|
Plagegeister aller Art und deren Bekämpfung: Opera öffnet immer beim Start und permant regelmässig danach einen Youtube TabWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
28.10.2024, 16:19 | #1 |
| Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab Hy Seit gestern habe ich das Problem. Sowohl immer beim Starten von Opera, als auch während der Benutzung in unregelmäßigen Abständen öffnet sich ein Youtube Tab. Des Weiteren lässt sich Opera Stable weder im normalen noch im abgesicherten Modus deinstallieren. Auch nicht mit Revo Uninstaller. Ich habe mir AVG und Adware Cleaner runter geladen die nichts wesentliches gefunden haben und das Problem nicht lösen konnten. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024 durchgeführt von Stefan (Administrator) auf MORTLACH (Gigabyte Technology Co., Ltd. Z690 UD DDR4) (28-10-2024 15:31:08) Gestartet von C:\Users\Stefan\Desktop\FRST64.exe Geladene Profile: Stefan Plattform: Microsoft Windows 10 Pro Version 22H2 19045.5011 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: "C:\Program Files\AVG\Browser\Application\AVGBrowser.exe" --single-argument %1 Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGUI.exe (C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe ->) (Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe (C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe (C:\Program Files (x86)\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files (x86)\114.0.5282.102\opera_crashreporter.exe (C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5> (C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe (C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe (C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe (C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EACefSubProcess.exe <5> (C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Users\Stefan\AppData\Local\0install.net\implementations\sha256new_Q5IVZER5HHKQYEWU34M6YG4H62HOEOYT22UMUMWKLE4NDQYYQK7Q\DeepL.exe ->) (DeepL SE -> The CefSharp Authors) C:\Users\Stefan\AppData\Local\0install.net\implementations\sha256new_NX54BP3MSRHNDMB5N5YOFJZWO5QE5I5W7JTPGB4XC7MEJNSXCC3A\CefSharp.BrowserSubprocess.exe <5> (DeepL SE -> DeepL SE) C:\Users\Stefan\AppData\Local\0install.net\implementations\sha256new_Q5IVZER5HHKQYEWU34M6YG4H62HOEOYT22UMUMWKLE4NDQYYQK7Q\DeepL.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (explorer.exe ->) () [Datei ist nicht signiert] C:\Windows\System\HsMgr64.exe (explorer.exe ->) () [Datei ist nicht signiert] C:\Windows\SysWOW64\HsMgr.exe (explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8> (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files (x86)\opera.exe <23> (explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe (explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\Stefan\AppData\Local\Programs\signal-desktop\Signal.exe <5> (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe (services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\afwServ.exe (services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe (services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (services.exe ->) (Geek Software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2> (services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe (services.exe ->) (Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe <2> (svchost.exe ->) (Intel(R) Intel Network Drivers -> Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [mylbx] => C:\Program Files\My Lockbox\mylbx.exe [3096800 2020-05-12] (FSPro Labs -> FSPro Labs) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe [3450728 2022-02-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd [13463552 2014-03-11] (C-Media Corporation) [Datei ist nicht signiert] HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] () [Datei ist nicht signiert] HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] () [Datei ist nicht signiert] HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [645976 2024-06-06] (Geek Software GmbH -> geek software GmbH) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [464200 2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech, Inc. -> Logitech Inc.) HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-12-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752216 2024-06-05] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597064 2024-10-03] (Razer USA Ltd. -> Razer Inc.) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46150912 2024-07-07] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\Stefan\AppData\Local\Programs\signal-desktop\Signal.exe [151940472 2022-10-06] (Signal Messenger, LLC -> Signal Messenger, LLC) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36717544 2024-07-28] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\assistant\browser_assistant.exe (Keine Datei) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [Plex Media Server] => C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe [30160152 2024-09-11] (Plex, Inc. -> Plex, Inc.) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3395680 2024-10-26] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [GoogleChromeAutoLaunch_032971FCF19EBA1BD62AC0489DE1A458] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2850400 2024-10-22] (Google LLC -> Google LLC) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [AVGBrowserAutoLaunch_367FD8D3033CB5A1DA13738B2A4D8674] => C:\Program Files\AVG\Browser\Application\AVGBrowser.exe [3199360 2024-10-09] (AVG Technologies USA, LLC -> Gen Digital Inc.) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\MountPoints2: {1d458077-9dc4-11eb-ac9c-40e2303c4e6a} - "J:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\MountPoints2: {3a9d5e0a-9bdb-11ec-ad48-40e2303c4e6a} - "J:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\MountPoints2: {91d6a08c-0f18-11eb-abf5-40e2303c4e6a} - "J:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\MountPoints2: {94c82947-3204-11ec-acee-40e2303c4e6a} - "J:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> none HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597064 2024-10-03] (Razer USA Ltd. -> Razer Inc.) HKLM\...\Print\Monitors\CPCA Language Monitor3: C:\Windows\system32\CNAS0MMK.DLL [66048 2007-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Canon Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files\AVG\Browser\Application\129.0.26740.101\Installer\chrmstp.exe [2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\130.0.6723.70\Installer\chrmstp.exe [2024-10-25] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2023-05-01] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2022-06-25] ShortcutTarget: DeepL auto-start.lnk -> C:\Users\Stefan\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [Datei ist nicht signiert] GroupPolicy: Beschränkung ? <==== ACHTUNG Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {DD4FA529-112C-427F-AF9E-650F2B24A5C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.) Task: {46A0107C-4371-4B7C-B557-1FAEB7413F4D} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVG\Browser\Application\AVGBrowser.exe [3199360 2024-10-09] (AVG Technologies USA, LLC -> Gen Digital Inc.) Task: {BEB4FDB5-26B9-4804-B492-CC3EA1A6ED78} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVG\Browser\Application\AVGBrowser.exe [3199360 2024-10-09] (AVG Technologies USA, LLC -> Gen Digital Inc.) Task: {58F67219-999A-4B45-8ED3-54973F23723E} - System32\Tasks\AVG\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5242696 2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) Task: {8BA1EF5F-EA4C-4C6D-B3CC-E550F9DE58ED} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [8224072 2024-10-08] (AVG Technologies USA, LLC -> Gen Digital Inc.) Task: {676A8C5B-A7E1-4182-850A-C213E82DFCCF} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2593096 2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) Task: {2B5B6A03-E14C-4E9B-B4C6-49FD0582D481} - System32\Tasks\AVGBrowserProtectS-1-5-21-1417265821-4116366667-1805509851-1001 => C:\Program Files\AVG\Browser\Application\AVGBrowserProtect.exe [1690040 2024-10-08] (AVG Technologies USA, LLC -> Gen Digital Inc.) Task: {194CBA5E-2CCF-423D-9AC0-F2B4F161B85B} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209736 2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) Task: {4AA3A708-BBF5-4F1F-9E1A-0FDDABC88C0A} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209736 2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) Task: {DB6E0E84-B934-4AE8-BC0A-CF13DE8161ED} - System32\Tasks\G2MUpdateTask-S-1-5-21-1417265821-4116366667-1805509851-1001 => C:\Users\Stefan\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-05-04] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {341AC099-D3FD-467D-B0EE-165D5B7440F6} - System32\Tasks\G2MUploadTask-S-1-5-21-1417265821-4116366667-1805509851-1001 => C:\Users\Stefan\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-05-04] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {DAFF2A0E-477E-4E4D-B5B9-7EF4CB6C640B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{07858AB1-0A01-467F-AEC9-598B6B2E70D7} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC) Task: {467532C2-5A80-4395-BCB3-CE1D9FC003F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28616920 2024-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {E801750E-D0AD-49C9-BE9C-4DE17C7D9B22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28616920 2024-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {CE181B5A-C622-4F7C-BACA-A46C5F2353E9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {6839C6F3-4D9E-4944-88FD-4D7767B174DD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {92768F3F-BA90-4E22-9F20-5011B7AA47D9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187328 2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {7E7CCEC6-FBBF-490E-87C5-B20A5AF73B59} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => C:\WINDOWS\system32\clipesu.exe [221680 2024-10-13] (Microsoft Windows -> Microsoft Corporation) Task: {852B69C9-1F16-42D3-A764-FF6D395532AD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {5F5EBC8A-4798-4844-8318-9A053B821D4A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {07D2D8D8-EBCB-451A-8720-A6598C89A604} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {B2F2EC8B-7F6B-4790-A017-7469E4723E70} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {72B35932-233E-48A0-92F8-262C003465D4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F4896B4F-6BD4-4D8A-BEB2-89FA66628A6A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1273F02B-61D5-4D54-8BC9-DD36E5C35DCE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {587763A9-3E6C-44D3-B795-AFEC7289C5C5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4E50BD4C-947B-4457-AA6D-A7C6AAB48A1E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E7353F6C-3BA7-4ED0-9A20-2DC92872F34F} - System32\Tasks\Opera scheduled assistant Autoupdate 1571862036 => C:\Program Files (x86)\launcher.exe [1573784 2024-10-16] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\assistant" $(Arg0) <==== ACHTUNG Task: {D904D35E-2D39-42C5-B80A-ED48CA22F1C5} - System32\Tasks\Opera scheduled Autoupdate 1571862031 => C:\Program Files (x86)\autoupdate\opera_autoupdate.exe [5812120 2024-10-15] (Opera Norway AS -> Opera Software) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1417265821-4116366667-1805509851-1001.job => C:\Users\Stefan\AppData\Local\GoToMeeting\19992\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1417265821-4116366667-1805509851-1001.job => C:\Users\Stefan\AppData\Local\GoToMeeting\19992\g2mupload.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\2416A796E67616: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\2416A796E67616: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\2416A796E676160223C243: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\2416A796E676160223C243: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\2416A796E67616250253: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\2416A796E67616250253: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\4556C656B6F6D6F564F4E4: [DhcpNameServer] 172.17.2.1 172.17.2.1 Tcpip\..