System32\regidle.dll [15872 2019-12-07] (Microsoft Corporation)
Task: {CC4F585B-EBBB-4AA6-9BDF-B28C489A9125} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [135168 2023-11-15] (Microsoft Corporation) -> %windir%\/offerraupdate
Task: {5CDCBC96-37BB-40D4-BD28-BA5CDE881B53} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => %ProgramFiles%\rempl\remsh.exe  /RunUsoScanOnly (No File)
Task: {8627F38D-3BB5-45A5-AAE5-B8735A41B62D} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => {752073A1-23F2-4396-85F0-8FDB879ED0ED} C:\Windows\servicing\TrustedInstaller.exe [193008 2024-05-16] (Microsoft Windows -> Microsoft Corporation)
Task: {E51EADD7-C4F7-43E7-A9CB-FEC8EC1E204F} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask => {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} C:\Windows\system32\SettingSyncCore.dll [1128960 2024-05-16] (Microsoft Corporation)
Task: {7445D17B-89AB-43F3-B904-4DD68B19A6F2} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask => {A4173A49-F373-4475-9A0F-2D615204DC20} C:\Windows\system32\SettingSyncCore.dll [1128960 2024-05-16] (Microsoft Corporation)
Task: {8DB27523-093D-4B93-A00B-68F6317DFAE1} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => C:\Windows\system32\rundll32.exe [89600 2024-07-10] (Microsoft Corporation) -> %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {EC95F45C-0486-40E1-8938-20FE3E377E7D} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask => {990A9F8F-301F-45F7-8D0E-68C5952DBA43} C:\Windows\system32\shell32.dll [7828648 2024-09-11] (Microsoft Windows -> Microsoft Corporation)
Task: {DFDC1B83-7FD3-4C77-8CD1-7391D1680ACA} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [1188048 2024-07-10] (Microsoft Windows -> Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask => {D2CBF5F7-5702-440B-8D8F-8203034A6B82}
Task: {CD0446AF-D5F6-4616-85CE-058C20FCE9EC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask => {C844C79D-AED8-4DCE-AB25-4D359BED84F8} C:\Windows\System32\WpcRefreshTask.dll [1050624 2024-07-10] (Microsoft Corporation)
Task: {C483CE25-B1C5-4BEB-AA31-5CADC8C66692} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance => {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} C:\Windows\System32\srchadmin.dll [218112 2024-05-16] (Microsoft Corporation)
Task: {529D2750-CAFE-4852-82B8-7F933DF41C17} - System32\Tasks\Microsoft\Windows\Shell\ThemesSyncedImageDownload => {79F8E185-4E45-4B74-8182-02AA430661E4} C:\WINDOWS\System32\Themes.SsfDownload.ScheduledTask.dll [142336 2024-05-16] (Microsoft Corporation)
Task: {008539BF-83F9-4483-9E0A-EEEE6EAC0A08} - System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask => {09C5DD34-009D-40FA-BCB9-0165AD0C15D4} C:\Windows\System32\Windows.UI.Immersive.dll [1256448 2024-05-16] (Microsoft Corporation)
Task: {2DFC28A5-3035-4555-A9E6-CE6D44EB1DB3} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\Windows\System32\sppcext.dll [608768 2024-09-01] (Microsoft Corporation)
Task: {892625FE-213B-4B60-95ED-A1CEFCAA365D} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\Windows\System32\sppcext.dll [608768 2024-09-01] (Microsoft Corporation)
Task: {3AB082DC-B77E-4487-BB5D-5DCB3A6C2B3C} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} C:\Windows\System32\sppcext.dll [608768 2024-09-01] (Microsoft Corporation)
Task: {A9C498D6-046E-407B-A5B5-597DFC8756D9} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [165888 2024-05-16] (Microsoft Corporation)
Task: {AFEE5D15-0E83-432F-9DB0-58A2702115E1} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [80880 2024-05-16] (Microsoft Windows -> Microsoft Corporation)
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [306688 2024-05-16] (Microsoft Corporation)
Task: {4D595DA6-BC59-47AE-A527-EC01FCE2E615} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [207872 2024-07-28] (Microsoft Corporation)
Task: {58CCC4DA-C86D-4E3D-8FAF-A7B24D8F3950} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => C:\Windows\system32\rundll32.exe [89600 2024-07-10] (Microsoft Corporation) -> %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {D777B567-BB3B-4111-881C-0CB741022B0C} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization => {5C9AB547-345D-4175-9AF6-65133463A100} C:\Windows\System32\TieringEngineService.exe [326144 2023-11-15] (Microsoft Corporation)
Task: {FC3767EA-5307-4D11-BA38-EB21A39737D7} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization => C:\Windows\system32\defrag.exe [210432 2023-11-15] (Microsoft Corp.)
Task: {5BC221C3-D323-4B5D-B562-EBAE56AED7FA} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [182128 2024-05-16] (Microsoft Windows -> Microsoft Corporation)
Task: {77ADF3EA-BCB6-4725-ABAA-84F97626B31D} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [182128 2024-05-16] (Microsoft Windows -> Microsoft Corporation)
Task: {64614AC8-EA46-476D-A71C-2C0B055C95CC} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate => {17C82257-654E-4C47-8E23-DCA24EAA76A0} C:\Windows\system32\sysmain.dll [1005056 2024-05-16] (Microsoft Corporation)
Task: {236EEE35-EDD5-418B-BCD5-293F6FAD7966} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance => {D44377B8-1F2F-4FAA-9C8E-6C4AD2928E47} C:\Windows\system32\sysmain.dll [1005056 2024-05-16] (Microsoft Corporation)
Task: {051DF697-AF10-4DB6-9B93-E1A4E35F00F7} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync => {297EE78C-BA95-4E94-81D3-D6E7F089C7B5} C:\Windows\system32\sysmain.dll [1005056 2024-05-16] (Microsoft Corporation)
Task: {638672E6-20F1-499D-BFCC-9EA7935257C4} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [89600 2024-07-10] (Microsoft Corporation) -> sysmain.dll,PfSvWsSwapAssessmentTask
Task: {20546688-8F7B-4B82-8429-7E7E4F537E96} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [59392 2023-11-15] (Microsoft Corporation)
Task: {7BE5585E-0190-458B-9CEC-F4076574C717} - System32\Tasks\Microsoft\Windows\Task Manager\Interactive => {855FEC53-D2E4-4999-9E87-3414E9CF0FF4} C:\Windows\system32\wdc.dll [739840 2019-12-07] (Microsoft Corporation)
Task: {88CE6B8C-B14B-499A-8D43-214F06116F07} - System32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor => {01575CFE-9A55-4003-A5E1-F38D1EBDCBE1} C:\Windows\system32\MsCtfMonitor.dll [94208 2024-05-16] (Microsoft Corporation)
Task: {F5E862B9-98AE-458E-BC87-3ED25EFBB4D3} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime => {A31AD6C2-FF4C-43D4-8E90-7101023096F9} C:\Windows\system32\TimeSyncTask.dll [15360 2019-12-07] (Microsoft Corporation)
Task: {1FDAEDB1-C8AA-43FA-B046-3CDDDA12661E} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start w32time task_started
Task: {C4C11C95-C597-4541-B0FF-0FB2C761FC92} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [70144 2019-12-07] (Microsoft Corporation)
Task: {E64B92E0-114C-4F4D-9E34-9EE98A6E94D1} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [467456 2024-09-01] (Microsoft Corporation)
Task: {22CE1425-D0F0-47C2-863C-1444744AA090} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance => {5014B7C8-934E-4262-9816-887FA745A6C4} C:\Windows\system32\TpmTasks.dll [467456 2024-09-01] (Microsoft Corporation)
Task: {CAB76809-EDC0-40D2-A888-AD9BEDF4E88A} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [463232 2024-05-16] (Microsoft Windows -> Microsoft Corporation)
Task: {330969B0-88D2-4A57-826A-C1F749A76E41} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\AC Power Install => C:\Windows\system32\usoclient.exe [115712 2024-05-16] (Microsoft Corporation)
Task: {79E38BA0-6074-4B20-8558-40095ED92E99} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Backup Scan => C:\Windows\system32\usoclient.exe [115712 2024-05-16] (Microsoft Corporation)
Task: {AAFADE0C-29BA-4B1C-9596-755307406443} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [115712 2024-05-16] (Microsoft Corporation)
Task: {F60ADA58-8E57-450C-BC1C-C58B50FF5240} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\Windows\system32\MusNotification.exe [695808 2024-07-28] (Microsoft Corporation)
Task: {2D8C5272-3040-46F2-96F2-91471F2E1943} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\Windows\system32\MusNotification.exe [695808 2024-07-28] (Microsoft Corporation)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [695808 2024-07-28] (Microsoft Corporation)
Task: {16289FC6-2B73-473F-93C5-714CD85ADB0D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\Windows\system32\MusNotification.exe [695808 2024-07-28] (Microsoft Corporation)
Task: {0FF18273-F437-41A5-A820-451BF44193FE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\Windows\system32\MusNotification.exe [695808 2024-07-28] (Microsoft Corporation)
Task: {70EA2999-165C-4933-9027-250FB8B772F8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Report policies => C:\Windows\system32\usoclient.exe [115712 2024-05-16] (Microsoft Corporation)
Task: {446F80AC-27BB-4415-B917-075C6E8B7302} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work => C:\Windows\system32\usoclient.exe [115712 2024-05-16] (Microsoft Corporation)
Task: {46DDFBEA-7B80-499F-8D16-8FB7836BEBDC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [115712 2024-05-16] (Microsoft Corporation)
Task: {309BA321-F7C8-46A4-BA50-5FAC484229CB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task => C:\Windows\system32\usoclient.exe [115712 2024-05-16] (Microsoft Corporation)
Task: {87C5706E-C326-4758-BDEC-12223707E444} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work => C:\Windows\system32\usoclient.exe [115712 2024-05-16] (Microsoft Corporation)
Task: {0E38EA95-BA8C-4B51-8BCA-EBDED59180EC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Work => C:\Windows\system32\usoclient.exe [115712 2024-05-16] (Microsoft Corporation)
Task: {D635CE78-5A6F-44E4-B2E7-979E523759BE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Universal Orchestrator Start => C:\Windows\system32\usoclient.exe [115712 2024-05-16] (Microsoft Corporation)
Task: {CB673CE4-960F-462D-AAD7-CDA0CD9FE030} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateModelTask => C:\Windows\system32\usoclient.exe [115712 2024-05-16] (Microsoft Corporation)
Task: {26F97C38-F414-465C-82CC-13927343DB0F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\Windows\system32\MusNotification.exe [695808 2024-07-28] (Microsoft Corporation)
Task: {4671B5C1-A383-4428-A45A-8D348E4CB873} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\Windows\system32\MusNotification.exe [695808 2024-07-28] (Microsoft Corporation)
Task: {57FF06A5-1054-4791-9938-1C3E61F00B07} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> config upnphost start= auto
Task: {C5D47392-881C-422A-9BF8-E4916B55CD22} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications => {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} C:\Windows\System32\UsbTask.dll [55808 2023-11-15] (Microsoft Corporation)
Task: {3E51A991-10E2-4B16-B5B4-A2F051544BB9} - System32\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask => {BA677074-762C-444B-94C8-8C83F93F6605} C:\Windows\system32\profsvc.dll [488448 2024-05-16] (Microsoft Corporation)
Task: {0CEC0B91-4AE9-4E8A-ACB2-3B4C811F442C} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {1E334E22-CBC0-4D9C-B830-F1CC1BD6DCFD} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [133608 2023-11-15] (Microsoft Windows -> Microsoft Corporation)
Task: {4D36FC3F-B740-4739-9A9D-C43793F201B8} - System32\Tasks\Microsoft\Windows\WDI\ResolutionHost => {900BE39D-6BE8-461A-BC4D-B0FA71F5ECB1} C:\Windows\System32\wdi.dll [105472 2019-12-07] (Microsoft Corporation)
Task: {75A35C91-670A-4071-BB93-066651438E14} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [237424 2024-05-16] (Microsoft Windows -> Microsoft Corporation)
Task: {86158314-60CF-4F3F-85B5-2399327EA496} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\system32\rundll32.exe [89600 2024-07-10] (Microsoft Corporation) -> bfe.dll,BfeOnServiceStartTypeChange
Task: {BCD9EED5-1A09-48A4-9F31-39175A3E4BFD} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [71168 2019-12-06] (Microsoft Corporation)
Task: {AA70A383-6F5D-470B-AA6B-B324620D9C75} - System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader => {B210D694-C8DF-490D-9576-9E20CDBC20BD} C:\Windows\System32\mscms.dll [710184 2024-07-10] (Microsoft Windows -> Microsoft Corporation)
Task: {052F2D6A-E68E-4E10-A80C-6ED48201AE9D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [256512 2024-07-28] (Microsoft Corporation)
Task: {C9A594F0-9A2B-4FD4-9F6D-E8CA5350BC33} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler => C:\Program Files\RUXIM\PLUGscheduler.exe [377224 2024-04-26] (Microsoft Windows -> Microsoft Corporation)
Task: {8FF5DE67-C947-4488-997B-4184221E7D50} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\System32\sc.exe [72192 2019-12-07] (Microsoft Corporation) -> start wuauserv
Task: {1949073A-8FDA-4EA4-8E59-407CDB02440F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihpostreboot => C:\Windows\system32\sihclient.exe [402960 2024-07-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D85F83F5-ED09-49BC-A506-32C837CA0904} - System32\Tasks\Microsoft\Windows\Wininet\CacheTask => {0358B920-0AC7-461F-98F4-58E32CD89148} C:\Windows\system32\wininet.dll [5045760 2024-07-28] (Microsoft Corporation)
Task: {5E351EE7-F0D4-4F41-A05C-907EB1A33CE8} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync => {B0D2B535-12E1-439F-86B3-BADA289510F0} C:\Windows\System32\WiFiCloudStore.dll [284160 2024-07-10] (Microsoft Corporation)
Task: {9D7DE09E-3941-4760-8EE6-7579A05A53E1} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management => {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} C:\Windows\system32\WofTasks.dll [30720 2019-12-07] (Microsoft Corporation)
Task: {A45E4601-8ABA-443A-A656-62D52D5B68E6} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation => {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} C:\Windows\system32\WofTasks.dll [30720 2019-12-07] (Microsoft Corporation)
Task: {F93E2A44-7E3E-49FE-9F66-12B1F4A037C0} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization => {97D47D56-3777-49FB-8E8F-90D7E30E1A1E} C:\Windows\System32\WorkFoldersShell.dll [230400 2024-05-16] (Microsoft Corporation)
Task: {6440C5E0-A168-4A5F-B84E-F7C8C0A6E933} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work => {63260BCE-A3FB-4A34-AA51-D4D8E877B62B} C:\Windows\System32\WorkFoldersShell.dll [230400 2024-05-16] (Microsoft Corporation)
Task: {4BDB5047-01B7-48D5-AE7E-720EDA7D2049} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [468992 2023-11-15] (Microsoft Corporation)
Task: {571A0A5E-B60E-4A25-BEFB-ABB3C6BB6B78} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync => {C662D912-E4D6-44A3-89A0-20550514951D} C:\Windows\System32\dsregtask.dll [52736 2024-07-28] (Microsoft Corporation)
Task: {35D4C945-33D4-43B6-83D3-99034D411E25} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\Windows\System32\dsregcmd.exe [468992 2023-11-15] (Microsoft Corporation)
Task: {DF6A7742-913B-4025-B27A-CE65BB343A0D} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\Windows\System32\WiFiTask.exe [133608 2023-11-15] (Microsoft Windows -> Microsoft Corporation)
Task: {48A9F6EC-4E95-4CCB-8C96-D82875CF5BC4} - System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery => {C93CF9D5-031B-4AAA-AB0B-EF802347B381} C:\Windows\System32\MBMediaManager.dll [746496 2024-05-16] (Microsoft Corporation)
Task: {41F5FC9D-EE65-4CA4-A908-91B3587198E0} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [33792 2024-05-16] (Microsoft Corporation)
Task: {17DF6090-9DD5-4786-98B5-1CF95025493C} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [33792 2024-05-16] (Microsoft Corporation)
Task: {E81E1E26-E150-463B-A490-6B1E528D4D8C} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {663D3AA1-7B5F-4380-A810-39B2E0A458F3} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {25BBCC6D-EF66-4375-8DF6-CCFF341A8699} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [672328 2024-09-17] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {4B72B5DD-DC92-4F7C-BB3E-12AB5BC113F4} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3758623145-1266260989-3540530203-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [672328 2024-09-17] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {F778B396-83FC-4007-9DDD-9877C73D852F} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34376 2024-09-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {CE6838B5-5363-4C50-A53C-099538AAC401} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E8A25349-F0A7-4377-92E5-E1CD96671CBE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {583F64B6-AD8F-4960-8C9E-1EC50E11D627} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {2E3B9602-1C35-454C-A1CE-DE83BBE4CB35} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FCF36D18-D7B6-418E-B96C-9B3B9E1240B7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {563E38DE-C24D-4DB8-B625-9FDC66C16A88} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6895B858-DEAC-463E-AE2D-51AD42A8FD66} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF1D591D-D80A-4AC3-9552-13C20838BB60} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {249E2BDD-612D-4E25-B48C-EC3CFC97B73E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B01F9B1-7D7B-4CDB-89FF-BD50F2F95A1E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3758623145-1266260989-3540530203-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  /reporting (No File)
Task: {D3073C0F-D21A-4050-BC1D-21244ED6FEDF} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3758623145-1266260989-3540530203-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (No File)
Task: {280D2BF7-751D-42A2-BC41-6F24A7BD384D} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2388744 2024-08-29] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {A8C638F0-495D-4FC9-8289-4CFDDA9A1305} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Installer updater => C:\ProgramData\PDF Architect 9\Installation\PDF_Architect_9_Installer.exe [12086712 2024-08-29] (pdfforge GmbH -> )
Task: {D702B550-F238-41ED-8F09-D5303A9FD219} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3636672 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {293C3C7B-C8EB-4214-852D-5D7DE81BC1BE} - System32\Tasks\pdfforge GmbH\Update => C:\Program Files\PDF Architect 8\architect.exe  --update --mode check auto notify (No File)
Task: {36065F33-DBA1-4A5A-9FAD-0EF2E9EB1559} - System32\Tasks\S-1-5-21-3758623145-1266260989-3540530203-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [176640 2024-05-16] (Microsoft Corporation)
Task: {4E92DCCF-345F-4FBF-92D2-3DE004D262FF} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [196608 2024-07-10] (Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\//B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

The_Game_ · 25.09.2024, 20:07

Code:

ATTFilter

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6738360 2024-04-25] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [265936 2024-08-12] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [296656 2024-08-12] (Avira Operations GmbH -> Avira Operations GmbH)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15737128 2024-03-17] (BattlEye Innovations e.K. -> )
S2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [45464 2024-08-01] (Intel Corporation -> Intel)
S2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [296856 2024-08-01] (Intel Corporation -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2022-01-04] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-10-01] (EasyAntiCheat Oy -> Epic Games, Inc.)
S2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11805928 2024-09-15] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11805928 2024-09-15] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-08-08] (HP Inc. -> HP Inc.)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2169440 2016-11-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2206304 2017-01-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4172896 2016-12-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2014816 2016-11-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2327648 2016-12-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-12-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [611936 2016-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_252f5e1fae961efa\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2388744 2024-08-29] (Overwolf Ltd -> Overwolf LTD)
S3 PDF Architect 9; C:\Program Files\PDF Architect 9\activation-service.exe [3414976 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
S3 PDF Architect 9 Creator; C:\Program Files\PDF Architect 9\creator-ws.exe [508864 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
S3 PDF Architect 9 Update Service; C:\Program Files\PDF Architect 9\update-service.exe [415680 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [6884848 2024-09-09] (Rockstar Games, Inc. -> Rockstar Games)
S3 Soda PDF Desktop 14; D:\Soda PDF Desktop 14\activation-service.exe [3300832 2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
S3 Soda PDF Desktop 14 Creator; D:\Soda PDF Desktop 14\creator-ws.exe [392672 2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
S3 Soda PDF Desktop 14 Update Service; D:\Soda PDF Desktop 14\update-service.exe [298976 2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [382976 2021-05-12] ()
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5084200 2024-05-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-10-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [12458336 2024-05-26] (KRAFTON, Inc. -> KRAFTON, Inc)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [18432 2019-12-07] (Microsoft Corporation)
S3 Acx01000; C:\Windows\System32\drivers\Acx01000.sys [694272 2024-05-16] (Microsoft Corporation)
S1 afunix; C:\Windows\system32\drivers\afunix.sys [44032 2024-05-16] (Microsoft Corporation)
S1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [30720 2024-05-16] (Microsoft Corporation)
S1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [303616 2024-07-28] (Microsoft Corporation)
S3 AmUStor; C:\Windows\system32\drivers\AmUStorU.sys [136760 2019-05-07] (Alcorlink Corp. -> )
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2024-07-10] (Microsoft Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [9728 2019-12-07] (Windows (R) Win 7 DDK provider)
S0 BdNet; C:\Windows\System32\DRIVERS\BdNet.sys [176712 2024-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH)
S1 BdSentry; C:\Windows\System32\DRIVERS\BdSentry.sys [233560 2023-05-27] (Avira Operations GmbH -> Avira Operations GmbH)
S1 Beep; C:\Windows\System32\Drivers\Beep.sys [10240 2019-12-07] (Microsoft Corporation)
S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [117760 2023-11-15] (Microsoft Corporation)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [284672 2021-04-14] (Microsoft Corporation)
S3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [113664 2024-07-10] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [65536 2024-05-16] (Microsoft Corporation)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [106496 2023-11-15] (Microsoft Corporation)
S3 BthMini; C:\Windows\System32\drivers\BTHMINI.sys [45568 2024-07-10] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation)
S3 BthPan; C:\Windows\System32\drivers\bthpan.sys [133632 2023-11-15] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\drivers\BTHport.sys [1570304 2024-07-10] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\drivers\BTHUSB.sys [110592 2024-07-10] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [100864 2023-11-15] (Microsoft Corporation)
S1 cdrom; C:\Windows\System32\drivers\cdrom.sys [175616 2024-05-16] (Microsoft Corporation)
S1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [95232 2024-06-12] ()
S3 circlass; C:\Windows\System32\drivers\circlass.sys [52224 2019-12-07] (Microsoft Corporation)
S2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [503808 2024-09-01] (Microsoft Corporation)
S1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [158720 2024-06-12] (Microsoft Corporation)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [59392 2019-12-07] (Microsoft Corporation)
S1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8704 2019-12-07] (Microsoft Corporation)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [430080 2023-11-15] (Microsoft Corporation)
S3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [135168 2024-05-16] (Microsoft Corporation)
S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [120320 2023-11-15] (Microsoft Corporation)
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [48640 2019-12-07] (Microsoft Corporation)
S3 hidspi; C:\Windows\System32\drivers\hidspi.sys [104448 2023-11-15] (Microsoft Corporation)
S3 HidSpiCx; C:\Windows\System32\drivers\HidSpiCx.sys [92160 2023-11-15] (Microsoft Corporation)
S3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [44032 2023-11-15] (Microsoft Corporation)
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [30208 2019-12-07] (Microsoft Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [47104 2023-11-15] (Microsoft Corporation)
S3 intelpmax; C:\Windows\System32\drivers\intelpmax.sys [30720 2019-12-07] (Microsoft Corporation)
S3 IntelTurboBoostMax; C:\Windows\System32\drivers\IntelNit.sys [127480 2016-06-16] (Intel(R) Software -> Intel Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [91648 2024-05-16] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [228352 2024-05-16] (Microsoft Corporation)
S3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [37376 2024-09-11] (Microsoft Corporation)
S2 lltdio; C:\Windows\System32\drivers\lltdio.sys [72704 2019-12-07] (Microsoft Corporation)
S2 luafv; C:\Windows\system32\drivers\luafv.sys [147456 2024-07-10] (Microsoft Corporation)
S3 MbbCx; C:\Windows\System32\drivers\MbbCx.sys [395776 2024-09-01] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [66048 2024-05-16] (Microsoft Corporation)
S2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [53248 2023-11-15] (Microsoft Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [47104 2023-11-15] (Microsoft Corporation)
S3 monitor; C:\Windows\System32\drivers\monitor.sys [83456 2024-05-16] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [165888 2024-05-16] (Microsoft Corporation)
S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [135168 2024-08-15] (Microsoft Corporation)
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [12288 2019-12-07] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [42496 2024-09-11] (Microsoft Corporation)
S2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [78848 2019-12-07] (Microsoft Corporation)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [759808 2024-06-12] (Microsoft Corporation)
S1 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [54272 2019-12-07] (Microsoft Corporation)
S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [135168 2023-11-15] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [28672 2023-11-15] (Microsoft Corporation)
S3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [208384 2024-05-16] (Microsoft Corporation)
S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [208384 2024-05-16] (Microsoft Corporation)
S3 ndproxy; C:\Windows\System32\DRIVERS\NDProxy.sys [93696 2023-11-15] (Microsoft Corporation)
S2 Ndu; C:\Windows\System32\drivers\Ndu.sys [131584 2019-12-07] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [210944 2024-05-16] (Microsoft Corporation)
S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [341504 2023-11-15] (Microsoft Corporation)
S1 netprotection_network_filter; C:\Windows\System32\drivers\netprotection_network_filter.sys [100128 2022-05-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 netprotection_network_filter2; C:\Windows\System32\drivers\netprotection_network_filter2.sys [100376 2022-05-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2537984 2019-12-07] (MediaTek Inc.)
S1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [48640 2023-11-15] (Microsoft Corporation)
S3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 nvme; C:\Windows\System32\drivers\nvme.sys [70208 2015-05-28] (Samsung Electronics Co., Ltd. -> Samsung Electronic Co., Ltd)
S3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [823296 2024-04-12] (Microsoft Corporation)
S3 PNPMEM; C:\Windows\System32\drivers\pnpmem.sys [17408 2019-12-07] (Microsoft Corporation)
S3 PptpMiniport; C:\Windows\System32\drivers\raspptp.sys [105984 2023-11-15] (Microsoft Corporation)
S3 qcfilter; C:\Windows\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbnet; C:\Windows\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbwwan; C:\Windows\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [53248 2019-12-07] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [20480 2023-11-15] (Microsoft Corporation)
S3 RasAgileVpn; C:\Windows\System32\drivers\AgileVpn.sys [115200 2024-05-16] (Microsoft Corporation)
S3 Rasl2tp; C:\Windows\System32\drivers\rasl2tp.sys [112640 2024-05-16] (Microsoft Corporation)
S3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [89088 2024-05-16] (Microsoft Corporation)
S3 RasSstp; C:\Windows\System32\drivers\rassstp.sys [87552 2023-11-15] (Microsoft Corporation)
S3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [28672 2019-12-07] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [170496 2024-05-16] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\drivers\rfcomm.sys [213504 2024-05-16] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [115712 2019-12-07] (Microsoft Corporation)
S2 rspndr; C:\Windows\System32\drivers\rspndr.sys [89088 2019-12-07] (Microsoft Corporation)
S1 rtp1; C:\Windows\System32\DRIVERS\rtp1.sys [431408 2024-09-15] (Avira Operations GmbH -> Avira Operations GmbH)
S1 rtp2; C:\Windows\System32\DRIVERS\rtp2.sys [431416 2024-09-15] (Avira Operations GmbH -> Avira Operations GmbH)
S0 rtp_elam; C:\Windows\System32\DRIVERS\rtp_elam.sys [28768 2024-04-26] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [44032 2024-07-10] (Microsoft Corporation)
S3 spaceparser; C:\Windows\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Corporation)
S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [792064 2024-06-12] (Microsoft Corporation)
S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [318976 2024-05-16] (Microsoft Corporation)
S3 StillCam; C:\Windows\System32\drivers\serscan.sys [13312 2023-11-15] (Microsoft Corporation)
S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [6656 2023-11-15] (Microsoft Corporation)
S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [56320 2024-05-16] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [66560 2019-12-07] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [37888 2023-11-15] (Microsoft Corporation)
S3 tunnel; C:\Windows\System32\drivers\tunnel.sys [129024 2023-11-15] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [160256 2023-11-15] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [188416 2019-12-07] (Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys [36864 2019-12-07] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\Windows\System32\Drivers\UcmUcsiCx.sys [113152 2023-11-15] (Microsoft Corporation)
S1 UCPD; C:\Windows\System32\drivers\UCPD.sys [86016 2024-07-28] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [345088 2024-05-16] (Microsoft Corporation)
S3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [205824 2024-05-16] (Microsoft Corporation)
S3 usbaudio2; C:\Windows\System32\drivers\usbaudio2.sys [260608 2019-12-07] (Microsoft Corporation)
S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [107520 2019-12-07] (Microsoft Corporation)
S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2024-06-12] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [43520 2024-05-16] (Microsoft Corporation)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24064 2020-10-31] (Microsoft Corporation)
S3 usbser; C:\Windows\System32\drivers\usbser.sys [81408 2023-11-15] (Microsoft Corporation)
S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [39424 2024-06-12] (Microsoft Corporation)
S3 VirtualRender; C:\Windows\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Corporation)
S1 vwififlt; C:\Windows\System32\drivers\vwififlt.sys [77824 2023-11-15] (Microsoft Corporation)
S2 wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [93184 2023-11-15] (Microsoft Corporation)
S3 wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [93184 2023-11-15] (Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [93184 2023-11-15] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [967168 2024-08-15] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [266752 2024-08-15] (Microsoft Corporation)
S3 WINUSB; C:\Windows\System32\drivers\WinUsb.sys [107008 2019-12-07] (Microsoft Corporation)
S3 WSDPrintDevice; C:\Windows\System32\drivers\WSDPrint.sys [23552 2023-11-15] (Microsoft Corporation)
S3 WSDScan; C:\Windows\System32\drivers\WSDScan.sys [26112 2023-11-15] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [136192 2023-12-13] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [315904 2023-12-13] (Microsoft Corporation)
S3 WUDFWpdFs; C:\Windows\System32\drivers\WUDFRd.sys [315904 2023-12-13] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\Windows\System32\drivers\WUDFRd.sys [315904 2023-12-13] (Microsoft Corporation)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [340480 2024-07-28] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [215864 2024-05-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [61952 2024-05-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

cosinus · 25.09.2024, 20:08

Was soll denn das mit dem abgesicherten Modus? BItte die Hinweise richtig lesen und umsetzen.