\Interfaces\{be2a2620-b371-4071-a3de-afabb476273d}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{be2a2620-b371-4071-a3de-afabb476273d}: [DhcpDomain] fritz.box Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Stefan\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-25] Edge DownloadDir: Default -> C:\Instmp Edge HomePage: Default -> hxxp://www.google.de/ Edge StartupUrls: Default -> "hxxp://www.google.de/" Edge Extension: (Google Docs Offline) - C:\Users\Stefan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-16] Edge Extension: (Edge relevant text changes) - C:\Users\Stefan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\npAvgBrowserUpdate3.dll [2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\npAvgBrowserUpdate3.dll [2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default [2024-10-28] CHR DownloadDir: C:\Instmp CHR NewTab: Default -> Active:"chrome-extension://nejdcfinmjpapnkjffcejgcidjmbipcp/index.html", Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html" CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-10-18] CHR Extension: (MyJDownloader Browser Erweiterung) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-08-11] CHR Extension: (Google Docs Offline) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-15] CHR Extension: (Binnen-I be gone) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ginkajgcbeolbiflkjomlkcdapbegaff [2021-12-02] CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2024-06-24] CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2024-08-13] CHR Extension: (Easy Speed Dial) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nejdcfinmjpapnkjffcejgcidjmbipcp [2024-02-20] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16] CHR Extension: (Hover - Bypass Paywalls) - C:\Instmp\hover-paywalls-browser-extension-master\dist [2021-12-02] CHR Profile: C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-01-07] Opera: ======= OPR DefaultProfile: Default StartMenuInternet: (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001) OperaStable - "C:\Program Files (x86)\opera.exe" ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2017-06-21] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209736 2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [811848 2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [2415432 2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [1258312 2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7286088 2024-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [209736 2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) S3 AVGSecureBrowserElevationService; C:\Program Files\AVG\Browser\Application\129.0.26740.101\elevation_service.exe [1730856 2024-10-09] (AVG Technologies USA, LLC -> Gen Digital Inc.) R2 AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2024-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15689512 2024-03-02] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861072 2024-10-20] (Microsoft Corporation -> Microsoft Corporation) R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-12-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [80936 2020-12-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [18735712 2024-10-26] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-03-12] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2024-03-02] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [347408 2022-11-28] (Underwriters Laboratories Inc. -> Futuremark) S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel(R) Corporation) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11071232 2024-07-07] (Logitech Inc -> Logitech, Inc.) S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation) R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [Datei ist nicht signiert] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-16] (NVIDIA Corporation -> NVIDIA Corporation) R2 PDF24; C:\Program Files\PDF24\pdf24.exe [645976 2024-06-06] (Geek Software GmbH -> geek software GmbH) R2 PlexUpdateService; C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe [911136 2024-09-11] (Plex, Inc. -> Plex, Inc.) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc) R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298248 2024-10-03] (Razer USA Ltd. -> Razer Inc.) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2024-05-15] (Razer USA Ltd. -> Razer Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530488 2024-09-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation) R2 GigabyteUpdateService; %SystemRoot%\system32\GigabyteUpdateService.exe 2\C:\Windows\system32\ [X] ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> ) R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [20536 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [233016 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [381496 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [294960 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [84536 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [27744 2024-10-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> Gen Digital Inc.) R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [28752 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [273976 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [550456 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [97848 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [69176 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [951352 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [1202232 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R3 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [203832 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [307256 2024-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.) R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2019-10-27] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-09-10] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-MEDIA ELECTRONICS INC. -> C-Media Inc) S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R0 FSProFilter2; C:\WINDOWS\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (Alfa System Programming -> FSPro Labs) R3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [52016 2024-03-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_774a66f35d00ad3d\iaLPSS2_GPIO2_ADL.sys [140960 2022-06-22] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_1ebed6f33a1c1014\iaLPSS2_I2C_ADL.sys [210600 2022-06-22] (Intel Corporation -> Intel Corporation) R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-22] (Logitech Inc -> Logitech) R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-22] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-22] (Logitech Inc -> Logitech) S3 MpKsl1514f4a8; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [211208 2023-04-17] (Microsoft Windows -> Microsoft Corporation) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group) R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc) R3 RzDev_007a; C:\WINDOWS\System32\drivers\RzDev_007a.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) R3 RzDev_007e; C:\WINDOWS\System32\drivers\RzDev_007e.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-09-18] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602392 2024-09-18] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-18] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2024-10-28 15:31 - 2024-10-28 15:31 - 000044600 _____ C:\Users\Stefan\Desktop\FRST.txt 2024-10-28 15:30 - 2024-10-28 15:31 - 000000000 ____D C:\FRST 2024-10-28 15:28 - 2024-10-28 15:28 - 002397696 _____ (Farbar) C:\Users\Stefan\Desktop\FRST64.exe 2024-10-28 15:21 - 2024-10-28 15:23 - 000552666 _____ C:\WINDOWS\ntbtlog.txt 2024-10-28 15:21 - 2024-10-28 15:21 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2024-10-28 01:37 - 2024-10-28 01:37 - 000001039 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2024-10-28 01:37 - 2024-10-28 01:37 - 000000000 ____D C:\Users\Stefan\AppData\Local\VS Revo Group 2024-10-28 01:37 - 2024-10-28 01:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2024-10-28 01:37 - 2024-10-28 01:37 - 000000000 ____D C:\Program Files\VS Revo Group 2024-10-28 01:18 - 2024-10-28 01:18 - 000000000 ____D C:\AdwCleaner 2024-10-28 01:10 - 2024-10-28 01:11 - 127789144 _____ (Opera Software) C:\Users\Stefan\Downloads\Opera_114.0.5282.115_Setup_x64.exe 2024-10-27 20:08 - 2024-10-27 20:08 - 000003814 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) 2024-10-27 20:08 - 2024-10-27 20:08 - 000003754 _____ C:\WINDOWS\system32\Tasks\AVGBrowserProtectS-1-5-21-1417265821-4116366667-1805509851-1001 2024-10-27 20:08 - 2024-10-27 20:08 - 000003626 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA 2024-10-27 20:08 - 2024-10-27 20:08 - 000003502 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore 2024-10-27 20:08 - 2024-10-27 20:08 - 000003230 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon) 2024-10-27 20:08 - 2024-10-27 20:08 - 000002349 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk 2024-10-27 20:08 - 2024-10-27 20:08 - 000002314 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk 2024-10-27 20:08 - 2024-10-27 20:08 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\AVG 2024-10-27 20:08 - 2024-10-27 20:08 - 000000000 ____D C:\Users\Stefan\AppData\Local\AVG 2024-10-27 20:08 - 2024-10-27 20:08 - 000000000 ____D C:\Program Files (x86)\AVG 2024-10-27 20:07 - 2024-10-28 15:24 - 000000000 ____D C:\ProgramData\AVG 2024-10-27 20:07 - 2024-10-27 20:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG 2024-10-27 20:07 - 2024-10-27 20:08 - 000000000 ____D C:\Program Files\AVG 2024-10-27 20:07 - 2024-10-27 20:07 - 000315720 _____ (Gen Digital Inc.) C:\WINDOWS\system32\avgBoot.exe 2024-10-27 20:07 - 2024-10-27 20:07 - 000050976 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe 2024-10-27 20:07 - 2024-10-27 20:07 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus Free.lnk 2024-10-27 20:07 - 2024-10-27 20:07 - 000002023 _____ C:\Users\Public\Desktop\AVG AntiVirus Free.lnk 2024-10-27 20:07 - 2024-10-27 20:07 - 000000000 ____D C:\Program Files\Common Files\AVG 2024-10-16 12:45 - 2024-10-16 12:45 - 000000000 ____D C:\Program Files (x86)\old_status 2024-10-16 12:45 - 2024-10-16 12:45 - 000000000 ____D C:\Program Files (x86)\114.0.5282.102 2024-10-13 15:20 - 2024-10-13 15:20 - 000000000 ___HD C:\$WinREAgent 2024-10-13 15:07 - 2024-10-13 15:07 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-10-13 15:04 - 2024-09-16 00:28 - 025312776 _____ C:\WINDOWS\system32\nvidia-pcc.exe 2024-10-13 15:04 - 2024-09-16 00:28 - 002040680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2024-10-13 15:04 - 2024-09-16 00:28 - 002040680 _____ C:\WINDOWS\system32\vulkaninfo.exe 2024-10-13 15:04 - 2024-09-16 00:28 - 001583976 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2024-10-13 15:04 - 2024-09-16 00:28 - 001583976 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2024-10-13 15:04 - 2024-09-16 00:28 - 001446760 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2024-10-13 15:04 - 2024-09-16 00:28 - 001446760 _____ C:\WINDOWS\system32\vulkan-1.dll 2024-10-13 15:04 - 2024-09-16 00:28 - 001296744 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2024-10-13 15:04 - 2024-09-16 00:28 - 001296744 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2024-10-13 15:04 - 2024-09-16 00:28 - 000477704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2024-10-13 15:04 - 2024-09-16 00:28 - 000374816 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2024-10-13 15:04 - 2024-09-16 00:25 - 001547400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2024-10-13 15:04 - 2024-09-16 00:25 - 001202808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2024-10-13 