The_Game_ · 25.09.2024, 20:17

Code:

ATTFilter

==================== One month (created) (All) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-09-25 20:45 - 2024-09-25 20:45 - 000000000 ____D C:\FRST
2024-09-25 16:43 - 2024-09-25 16:43 - 000000000 ___HD C:\$WinREAgent
2024-09-25 16:43 - 2024-08-29 05:40 - 000497664 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2024-09-25 16:43 - 2024-08-29 04:55 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2024-09-24 00:19 - 2024-09-24 00:19 - 000002332 ____C C:\Users\Stefa\Desktop\AdwCleaner.txt
2024-09-24 00:08 - 2024-09-24 19:58 - 000001934 ____C C:\Users\Stefa\Desktop\Eset.txt
2024-09-22 14:10 - 2024-09-22 14:10 - 092549182 _____ (Aslain ) C:\Users\Stefa\Downloads\Aslains_WoT_Modpack_Installer_v.1.26.0.1_06.exe
2024-09-22 14:04 - 2024-09-22 14:05 - 000000000 ____D C:\AdwCleaner
2024-09-22 14:04 - 2024-09-22 14:04 - 008790880 _____ (Malwarebytes) C:\Users\Stefa\Desktop\adwcleaner.exe
2024-09-22 14:02 - 2024-09-22 14:02 - 000003842 _____ C:\Windows\System32\Tasks\EOSv3 Scheduler onLogOn
2024-09-22 14:02 - 2024-09-22 14:02 - 000003400 _____ C:\Windows\System32\Tasks\EOSv3 Scheduler onTime
2024-09-22 12:51 - 2024-09-23 20:53 - 000001320 ____C C:\Users\Stefa\Desktop\ESET Online Scanner.lnk
2024-09-17 22:28 - 2024-09-17 22:28 - 000000000 ____D C:\Windows\nsz6D40.tmp
2024-09-17 20:58 - 2024-09-17 22:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-09-14 16:33 - 2024-09-14 16:33 - 000144857 _____ C:\Users\Stefa\Downloads\la-noire-unlocker-rc1.zip
2024-09-13 18:21 - 2024-09-13 18:21 - 000290346 _____ C:\Users\Stefa\Downloads\Produktinformationsblatt.pdf
2024-09-11 21:46 - 2024-09-11 21:46 - 000000000 ____D C:\Windows\Panther
2024-09-11 19:46 - 2024-09-11 19:46 - 023448576 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 019867136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 018081792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 017531904 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 014744576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 010870752 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 008044168 _____ (Microsoft Corporation) C:\Windows\System32\windows.storage.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 007828648 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 007737344 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 006520832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 006421768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 006167016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 004798960 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 004748288 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 004669312 _____ (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 003796992 _____ (Microsoft Corporation) C:\Windows\System32\win32kfull.sys
2024-09-11 19:46 - 2024-09-11 19:46 - 003560376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 003353088 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 003025408 _____ (Microsoft Corporation) C:\Windows\System32\windowsudk.shellcommon.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 003008512 _____ (Microsoft Corporation) C:\Windows\System32\MSAJApi.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 003002752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2024-09-11 19:46 - 2024-09-11 19:46 - 002979840 _____ (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 002869720 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 002865152 _____ (Microsoft Corporation) C:\Windows\System32\win32kbase.sys
2024-09-11 19:46 - 2024-09-11 19:46 - 002752512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2024-09-11 19:46 - 2024-09-11 19:46 - 002702848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 002633736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 002526720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAJApi.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 002521232 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 002379776 _____ (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 002356936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 002320264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 002251264 _____ (Microsoft Corporation) C:\Windows\System32\ISM.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 001950208 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 001851344 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2024-09-11 19:46 - 2024-09-11 19:46 - 001787224 _____ (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 001686016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 001684992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 001575416 _____ (Microsoft Corporation) C:\Windows\System32\hvix64.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 001573920 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 001481696 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2024-09-11 19:46 - 2024-09-11 19:46 - 001427752 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2024-09-11 19:46 - 2024-09-11 19:46 - 001410664 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 001354480 _____ (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 001337352 _____ (Microsoft Corporation) C:\Windows\System32\SecConfig.efi
2024-09-11 19:46 - 2024-09-11 19:46 - 001303560 _____ (Microsoft Corporation) C:\Windows\System32\hvax64.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 001224688 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 001208248 _____ (Microsoft Corporation) C:\Windows\System32\ApplyTrustOffline.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 001167872 _____ (Microsoft Corporation) C:\Windows\System32\ClipUp.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 001109872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ClipSp.sys
2024-09-11 19:46 - 2024-09-11 19:46 - 001107456 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 001074176 _____ (Microsoft Corporation) C:\Windows\System32\StorSvc.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 001033112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 001015296 _____ (Microsoft Corporation) C:\Windows\System32\rasmans.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000965120 _____ (Microsoft Corporation) C:\Windows\System32\dmenrollengine.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000935008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000842240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000831480 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2024-09-11 19:46 - 2024-09-11 19:46 - 000820824 _____ (Microsoft Corporation) C:\Windows\System32\tcblaunch.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 000791032 _____ (Microsoft Corporation) C:\Windows\System32\LicensingWinRT.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000763392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000671728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000619520 _____ (Microsoft Corporation) C:\Windows\System32\cloudAP.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000598016 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2024-09-11 19:46 - 2024-09-11 19:46 - 000581120 _____ (Microsoft Corporation) C:\Windows\System32\slui.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 000546304 _____ (Microsoft Corporation) C:\Windows\System32\IESettingSync.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 000503776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2024-09-11 19:46 - 2024-09-11 19:46 - 000457216 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2024-09-11 19:46 - 2024-09-11 19:46 - 000453632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000448000 _____ (Microsoft Corporation) C:\Windows\System32\edgeIso.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000412672 _____ (Microsoft Corporation) C:\Windows\System32\msihnd.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000403456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000387064 _____ (Microsoft Corporation) C:\Windows\System32\GameInputInbox.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\System32\msIso.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2024-09-11 19:46 - 2024-09-11 19:46 - 000323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000316416 _____ (Microsoft Corporation) C:\Windows\System32\sppcomapi.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000265136 _____ (Microsoft Corporation) C:\Windows\System32\EditionUpgradeManagerObj.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000237056 _____ (Microsoft Corporation) C:\Windows\System32\IndexedDbLegacy.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000231008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000230368 _____ (Microsoft Corporation) C:\Windows\System32\convertvhd.exe
2024-09-11 19:46 - 2024-09-11 19:46 - 000225272 _____ (Microsoft Corporation) C:\Windows\System32\tcbloader.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000190720 _____ (Microsoft Corporation) C:\Windows\System32\EditionUpgradeHelper.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000176776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeHelper.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000161792 _____ (Microsoft Corporation) C:\Windows\System32\StorageUsage.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000133960 _____ (Microsoft Corporation) C:\Windows\System32\win32u.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000109936 _____ (Microsoft Corporation) C:\Windows\System32\GameInput.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000094160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000093152 _____ (Microsoft Corporation) C:\Windows\System32\DeviceReactivation.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000070624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceReactivation.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000065536 _____ (Microsoft Corporation) C:\Windows\System32\iemigplugin.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000042496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys
2024-09-11 19:46 - 2024-09-11 19:46 - 000037376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksthunk.sys
2024-09-11 19:46 - 2024-09-11 19:46 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000026112 _____ (Microsoft Corporation) C:\Windows\System32\msimsg.dll
2024-09-11 19:46 - 2024-09-11 19:46 - 000012696 _____ C:\Windows\System32\DrtmAuthTxt.wim
2024-09-09 21:07 - 2024-09-09 21:37 - 000000000 ___DC C:\Users\Stefa\Documents\Rockstar Games
2024-09-09 21:07 - 2024-09-09 21:07 - 000000000 ____D C:\Users\Stefa\AppData\Local\Rockstar Games
2024-09-09 21:06 - 2024-09-09 21:07 - 000000000 ____D C:\Program Files\Rockstar Games
2024-09-09 20:43 - 2024-09-09 20:43 - 000000202 ____C C:\Users\Stefa\Desktop\L.A. Noire.url
2024-09-01 18:46 - 2024-09-01 20:16 - 000024263 ____C C:\Users\Stefa\Documents\Unbenannt 2.odt
2024-09-01 08:56 - 2024-09-01 08:56 - 024271872 _____ (Microsoft Corporation) C:\Windows\System32\Hydrogen.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 018767872 _____ (Microsoft Corporation) C:\Windows\System32\HologramWorld.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 011455488 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 009495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 005428072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 005078744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 003943648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 003894272 _____ (Microsoft Corporation) C:\Windows\System32\diagtrack.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 003574272 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_nt.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 003139880 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 002896384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 002642944 _____ (Microsoft Corporation) C:\Windows\System32\enterprisecsps.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 002554368 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.onecore.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 002434056 _____ (Microsoft Corporation) C:\Windows\System32\ResetEngine.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 002433024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 002415616 _____ (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 002029080 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 002018240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001909248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001884832 _____ (Microsoft Corporation) C:\Windows\System32\d3d9.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001872896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001804288 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.desktop.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001701064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001662320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001632280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001463424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12Core.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001348616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001141760 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Management.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001137000 _____ (Microsoft Corporation) C:\Windows\System32\DolbyDecMFT.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001128960 _____ (Microsoft Corporation) C:\Windows\System32\tdh.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001127176 _____ (Microsoft Corporation) C:\Windows\System32\msctf.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001073152 _____ (Microsoft Corporation) C:\Windows\System32\opengl32.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 001041280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000994304 _____ (Microsoft Corporation) C:\Windows\System32\dcsvc.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000991744 _____ (Microsoft Corporation) C:\Windows\System32\fveapi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000941384 _____ (Microsoft Corporation) C:\Windows\System32\ci.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000933376 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000930816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\opengl32.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000930240 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000914224 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Shell.Broker.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000904704 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 000886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000860080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000820224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000808416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2024-09-01 08:56 - 2024-09-01 08:56 - 000799744 _____ (Microsoft Corporation) C:\Windows\System32\msctfuimanager.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000795032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000794480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Services.TargetedContent.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000790016 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000784896 _____ (Microsoft Corporation) C:\Windows\System32\dcntel.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000781672 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000768512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000750080 _____ (Microsoft Corporation) C:\Windows\System32\AppReadiness.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000738744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000652800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000650248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000648704 _____ (Microsoft Corporation) C:\Windows\System32\PortableDeviceApi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000642560 _____ (Microsoft Corporation) C:\Windows\System32\wpdshext.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000624128 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000615424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000608768 _____ (Microsoft Corporation) C:\Windows\System32\sppcext.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000603400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000574464 _____ (Microsoft Corporation) C:\Windows\System32\dxdiagn.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000561664 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2024-09-01 08:56 - 2024-09-01 08:56 - 000556544 _____ (Microsoft Corporation) C:\Windows\System32\bdesvc.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000549880 _____ (Microsoft Corporation) C:\Windows\System32\WinREAgent.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000541696 _____ (Microsoft Corporation) C:\Windows\System32\wuuhext.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000541184 _____ (Microsoft Corporation) C:\Windows\System32\nltest.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 000531968 _____ (Microsoft Corporation) C:\Windows\System32\mprapi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000527360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000526848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000520704 _____ (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000503808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cldflt.sys