15:04 - 2024-09-16 00:25 - 001078928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2024-10-13 15:04 - 2024-09-16 00:25 - 000856696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2024-10-13 15:04 - 2024-09-16 00:25 - 000669840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2024-10-13 15:04 - 2024-09-16 00:25 - 000505992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2024-10-13 15:04 - 2024-09-16 00:24 - 016200352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2024-10-13 15:04 - 2024-09-16 00:24 - 014270096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2024-10-13 15:04 - 2024-09-16 00:24 - 006914168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2024-10-13 15:04 - 2024-09-16 00:24 - 005348872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2024-10-13 15:04 - 2024-09-16 00:24 - 003788432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2024-10-13 15:04 - 2024-09-16 00:24 - 002178696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2024-10-13 15:04 - 2024-09-16 00:24 - 001629296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2024-10-13 15:04 - 2024-09-16 00:24 - 001034248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2024-10-13 15:04 - 2024-09-16 00:24 - 000796792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2024-10-13 15:04 - 2024-09-16 00:24 - 000461984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2024-10-13 15:04 - 2024-09-16 00:24 - 000131656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2024-10-13 15:04 - 2024-09-16 00:23 - 005910024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2024-10-13 15:04 - 2024-09-16 00:23 - 000853136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2024-10-13 15:04 - 2024-09-16 00:22 - 007133144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2024-10-13 15:04 - 2024-09-16 00:22 - 006212848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2024-10-13 15:04 - 2024-09-15 23:53 - 000127247 _____ C:\WINDOWS\system32\nvinfo.pb 2024-10-13 15:02 - 2024-10-13 15:02 - 000000000 ____D C:\Program Files (x86)\114.0.5282.94 2024-10-02 21:25 - 2024-10-02 21:25 - 000002137 _____ C:\Users\Stefan\Desktop\JDownloader 2.lnk 2024-09-30 22:24 - 2024-09-30 22:25 - 000000000 ____D C:\Program Files (x86)\Java 2024-09-30 22:24 - 2024-09-30 22:24 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Sun 2024-09-30 22:24 - 2024-09-30 22:24 - 000000000 ____D C:\Users\Stefan\AppData\LocalLow\Sun 2024-09-30 22:24 - 2024-09-30 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2024-09-30 22:24 - 2024-09-30 22:24 - 000000000 ____D C:\Program Files\Java 2024-09-30 22:24 - 2024-06-05 12:24 - 000213120 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll 2024-09-30 22:24 - 2024-06-05 12:24 - 000213120 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2024-09-30 22:24 - 2024-06-05 12:24 - 000178816 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2024-10-28 15:31 - 2020-08-18 00:51 - 001733380 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-10-28 15:31 - 2019-12-07 15:51 - 000747390 _____ C:\WINDOWS\system32\perfh007.dat 2024-10-28 15:31 - 2019-12-07 15:51 - 000151256 _____ C:\WINDOWS\system32\perfc007.dat 2024-10-28 15:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2024-10-28 15:28 - 2019-10-23 21:19 - 000000000 ___RD C:\Instmp 2024-10-28 15:24 - 2023-11-01 20:28 - 000108792 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe 2024-10-28 15:24 - 2023-11-01 20:27 - 001209144 _____ C:\WINDOWS\system32\wpbbin.exe 2024-10-28 15:24 - 2023-11-01 20:27 - 001181432 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe 2024-10-28 15:24 - 2022-11-03 13:48 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Signal 2024-10-28 15:24 - 2022-01-27 01:34 - 000000000 ____D C:\Users\Stefan\AppData\Local\LGHUB 2024-10-28 15:24 - 2020-08-18 00:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-10-28 15:24 - 2020-08-18 00:47 - 000008192 ___SH C:\DumpStack.log.tmp 2024-10-28 15:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2024-10-28 15:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-10-28 15:24 - 2019-10-23 21:22 - 000000000 ____D C:\ProgramData\NVIDIA 2024-10-28 15:23 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2024-10-28 15:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-10-28 15:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-10-28 15:10 - 2021-12-18 00:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-10-28 01:16 - 2019-10-23 21:31 - 000000000 ____D C:\ProgramData\Package Cache 2024-10-28 01:13 - 2024-09-25 12:27 - 000000000 ____D C:\Users\Stefan\AppData\Local\JDownloader 2.0 2024-10-28 01:13 - 2019-10-26 22:57 - 000000000 ____D C:\Users\Stefan\AppData\Local\CrashDumps 2024-10-28 01:08 - 2020-08-18 00:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-10-27 20:15 - 2019-10-23 22:41 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\vlc 2024-10-27 20:10 - 2019-10-24 11:15 - 000000000 ____D C:\Users\Stefan\AppData\Local\D3DSCache 2024-10-27 20:07 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-10-27 01:41 - 2019-10-26 21:50 - 000000000 ____D C:\Program Files (x86)\Steam 2024-10-26 16:01 - 2021-12-12 21:01 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1417265821-4116366667-1805509851-1001 2024-10-26 16:01 - 2020-08-18 00:54 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1417265821-4116366667-1805509851-1001 2024-10-26 16:01 - 2020-08-18 00:06 - 000002402 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-10-26 15:59 - 2020-07-04 10:16 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-10-26 15:58 - 2024-07-28 14:35 - 000000000 ____D C:\ProgramData\EA Desktop 2024-10-25 00:10 - 2020-11-25 00:43 - 000002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-10-24 23:15 - 2020-08-18 00:54 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2024-10-24 11:09 - 2019-10-23 21:12 - 000000000 ____D C:\Users\Stefan\AppData\Local\Packages 2024-10-20 14:17 - 2019-12-11 19:52 - 000000000 ____D C:\Program Files\Microsoft Office 2024-10-20 14:17 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-10-19 17:33 - 2019-10-26 21:18 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\dvdcss 2024-10-18 11:36 - 2022-01-04 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2024-10-18 01:01 - 2020-08-18 00:47 - 000441816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-10-18 01:00 - 2019-12-07 15:52 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-10-18 00:09 - 2023-05-25 13:01 - 000000000 ____D C:\Program Files\RUXIM 2024-10-16 12:49 - 2024-03-15 12:17 - 000000000 ____D C:\Program Files (x86)\autoupdate 2024-10-16 12:45 - 2024-02-15 20:30 - 000001120 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk 2024-10-16 12:45 - 2021-09-23 13:39 - 001573784 _____ (Opera Software) C:\Program Files (x86)\opera.exe 2024-10-16 12:45 - 2021-09-23 13:39 - 001573784 _____ (Opera Software) C:\Program Files (x86)\launcher.exe 2024-10-16 12:45 - 2020-08-18 00:54 - 000004214 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1571862031 2024-10-16 12:45 - 2019-10-23 21:20 - 000013104 _____ C:\Program Files (x86)\installation_status.json 2024-10-16 12:45 - 2019-10-23 21:20 - 000000897 _____ C:\Program Files (x86)\installer_prefs.json.backup 2024-10-16 12:45 - 2019-10-23 21:20 - 000000897 _____ C:\Program Files (x86)\installer_prefs.json 2024-10-16 12:45 - 2019-10-23 21:20 - 000000057 _____ C:\Program Files (x86)\pref_default_overrides 2024-10-16 12:45 - 2019-10-23 21:20 - 000000000 ____D C:\Program Files (x86)\Assets 2024-10-13 15:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-10-13 15:22 - 2020-08-18 00:53 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-10-13 15:20 - 2019-10-26 23:41 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-10-13 15:19 - 2019-10-26 23:40 - 201324920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-10-13 15:06 - 2023-04-20 21:47 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-10-13 15:04 - 2019-10-23 21:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2024-10-13 15:02 - 2020-08-18 00:54 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-10-13 15:02 - 2020-08-18 00:54 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-10-02 21:25 - 2019-10-24 10:18 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2024-10-02 21:24 - 2024-09-25 12:25 - 000000000 ____D C:\Users\Stefan\AppData\Local\Adaware 2024-10-01 22:28 - 2019-10-23 22:45 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Word ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2019-10-23 21:20 - 2024-10-16 12:45 - 000013104 _____ () C:\Program Files (x86)\installation_status.json 2019-10-23 21:20 - 2024-10-16 12:45 - 000000897 _____ () C:\Program Files (x86)\installer_prefs.json 2019-10-23 21:20 - 2024-10-16 12:45 - 000000897 _____ () C:\Program Files (x86)\installer_prefs.json.backup 2021-09-23 13:39 - 2024-10-16 12:45 - 001573784 _____ (Opera Software) C:\Program Files (x86)\launcher.exe 2019-10-23 21:20 - 2024-07-15 09:02 - 000000317 _____ () C:\Program Files (x86)\launcher.visualelementsmanifest.xml 2021-09-23 13:39 - 2024-10-16 12:45 - 001573784 _____ (Opera Software) C:\Program Files (x86)\opera.exe 2023-10-17 11:26 - 2024-07-15 09:02 - 000000317 _____ () C:\Program Files (x86)\opera.visualelementsmanifest.xml 2019-10-23 21:20 - 2024-10-16 12:45 - 000000057 _____ () C:\Program Files (x86)\pref_default_overrides 2019-10-23 21:20 - 2024-07-15 09:02 - 000003072 _____ () C:\Program Files (x86)\Resources.pri 2019-10-23 21:20 - 2019-10-23 21:20 - 000001048 _____ () C:\Program Files (x86)\server_tracking_data 2020-01-11 16:13 - 2023-12-04 13:41 - 000004608 _____ () C:\Users\Stefan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-09-2024 durchgeführt von Stefan (28-10-2024 15:31:35) Gestartet von C:\Users\Stefan\Desktop Microsoft Windows 10 Pro Version 22H2 19045.5011 (X64) (2020-08-17 23:54:06) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-1417265821-4116366667-1805509851-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1417265821-4116366667-1805509851-503 - Limited - Disabled) Gast (S-1-5-21-1417265821-4116366667-1805509851-501 - Limited - Disabled) Stefan (S-1-5-21-1417265821-4116366667-1805509851-1001 - Administrator - Enabled) => C:\Users\Stefan WDAGUtilityAccount (S-1-5-21-1417265821-4116366667-1805509851-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411} FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A} FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 23.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2301-000001000000}) (Version: 23.01.00.0 - Igor Pavlov) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 24.003.20180 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Anno 1404 - History Edition (HKLM-x32\...\Uplay Install 16232) (Version: - Ubisoft) ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft) Anno 1404 Gold Edition Version 1.03 (HKLM-x32\...\{52057027-985F-4455-9D84-46D3D99AB138}_is1) (Version: 1.03 - UBISoft) Anno 1800 (HKLM-x32\...\Uplay Install 4553) (Version: - Ubisoft) APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.24.0315.1 - Gigabyte) Hidden APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.24.0315.1 - Gigabyte) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 - Asmedia Technology) ASUS Xonar DGX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version: - ASUSTeK Computer Inc.) AVG AntiVirus Free (HKLM\...\AVG Antivirus) (Version: 24.10.9535.2192 - Gen Digital Inc.) AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 129.0.26740.101 - Gen Digital Inc.) AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1693.6 - AVG Technologies) Hidden Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.34.223.5 - Broadcom Corporation) Call of Duty Modern Warfare Remastered MULTi2 1.0 (HKLM-x32\...\Call of Duty Modern Warfare Remastered MULTi2 1.0) (Version: - ) CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden Canon MF Toolbox 4.9.1.1.mf18 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf18 - CANON INC.) Canon MF4320-4350 (HKLM\...