2024-09-01 08:56 - 2024-09-01 08:56 - 000503808 _____ (Microsoft Corporation) C:\Windows\System32\DeviceEnroller.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 000480256 _____ (Microsoft Corporation) C:\Windows\System32\LockScreenData.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000479744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000478208 _____ (Microsoft Corporation) C:\Windows\System32\omadmclient.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 000474624 _____ (Microsoft Corporation) C:\Windows\System32\mtxclu.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000470184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShellCommonCommonProxyStub.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000458752 _____ (Microsoft Corporation) C:\Windows\System32\LockAppBroker.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000437760 _____ (Microsoft Corporation) C:\Windows\System32\fveapibase.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000420656 _____ (Microsoft Corporation) C:\Windows\System32\wininit.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 000414304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000412896 _____ (Microsoft Corporation) C:\Windows\System32\SgrmEnclave_secure.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000397312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000389536 _____ (Microsoft Corporation) C:\Windows\System32\wmpps.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000379392 _____ (Microsoft Corporation) C:\Windows\System32\Windows.FileExplorer.Common.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000373248 _____ (Microsoft Corporation) C:\Windows\System32\dmenterprisediagnostics.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000366592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000347648 _____ (Microsoft Corporation) C:\Windows\System32\drvinst.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 000345096 _____ (Microsoft Corporation) C:\Windows\System32\CloudExperienceHostBroker.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000339456 _____ (Microsoft Corporation) C:\Windows\System32\UnifiedConsent.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000334328 _____ (Microsoft Corporation) C:\Windows\System32\LsaIso.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 000328192 _____ (Microsoft Corporation) C:\Windows\System32\DMPushRouterCore.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockScreenData.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000311296 _____ (Microsoft Corporation) C:\Windows\System32\laps.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.FileExplorer.Common.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000279008 _____ (Microsoft Corporation) C:\Windows\System32\offlinesam.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000258560 _____ (Microsoft Corporation) C:\Windows\System32\McpManagementService.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000210944 _____ (Microsoft Corporation) C:\Windows\System32\AppXApplicabilityBlob.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000208384 _____ (Microsoft Corporation) C:\Windows\System32\OneSettingsClient.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000206848 _____ (Microsoft Corporation) C:\Windows\System32\fde.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000186880 _____ (Microsoft Corporation) C:\Windows\System32\PortableDeviceTypes.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000181248 _____ (Microsoft Corporation) C:\Windows\System32\mdmmigrator.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000179200 _____ (Microsoft Corporation) C:\Windows\System32\pcwutl.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000178032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000173264 _____ (Microsoft Corporation) C:\Windows\System32\vertdll.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 000159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneSettingsClient.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000156672 _____ (Microsoft Corporation) C:\Windows\System32\vbsapi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000156656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTWorkQ.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fde.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000150464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceTypes.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000139264 _____ (Microsoft Corporation) C:\Windows\System32\samlib.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000138752 _____ (Microsoft Corporation) C:\Windows\System32\CustomInstallExec.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 000129024 _____ (Microsoft Corporation) C:\Windows\System32\repair-bde.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 000128000 _____ (Microsoft Corporation) C:\Windows\System32\PortableDeviceClassExtension.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000105984 _____ (Microsoft Corporation) C:\Windows\System32\utcutil.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000102912 _____ (Microsoft Corporation) C:\Windows\System32\ntlanman.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000100832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000094808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2024-09-01 08:56 - 2024-09-01 08:56 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000086016 _____ (Microsoft Corporation) C:\Windows\System32\winlogonext.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000070920 _____ (Microsoft Corporation) C:\Windows\System32\iumcrypt.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000069632 _____ (Microsoft Corporation) C:\Windows\System32\PortableDeviceConnectApi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000067072 _____ (Microsoft Corporation) C:\Windows\System32\WPDShServiceObj.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000059592 _____ (Microsoft Corporation) C:\Windows\System32\sfc_os.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000056440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcRtRemote.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000055808 _____ (Microsoft Corporation) C:\Windows\System32\enrollmentapi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000054784 _____ (Microsoft Corporation) C:\Windows\System32\diagnosticdataquery.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000051296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sfc_os.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\System32\bderepair.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000047600 _____ (Microsoft Corporation) C:\Windows\System32\wininitext.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000043528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000038768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininitext.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000030720 _____ (Microsoft Corporation) C:\Windows\System32\WPDShextAutoplay.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe
2024-09-01 08:56 - 2024-09-01 08:56 - 000020480 _____ (Microsoft Corporation) C:\Windows\System32\wmsgapi.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000012856 _____ (Microsoft Corporation) C:\Windows\System32\sfc.dll
2024-09-01 08:56 - 2024-09-01 08:56 - 000012344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sfc.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 008269328 _____ (Microsoft Corporation) C:\Windows\System32\OneCoreUAPCommonProxyStub.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 006968320 _____ (Microsoft Corporation) C:\Windows\System32\twinui.pcshell.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 005866024 _____ (Microsoft Corporation) C:\Windows\System32\Windows.StateRepository.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 005786440 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2024-09-01 08:55 - 2024-09-01 08:55 - 004794368 _____ (Microsoft Corporation) C:\Windows\System32\InputService.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 003814880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2024-09-01 08:55 - 2024-09-01 08:55 - 003750400 _____ (Microsoft Corporation) C:\Windows\System32\EdgeContent.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 003314688 _____ (Microsoft Corporation) C:\Windows\System32\esent.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 003182080 _____ (Microsoft Corporation) C:\Windows\System32\MapRouter.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 002584312 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 002500608 _____ (Microsoft Corporation) C:\Windows\System32\Windows.CloudStore.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 002475008 _____ (Microsoft Corporation) C:\Windows\System32\InstallService.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 002197512 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 001882624 _____ (Microsoft Corporation) C:\Windows\System32\wevtsvc.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 001863040 _____ (Microsoft Corporation) C:\Windows\System32\AppxPackaging.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 001854968 _____ (Microsoft Corporation) C:\Windows\System32\D3D12Core.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 001814016 _____ (Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
2024-09-01 08:55 - 2024-09-01 08:55 - 001802736 _____ (Microsoft Corporation) C:\Windows\System32\ContentDeliveryManager.Utilities.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 001580544 _____ (Microsoft Corporation) C:\Windows\System32\SpeechPal.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 001517568 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 001420288 _____ (Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
2024-09-01 08:55 - 2024-09-01 08:55 - 001338872 _____ (Microsoft Corporation) C:\Windows\System32\Windows.StateRepositoryPS.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 001222640 _____ (Microsoft Corporation) C:\Windows\System32\CloudExperienceHostCommon.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 001205752 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Services.TargetedContent.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 001193472 _____ (Microsoft Corporation) C:\Windows\System32\MusUpdateHandlers.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 001191216 _____ (Microsoft Corporation) C:\Windows\System32\ShellAppRuntime.exe
2024-09-01 08:55 - 2024-09-01 08:55 - 001065472 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Signals.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000991712 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000956912 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000927744 _____ (Microsoft Corporation) C:\Windows\System32\ShellCommonCommonProxyStub.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000900080 _____ (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000885936 _____ (Microsoft Corporation) C:\Windows\System32\pkeyhelper.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000833520 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000829952 _____ (Microsoft Corporation) C:\Windows\System32\CloudRestoreLauncher.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000791040 _____ (Microsoft Corporation) C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000726784 _____ (Microsoft Corporation) C:\Windows\System32\StateRepository.Core.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000717808 _____ (Microsoft Corporation) C:\Windows\System32\upshared.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000706048 _____ (Microsoft Corporation) C:\Windows\System32\daxexec.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000641392 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000629216 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000612848 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000605184 _____ C:\Windows\System32\aemarebackup.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000600064 _____ (Microsoft Corporation) C:\Windows\System32\SettingsEnvironment.Desktop.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000599784 _____ (Microsoft Corporation) C:\Windows\System32\AppResolver.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000587776 _____ (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000573952 _____ (Microsoft Corporation) C:\Windows\System32\usosvc.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000547128 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.Enumeration.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000479736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2024-09-01 08:55 - 2024-09-01 08:55 - 000473088 _____ (Microsoft Corporation) C:\Windows\System32\fcon.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000467456 _____ (Microsoft Corporation) C:\Windows\System32\TpmTasks.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000436224 _____ (Microsoft Corporation) C:\Windows\System32\wosc.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000427520 _____ (Microsoft Corporation) C:\Windows\System32\WaaSMedicSvc.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000427008 _____ (Microsoft Corporation) C:\Windows\System32\mdmregistration.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000396288 _____ (Microsoft Corporation) C:\Windows\System32\licensingdiag.exe
2024-09-01 08:55 - 2024-09-01 08:55 - 000395776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\MbbCx.sys
2024-09-01 08:55 - 2024-09-01 08:55 - 000374272 _____ (Microsoft Corporation) C:\Windows\System32\SyncSettings.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000365056 _____ (Microsoft Corporation) C:\Windows\System32\UpdateDeploymentProvider.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000341504 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_ManagePhone.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000332288 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000318464 _____ (Microsoft Corporation) C:\Windows\System32\AppxSip.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000303616 _____ (Microsoft Corporation) C:\Windows\System32\directxdatabaseupdater.exe
2024-09-01 08:55 - 2024-09-01 08:55 - 000289792 _____ (Microsoft Corporation) C:\Windows\System32\policymanagerprecheck.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000268800 _____ (Microsoft Corporation) C:\Windows\System32\Windows.StateRepositoryUpgrade.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000258048 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.System.UserProfile.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000250736 _____ (Microsoft Corporation) C:\Windows\System32\Windows.StateRepositoryClient.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000249344 _____ (Microsoft Corporation) C:\Windows\System32\dxgiadaptercache.exe
2024-09-01 08:55 - 2024-09-01 08:55 - 000248832 _____ (Microsoft Corporation) C:\Windows\System32\Win32CompatibilityAppraiserCSP.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000234496 _____ (Microsoft Corporation) C:\Windows\System32\InstallServiceTasks.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000227832 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2024-09-01 08:55 - 2024-09-01 08:55 - 000225792 _____ C:\Windows\System32\CloudIdWxhExtension.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000207360 _____ (Microsoft Corporation) C:\Windows\System32\pcaui.exe
2024-09-01 08:55 - 2024-09-01 08:55 - 000203688 _____ (Microsoft Corporation) C:\Windows\System32\KerbClientShared.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000188928 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Taskbar.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000185840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
2024-09-01 08:55 - 2024-09-01 08:55 - 000184600 _____ (Microsoft Corporation) C:\Windows\System32\RTWorkQ.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000180736 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_ContentDeliveryManager.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000169472 _____ (Microsoft Corporation) C:\Windows\System32\MDMAgent.exe
2024-09-01 08:55 - 2024-09-01 08:55 - 000154624 _____ (Microsoft Corporation) C:\Windows\System32\WaaSAssessment.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000153088 _____ (Microsoft Corporation) C:\Windows\System32\RjvMDMConfig.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000152544 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bindflt.sys
2024-09-01 08:55 - 2024-09-01 08:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\System32\usoapi.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000127488 _____ (Microsoft Corporation) C:\Windows\System32\win32appinventorycsp.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000118640 _____ (Microsoft Corporation) C:\Windows\System32\Windows.StateRepositoryBroker.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000112128 _____ (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000104960 _____ (Microsoft Corporation) C:\Windows\System32\bindfltapi.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000070416 _____ (Microsoft Corporation) C:\Windows\System32\RpcRtRemote.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000059464 _____ (Microsoft Corporation) C:\Windows\System32\Windows.StateRepositoryCore.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000056832 _____ (Microsoft Corporation) C:\Windows\System32\kdcpw.dll
2024-09-01 08:55 - 2024-09-01 08:55 - 000054384 _____ (Microsoft Corporation) C:\Windows\System32\GameInputSvc.exe
2024-09-01 08:55 - 2024-09-01 08:55 - 000032256 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\KNetPwrDepBroker.sys
2024-08-31 08:52 - 2024-08-31 08:53 - 000000000 ____D C:\Program Files\PDF Architect 9
==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-09-25 19:33 - 2023-02-15 18:18 - 012258080 _____ C:\Windows\System32\rtp.db
2024-09-25 19:33 - 2020-10-31 12:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-09-25 19:33 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\System32\config\BBI
2024-09-25 19:33 - 2017-05-18 19:35 - 000000000 ____D C:\ProgramData\NVIDIA
2024-09-25 19:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-09-25 19:19 - 2020-10-31 12:16 - 000000000 ____D C:\Windows\System32\SleepStudy
2024-09-25 16:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-09-25 16:58 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-09-25 16:58 - 2018-07-15 22:22 - 000000000 ___DC C:\Users\Stefa\AppData\Local\D3DSCache
2024-09-25 16:57 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-09-25 16:31 - 2021-12-18 23:28 - 000000000 ____D C:\Windows\SystemTemp
2024-09-25 16:30 - 2021-09-03 16:55 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-09-24 00:09 - 2017-04-08 21:09 - 000000000 ___DC C:\Users\Stefa\AppData\Local\Downloaded Installations
2024-09-23 22:56 - 2017-11-26 15:32 - 000002219 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-09-23 20:30 - 2017-03-23 18:56 - 000000000 ___DC C:\Users\Stefa\AppData\Local\CrashDumps
2024-09-23 18:57 - 2022-03-07 13:50 - 000000068 __RSH C:\Windows\System32\Drivers\winverbs.winsecurity
2024-09-23 18:38 - 2020-10-31 12:20 - 001723066 _____ C:\Windows\System32\PerfStringBackup.INI
2024-09-23 18:38 - 2019-12-07 15:50 - 000743714 _____ C:\Windows\System32\perfh007.dat
2024-09-23 18:38 - 2019-12-07 15:50 - 000150136 _____ C:\Windows\System32\perfc007.dat
2024-09-23 18:38 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-09-23 18:34 - 2022-03-07 13:50 - 000000068 __RSH C:\Windows\System32\Drivers\wmiacpi.winsecurity
2024-09-23 18:34 - 2020-10-31 12:16 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-22 17:16 - 2022-12-07 14:41 - 000000000 ____D C:\Users\Stefa\AppData\Roaming\Soda PDF Desktop 14
2024-09-22 08:42 - 2017-03-23 19:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-09-22 08:41 - 2021-08-29 09:42 - 000001425 _____ C:\Windows\System32\default_error_stack-000000-000000.txt
2024-09-21 19:07 - 2022-02-09 18:44 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-09-20 00:23 - 2021-08-30 12:22 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-09-15 13:00 - 2024-03-11 21:22 - 000431416 _____ (Avira Operations GmbH) C:\Windows\System32\Drivers\rtp2.sys
2024-09-15 13:00 - 2024-03-11 21:22 - 000431408 _____ (Avira Operations GmbH) C:\Windows\System32\Drivers\rtp1.sys
2024-09-11 21:45 - 2020-10-31 12:16 - 000382832 _____ C:\Windows\System32\FNTCACHE.DAT
2024-09-11 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-09-11 21:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-09-11 19:46 - 2020-10-31 12:17 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-09-11 19:34 - 2017-03-23 21:49 - 000000000 ____D C:\Windows\System32\MRT
2024-09-11 19:31 - 2017-03-23 21:49 - 199688632 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2024-09-09 21:07 - 2016-12-09 07:16 - 000000000 ____D C:\ProgramData\Package Cache
2024-09-09 21:06 - 2019-12-01 14:15 - 000000000 ____D C:\ProgramData\Rockstar Games
2024-09-09 20:41 - 2018-07-06 21:17 - 000000000 ___DC C:\Users\Stefa\AppData\Local\PlaceholderTileLogoFolder
2024-09-09 20:41 - 2018-02-08 18:27 - 000000000 ___DC C:\Users\Stefa\AppData\Local\Packages
2024-09-09 18:05 - 2020-10-31 12:23 - 000003756 _____ C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 18:05 - 2020-10-31 12:23 - 000003632 _____ C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-08 19:15 - 2016-12-09 07:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-09-08 12:51 - 2018-09-27 14:43 - 000000000 ___DC C:\Users\Stefa\AppData\Local\ElevatedDiagnostics
2024-09-04 20:06 - 2021-10-10 07:58 - 000000000 ____D C:\Windows\System32\Tasks\Mozilla
2024-09-01 20:55 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-09-01 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-09-01 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-09-01 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\WinMetadata
2024-09-01 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\oobe
2024-09-01 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\migwiz
2024-09-01 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\Dism
2024-09-01 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\System32\appraiser
2024-08-31 08:53 - 2023-05-21 09:33 - 000000000 ____D C:\Users\Stefa\AppData\Roaming\PDF Architect 9

==================== KnownDLLs (Whitelisted) =========================


==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe
[2024-09-01 08:56] - [2024-09-01 08:56] - 000904704 _____ (Microsoft Corporation) 2985613F9F28FB2E214F590295CE601B

C:\Windows\System32\wininit.exe
[2024-09-01 08:56] - [2024-09-01 08:56] - 000420656 _____ (Microsoft Corporation) 583B60A43F502D90331E6589E1DBC6DD

C:\Windows\explorer.exe
[2024-09-01 08:55] - [2024-09-01 08:55] - 005786440 _____ (Microsoft Corporation) A437D48C56E5C5554C97BABF12DA1B0D

C:\Windows\SysWOW64\explorer.exe
[2024-09-01 08:56] - [2024-09-01 08:56] - 005078744 _____ (Microsoft Corporation) 5D87A397FD051BF0C8F4830A9CD83E81

C:\Windows\System32\svchost.exe
[2024-05-16 10:11] - [2024-05-16 10:11] - 000057528 _____ (Microsoft Corporation) 7469CC568AD6821FD9D925542730A7D8

C:\Windows\SysWOW64\svchost.exe
[2024-05-16 10:12] - [2024-05-16 10:12] - 000047040 _____ (Microsoft Corporation) 3EFEB8ACDF4ED1D79EBBBCA4D2294B78

C:\Windows\System32\services.exe
[2024-05-16 10:11] - [2024-05-16 10:11] - 000716544 _____ (Microsoft Corporation) 4EACBE64BB1E7D58E8A26340ED1C7CBD

C:\Windows\System32\User32.dll
[2024-07-28 12:13] - [2024-07-28 12:13] - 001693248 _____ (Microsoft Corporation) 69D72A21D743029EBF6B61F9BD856D3A

C:\Windows\SysWOW64\User32.dll
[2024-09-11 19:46] - [2024-09-11 19:46] - 001686016 _____ (Microsoft Corporation) 92E0A71DDBC927A69C1D976BFA1F9316

C:\Windows\System32\userinit.exe
[2024-05-16 10:11] - [2024-05-16 10:11] - 000054272 _____ (Microsoft Corporation) 5CDC907C7818FBAA658FC9F2ABB238F1

C:\Windows\SysWOW64\userinit.exe
[2024-05-16 10:12] - [2024-05-16 10:12] - 000041472 _____ (Microsoft Corporation) 63EDB0AED4F70B7ADBCFDD3935389322

C:\Windows\System32\rpcss.dll
[2024-05-16 10:11] - [2024-05-16 10:11] - 001324032 _____ (Microsoft Corporation) 68034F1CF2E86E3666B6ECA2FF2847FC

C:\Windows\System32\dnsapi.dll
[2024-06-12 20:18] - [2024-06-12 20:18] - 000821800 _____ (Microsoft Corporation) 7CD32F5CF65B86C38DDEA8D86D2C71CA

C:\Windows\SysWOW64\dnsapi.dll
[2024-06-12 20:18] - [2024-06-12 20:18] - 000583680 _____ (Microsoft Corporation) DE5762BFDE6D02F60FED8702089B2792

C:\Windows\System32\dllhost.exe => MD5 is legit
C:\Windows\SysWOW64\dllhost.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============


==================== Restore Points  =========================

Restore point date: 2024-09-25 16:43
Restore point date: 2024-09-25 19:01

==================== Memory info =========================== 

Percentage of memory in use: 7%
Total physical RAM: 16351.04 MB
Available physical RAM: 15065.83 MB
Total Virtual: 16351.04 MB
Available Virtual: 15107.11 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:222.94 GB) (Free:31.66 GB) (Model: ADATA SP580) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:421.86 GB) (Model: TOSHIBA DT01ACA100) NTFS
Drive f: () (Fixed) (Total:0.51 GB) (Free:0.08 GB) (Model: ADATA SP580) NTFS
Drive g: () (Removable) (Total:0.94 GB) (Free:0.93 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.49 GB) (Free:0.49 GB) NTFS

\\?\Volume{9d175c7c-6f7d-4aaf-abf1-31b5e509940d}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: AFBEF12B)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B64ACEFC)

Partition: GPT.

==========================================================
Disk: 2 (Size: 960 MB) (Disk ID: 6F20736B)
No partition Table on disk 2.
Disk 2 is a removable device.
==================== End of FRST.txt ========================

cosinus · 25.09.2024, 20:25

Was soll denn das mit dem abgesicherten Modus? Bitte die Hinweise richtig lesen und umsetzen.

The_Game_ · 25.09.2024, 20:28

Zitat:

Zitat von cosinus

Was soll denn das mit dem abgesicherten Modus? BItte die Hinweise richtig lesen und umsetzen.

Ich habe das so befolgt wie es in der Anleitung auf der Seite https://www.trojaner-board.de/198858-anleitung-farbar-recovery-scan-tool-frst-wiederherstellungsumgebung.html steht. Wenn du etwas anderes möchtest, dann teile es mir bitte mit, mit einem Link zur Anleitung oder deiner eigenen Anleitung.

cosinus · 25.09.2024, 20:30

Es steht doch extra in diesem Thread hier drin -> https://www.trojaner-board.de/69886-...-beachten.html

Logdateien erstellen mit FRST64

Bitte lade dir Farbar's Recovery Scan Tool (FRST64.exe) auf deinen Desktop
Starte anschließend FRST64.exe per Doppelklick.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und die Addition.txt in deinem Thread in CODE-Tags (#-Symbol im Eingabefenster der Webseite anklicken)

Falls der Smartscreenfilter FRST blockiert sollte, kannst du den dort deaktivieren:
Start > Einstellungen > Update und Sicherheit > Windows Sicherheit > App- & Browsersteuerung > Zuverlässigkeitsbasierter Schutz

Posten in CODE-Tags

Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

The_Game_ · 25.09.2024, 21:14

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
durchgeführt von Stefan (Administrator) auf STEFAN (Hyrican Informationssysteme AG H110M PRO-D) (25-09-2024 21:35:41)
Gestartet von C:\Users\Stefa\Desktop\FRST64 (1).exe
Geladene Profile: Stefan
Plattform: Microsoft Windows 10 Home Version 22H2 19045.4894 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <51>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Avanquest Software (7270356 Canada Inc) -> Avanquest Software) D:\Soda PDF Desktop 14\activation-service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaki.inf_amd64_252f5e1fae961efa\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (pdfforge GmbH -> Avanquest pdfforge GmbH) C:\Program Files\PDF Architect 9\activation-service.exe
(services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2405.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [831584 2016-11-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\Run: [HP OfficeJet 3830 series (NET)] => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2239256 2024-09-14] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\Run: [] => [X]
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1842952 2024-08-29] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\Run: [Steam] => D:\Steam\steam.exe [4406632 2024-09-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\Run: [MicrosoftEdgeAutoLaunch_9DC56468E065DAA99E27C3CB0FB06F76] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3798464 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\RunOnce: [Application Restart #3] => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\OneClick.exe [7383048 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\RunOnce: [Application Restart #4] => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\OneClick.exe [7383048 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\RunOnce: [Application Restart #5] => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\OneClick.exe [7383048 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [155136 2024-05-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP OfficeJet 3830 series): C:\Windows\system32\HPDiscoPME511.dll [807432 2015-03-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP E511 Status Monitor: C:\Windows\system32\hpinkstsE511LM.dll [399368 2023-09-24] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\PDF Architect 9 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\architect_pdfpmon_v.6.23.0.2.dll [974120 2024-08-31] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [196096 2023-05-21] (pdfforge GmbH) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\Soda PDF Desktop 14 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\soda_pdfpmon_v.6.23.0.2.dll [974120 2024-08-31] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.59\Installer\chrmstp.exe [2024-09-23] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2022-03-07]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
GroupPolicy-Firefox-x32: Beschränkung <==== ACHTUNG

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {D3600B0A-38AD-485E-AA9F-506BC6960249} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {801210C1-1761-4785-81A1-D556502AFB34} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\App Notification => C:\Program Files\PDF Architect 9\architect-launcher.exe [2343872 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {61C65471-84BA-43F1-A04E-7689FEC6ED5D} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\App Notification Logon => C:\Program Files\PDF Architect 9\architect-launcher.exe [2343872 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {FFED27E1-3AB1-4053-A8C5-447CA111E1DE} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\Installer updater => C:\ProgramData\PDF Architect 9\Installation\PDF_Architect_9_Installer.exe [12086712 2024-08-29] (pdfforge GmbH -> )
Task: {B6E4B966-7AC5-48EE-9D5E-7513E3AE4EE8} - System32\Tasks\Avanquest pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3636672 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {8038C571-7ECE-4A47-A548-439CD2E86253} - System32\Tasks\Avanquest Software\Soda PDF Desktop 14\App Notification => D:\Soda PDF Desktop 14\soda-launcher.exe [2195424 2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
Task: {8D604B43-1258-4197-B19F-9B1E532E26F9} - System32\Tasks\Avanquest Software\Soda PDF Desktop 14\App Notification Logon => D:\Soda PDF Desktop 14\soda-launcher.exe [2195424 2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
Task: {EB5E79F9-1AE1-477E-AC79-9C9DABFE7BCD} - System32\Tasks\Avanquest Software\Soda PDF Desktop 14\Installer updater => C:\ProgramData\Soda PDF Desktop 14\Installation\SodaPDFDesktop14.exe [11922384 2024-08-31] (Avanquest Software (7270356 Canada Inc) -> )
Task: {889BB0D0-B5EF-4831-A47C-6081E65BE513} - System32\Tasks\Avanquest Software\Soda PDF Desktop 14\Update => D:\Soda PDF Desktop 14\soda.exe [3694560 2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
Task: {7A3FAB71-427E-4198-9B28-4BB9EABD4F5F} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\System32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {83632D50-AD9E-4284-8768-A237AEB08FD4} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {83632D50-AD9E-4284-8768-A237AEB08FD4} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {83632D50-AD9E-4284-8768-A237AEB08FD4} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {CC2DE6C9-6431-487F-A1B8-AE13F7F9B6B6} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [259944 2024-08-12] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {ED4B0EC4-2494-4DFE-91DB-CF9FABDC235D} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1775464 2024-08-12] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {F3EE2A15-6A9E-4241-A2FB-7921DAAE45A7} - System32\Tasks\Avira_Security_Update => C:\Windows\System32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {51B94CE3-6740-482C-AF8D-0FD2D9765612} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5786440 2024-09-01] (Microsoft Windows -> Microsoft Corporation)
Task: {0F912048-2F32-418E-8D3B-BCDC41F9142F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Stefa\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-09-22] (ESET, spol. s r.o. -> ESET)
Task: {324B7915-6DB2-4A78-988A-E6E11FD153A9} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Stefa\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-09-22] (ESET, spol. s r.o. -> ESET)
Task: {1A278C31-9F1A-42C9-988D-7E93BA7E8985} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{B77F026C-BD7A-4FD2-9D5C-6DF0E4661D87} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {21EA4186-7D52-473D-9B31-ADE464A4DBCD} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4922296 2023-12-19] (Intel Corporation -> Intel Corporation)
Task: {137C4E6C-AAA6-404D-88EE-67A955B47D05} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4922296 2023-12-19] (Intel Corporation -> Intel Corporation)
Task: {7CD60741-B058-4ED8-A7E3-16B1C112A238} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe  --automatic (Keine Datei)
Task: {F44EABDD-44D7-4112-B706-1B6AA91CCBB6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {5CDCBC96-37BB-40D4-BD28-BA5CDE881B53} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => %ProgramFiles%\rempl\remsh.exe  /RunUsoScanOnly (Keine Datei)
Task: {25BBCC6D-EF66-4375-8DF6-CCFF341A8699} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [672328 2024-09-17] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {4B72B5DD-DC92-4F7C-BB3E-12AB5BC113F4} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3758623145-1266260989-3540530203-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [672328 2024-09-17] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {F778B396-83FC-4007-9DDD-9877C73D852F} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34376 2024-09-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {CE6838B5-5363-4C50-A53C-099538AAC401} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E8A25349-F0A7-4377-92E5-E1CD96671CBE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {583F64B6-AD8F-4960-8C9E-1EC50E11D627} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {2E3B9602-1C35-454C-A1CE-DE83BBE4CB35} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FCF36D18-D7B6-418E-B96C-9B3B9E1240B7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {563E38DE-C24D-4DB8-B625-9FDC66C16A88} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6895B858-DEAC-463E-AE2D-51AD42A8FD66} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF1D591D-D80A-4AC3-9552-13C20838BB60} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {249E2BDD-612D-4E25-B48C-EC3CFC97B73E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B01F9B1-7D7B-4CDB-89FF-BD50F2F95A1E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3758623145-1266260989-3540530203-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  /reporting (Keine Datei)
Task: {D3073C0F-D21A-4050-BC1D-21244ED6FEDF} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3758623145-1266260989-3540530203-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (Keine Datei)
Task: {280D2BF7-751D-42A2-BC41-6F24A7BD384D} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2388744 2024-08-29] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
Task: {A8C638F0-495D-4FC9-8289-4CFDDA9A1305} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Installer updater => C:\ProgramData\PDF Architect 9\Installation\PDF_Architect_9_Installer.exe [12086712 2024-08-29] (pdfforge GmbH -> )
Task: {D702B550-F238-41ED-8F09-D5303A9FD219} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3636672 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
Task: {293C3C7B-C8EB-4214-852D-5D7DE81BC1BE} - System32\Tasks\pdfforge GmbH\Update => C:\Program Files\PDF Architect 8\architect.exe  --update --mode check auto notify (Keine Datei)
Task: {4E92DCCF-345F-4FBF-92D2-3DE004D262FF} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [196608 2024-07-10] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\//B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ACHTUNG (Beschränkung - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{80dd0ae7-a4be-49c5-9fc4-cd293a7a7f9d}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{80dd0ae7-a4be-49c5-9fc4-cd293a7a7f9d}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{9337067f-0093-479a-859c-42479d8864ac}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9337067f-0093-479a-859c-42479d8864ac}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{9337067f-0093-479a-859c-42479d8864ac}\45F6E6965626F687D233146324: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9337067f-0093-479a-859c-42479d8864ac}\45F6E6965626F687D234933333: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9337067f-0093-479a-859c-42479d8864ac}\6596567702052796D656: [DhcpNameServer] 192.168.43.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Stefa\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-12]
Edge Extension: (Google Docs Offline) - C:\Users\Stefa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-12]
Edge Extension: (Edge relevant text changes) - C:\Users\Stefa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: v6k80j7f.default
FF ProfilePath: C:\Users\Stefa\AppData\Roaming\Mozilla\Firefox\Profiles\v6k80j7f.default [2024-09-21]
FF Session Restore: Mozilla\Firefox\Profiles\v6k80j7f.default -> ist aktiviert.
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\Stefa\AppData\Roaming\Mozilla\Firefox\Profiles\v6k80j7f.default\Extensions\elemhidehelper@adblockplus.org.xpi [2017-04-12] []
FF Extension: (Status-4-Evar) - C:\Users\Stefa\AppData\Roaming\Mozilla\Firefox\Profiles\v6k80j7f.default\Extensions\status4evar@caligonstudios.com.xpi [2017-09-01] []
FF Extension: (PAYBACK Internet Assistent) - C:\Users\Stefa\AppData\Roaming\Mozilla\Firefox\Profiles\v6k80j7f.default\Extensions\toolbar-ff@payback.de-sh.xpi [2023-10-11] [UpdateUrl:hxxps://www.payback.de/resources/content/site-pia/update/1/ffsh/json]
FF Extension: (Cr!Box) - C:\Users\Stefa\AppData\Roaming\Mozilla\Firefox\Profiles\v6k80j7f.default\Extensions\{2433da4c-4e10-4f44-977c-dfdba395e6f6}.xpi [2024-04-26]
FF Extension: (Speed Dial) - C:\Users\Stefa\AppData\Roaming\Mozilla\Firefox\Profiles\v6k80j7f.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2017-05-24] []
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Stefa\AppData\Roaming\Mozilla\Firefox\Profiles\v6k80j7f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-09-19]
FF Extension: (Tab Mix Plus) - C:\Users\Stefa\AppData\Roaming\Mozilla\Firefox\Profiles\v6k80j7f.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2018-05-26]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3758623145-1266260989-3540530203-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Default [2024-09-25]
CHR Notifications: Default -> hxxps://web.whatsapp.com
CHR NewTab: Default ->  Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (7TV) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2024-04-17]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-09-14]
CHR Extension: (Seite aktualisieren - Seite automatisch neu laden) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\egikkennjmdkmenllfmbigafjhicmeep [2024-09-07]
CHR Extension: (MillionPugs: Shop & get in-game content) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbhoepimmkeinmlojkmkpipcooeennmk [2024-05-09]
CHR Extension: (Google Docs Offline) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-29]
CHR Extension: (Cr!Box) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjodchcocbnbhfkjeapbdoflbiibnapp [2021-02-09]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2024-08-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (PAYBACK Internet Assistent) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfjbhoglggakhkngkbfehgghkaadeba [2023-06-12]
CHR Profile: C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-01-08]
CHR Profile: C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-01-23]
CHR Extension: (Präsentationen) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-07]
CHR Extension: (Docs) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-07]
CHR Extension: (Google Drive) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-07]
CHR Extension: (YouTube) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-07]
CHR Extension: (Avira Password Manager) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-01-22]
CHR Extension: (Avira Safe Shopping) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-01-22]
CHR Extension: (Tabellen) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-07]
CHR Extension: (Google Docs Offline) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-07]
CHR Extension: (Google Mail) - C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-07]
CHR Profile: C:\Users\Stefa\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-08]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]