\{99A5569D-9F86-4f32-A227-1538B731DA42}) (Version: - ) CORSAIR iCUE Software (HKLM-x32\...\{10730A22-FBFF-43C4-92EA-1583832711B4}) (Version: 3.37.140 - Corsair) Corsair Plugin for Asus Aura Sync (HKLM-x32\...\{25861D65-396D-415F-B57A-E47C44C9916E}) (Version: 2.0.30 - Corsair) CPUID CPU-Z 2.09 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.09 - CPUID, Inc.) CrystalDiskInfo 8.5.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.5.2 - Crystal Dew World) CrystalDiskMark 7.0.0h (HKLM\...\CrystalDiskMark7_is1) (Version: 7.0.0h - Crystal Dew World) DeepL (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - ) Dynamic Application Loader Host Interface Service (HKLM\...\{5047EF99-2D0B-47B9-88D7-E78348B9CEAB}) (Version: 1.0.0.0 - Intel Corporation) Hidden EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.329.0.5842 - Electronic Arts) Hidden EA app (HKLM-x32\...\{ca963244-24a3-43c7-aaab-e80951403bd4}) (Version: 13.329.0.5842 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{9483ABD9-C772-487B-ADF8-09347CF8F2D2}) (Version: 1.3.93.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.) erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden FreeTube 0.21.2 (HKLM\...\609c326f-6a5e-5cd1-9fc0-6e966fad073f) (Version: 0.21.2 - PrestonN) Futuremark SystemInfo (HKLM-x32\...\{2AB5AED3-CF11-4476-9F73-886C4AB10BDD}) (Version: 5.56.1143.0 - Futuremark) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 130.0.6723.70 - Google LLC) GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.) GoToMeeting 10.20.0.19992 (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\GoToMeeting) (Version: 10.20.0.19992 - LogMeIn, Inc.) Heroes of Might and Magic 3 Complete (HKLM-x32\...\Heroes of Might and Magic 3 Complete_is1) (Version: - GOG.com) Intel(R) Chipset Device Software (HKLM\...\{3FE2DA7E-38D2-48B2-ACD4-C217EFF817D1}) (Version: 10.1.19198.8339 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{8f86005b-e8f2-4524-ace1-eb9c9be88a1a}) (Version: 10.1.19198.8339 - Intel(R) Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2233.3.26.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{5B75F912-9941-4DC6-92E8-D29BDAA3DB74}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{84D68DFE-6152-4086-9689-98176A13D8D0}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) ME UninstallLegacy (HKLM\...\{335F9123-9306-4DB0-AF07-9C636317EE9D}) (Version: 1.0.1.0 - Intel Corporation) Hidden Intel(R) ME WMI Provider (HKLM\...\{7065C5AB-83EF-4C94-920B-5C09067C6881}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Network Connections 20.1.2019.0 (HKLM\...\{3E64A1AF-7250-4BA7-A149-8EF830B3847D}) (Version: 20.1.2019.0 - Intel) Hidden Intel(R) Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel) Intel(R) Rapid Storage Technology (HKLM\...\{205AE40D-8AD7-4F29-A430-DD2168DA562D}) (Version: 14.5.0.1081 - Intel Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation) IrfanView 4.53 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.53 - Irfan Skiljan) Java 8 Update 421 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180421F0}) (Version: 8.0.4210.9 - Oracle Corporation) Java 8 Update 421 (HKLM-x32\...\{77924AE4-039E-4CA4-87B4-2F32180421F0}) (Version: 8.0.4210.9 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) JDownloader 2 (HKLM-x32\...\jdownloader2-1) (Version: 2.0.1 - AppWork GmbH) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.5.586677 - Logitech) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.) LWS Facebook (HKLM-x32\...\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}) (Version: 13.50.854.0 - Logitech) Hidden LWS Gallery (HKLM-x32\...\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}) (Version: 13.51.827.0 - Logitech) Hidden LWS Help_main (HKLM-x32\...\{1651216E-E7AD-4250-92A1-FB8ED61391C9}) (Version: 13.51.828.0 - Logitech) Hidden LWS Launcher (HKLM-x32\...\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}) (Version: 13.51.828.0 - Logitech) Hidden LWS Motion Detection (HKLM-x32\...\{71E66D3F-A009-44AB-8784-75E2819BA4BA}) (Version: 13.51.815.0 - Logitech) Hidden LWS Pictures And Video (HKLM-x32\...\{08610298-29AE-445B-B37D-EFBE05802967}) (Version: 13.51.815.0 - Logitech) Hidden LWS Twitter (HKLM-x32\...\{174A3B31-4C43-43DD-866F-73C9DB887B48}) (Version: 13.30.1346.0 - Logitech) Hidden LWS Webcam Software (HKLM-x32\...\{8937D274-C281-42E4-8CDB-A0B2DF979189}) (Version: 13.51.815.0 - Logitech) Hidden LWS WLM Plugin (HKLM-x32\...\{9DAEA76B-E50F-4272-A595-0124E826553D}) (Version: 1.30.1201.0 - Logitech) Hidden LWS YouTube Plugin (HKLM-x32\...\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}) (Version: 13.31.1038.0 - Logitech) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 130.0.2849.56 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.89 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.18025.20160 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.18025.20160 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\OneDriveSetup.exe) (Version: 24.192.0923.0006 - Microsoft Corporation) Microsoft Project - de-de (HKLM\...\ProjectPro2019Retail - de-de) (Version: 16.0.18025.20160 - Microsoft Corporation) Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.18025.20160 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visio - de-de (HKLM\...\VisioPro2019Retail - de-de) (Version: 16.0.18025.20160 - Microsoft Corporation) Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.18025.20160 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30708 (HKLM-x32\...\{ee198d9f-cfe1-4f8a-bf5f-7b1be355b63d}) (Version: 14.30.30708.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30708 (HKLM\...\{12A2980B-E47B-491B-92F5-0BC703841ED4}) (Version: 14.30.30708 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30708 (HKLM\...\{AE043016-3897-41D4-870B-1DAEE62CF152}) (Version: 14.30.30708 - Microsoft Corporation) Hidden MiniTool Partition Wizard 12.7 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.7 - MiniTool Software Limited) MSI Afterburner 4.6.5 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.5 Beta 4 - MSI Co., LTD) My Lockbox 4.3.7 (HKLM\...\My Lockbox_is1) (Version: 4.3.7 - ) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation) NVIDIA Grafiktreiber 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20126 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20160 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.18025.20126 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 114.0.5282.102 (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Opera 114.0.5282.102) (Version: 114.0.5282.102 - Opera Software) PDF24 Creator 11.18.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.18.0 - geek software GmbH) Plex (HKLM-x32\...\Plex) (Version: 1.93.0 - Plex, Inc.) Plex Media Server 1.41.0.8992 (x64) (HKLM\...\{688e1d8f-188e-49cd-83ca-2669a7e3f8cc}_is1) (Version: 1.41.0.8992 - Plex, Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.1008.100321 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.56.119.2022 - Realtek) Revo Uninstaller 2.5.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.5.0 - VS Revo Group, Ltd.) RivaTuner Statistics Server 7.3.4 Beta 6 (HKLM-x32\...\RTSS) (Version: 7.3.4 Beta 6 - Unwinder) SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology) Sid Meiers Civilization VI Digital Deluxe MULTi12 - ElAmigos Version 1.0.0.216 (HKLM-x32\...\{F3E80C7D-386C-402A-8963-5EC267114571}_is1) (Version: 1.0.0.216 - 2K) Signal 5.62.0 (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.62.0 - Signal Messenger, LLC) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 83.0 - Ubisoft) Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation) VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN) Windows-PC-Integritätsprüfung (HKLM\...\{4254C1AD-B9B0-4020-A4B1-D8B61D12142A}) (Version: 3.7.2204.15001 - Microsoft Corporation) WinRAR 5.71 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) WISO steuer:Sparbuch 2020 (HKLM-x32\...\{89566F9F-5654-4C29-A8BC-4B97D0A7E28D}) (Version: 27.01.1552 - Buhl Data Service GmbH) Zoom Workplace (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\ZoomUMX) (Version: 6.0.3 (37634) - Zoom Video Communications, Inc.) Packages: ========= Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-16] () Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-02] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-26] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-26] (Microsoft Corporation) [MS Ad] MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-18] (Microsoft Corporation) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-07-27] (Netflix, Inc.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-24] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.35.266.0_x64__dt26b99r8h8gj [2023-11-01] (Realtek Semiconductor Corp) Sniper Training 3D -> C:\Program Files\WindowsApps\2739ChimpiGames.SniperTraining3D_1.0.0.0_x86__7pgfw3wsaeyma [2021-06-30] (Chimpi Games) WinAppRuntime.Main.1.2-p1 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2-p1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-05-25] (Microsoft Corp.) WinAppRuntime.Singleton-p1 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton-p1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-05-25] (Microsoft Corp.) Windows App Runtime DDLM 2000.609.1413.0-x6-p1 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.609.1413.0-x6-p1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-05-25] (Microsoft Corporation) Windows App Runtime DDLM 2000.609.1413.0-x8-p1 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.609.1413.0-x8-p1_2000.609.1413.0_x86__8wekyb3d8bbwe [2024-05-25] (Microsoft Corporation) WindowsAppRuntime.1.2-preview1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2-preview1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-05-25] (Microsoft Corporation) WindowsAppRuntime.1.2-preview1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2-preview1_2000.609.1413.0_x86__8wekyb3d8bbwe [2024-05-25] (Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1417265821-4116366667-1805509851-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> "c:\program files\macrium\common\reflectmonitor.exe" -ToastActivated => Keine Datei CustomCLSID: HKU\S-1-5-21-1417265821-4116366667-1805509851-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-1417265821-4116366667-1805509851-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Stefan\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1417265821-4116366667-1805509851-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> "C:\Users\Stefan\AppData\Local\0install.net\implementations\sha256new_7ATQFYMYISD5LU42STURHNI33TRSMJBHVQPLEAO3EX4R5WPI6GTQ\DeepL.exe" -ToastActivated => Keine Datei ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvshext.dll [2024-09-16] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-10-27] (AVG Technologies USA, LLC -> Gen Digital Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"Skip TPM Check on Dynamic Update\"",Filter="__EventFilter.Name=\"Skip TPM Check on Dynamic Update\":: WMI:subscription\__EventFilter->Skip TPM Check on Dynamic Update::[Query => SELECT SessionID from Win32_ProcessStartTrace WHERE ProcessName='vdsldr.exe'] WMI:subscription\CommandLineEventConsumer->Skip TPM Check on Dynamic Update::[CommandLineTemplate => C:\WINDOWS\system32\cmd.exe /q Skip TPM Check on Dynamic Update (c) AveYo, 2021 /d /rerase appraiserres.dll /f /s /q][ExecutablePath => C:\WINDOWS\system32\cmd.exe][WorkingDirectory => C:\$WINDOWS.~BT] ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2023-03-02 07:55 - 2023-02-27 21:39 - 001393152 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll 2022-11-03 13:48 - 2022-10-06 02:29 - 004392448 _____ () [Datei ist nicht signiert] \\?