==================== Dienste (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6738360 2024-04-25] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [265936 2024-08-12] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [296656 2024-08-12] (Avira Operations GmbH -> Avira Operations GmbH)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15737128 2024-03-17] (BattlEye Innovations e.K. -> )
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [45464 2024-08-01] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [296856 2024-08-01] (Intel Corporation -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2022-01-04] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-10-01] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11805928 2024-09-15] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11805928 2024-09-15] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-08-08] (HP Inc. -> HP Inc.)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2169440 2016-11-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2206304 2017-01-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4172896 2016-12-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2014816 2016-11-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2327648 2016-12-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-12-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [611936 2016-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_252f5e1fae961efa\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2388744 2024-08-29] (Overwolf Ltd -> Overwolf LTD)
R3 PDF Architect 9; C:\Program Files\PDF Architect 9\activation-service.exe [3414976 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
S3 PDF Architect 9 Creator; C:\Program Files\PDF Architect 9\creator-ws.exe [508864 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
S3 PDF Architect 9 Update Service; C:\Program Files\PDF Architect 9\update-service.exe [415680 2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [6884848 2024-09-09] (Rockstar Games, Inc. -> Rockstar Games)
R3 Soda PDF Desktop 14; D:\Soda PDF Desktop 14\activation-service.exe [3300832 2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
S3 Soda PDF Desktop 14 Creator; D:\Soda PDF Desktop 14\creator-ws.exe [392672 2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
S3 Soda PDF Desktop 14 Update Service; D:\Soda PDF Desktop 14\update-service.exe [298976 2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5084200 2024-05-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-10-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [12458336 2024-05-26] (KRAFTON, Inc. -> KRAFTON, Inc)

===================== Treiber (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [136760 2019-05-07] (Alcorlink Corp. -> )
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [176712 2024-03-11] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2023-05-27] (Avira Operations GmbH -> Avira Operations GmbH)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-14] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 IntelTurboBoostMax; C:\WINDOWS\System32\drivers\IntelNit.sys [127480 2016-06-16] (Intel(R) Software -> Intel Corporation)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-05-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 netprotection_network_filter2; C:\WINDOWS\System32\drivers\netprotection_network_filter2.sys [100376 2022-05-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 nvme; C:\WINDOWS\System32\drivers\nvme.sys [70208 2015-05-28] (Samsung Electronics Co., Ltd. -> Samsung Electronic Co., Ltd)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbwwan; C:\WINDOWS\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [431408 2024-09-15] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [431416 2024-09-15] (Avira Operations GmbH -> Avira Operations GmbH)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28768 2024-04-26] (Microsoft Windows Early Launch Anti-Malware Publisher -> Avira Operations GmbH)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2020-10-31] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [215864 2024-05-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-09-25 21:45 - 2024-09-25 21:36 - 000000000 ____D C:\FRST
2024-09-25 21:35 - 2024-09-25 21:36 - 000037712 ____C C:\Users\Stefa\Desktop\FRST.txt
2024-09-25 21:34 - 2024-09-25 21:34 - 002397696 _____ (Farbar) C:\Users\Stefa\Desktop\FRST64 (1).exe
2024-09-25 20:49 - 2024-09-25 20:49 - 000000000 ____H C:\ProgramData\cm-lock
2024-09-25 17:43 - 2024-09-25 17:43 - 000000000 ___HD C:\$WinREAgent
2024-09-24 01:19 - 2024-09-24 01:19 - 000002332 ____C C:\Users\Stefa\Desktop\AdwCleaner.txt
2024-09-24 01:08 - 2024-09-24 20:58 - 000001934 ____C C:\Users\Stefa\Desktop\Eset.txt
2024-09-22 15:10 - 2024-09-22 15:10 - 092549182 _____ (Aslain ) C:\Users\Stefa\Downloads\Aslains_WoT_Modpack_Installer_v.1.26.0.1_06.exe
2024-09-22 15:04 - 2024-09-22 15:05 - 000000000 ____D C:\AdwCleaner
2024-09-22 15:04 - 2024-09-22 15:04 - 008790880 _____ (Malwarebytes) C:\Users\Stefa\Desktop\adwcleaner.exe
2024-09-22 15:02 - 2024-09-22 15:02 - 000003842 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2024-09-22 15:02 - 2024-09-22 15:02 - 000003400 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2024-09-22 13:51 - 2024-09-23 21:53 - 000001426 ____C C:\Users\Stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-09-22 13:51 - 2024-09-23 21:53 - 000001320 ____C C:\Users\Stefa\Desktop\ESET Online Scanner.lnk
2024-09-17 23:28 - 2024-09-17 23:28 - 000000000 ____D C:\WINDOWS\nsz6D40.tmp
2024-09-17 21:58 - 2024-09-17 23:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-09-14 17:33 - 2024-09-14 17:33 - 000144857 _____ C:\Users\Stefa\Downloads\la-noire-unlocker-rc1.zip
2024-09-13 19:21 - 2024-09-13 19:21 - 000290346 _____ C:\Users\Stefa\Downloads\Produktinformationsblatt.pdf
2024-09-11 22:46 - 2024-09-11 22:46 - 000000000 ____D C:\WINDOWS\Panther
2024-09-09 22:07 - 2024-09-09 22:37 - 000000000 ___DC C:\Users\Stefa\Documents\Rockstar Games
2024-09-09 22:07 - 2024-09-09 22:07 - 000000000 ___DC C:\Users\Stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2024-09-09 22:07 - 2024-09-09 22:07 - 000000000 ____D C:\Users\Stefa\AppData\Local\Rockstar Games
2024-09-09 22:06 - 2024-09-09 22:07 - 000000000 ____D C:\Program Files\Rockstar Games
2024-09-09 21:43 - 2024-09-09 21:43 - 000000202 ____C C:\Users\Stefa\Desktop\L.A. Noire.url
2024-09-01 19:46 - 2024-09-01 21:16 - 000024263 ____C C:\Users\Stefa\Documents\Unbenannt 2.odt
2024-08-31 09:52 - 2024-08-31 09:53 - 000000000 ____D C:\Program Files\PDF Architect 9
2024-08-31 09:52 - 2024-08-31 09:52 - 000001188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 9.lnk

==================== Ein Monat (geänderte) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2024-09-25 21:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-09-25 21:12 - 2022-03-07 14:50 - 000000068 __RSH C:\WINDOWS\system32\Drivers\wmiacpi.winsecurity
2024-09-25 21:00 - 2020-10-31 13:20 - 001723066 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-09-25 21:00 - 2019-12-07 16:50 - 000743714 _____ C:\WINDOWS\system32\perfh007.dat
2024-09-25 21:00 - 2019-12-07 16:50 - 000150136 _____ C:\WINDOWS\system32\perfc007.dat
2024-09-25 21:00 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-09-25 20:53 - 2018-07-15 23:22 - 000000000 ___DC C:\Users\Stefa\AppData\Local\D3DSCache
2024-09-25 20:50 - 2021-09-03 17:55 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-09-25 20:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-09-25 20:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-09-25 20:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-09-25 20:50 - 2017-05-18 20:35 - 000000000 ____D C:\ProgramData\NVIDIA
2024-09-25 20:49 - 2022-03-07 14:50 - 000000068 __RSH C:\WINDOWS\system32\Drivers\winverbs.winsecurity
2024-09-25 20:49 - 2021-12-19 00:28 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-09-25 20:49 - 2020-10-31 13:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-09-25 20:49 - 2020-10-31 13:16 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-25 20:33 - 2023-02-15 19:18 - 012258080 _____ C:\WINDOWS\system32\rtp.db
2024-09-25 20:33 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-09-25 20:19 - 2020-10-31 13:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-09-25 17:57 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-09-24 01:09 - 2017-04-08 22:09 - 000000000 ___DC C:\Users\Stefa\AppData\Local\Downloaded Installations
2024-09-23 23:56 - 2022-09-22 23:19 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-09-23 23:56 - 2017-11-26 16:32 - 000002219 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-09-23 21:30 - 2017-03-23 19:56 - 000000000 ___DC C:\Users\Stefa\AppData\Local\CrashDumps
2024-09-22 18:16 - 2022-12-07 15:41 - 000000000 ____D C:\Users\Stefa\AppData\Roaming\Soda PDF Desktop 14
2024-09-22 09:42 - 2017-03-23 20:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-09-22 09:41 - 2021-08-29 10:42 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2024-09-21 20:07 - 2022-02-09 19:44 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-09-20 18:19 - 2020-06-18 13:31 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-20 01:23 - 2021-08-30 13:22 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-09-15 14:00 - 2024-03-11 22:22 - 000431416 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp2.sys
2024-09-15 14:00 - 2024-03-11 22:22 - 000431408 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp1.sys
2024-09-11 22:45 - 2020-10-31 13:16 - 000382832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-09-11 22:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-09-11 22:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-09-11 20:46 - 2020-10-31 13:17 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-09-11 20:34 - 2017-03-23 22:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-09-11 20:31 - 2017-03-23 22:49 - 199688632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-09-09 22:07 - 2016-12-09 08:16 - 000000000 ____D C:\ProgramData\Package Cache
2024-09-09 22:06 - 2019-12-01 15:15 - 000000000 ____D C:\ProgramData\Rockstar Games
2024-09-09 21:41 - 2018-07-06 22:17 - 000000000 ___DC C:\Users\Stefa\AppData\Local\PlaceholderTileLogoFolder
2024-09-09 21:41 - 2018-02-08 19:27 - 000000000 ___DC C:\Users\Stefa\AppData\Local\Packages
2024-09-09 19:05 - 2020-10-31 13:23 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 19:05 - 2020-10-31 13:23 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-08 20:15 - 2016-12-09 08:16 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-09-08 13:51 - 2018-09-27 15:43 - 000000000 ___DC C:\Users\Stefa\AppData\Local\ElevatedDiagnostics
2024-09-04 21:06 - 2021-10-10 08:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-09-04 21:06 - 2017-03-23 20:10 - 000001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-09-01 21:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-09-01 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-09-01 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-09-01 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-09-01 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-09-01 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-09-01 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-09-01 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-08-31 10:03 - 2022-12-07 15:41 - 000000786 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soda PDF Desktop 14.lnk
2024-08-31 09:53 - 2023-05-21 10:33 - 000000000 ____D C:\Users\Stefa\AppData\Roaming\PDF Architect 9

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========

2017-09-12 15:09 - 2017-10-31 21:30 - 000007602 ____C () C:\Users\Stefa\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

==================== Ende von FRST.txt ========================

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-09-2024
durchgeführt von Stefan (25-09-2024 21:37:59)
Gestartet von C:\Users\Stefa\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4894 (X64) (2020-10-31 11:23:49)
Start-Modus: Normal
==========================================================