\C:\Users\Stefan\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\libsignal-client\prebuilds\win32-x64\node.napi.node 2022-11-03 13:48 - 2022-10-06 02:29 - 005626880 _____ () [Datei ist nicht signiert] \\?\C:\Users\Stefan\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\better-sqlite3\build\Release\better_sqlite3.node 2022-11-03 13:48 - 2022-10-06 02:29 - 011139584 _____ () [Datei ist nicht signiert] \\?\C:\Users\Stefan\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\ringrtc\build\win32\libringrtc-x64.node 2024-10-26 15:58 - 2024-10-26 15:58 - 196495872 _____ () [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcef.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000473088 _____ () [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libEGL.DLL 2024-10-26 15:58 - 2024-10-26 15:58 - 007472640 _____ () [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libGLESv2.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 004950528 _____ () [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\vk_swiftshader.dll 2022-11-03 13:48 - 2022-10-06 02:29 - 002788352 _____ () [Datei ist nicht signiert] C:\Users\Stefan\AppData\Local\Programs\signal-desktop\ffmpeg.dll 2022-11-03 13:48 - 2022-10-06 02:29 - 000468992 _____ () [Datei ist nicht signiert] C:\Users\Stefan\AppData\Local\Programs\signal-desktop\libegl.dll 2022-11-03 13:48 - 2022-10-06 02:29 - 007410176 _____ () [Datei ist nicht signiert] C:\Users\Stefan\AppData\Local\Programs\signal-desktop\libglesv2.dll 2022-11-03 13:48 - 2022-10-06 02:29 - 004873728 _____ () [Datei ist nicht signiert] C:\Users\Stefan\AppData\Local\Programs\signal-desktop\vk_swiftshader.dll 2020-11-12 19:25 - 2012-01-06 02:30 - 000122880 ____N (C-Media Electronics Inc.) [Datei ist nicht signiert] C:\Windows\System\HsSrv64.dll 2023-06-20 13:00 - 2023-06-20 13:00 - 000101376 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll 2020-04-19 21:54 - 2020-04-19 21:54 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll 2020-04-19 21:54 - 2020-04-19 21:54 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll 2020-11-15 15:51 - 2020-11-15 15:51 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 001416192 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\chrome_elf.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000046592 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000031744 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qgif.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000039936 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qicns.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000031232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qico.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000415232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qjpeg.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000025600 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qsvg.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000025088 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtga.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000380416 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtiff.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000023552 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwbmp.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000532992 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwebp.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 001455616 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\platforms\qwindows.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000227328 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt\labs\platform\qtlabsplatformplugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 006270976 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 006947328 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Gui.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 001389568 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 003798528 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Qml.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000440832 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlModels.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000054784 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlWorkerScript.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 004254720 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Quick.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000171520 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickControls2.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000222208 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickShapes.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 001128960 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickTemplates2.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000334848 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Svg.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000133120 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebChannel.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000157184 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 005611520 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Widgets.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000463360 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WinExtras.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000210432 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000056832 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000059392 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000018432 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick.2\qtquick2plugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000294400 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000106496 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Layouts\qquicklayoutsplugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000017920 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Shapes\qmlshapesplugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000325120 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000045568 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Window.2\windowplugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000135680 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\styles\qwindowsvistastyle.dll 2015-10-14 00:15 - 2015-10-14 00:15 - 002042368 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\Gigabyte\AppCenter\osvi.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData:BDSDRMHK [64] AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64] AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64] AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8540] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ============= BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-03-19 05:49 - 2023-05-01 18:26 - 000000984 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 on4u3.buhl.de 127.0.0.1 www.on4u3.buhl.de 127.0.0.1 DRM.BUHL.DE 127.0.0.1 www.DRM.BUHL.DE 2020-11-25 14:53 - 2021-01-12 18:20 - 000000526 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 92.168.137.1 DESKTOP-41UIG6B.mshome.net # 2025 11 1 24 20 55 1 915 192.168.137.73 HUAWEI_P30_Pro-e84921de44.mshome.net # 2020 12 3 2 14 26 3 744 44 ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) ist aktiviert. Network Binding: ============= Ethernet 2: Realtek Gaming 2.5GbE Family Controller -> rt640x64.sys ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "WinZip FAH" HKLM\...\StartupApproved\Run: => "WinZip UN" HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software" HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\StartupApproved\Run: => "Plex Media Server" HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\StartupApproved\Run: => "EpicGamesLauncher" Geändert von Garmirian007 (28.10.2024 um 16:59 Uhr) |
28.10.2024, 17:06 | #2 |
| Opera öffnet immer beim Start und permant regelmässig danach einen Youtube TabCode:
ATTFilter ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{83D86BDE-EBC4-4DB9-94DD-C358DD1A0BDB}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{534C7692-F56B-4E50-B3CE-56F6C882ACCE}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{7D149FF3-E229-411C-9B3C-543AB893B8A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C91B8FF3-BE31-4CBB-A00E-2D3523B5B4E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C30D82C0-0CC7-4169-B569-DB8FC3611A85}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{F3F3E873-6E3D-4DBC-88CF-1D2E7E426E44}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [TCP Query User{9C7D3A93-F415-4C96-AAFA-F6B21DEE95A2}C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1800\bin\win64\anno1800.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1800\bin\win64\anno1800.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [UDP Query User{F6E59BF3-1479-403C-AE07-C3DF5402AA08}C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1800\bin\win64\anno1800.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1800\bin\win64\anno1800.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [TCP Query User{CF3CF312-9D53-4C2C-9FF2-0B295EBE7E24}C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe (Ubisoft Blue Byte GmbH -> Ubisoft) FirewallRules: [UDP Query User{6BA8B87D-EA32-4EB0-A8FF-2B937788D121}C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe (Ubisoft Blue Byte GmbH -> Ubisoft) FirewallRules: [TCP Query User{8B10A558-3F14-40D2-A7E9-36A1F8585EDE}C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe (Ubisoft Blue Byte GmbH -> Ubisoft) FirewallRules: [UDP Query User{4EAAFE7D-1BA6-428E-B8DB-ADB95389661F}C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe (Ubisoft Blue Byte GmbH -> Ubisoft) FirewallRules: [{1DA0981F-1A53-4455-83C4-A016002E7504}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3B57F426-2771-498C-B958-0DCAB05DFAED}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{21226927-5404-44ED-B51F-151B8C7FFCDE}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{12F07B1A-E780-4C8E-A52D-C8E32D0A47AB}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{3B93E36D-0D51-4600-8D0C-5BE0E54C90D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2F7DA67D-DD9D-4329-8279-AC6926CA551C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8B20B206-596E-46DF-870B-2A5B50295890}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6F7BE1D7-C13A-497A-8B0F-B79BD0BD1344}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2B1524EB-BE4E-4A08-ACC2-C8B3A598C16C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C17CA8D3-704B-47CE-9D36-EEA13070583F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D724038B-6A3A-42A5-8C89-61EA43DE6695}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{8CC91542-4BFA-494E-A25A-F006ECB8D60A}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{24A57E74-1E39-4987-9F8C-94089F8A8EC0}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{B5C7ABA5-E706-4922-8F6D-59BE866EB868}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{DA7DC733-DAB8-4D84-89A9-1EA2989A9503}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{9CB076F2-151A-434E-981A-E94C34F23068}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{5459027D-032A-4F56-AA08-E385F2F42A7D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3ACE7353-DDB8-4309-846F-2112E985520E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E6E44741-0A76-4B41-978F-CD01349ABF08}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{3C388E45-0CB1-47F3-A590-12578F7FECCE}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{3200F619-901B-4EB2-92CA-47501A99B501}] => (Allow) C:\Users\Stefan\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{BADA70F3-34E0-45A7-98E8-DD4DD7020758}] => (Allow) C:\Users\Stefan\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{75245B03-BEDF-41F7-8579-6763DE99946A}] => (Allow) C:\Users\Stefan\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [TCP Query User{512F298C-C89C-4071-AB05-372ECB23156C}C:\program files\plex\plex\plex.exe] => (Allow) C:\program files\plex\plex\plex.exe (Plex, Inc. -> ) FirewallRules: [UDP Query User{ED9A748E-CD1A-4F9F-A424-91701C324945}C:\program files\plex\plex\plex.exe] => (Allow) C:\program files\plex\plex\plex.exe (Plex, Inc. -> ) FirewallRules: [TCP Query User{0C51049C-9826-4AA5-B7FE-B9D4AFBF67A7}C:\program files (x86)\anno 1404 gold edition\tools\addonweb.exe] => (Allow) C:\program files (x86)\anno 1404 gold edition\tools\addonweb.