==================== Konten: =============================


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

Administrator (S-1-5-21-3758623145-1266260989-3540530203-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3758623145-1266260989-3540530203-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3758623145-1266260989-3540530203-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3758623145-1266260989-3540530203-501 - Limited - Disabled)
Stefan (S-1-5-21-3758623145-1266260989-3540530203-1001 - Administrator - Enabled) => C:\Users\Stefa
WDAGUtilityAccount (S-1-5-21-3758623145-1266260989-3540530203-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {571A8A9C-B320-392B-39C5-BDB78F980F92}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Avira Security (Enabled) {BE55A40C-05CA-1096-36EB-CCA92DEAF539}
FW: Avira Security (Enabled) {877B141C-E73B-9A54-223E-108CC963426A}
FW: Avira Security (Enabled) {71EC0A3F-391C-0E33-A103-0C8A6DF0EBF0}
FW: Avira Security (Enabled) {4EFB3EBA-D5BC-D311-F570-D3065B48D523}
FW: Avira Security (Enabled) {12CE3622-C811-64DE-1773-AA1774F2B8E1}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Aslain's WoT Modpack Version 1.26.0.1.06 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.26.0.1.06 - Aslain)
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version:  - ) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.103.1167 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version:  - Avira Operations GmbH)
CodeMeter Runtime Kit v5.10 (HKLM\...\{2D7C348F-1AC4-4AB3-87E4-F76EF7E3A916}) (Version: 5.10.1220.500 - WIBU-SYSTEMS AG)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2206.2902 - Avira Operations GmbH & Co. KG) Hidden
Epic Games Launcher (HKLM-x32\...\{E0419FB0-0C46-4F07-9D5B-2FD78A8C45ED}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.3 - )
ESI-Demo (HKLM-x32\...\{22D631DA-6566-40C2-830F-613B1B80408C}) (Version: 1.00.0000 - Robert Bosch GmbH)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.59 - Google LLC)
HP Dropbox Plugin (HKLM-x32\...\{45B18FC7-3ECE-4F2B-99A8-370886AB8238}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP Google Drive Plugin (HKLM-x32\...\{1502BB1F-7870-4DC9-9178-65CFE00D070C}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP OfficeJet 3830 series - Grundlegende Software für das Gerät (HKLM\...\{DCCF150E-E0CA-4C1E-BD81-207DB6BE2A86}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
Intel Driver && Support Assistant (HKLM-x32\...\{4FB48B50-C8BF-4EC5-983E-F740A6B05FAF}) (Version: 24.4.32.8 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM\...\{FEBB7B48-CC1C-4A50-A497-FA21413F6BE9}) (Version: 10.1.1.14 - Intel Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{15E71D2B-4046-4B9D-A8BB-EBFC5CC12D86}) (Version: 2.4.10717 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{4EB05024-F740-48CF-B9B0-62A041E22D5C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{DD04783C-E206-46DB-97A7-1155B1C76038}) (Version: 11.6.0.1025 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.0.1015 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{E262E6F2-0F11-49C7-A144-18FE8FE0376E}) (Version: 15.9.0.1015 - Intel Corporation) Hidden
Intel(R) SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{E4B94748-555B-4785-8A6C-73AD00FDD58B}) (Version: 24.4.32.8 - Intel)
Intel® Trusted Connect Service Client (HKLM\...\{75FE588B-F158-4BB3-A283-A8D18E522A52}) (Version: 1.43.301.1 - Intel Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.52 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.52 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3758623145-1266260989-3540530203-500\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B409944C-1493-4B0D-A92C-2CE3C5F5F289}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{0E8D087B-5654-4010-AF4D-DE1250B8C1EB}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.90.2 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\Mozilla Firefox 130.0.1 (x64 de)) (Version: 130.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 130.0.1.967 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 2.0.0.45 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.5 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Grafiktreiber 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OpenOffice 4.1.7 (HKLM-x32\...\{81D7585D-3E44-4984-B99B-911492419D3E}) (Version: 4.17.9800 - Apache Software Foundation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.258.1.7 - Overwolf Ltd.)
PDF Architect 9 (HKLM-x32\...\PDF Architect 9) (Version: 9.1.57.3265 - pdfforge GmbH)
PDF Architect 9 Edit Module (HKLM\...\{4B682FD0-11AB-4216-B9AB-5CAD2587E627}) (Version: 9.1.58.22868 - Avanquest pdfforge GmbH) Hidden
PDF Architect 9 OCR Module (HKLM\...\{7830CF35-D38E-4156-9F51-117EA36B5E50}) (Version: 9.1.58.22868 - Avanquest pdfforge GmbH) Hidden
PDF Architect 9 OCR TESS Module (HKLM\...\{A34B0F46-DED9-427A-AA5E-F3C0531A3BA1}) (Version: 9.1.58.22868 - Avanquest pdfforge GmbH) Hidden
PDF Architect 9 View Module (HKLM\...\{13E990BE-AE84-41A6-983D-81E201DAB988}) (Version: 9.1.58.22868 - Avanquest pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{A49C62ED-8F89-45EC-910B-C3F985203F45}) (Version: 5.2.2 - Avanquest pdfforge GmbH)
Photo Common (HKLM-x32\...\{87DABDEA-47A4-4182-AA7C-2C90DAAE3117}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.10 - ProtectDisc Software GmbH)
PUBG Lite (HKLM-x32\...\PUBG Lite_is1) (Version: 1.0.0.7 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.94.2130_S9_R11 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.3.4.3 - Rockstar Games)
Soda PDF Desktop 14 (HKLM-x32\...\Soda PDF Desktop 14) (Version: 14.0.421.3262 - LULU Software (7270356 Canada Inc))
Soda PDF Desktop 14 Edit Module (HKLM\...\{2FA52999-3B1E-46E7-BD4B-12E70103AA7A}) (Version: 14.0.426.22855 - Avanquest Software) Hidden
Soda PDF Desktop 14 OCR Module (HKLM\...\{BAE16C4C-C3E6-4E57-BA4B-CFF795EA8F06}) (Version: 14.0.426.22855 - Avanquest Software) Hidden
Soda PDF Desktop 14 OCR TESS Module (HKLM\...\{A204E895-6C45-4377-8560-BD9CDCD55AA2}) (Version: 14.0.426.22855 - Avanquest Software) Hidden
Soda PDF Desktop 14 View Module (HKLM\...\{102BAE4E-49E5-49EF-969E-8A1BEE18D8CB}) (Version: 14.0.426.22855 - Avanquest Software) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamSpeak Overlay (HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
TomTom MyDrive Connect 4.2.13.4420 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.13.4420 - TomTom)
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Wargaming.net Game Center (HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\Wargaming.net Game Center) (Version: 24.5.0.6852 - Wargaming.net)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{66233218-CA57-4AB2-BA43-A97AA4635960}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{FC071B45-4A5F-408F-92F8-4D9D693E866F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
World of Tanks Common Test (HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\3343890068) (Version:  - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\3533831633) (Version:  - Wargaming.net)

Chrome apps:
============
Sheets (HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\f37541772b67dc850b0a1a210a650ca1) (Version: 1.0 - Google\Chrome)

Packages:
=========

Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.24.1710.0_x64__rz1tebttyb220 [2024-09-16] (Dolby Laboratories)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_155.1.1088.0_x64__v10z8vjag6ke6 [2024-08-08] (HP Inc.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-25] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-09-09] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-08-21] (NVIDIA Corp.)
Websuche von Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-24] (Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3758623145-1266260989-3540530203-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Stefa\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3758623145-1266260989-3540530203-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel)
CustomCLSID: HKU\S-1-5-21-3758623145-1266260989-3540530203-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Stefa\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3758623145-1266260989-3540530203-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Stefa\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3758623145-1266260989-3540530203-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\Stefa\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\FileCoAuth.exe => Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-09-03] (Notepad++ -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Keine Datei
ContextMenuHandlers1: [PDFArchitect8_ManagerExt] -> {EC981B88-4DFE-457D-B623-09D6C0E3EE6C} => C:\Program Files\PDF Architect 9\context-menu.dll [2024-08-12] (pdfforge GmbH -> Avanquest pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2022-10-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [SodaPDFDesktop14_ManagerExt] -> {3E46159C-FAA8-4497-B758-1252B9FD82F4} => D:\Soda PDF Desktop 14\context-menu.dll [2024-07-19] (Avanquest Software (7270356 Canada Inc) -> Avanquest Software)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-08-12] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Keine Datei
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2024-08-12] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Keine Datei
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_252f5e1fae961efa\nvshext.dll [2024-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Datei ist nicht signiert]

==================== Codecs (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [Datei ist nicht signiert]

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Stefa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\deb74e6ef302b553\Speed Dial [FVD] - New Tab Page, 3D, Sync.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=llaficoajjainaijghjlofdfmbjpebpa
ShortcutWithArgument: C:\Users\Stefa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Geladene Module (Nicht auf der Ausnahmeliste) =============

2017-04-08 22:14 - 2016-10-04 16:51 - 000076800 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
2017-09-12 17:02 - 2023-05-21 10:32 - 000196096 _____ (pdfforge GmbH) [Datei ist nicht signiert] C:\WINDOWS\System32\pdfcmon.dll
2024-01-05 18:19 - 2024-01-05 18:19 - 001626624 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2024-01-05 18:19 - 2024-01-05 18:19 - 002973696 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2013-10-28 06:10 - 2013-10-28 06:10 - 000220672 _____ (WIBU-SYSTEMS AG) [Datei ist nicht signiert] C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.lDe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Hyrican_Installation:err [1408]
AlternateDataStreams: C:\Windows:CM_6e85cee45f920627cc7b2669801adce0b6837c9594e23f36165449fa6851e685 [74]
AlternateDataStreams: C:\Windows:CM_8b241b5e53c6989cc7afade0b084c74bd04a08eb175b035c69f053c65fb37907 [74]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5934]
AlternateDataStreams: C:\Users\Stefa\Anwendungsdaten:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Stefa\Anwendungsdaten:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Stefa\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Stefa\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================

==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============

HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem15.msn.com/?PC=NMTE
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem15.msn.com/?PC=NMTE
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de
SearchScopes: HKU\S-1-5-21-3758623145-1266260989-3540530203-1001 -> DefaultScope {98C4EDFD-CA31-405D-896D-2B985ABB5301} URL = 
SearchScopes: HKU\S-1-5-21-3758623145-1266260989-3540530203-1001 -> {98C4EDFD-CA31-405D-896D-2B985ABB5301} URL = 

==================== Hosts Inhalt: =========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-08-18 16:20 - 2018-05-10 10:37 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Andere Bereiche ===========================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\dotnet\
HKU\S-1-5-21-3758623145-1266260989-3540530203-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stefa\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-3758623145-1266260989-3540530203-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
 ist aktiviert.