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{B36986FD-252D-4A7D-9B1A-CED52FD40157}C:\program files (x86)\anno 1404 gold edition\tools\addonweb.exe] => (Allow) C:\program files (x86)\anno 1404 gold edition\tools\addonweb.exe () [Datei ist nicht signiert] FirewallRules: [{A1FADD0B-8F70-44A3-A254-1A9B52C70DBC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E2FFD8F9-3AFB-4EEA-918F-CA5244A783ED}] => (Allow) C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.) FirewallRules: [{34F6231A-C136-4AA0-AC74-2E33248FB853}] => (Allow) C:\Program Files\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> ) FirewallRules: [{CBB249B3-F02D-4073-854F-1953B307099E}] => (Allow) C:\Program Files\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.) FirewallRules: [{1D82506E-F930-40D5-9FB8-1A67B72F43D2}] => (Allow) C:\Program Files\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> ) FirewallRules: [{6F9EA6C9-A2A3-4E02-B211-32097D26B6CF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{72215802-1A1A-4E5D-8735-B247E8810E31}] => (Allow) C:\Program Files (x86)\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{1279B982-CBB0-40D4-AB02-533C3BA90296}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.130.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E74DEAAD-BEC8-464A-AC0F-55134A2AFC99}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.130.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0CE98167-8148-4A0D-B040-0D2BAC083763}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.130.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C2B3F336-7B4D-45EB-975E-9D47A5EDD064}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.130.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A123FA94-F0A0-47F7-BD96-4E3C6E69960F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{6C6D4BA3-C54B-4CA7-A138-45C65E41EBF6}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.) FirewallRules: [{8682F166-01E6-4189-A7CF-1637F5E7996C}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.) FirewallRules: [{FF082F4B-647B-4EEF-A8C8-4F9650438DC9}] => (Allow) C:\Program Files\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> Gen Digital Inc.) FirewallRules: [{D4479544-2029-44B9-AE2A-B8D107BEC140}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{715627FC-9E50-42D4-B113-217204ACBCB9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{FBD52AD6-2772-4411-9229-5EC6B313CDE7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{59AA08C5-CD7B-4734-91AB-5F8D84B5C53D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{B59F3687-4A53-42D3-9EF8-595249AEAF9D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{99804F4B-6DB0-4B43-BC1F-C6C92C5472EB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{B0F19772-A4C3-44D0-A450-0576B2DCB05A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{CCBAC901-D80F-49D9-8053-F1305014AB7D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{F8DBB8B0-14E5-4414-B785-21F74B35C547}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{AC9D3721-AB7B-4AE7-A0AE-54D047018381}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{A3028C65-85FE-4663-B507-335B0EC423AD}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard-USB-Hostcontroller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (10/28/2024 03:27:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 14.5.0.1081, Zeitstempel: 0x556ecc3d Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x06b56b6d ID des fehlerhaften Prozesses: 0x4fd8 Startzeit der fehlerhaften Anwendung: 0x01db29455c69b462 Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 5690c77d-e2d6-45ce-b87f-8143e39d7c3e Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (10/28/2024 03:27:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: IAStorDataMgrSvc.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.NullReferenceException bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState() bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object) bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() bei System.Threading.ThreadPoolWorkQueue.Dispatch() bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (10/28/2024 03:13:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: IAStorDataMgrSvc.exe, Version: 14.5.0.1081, Zeitstempel: 0x556ecc3d Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x05c16b6d ID des fehlerhaften Prozesses: 0x4d40 Startzeit der fehlerhaften Anwendung: 0x01db2943762d3c74 Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: b9f048d4-843f-48da-8f21-6224d3333263 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (10/28/2024 03:13:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: IAStorDataMgrSvc.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.NullReferenceException bei IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() bei IAStorUtil.SystemDataModelListener.LoadSavedSystemState() bei IAStorDataMgr.EventRelay.<Start>b__0(System.Object) bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() bei System.Threading.ThreadPoolWorkQueue.Dispatch() bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (10/28/2024 01:42:12 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"; Beschreibung = Revo Uninstaller's restore point - Opera Stable 114.0.5282.102; Fehler = 0x80070422). Error: (10/28/2024 01:41:13 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"; Beschreibung = Revo Uninstaller's restore point - Opera Stable 114.0.5282.102; Fehler = 0x80070422). Error: (10/28/2024 01:40:04 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"; Beschreibung = Revo Uninstaller's restore point - Opera Stable 114.0.5282.102; Fehler = 0x80070422). Error: (10/28/2024 01:38:34 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"; Beschreibung = Revo Uninstaller's restore point - Opera Stable 114.0.5282.102; Fehler = 0x80070422). Systemfehler: ============= Error: (10/28/2024 03:27:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/28/2024 03:26:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (10/28/2024 03:26:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht. Error: (10/28/2024 03:24:14 PM) (Source: TPM) (EventID: 15) (User: NT-AUTORITÄT) Description: Beim Gerätetreiber für das Trusted Platform Module (TPM) ist ein nicht behebbarer Fehler in der TPM-Hardware aufgetreten, der die Verwendung der TPM-Dienste (z. B. Datenverschlüsselung) verhindert. Wenden Sie sich an den Computerhersteller, um weitere Hilfe zu erhalten. Error: (10/28/2024 03:24:10 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: ACPI2 Error: (10/28/2024 03:23:30 PM) (Source: DCOM) (EventID: 10005) (User: MORTLACH) Description: Fehler "1084" in DCOM, als der Dienst "ShellHWDetection" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/28/2024 03:23:30 PM) (Source: DCOM) (EventID: 10005) (User: MORTLACH) Description: Fehler "1084" in DCOM, als der Dienst "TokenBroker" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden: Windows.Internal.Security.Authentication.Web.WamProviderRegistration Error: (10/28/2024 03:23:30 PM) (Source: DCOM) (EventID: 10005) (User: MORTLACH) Description: Fehler "1084" in DCOM, als der Dienst "TokenBroker" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden: Windows.Internal.Security.Authentication.Web.WamProviderRegistration Windows Defender: ================ Date: 2024-10-27 00:05:02 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {F365D2AF-CE33-46E9-8AD7-AB5D35229DA0} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2024-10-25 00:06:04 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {2A40293E-A23C-43C0-871F-286EA9AE565C} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2024-10-24 12:53:27 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {C77E4400-AF0C-4446-A053-17E368113E25} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2024-10-21 23:36:54 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {CAA068E7-798A-4233-B130-AB162FB3C650} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2024-10-21 00:06:04 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {0D48F832-19EF-454C-BE9E-937042E248DB} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Event[0]: Date: 2023-12-06 22:16:20 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.401.1664.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.23100.2009 Fehlercode: 0x80240438 Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". CodeIntegrity: =============== Date: 2024-10-27 20:07:57 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2024-01-07 01:54:44 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume1\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2024-01-07 01:54:44 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-11-16 18:45:57 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-11-02 12:39:25 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends International, LLC. F22 12/07/2022 Hauptplatine: Gigabyte Technology Co., Ltd. Z690 UD DDR4 Prozessor: 13th Gen Intel(R) Core(TM) i5-13600KF Prozentuale Nutzung des RAM: 35% Installierter physikalischer RAM: 24405.57 MB Verfügbarer physikalischer RAM: 15843.95 MB Summe virtueller Speicher: 25429.57 MB Verfügbarer virtueller Speicher: 14193.39 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:930.41 GB) (Free:535.08 GB) (Model: Corsair MP600 PRO XT) (Protected) NTFS Drive d: (Volume) (Fixed) (Total:3725.9 GB) (Free:1519.14 GB) (Model: WDC WD40EZRX-00SPEB0) (Protected) NTFS Drive e: (Volume) (Fixed) (Total:7451.91 GB) (Free:1583.57 GB) (Model: ST8000AS0002-1NA17Z) (Protected) NTFS Drive f: (Volume) (Fixed) (Total:3725.9 GB) (Free:1388.08 GB) (Model: ST4000NM0033-9ZM170) (Protected) NTFS Drive g: (Volume) (Fixed) (Total:7452.02 GB) (Free:2992.73 GB) (Model: ST8000DM004-2CX188) (Protected) NTFS Drive h: (Volume) (Fixed) (Total:2794.52 GB) (Free:2007.64 GB) (Model: ST3000DM001-1CH166) (Protected) NTFS Drive i: (Volume) (Fixed) (Total:237.4 GB) (Free:204.6 GB) (Model: SAMSUNG MZVPV256HDGL-00000) (Protected) NTFS Drive k: () (Fixed) (Total:465.15 GB) (Free:162.97 GB) (Model: Samsung SSD 970 EVO Plus 500GB) NTFS \\?\Volume{0f7f77bb-0000-0000-0000-90b9e8000000}\ () (Fixed) (Total:0.61 GB) (Free:0.16 GB) NTFS \\?\Volume{3f35de60-26e3-01d9-30ef-88927193ec00}\ () (Fixed) (Total:0.61 GB) (Free:0.16 GB) NTFS \\?\Volume{f78851c5-c02f-408c-942e-78e77c8fc0e1}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS \\?\Volume{2de9e8e0-46fa-41c7-9fd4-b4623f5483a0}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS \\?\Volume{c1cd725e-1a3c-4b5e-b61f-a4f9603c4d7f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 7452 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 3 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 4 (Protective MBR) (Size: 7452 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 5 (Size: 931.5 GB) (Disk ID: 0F7F77BB) Partition 1: (Not Active) - (Size=930.4 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=627 MB) - (Type=07 NTFS) ========================================================== Disk: 6 (Size: 465.8 GB) (Disk ID: 170CB89E) Partition: GPT. ========================================================== Disk: 7 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= |
28.10.2024, 21:52 | #3 | ||
/// Winkelfunktion /// TB-Süch-Tiger™ | Opera öffnet immer beim Start und permant regelmässig danach einen Youtube TabZitat:
Zitat:
__________________ |
28.10.2024, 22:27 | #4 |
| Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab der Opera Deinstaller, der sich nach der Deinstallation über Programme öffnet, meldet Error Opera konnte nicht deinstalliert werden, Unzureichende Rechte für die Installation an dem gewünschten Ort. Ich bin Admin im System und habe mal was anderes deinstalliert unter Programme, wo auch Opera ist und das lief ohne Probleme. Es befindet sich meines Wissens keinerlei gecrackte Software aktiv im System. Unter Programme und Features finde ich nichts von Buhl. bei einer Suche finde ich etwas auf einer Sicherungskopie einer alten Festplatte unter Laufwerk H. Meinen sie das? OK noch was gefunden, läuft unter Wiso von 2020, habe ich deinstalliert. Geändert von Garmirian007 (28.10.2024 um 22:55 Uhr) |
28.10.2024, 22:59 | #5 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab System aufräumen: unnötige und veraltete Programme deinstallieren Bitte über Einstellungen/Apps folgende Programme/Apps deinstallieren:
__________________ Logfiles bitte immer in CODE-Tags posten |
28.10.2024, 23:22 | #6 |
| Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab AVG Update Helper nicht separat gefunden. Winrar 5.71 habe ich nicht gefunden, habe Winrar 7.01. Der Rest ist deinstalliert! |
28.10.2024, 23:26 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ Logfiles bitte immer in CODE-Tags posten |
28.10.2024, 23:34 | #8 |
| Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab Ich habe dieses Programm schon heute runtergeladen. Einzige Logdatei die anders aussieht kommt danach Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.4.2.0 # ------------------------------- # Build: 03-04-2024 # Database: 2024-10-23.4 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 10-28-2024 # Duration: 00:00:04 # OS: Windows 10 (Build 19045.5011) # Scanned: 32101 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. AdwCleaner[S00].txt - [2314 octets] - [28/10/2024 01:18:23] AdwCleaner[C00].txt - [2295 octets] - [28/10/2024 01:18:39] AdwCleaner[S01].txt - [1542 octets] - [28/10/2024 01:19:30] AdwCleaner[C01].txt - [1732 octets] - [28/10/2024 01:20:14] AdwCleaner[S02].txt - [1664 octets] - [28/10/2024 15:05:08] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ########## Code:
ATTFilter # ------------------------------- # Malwarebytes AdwCleaner 8.4.2.0 # ------------------------------- # Build: 03-04-2024 # Database: 2024-10-23.4 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 10-28-2024 # Duration: 00:00:03 # OS: Windows 10 (Build 19045.5011) # Scanned: 32098 # Detected: 11 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Optional.AdvancedSystemRepairPro C:\ProgramData\TSR7Settings PUP.Optional.DownloadAssistant C:\Program Files (x86)\Assistant PUP.Optional.Spigot.Generic C:\Users\Stefan\AppData\Local\Temp\VideoConverter ***** [ Files ] ***** PUP.Optional.GoodGame C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GOODGAME.LNK PUP.Optional.StartFenster C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster Symbol.lnk ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy HKCU\Software\WebDiscoverBrowser PUP.Optional.ReviverSoft HKLM\Software\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80} PUP.Optional.ReviverSoft HKLM\Software\Wow6432Node\\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80} PUP.Optional.StartFenster HKCU\SOFTWARE\AM|GoodGame PUP.Optional.StartFenster HKCU\SOFTWARE\AM|Startfenster-Replace PUP.Optional.StartFenster HKCU\Software\AM|Startfenster Symbol ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## |
28.10.2024, 23:40 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab Dann bitte jetzt neue FRST-Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
28.10.2024, 23:49 | #10 |
| Opera öffnet immer beim Start und permant regelmässig danach einen Youtube TabCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024 durchgeführt von Stefan (Administrator) auf MORTLACH (Gigabyte Technology Co., Ltd. Z690 UD DDR4) (28-10-2024 23:45:47) Gestartet von C:\Users\Stefan\Desktop\FRST64.exe Geladene Profile: Stefan Plattform: Microsoft Windows 10 Pro Version 22H2 19045.5011 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: "C:\Program Files (x86)\opera.exe" -noautoupdate -- "%1" Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe ->) (Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe (C:\Program Files (x86)\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files (x86)\114.0.5282.102\opera_crashreporter.exe (C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5> (C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe (C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe (C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE ->) (Malwarebytes Inc. -> Malwarebytes) C:\Instmp\adwcleaner.exe (C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EACefSubProcess.exe <5> (C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Users\Stefan\AppData\Local\0install.net\implementations\sha256new_Q5IVZER5HHKQYEWU34M6YG4H62HOEOYT22UMUMWKLE4NDQYYQK7Q\DeepL.exe ->) (DeepL SE -> The CefSharp Authors) C:\Users\Stefan\AppData\Local\0install.net\implementations\sha256new_NX54BP3MSRHNDMB5N5YOFJZWO5QE5I5W7JTPGB4XC7MEJNSXCC3A\CefSharp.BrowserSubprocess.exe <5> (DeepL SE -> DeepL SE) C:\Users\Stefan\AppData\Local\0install.net\implementations\sha256new_Q5IVZER5HHKQYEWU34M6YG4H62HOEOYT22UMUMWKLE4NDQYYQK7Q\DeepL.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (explorer.exe ->) () [Datei ist nicht signiert] C:\Windows\System\HsMgr64.exe (explorer.exe ->) () [Datei ist nicht signiert] C:\Windows\SysWOW64\HsMgr.exe (explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files (x86)\opera.exe <27> (explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe (explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\Stefan\AppData\Local\Programs\signal-desktop\Signal.exe <5> (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe (services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe (services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (services.exe ->) (Geek Software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2> (services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe (services.exe ->) (Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe <2> (services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [mylbx] => C:\Program Files\My Lockbox\mylbx.exe [3096800 2020-05-12] (FSPro Labs -> FSPro Labs) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe [3450728 2022-02-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd [13463552 2014-03-11] (C-Media Corporation) [Datei ist nicht signiert] HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] () [Datei ist nicht signiert] HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] () [Datei ist nicht signiert] HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [645976 2024-06-06] (Geek Software GmbH -> geek software GmbH) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech, Inc. -> Logitech Inc.) HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-12-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597064 2024-10-03] (Razer USA Ltd. -> Razer Inc.) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46150912 2024-07-07] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\Stefan\AppData\Local\Programs\signal-desktop\Signal.exe [151940472 2022-10-06] (Signal Messenger, LLC -> Signal Messenger, LLC) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36717544 2024-07-28] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\assistant\browser_assistant.exe (Keine Datei) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [Plex Media Server] => C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe [30160152 2024-09-11] (Plex, Inc. -> Plex, Inc.) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3395680 2024-10-26] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\RunOnce: [zoommsirepair] => C:\Program Files\Zoom\bin\installer.exe [1097016 2024-10-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\MountPoints2: {1d458077-9dc4-11eb-ac9c-40e2303c4e6a} - "J:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\MountPoints2: {3a9d5e0a-9bdb-11ec-ad48-40e2303c4e6a} - "J:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\MountPoints2: {91d6a08c-0f18-11eb-abf5-40e2303c4e6a} - "J:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\MountPoints2: {94c82947-3204-11ec-acee-40e2303c4e6a} - "J:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> none HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597064 2024-10-03] (Razer USA Ltd. -> Razer Inc.) HKLM\...\Print\Monitors\CPCA Language Monitor3: C:\Windows\system32\CNAS0MMK.DLL [66048 2007-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Canon Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2023-05-01] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Startup: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2022-06-25] ShortcutTarget: DeepL auto-start.lnk -> C:\Users\Stefan\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [Datei ist nicht signiert] BootExecute: autocheck autochk * icarus_rvrt.exe GroupPolicy: Beschränkung ? <==== ACHTUNG Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {DD4FA529-112C-427F-AF9E-650F2B24A5C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.) Task: {DB6E0E84-B934-4AE8-BC0A-CF13DE8161ED} - System32\Tasks\G2MUpdateTask-S-1-5-21-1417265821-4116366667-1805509851-1001 => C:\Users\Stefan\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-05-04] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {341AC099-D3FD-467D-B0EE-165D5B7440F6} - System32\Tasks\G2MUploadTask-S-1-5-21-1417265821-4116366667-1805509851-1001 => C:\Users\Stefan\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-05-04] (LogMeIn, Inc. -> LogMeIn, Inc.) Task: {467532C2-5A80-4395-BCB3-CE1D9FC003F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28616920 2024-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {E801750E-D0AD-49C9-BE9C-4DE17C7D9B22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28616920 2024-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {CE181B5A-C622-4F7C-BACA-A46C5F2353E9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {6839C6F3-4D9E-4944-88FD-4D7767B174DD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {92768F3F-BA90-4E22-9F20-5011B7AA47D9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187328 2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {7E7CCEC6-FBBF-490E-87C5-B20A5AF73B59} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => C:\WINDOWS\system32\clipesu.exe [221680 2024-10-13] (Microsoft Windows -> Microsoft Corporation) Task: {45FC2E00-9F98-4FC4-B88E-68AB4CF30110} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {85880FFC-6CB8-4F46-958F-7A3811248A30} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4D7DE4E5-9F39-4FE3-9F35-1F116E5400AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FFB4FF70-887B-4D91-BF99-3008362582A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {969D1247-7D4A-452C-93A5-7DA80728D0B3} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1417265821-4116366667-1805509851-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672320 2024-10-13] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen). Task: {1264B0AF-B9D0-4733-A1BD-8896952A6D73} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-10-13] (Mozilla Corporation -> Mozilla Foundation) Task: {8923A2E2-61A0-4E74-BDEA-6ED4991991AD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {DDC50AD7-D800-42C1-9DC7-A7CC10FB15DB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5769DB82-89A1-4F41-B577-E8CF15B5613C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {B0E643B6-5082-4CFE-8C07-00A37CA4B0CF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C8305152-A65C-4026-9C1B-0FBAFB2ED624} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D4ED486C-903F-441A-AAF3-6667B9A7FFB8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {225F0683-208D-45EC-A88E-F78649852EBC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F0A142AE-A7B0-434B-85AD-1820E37477C9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {538C8BEB-028D-458C-9C93-1543EEE563E1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E7353F6C-3BA7-4ED0-9A20-2DC92872F34F} - System32\Tasks\Opera scheduled assistant Autoupdate 1571862036 => C:\Program Files (x86)\launcher.exe [1573784 2024-10-16] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\assistant" $(Arg0) <==== ACHTUNG Task: {D904D35E-2D39-42C5-B80A-ED48CA22F1C5} - System32\Tasks\Opera scheduled Autoupdate 1571862031 => C:\Program Files (x86)\autoupdate\opera_autoupdate.exe [5812120 2024-10-15] (Opera Norway AS -> Opera Software) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1417265821-4116366667-1805509851-1001.job => C:\Users\Stefan\AppData\Local\GoToMeeting\19992\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1417265821-4116366667-1805509851-1001.job => C:\Users\Stefan\AppData\Local\GoToMeeting\19992\g2mupload.