Network Binding:
=============
WLAN: 802.11n Wireless LAN Card -> netr28x.sys
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\StartupApproved\Run: => "HP OfficeJet 3830 series (NET)"
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3758623145-1266260989-3540530203-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_9DC56468E065DAA99E27C3CB0FB06F76"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{8281197A-7E1B-46B2-9426-0D2A2D9319EE}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{CBA877CD-B77B-4978-AB84-76CCE2570C71}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{330D6F88-F1EF-4B90-91CC-6C4CB9C77A0C}C:\games\world_of_tanks\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{F368C145-F590-4395-BD56-33A3AC2291CC}C:\games\world_of_tanks\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{D1434F97-6854-4E72-89D6-2A4D880C8942}C:\games\world_of_tanks\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{FD686F02-83D4-47CB-91D8-BADFB3A4A030}C:\games\world_of_tanks\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{1ECC4378-BA69-4495-90C4-EE2DBFB7AB73}D:\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{BA6F8554-0C9E-457E-A7FC-4AF8D891B05C}D:\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{3331E634-76D8-484A-A694-D8BFD43F5AB2}D:\world_of_tanks_ct\win32\worldoftanks.exe] => (Allow) D:\world_of_tanks_ct\win32\worldoftanks.exe => Keine Datei
FirewallRules: [TCP Query User{AC823437-D96C-45E3-88AE-798524BE7275}D:\world_of_tanks_ct\win32\worldoftanks.exe] => (Allow) D:\world_of_tanks_ct\win32\worldoftanks.exe => Keine Datei
FirewallRules: [UDP Query User{CCA5AB60-5EAE-435D-9605-E08827906E53}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{C0E20F03-07D3-4D7E-88AA-AB72AD4F5848}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{160D328F-96A2-4230-AB2F-3C970686B6AD}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [TCP Query User{A43463E6-0223-4E9B-AB58-B5301B53DC24}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [UDP Query User{94087B7E-74F5-4BCC-9C4D-AD97A7F1B667}C:\games\world_of_tanks\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win32\worldoftanks.exe => Keine Datei
FirewallRules: [TCP Query User{9A08DDF1-6859-4BC3-8E17-96ED0BDDC6E0}C:\games\world_of_tanks\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\win32\worldoftanks.exe => Keine Datei
FirewallRules: [{DCA46E8E-8C1F-45B9-BE35-5AA1209ADA99}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{096C295C-F1F1-4E52-B60C-7ECDBDBB2C1D}] => (Allow) LPort=5357
FirewallRules: [{60F192ED-86C0-4F82-B071-EDD44F03492C}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{7EA00205-9FAD-4649-B170-F394A25413E7}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\FaxPrinterUtility.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{46EF3771-1B9B-46BE-ABF6-578AF3A0FA6A}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{BC51FC79-B7EA-4A96-B00D-CBFE4EE25CE8}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{B616B23F-590C-462A-8E9C-EAE05D08DC27}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{7BED199A-B258-4882-94ED-B463B1343D42}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{F8AC9666-287C-4E6B-AA4B-4856B31A931D}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{E30A0925-51E1-4640-9ED8-1AAA6F3D5A94}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{97626638-0A54-4596-907A-D56A9955B33C}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{AD857F02-7936-457D-B18E-53C23E18D08D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AB29C66F-2D87-4E1D-BA75-66BFB1096974}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4BCBE271-C6D6-4042-BE07-AE27DB1BFBCB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D95BA1AF-F6C8-4B76-AE06-7D07C4F59119}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3824C9D3-3E7B-41C5-975D-810513613F4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CFFB6A02-0AFE-4AB3-960D-E97F61ED84E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{0A96FF2B-4EBC-4608-A882-59F8C137826C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E30AD185-BDEF-4B19-B51F-8DFB3FA3EF4C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{748DFA66-0C13-4941-B6EA-BF37B0DB943D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{99D62735-2AB5-450D-A7E2-9370CF0ED0E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E0CC5CED-E55C-4A44-B0B0-D0BFD195A27F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{333C287F-D067-4ACE-B4C9-49CA58DDDA75}] => (Allow) LPort=2869
FirewallRules: [{2F6577BA-4BB9-4FE6-9D5B-36884E7BBDBD}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{FF1861E1-30B3-4F3C-8FA6-93F0D878EA39}D:\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{84FD291C-1A35-41E0-B08E-0AEEB89DEE1C}D:\world_of_tanks_ct\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks_ct\win64\worldoftanks.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{FB5EF14B-E9A5-4872-A71A-9BF802A1387C}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer_host.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer_host.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{AB81D842-BC27-431A-8B58-AC97D44A553D}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer_host.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer_host.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{42C388C4-EDAC-423F-B192-D00A53E4314F}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A1388A07-2829-4C73-9ED8-F1B55D430B13}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6DC5D944-505C-4F35-B216-5C400CDBC79F}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7FED4A25-BA31-43C8-AB54-3D10F4BED094}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C17EA71E-93E8-4785-BAB7-7E277BFD871C}] => (Allow) D:\Steam\steamapps\common\Fernbus Simulator\Fernbus\Binaries\Win64\Fernbus-Win64-Shipping.exe () [Datei ist nicht signiert]
FirewallRules: [{91FA06C5-5A9F-450F-A5DA-5D947726B986}] => (Allow) D:\Steam\steamapps\common\Fernbus Simulator\Fernbus\Binaries\Win64\Fernbus-Win64-Shipping.exe () [Datei ist nicht signiert]
FirewallRules: [{CD616DAF-DFCE-4819-8E79-D244D0CDFB3B}] => (Allow) D:\Steam\steamapps\common\Motorsport Manager\MM.exe () [Datei ist nicht signiert]
FirewallRules: [{D183C217-BCC9-4D42-935E-20D64DB713C8}] => (Allow) D:\Steam\steamapps\common\Motorsport Manager\MM.exe () [Datei ist nicht signiert]
FirewallRules: [{D091C4DD-5D65-4F0D-B03B-401B67075FDF}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [{43E5BDBE-4588-42B7-B456-76B75151EC41}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [{4E272144-D54E-4AB4-8B64-A4C60A475089}] => (Allow) D:\Steam\steamapps\common\UBOAT\UBOAT Launcher.exe (Deep Water Studio) [Datei ist nicht signiert]
FirewallRules: [{F4B96425-79E2-461E-AC02-95C14FA570EA}] => (Allow) D:\Steam\steamapps\common\UBOAT\UBOAT Launcher.exe (Deep Water Studio) [Datei ist nicht signiert]
FirewallRules: [{CE023453-03C7-4AAE-8846-AB023FA32F80}] => (Allow) D:\Steam\steamapps\common\Car Mechanic Simulator 2015\cms2015.exe () [Datei ist nicht signiert]
FirewallRules: [{24C9BE13-E41F-44F1-AD1A-E1B6061A47A6}] => (Allow) D:\Steam\steamapps\common\Car Mechanic Simulator 2015\cms2015.exe () [Datei ist nicht signiert]
FirewallRules: [{05982BDA-FA5C-4D67-8713-F2C0D20CD65E}] => (Allow) D:\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom)
FirewallRules: [{6E665782-1552-4363-8D84-A1AA62C1D8AF}] => (Allow) D:\Steam\steamapps\common\Jack Orlando\JackStart.exe () [Datei ist nicht signiert]
FirewallRules: [{77D7BC33-84F4-41D5-BE5B-C92DCD8CDB07}] => (Allow) D:\Steam\steamapps\common\Jack Orlando\JackStart.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{2B9DA989-8D9C-4D4B-A507-2B88D1DCB4B6}D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{499F4C55-E208-4EC4-9B2E-44A2D4FF8E15}D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{71AB7679-13E4-445D-9C54-458C3FDA7FC8}D:\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E8FE4161-6457-4AB7-9C22-DF5A3F1CC125}D:\fortnite\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\fortnite\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{012487B0-4E7B-4E04-A107-F5E1E9AF3C16}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{DCD5A1C8-A8FD-4CD7-A2D1-A857202DA14D}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{4A370B8E-86C7-4250-94F2-D27FF704FBAF}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [TCP Query User{01585684-791D-4003-8E2E-9A9865FBC2B3}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{3FCBF1F2-452D-4363-96D0-C8FE6AAE74C6}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{8845923C-0452-463E-9EBA-60434C19163F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1EF08EE5-9F7E-4EDE-A63A-CE7E37D0A371}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1D32923-CCC0-4557-8123-2357AD3F38C5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{63C5EDBB-7AE3-48D0-BFD6-D3E92CB985F4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DFC10045-4E3F-4F05-88E8-2434D7F406AD}] => (Allow) D:\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [Datei ist nicht signiert]
FirewallRules: [{526A7D19-48CE-4D18-A6C4-6526C93F4537}] => (Allow) D:\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [Datei ist nicht signiert]
FirewallRules: [{9D5E125B-09A3-4040-9F3A-0BF4185EF60F}] => (Allow) D:\Steam\steamapps\common\Mafia\Mafia\setup.exe () [Datei ist nicht signiert]
FirewallRules: [{50A32DBA-2EE1-428E-BC2F-D04FC21056DA}] => (Allow) D:\Steam\steamapps\common\Mafia\Mafia\setup.exe () [Datei ist nicht signiert]
FirewallRules: [{545696A8-7B88-49A9-BAF2-CBA82F38229F}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A37F1F33-69B2-42A4-A6B3-E4139B6BAE46}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{74FE4E61-5674-42C4-B5F5-B1BA13C6249A}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => Keine Datei
FirewallRules: [{8D113079-5110-4B47-8831-A5A1E31B13DD}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => Keine Datei
FirewallRules: [TCP Query User{8C9721B6-8A8E-41A4-A868-7F50072D21F9}D:\microsoft vs code\code.exe] => (Allow) D:\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{378D47D2-7AB2-4143-B165-392AF1903BA2}D:\microsoft vs code\code.exe] => (Allow) D:\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1CF4FD62-C96A-4E9D-87FD-E3124701E787}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [UDP Query User{FAF07170-163E-47D9-8D5B-B04A3F2238B6}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [{FEA2B41C-00C3-4299-993C-DB3BC3AE996C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E6012570-6A2A-43FF-8689-E0456AA58569}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{67D6392C-972A-4243-AC31-2BEBCA513E00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{30205E79-93E8-48C1-A9D7-C3C3AE30D142}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{96AEB92F-BF6E-449A-8A6B-5B3D792D5E4E}] => (Allow) C:\Program Files (x86)\Overwolf\0.258.0.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{21724F07-C1B1-40BA-BDEF-5075BCE9E902}] => (Allow) C:\Program Files (x86)\Overwolf\0.258.0.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{A80F5261-D1A9-4121-832F-DBEC45BBA949}] => (Block) C:\Program Files (x86)\Overwolf\0.258.0.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{E8B10100-8B95-4874-AAB3-CEEC4B6C5684}] => (Block) C:\Program Files (x86)\Overwolf\0.258.0.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{7C340DCC-23E8-46E5-8AE9-E8403DF80244}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{08D10519-88EB-4511-A76D-60A2C60C9CE8}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{08AE26A3-9469-4E24-9AF8-679853BC9289}] => (Block) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{42E3001A-691F-4826-9059-E239B5F68508}] => (Block) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{435EA37B-1B31-4F7B-AF8E-DDB91F999F83}] => (Allow) C:\Program Files (x86)\Overwolf\0.258.1.7\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D19BF7A2-80BE-44A9-8DD1-039A43F10C7F}] => (Allow) C:\Program Files (x86)\Overwolf\0.258.1.7\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A4E15639-E4CB-480C-8B59-5E87EF5AAF25}] => (Allow) D:\Steam\steamapps\common\L.A.Noire\PlayLAN.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{73C7CA53-53FD-4A85-B5F4-60BBCD12DF7F}] => (Allow) D:\Steam\steamapps\common\L.A.Noire\PlayLAN.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{F4769678-0F6A-492D-BE50-0D174964829F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{91BC2A8E-E430-4D23-A558-BBEB48D5A41C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Wiederherstellungspunkte =========================

24-09-2024 01:09:01 AdwCleaner_BeforeCleaning_24/09/2024_01:09:01
25-09-2024 17:43:06 Windows Modules Installer

==================== Fehlerhafte Geräte im Gerätemanager ============


==================== Fehlereinträge in der Ereignisanzeige: ========================

Applikationsfehler:
==================
Error: (09/25/2024 08:53:28 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: STEFAN)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (09/25/2024 08:51:37 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Der Windows-Sicherheitscenterdienst konnte keine Instanzen von FirewallProduct aus dem Datastore laden.

Error: (09/25/2024 05:29:59 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: STEFAN)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (09/24/2024 07:13:06 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: STEFAN)
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (09/23/2024 09:39:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Die Speicheroptimierung konnte erneut optimieren auf Daten (D:) nicht abschließen. Grund: Der angeforderte Vorgang wird von der Hardware des Volumes nicht unterstützt. (0x8900002A)

Error: (09/23/2024 09:30:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundTaskHost.exe, Version: 10.0.19041.3636, Zeitstempel: 0xe9186526
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.4842, Zeitstempel: 0xe6d00f33
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000132f62
ID des fehlerhaften Prozesses: 0x1104
Startzeit der fehlerhaften Anwendung: 0x01db0def0469c18e
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\BackgroundTaskHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 27f49c0e-60f0-4a3b-bbaa-eed0932c35d4
Vollständiger Name des fehlerhaften Pakets: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/23/2024 09:30:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundTaskHost.exe, Version: 10.0.19041.3636, Zeitstempel: 0xe9186526
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.19041.4842, Zeitstempel: 0xe6d00f33
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000132f62
ID des fehlerhaften Prozesses: 0xad4
Startzeit der fehlerhaften Anwendung: 0x01db0def009e0caa
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\BackgroundTaskHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 82b0554c-1ed6-45ae-b085-f22a63989304
Vollständiger Name des fehlerhaften Pakets: Microsoft.AAD.BrokerPlugin_1000.19041.4239.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (09/23/2024 09:21:07 PM) (Source: ESENT) (EventID: 490) (User: )
Description: svchost (6764,R,98) SRUJet: Der Versuch, die Datei "C:\WINDOWS\system32\SRU\SRUDB.dat" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.


Systemfehler:
=============
Error: (09/25/2024 09:04:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) SUR QC Software Asset Manager erreicht.

Error: (09/25/2024 09:00:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) SUR QC Software Asset Manager erreicht.

Error: (09/25/2024 08:51:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/25/2024 08:51:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

Error: (09/25/2024 08:51:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Security Updater" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/25/2024 08:51:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Security Updater erreicht.

Error: (09/25/2024 08:50:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) SUR QC Software Asset Manager erreicht.

Error: (09/25/2024 08:49:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) TPM Provisioning Service erreicht.


Windows Defender:
================
Date: 2021-07-06 16:56:28
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {A4F9A4BF-E2B0-42E7-9606-BDCE5FBA7D86}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-07-05 17:05:44
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {66FB4BC9-D903-4782-984C-8B0DE7F67C82}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-07-04 16:31:24
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {6BB0442B-1EDB-42F5-B031-B750D3D3E302}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-07-03 16:22:06
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {10F288EB-DF6C-461B-A434-65B1F6CAA06F}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2021-07-02 18:03:46
Description: 
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {AEF7A213-4C1A-42BC-BEE9-A5982F08E1A9}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Event[0]:

Date: 2021-06-29 10:23:17
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.343.25.0
%Vorherige Version der Sicherheitsinformationen: 1.341.1610.0
Update Source: Benutzer
Sicherheitstyp: AntiSpyware
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.18300.4
%Vorherige Modulversion: 1.1.18200.4
Fehlercode: 0x80070666
Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen. 

Date: 2021-06-29 10:23:17
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.343.25.0
%Vorherige Version der Sicherheitsinformationen: 1.341.1610.0
Update Source: Benutzer
Sicherheitstyp: AntiVirus
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.18300.4
%Vorherige Modulversion: 1.1.18200.4
Fehlercode: 0x80070666
Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen. 

Date: 2021-06-29 10:23:17
Description: 
Fehler von Microsoft Defender Antivirus beim Aktualisieren des Moduls.
Neue Modulversion: 1.1.18300.4
Vorherige Modulversion: 1.1.18200.4
Benutzer: NT-AUTORITÄT\SYSTEM
Fehlercode: 0x80070666
Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen. 

Date: 2021-06-04 12:10:28
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.341.40.0
%Vorherige Version der Sicherheitsinformationen: 1.339.1937.0
Update Source: Benutzer
Sicherheitstyp: AntiSpyware
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.18200.4
%Vorherige Modulversion: 1.1.18100.6
Fehlercode: 0x80070666
Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen. 

Date: 2021-06-04 12:10:28
Description: 
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen: 1.341.40.0
%Vorherige Version der Sicherheitsinformationen: 1.339.1937.0
Update Source: Benutzer
Sicherheitstyp: AntiVirus
Updatetyp: Delta
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: 1.1.18200.4
%Vorherige Modulversion: 1.1.18100.6
Fehlercode: 0x80070666
Fehlerbeschreibung: Eine andere Version des Produkts ist bereits installiert. Die Installation dieser Version kann nicht fortgesetzt werden. Verwenden Sie die Systemsteuerungsoption "Software", um die vorhandene Version dieses Produkts zu konfigurieren oder zu entfernen. 

CodeIntegrity:
===============
Date: 2024-09-25 21:22:50
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

BIOS: American Megatrends Inc. 2.B2 11/17/2016
Hauptplatine: MSI H110M PRO-D (MS-7996)
Prozessor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 16351.04 MB
Verfügbarer physikalischer RAM: 9632.88 MB
Summe virtueller Speicher: 21727.04 MB
Verfügbarer virtueller Speicher: 12969.44 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:222.94 GB) (Free:31.79 GB) (Model: ADATA SP580) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:421.86 GB) (Model: TOSHIBA DT01ACA100) NTFS
Drive f: () (Removable) (Total:0.94 GB) (Free:0.93 GB) FAT

\\?\Volume{f25dffdb-5890-410a-bb51-d887da40c123}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{9d175c7c-6f7d-4aaf-abf1-31b5e509940d}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: AFBEF12B)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B64ACEFC)

Partition: GPT.

==========================================================
Disk: 2 (Size: 960 MB) (Disk ID: 6F20736B)
No partition Table on disk 2.
Disk 2 is a removable device.

==================== Ende von Addition.txt =======================

--- --- ---

cosinus · 26.09.2024, 08:43

Zitat:

Prozessor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz

Für nächstes Jahr: Diese CPU ist offiziell nicht kompatibel mit Windows 11. D.h. du brauchst wenn Windows 10 EOL ist entweder einen neuen PC mit Windows 11 oder du installierst diesen mit Linux neu. Ein gutes Jahr hast du noch: der Windows-10-Support endet am 14.10.2025

Störende, veraltete oder unnötige Programme deinstallieren

Bitte über Programme und Features (appwiz.cpl) deinstallieren:

7-Zip 16.04 (x64)
Avira Fallback Updater
Avira Security
Endpoint Protection SDK
Google Chrome (durch Mozilla Firefox ersetzen)
OpenOffice 4.1.7

25.09.2024, 18:41	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Diverse Funde Das Teil wurde klar als Crack erkannt. Was ist mit den FRST-Logs? __________________ --> Diverse Funde

25.09.2024, 20:08	#9
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Diverse Funde Was soll denn das mit dem abgesicherten Modus? BItte die Hinweise richtig lesen und umsetzen. __________________ Logfiles bitte immer in CODE-Tags posten

25.09.2024, 20:25	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Diverse Funde Was soll denn das mit dem abgesicherten Modus? Bitte die Hinweise richtig lesen und umsetzen. __________________ Logfiles bitte immer in CODE-Tags posten

Diverse Funde

Log-Analyse und Auswertung: Diverse Funde

Diverse Funde

Diverse Funde

Diverse Funde

Diverse Funde

Diverse Funde

Diverse Funde

FRST-Log

Diverse Funde

Diverse Funde

Diverse Funde

Diverse Funde

Diverse Funde

Diverse Funde

Diverse Funde

Diverse Funde

Ähnliche Themen: Diverse Funde

25.09.2024, 17:23	#3
The_Game_	Diverse Funde Habe ich entfernt. __________________ Geändert von cosinus (25.09.2024 um 17:24 Uhr) Grund: FQ entfernt

25.09.2024, 17:25	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Diverse Funde Nicht nur den Crack. Auch alle installierten Programme und Spiele. __________________ Logfiles bitte immer in CODE-Tags posten