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\2416A796E67616: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\2416A796E67616: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\2416A796E676160223C243: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\2416A796E676160223C243: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\2416A796E67616250253: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\2416A796E67616250253: [DhcpDomain] fritz.box Tcpip\..\Interfaces\{79feb23f-8dba-4c55-a0aa-e203c0aa6b2b}\4556C656B6F6D6F564F4E4: [DhcpNameServer] 172.17.2.1 172.17.2.1 Tcpip\..\Interfaces\{be2a2620-b371-4071-a3de-afabb476273d}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{be2a2620-b371-4071-a3de-afabb476273d}: [DhcpDomain] fritz.box Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Stefan\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-25] Edge DownloadDir: Default -> C:\Instmp Edge HomePage: Default -> hxxp://www.google.de/ Edge StartupUrls: Default -> "hxxp://www.google.de/" Edge Extension: (Google Docs Offline) - C:\Users\Stefan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-16] Edge Extension: (Edge relevant text changes) - C:\Users\Stefan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] FireFox: ======== FF DefaultProfile: 5ec49cvs.default FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\5ec49cvs.default [2024-10-28] FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\2jz0owql.default-release [2024-10-28] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation) Opera: ======= OPR DefaultProfile: Default StartMenuInternet: (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001) OperaStable - "C:\Program Files (x86)\opera.exe" ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2017-06-21] (ASUSTeK Computer Inc. -> ) [Datei ist nicht signiert] R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15689512 2024-03-02] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861072 2024-10-20] (Microsoft Corporation -> Microsoft Corporation) R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421928 2020-12-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [80936 2020-12-29] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [18735712 2024-10-26] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-03-12] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2024-03-02] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [347408 2022-11-28] (Underwriters Laboratories Inc. -> Futuremark) S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel(R) Corporation) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11071232 2024-07-07] (Logitech Inc -> Logitech, Inc.) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation) R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [Datei ist nicht signiert] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\Display.NvContainer\NVDisplay.Container.exe [1275024 2024-10-16] (NVIDIA Corporation -> NVIDIA Corporation) R2 PDF24; C:\Program Files\PDF24\pdf24.exe [645976 2024-06-06] (Geek Software GmbH -> geek software GmbH) R2 PlexUpdateService; C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe [911136 2024-09-11] (Plex, Inc. -> Plex, Inc.) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc) R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298248 2024-10-03] (Razer USA Ltd. -> Razer Inc.) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2024-05-15] (Razer USA Ltd. -> Razer Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530488 2024-09-11] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\Stefan\AppData\Roaming\Zoom" R2 GigabyteUpdateService; %SystemRoot%\system32\GigabyteUpdateService.exe 2\C:\Windows\system32\ [X] ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-13] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2019-10-27] (AVM Computersysteme Vertriebs GmbH -> AVM Berlin) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-09-10] (Microsoft Corporation) [Datei ist nicht signiert] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert] S3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-MEDIA ELECTRONICS INC. -> C-Media Inc) S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R0 FSProFilter2; C:\WINDOWS\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (Alfa System Programming -> FSPro Labs) R3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [52016 2024-03-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_774a66f35d00ad3d\iaLPSS2_GPIO2_ADL.sys [140960 2022-06-22] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_1ebed6f33a1c1014\iaLPSS2_I2C_ADL.sys [210600 2022-06-22] (Intel Corporation -> Intel Corporation) R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-22] (Logitech Inc -> Logitech) R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-22] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-22] (Logitech Inc -> Logitech) S3 MpKsl1514f4a8; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [211208 2023-04-17] (Microsoft Windows -> Microsoft Corporation) R3 MpKsl21c7a226; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B2449442-CBFF-44F0-AE90-6CD71499315C}\MpKslDrv.sys [267552 2024-10-28] (Microsoft Windows -> Microsoft Corporation) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group) R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc) R3 RzDev_007a; C:\WINDOWS\System32\drivers\RzDev_007a.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) R3 RzDev_007e; C:\WINDOWS\System32\drivers\RzDev_007e.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-09-18] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602392 2024-09-18] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-18] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2024-10-28 23:24 - 2024-10-28 23:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-10-28 23:24 - 2024-10-28 23:24 - 000001994 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk 2024-10-28 23:24 - 2024-10-28 23:24 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-10-28 23:24 - 2024-10-28 23:24 - 000000953 _____ C:\Users\Public\Desktop\Firefox.lnk 2024-10-28 23:24 - 2024-10-28 23:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2024-10-28 23:24 - 2024-10-28 23:24 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Mozilla 2024-10-28 23:24 - 2024-10-28 23:24 - 000000000 ____D C:\Users\Stefan\AppData\Local\Mozilla 2024-10-28 23:24 - 2024-10-28 23:24 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-10-28 23:24 - 2024-10-28 23:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-10-28 23:12 - 2024-10-28 23:12 - 000000000 ____D C:\ProgramData\Oracle 2024-10-28 20:11 - 2024-10-28 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2024-10-28 20:10 - 2024-10-28 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom 2024-10-28 20:10 - 2024-10-28 20:10 - 000000000 ____D C:\Program Files\Zoom 2024-10-28 20:10 - 2024-10-28 20:10 - 000000000 ____D C:\Program Files\Temp 2024-10-28 20:10 - 2024-10-28 20:10 - 000000000 ____D C:\Program Files\Common Files\Zoom 2024-10-28 20:09 - 2024-10-28 20:09 - 000000876 _____ C:\Users\Public\Desktop\VLC media player.lnk 2024-10-28 18:15 - 2024-10-28 18:15 - 000000000 ___HD C:\$AV_AVG 2024-10-28 17:22 - 2024-10-28 17:22 - 000000000 ____D C:\WINDOWS\LastGood 2024-10-28 17:21 - 2024-10-15 20:04 - 000125048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2024-10-28 17:20 - 2024-10-16 09:00 - 002060648 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2024-10-28 17:20 - 2024-10-16 09:00 - 002060648 _____ C:\WINDOWS\system32\vulkaninfo.exe 2024-10-28 17:20 - 2024-10-16 09:00 - 001600360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2024-10-28 17:20 - 2024-10-16 09:00 - 001600360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2024-10-28 17:20 - 2024-10-16 08:59 - 001452400 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2024-10-28 17:20 - 2024-10-16 08:59 - 001452400 _____ C:\WINDOWS\system32\vulkan-1.dll 2024-10-28 17:20 - 2024-10-16 08:59 - 001301864 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2024-10-28 17:20 - 2024-10-16 08:59 - 001301864 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2024-10-28 17:20 - 2024-10-16 08:59 - 000477816 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2024-10-28 17:20 - 2024-10-16 08:59 - 000374944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2024-10-28 17:20 - 2024-10-16 08:56 - 001554568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2024-10-28 17:20 - 2024-10-16 08:56 - 001208952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2024-10-28 17:20 - 2024-10-16 08:56 - 001114752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2024-10-28 17:20 - 2024-10-16 08:56 - 000863904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2024-10-28 17:20 - 2024-10-16 08:56 - 000670360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2024-10-28 17:20 - 2024-10-16 08:56 - 000505488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2024-10-28 17:20 - 2024-10-16 08:55 - 025450104 _____ C:\WINDOWS\system32\nvidia-pcc.exe 2024-10-28 17:20 - 2024-10-16 08:55 - 002185344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2024-10-28 17:20 - 2024-10-16 08:55 - 001634944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2024-10-28 17:20 - 2024-10-16 08:55 - 001042048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2024-10-28 17:20 - 2024-10-16 08:55 - 000800888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2024-10-28 17:20 - 2024-10-16 08:55 - 000461944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2024-10-28 17:20 - 2024-10-16 08:54 - 017736824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2024-10-28 17:20 - 2024-10-16 08:54 - 016811128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2024-10-28 17:20 - 2024-10-16 08:54 - 006953120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2024-10-28 17:20 - 2024-10-16 08:54 - 005910168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2024-10-28 17:20 - 2024-10-16 08:54 - 005435024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2024-10-28 17:20 - 2024-10-16 08:54 - 003807384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2024-10-28 17:20 - 2024-10-16 08:54 - 000853112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2024-10-28 17:20 - 2024-10-16 08:53 - 007159112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2024-10-28 17:20 - 2024-10-16 08:53 - 006236256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2024-10-28 17:20 - 2024-10-15 20:04 - 000132701 _____ C:\WINDOWS\system32\nvinfo.pb 2024-10-28 17:19 - 2024-03-26 20:11 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2024-10-28 17:19 - 2024-03-26 18:21 - 000060240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2024-10-28 15:31 - 2024-10-28 23:46 - 000037043 _____ C:\Users\Stefan\Desktop\FRST.txt 2024-10-28 15:31 - 2024-10-28 15:32 - 000071224 _____ C:\Users\Stefan\Desktop\Addition.txt 2024-10-28 15:30 - 2024-10-28 23:45 - 000000000 ____D C:\FRST 2024-10-28 15:28 - 2024-10-28 15:28 - 002397696 _____ (Farbar) C:\Users\Stefan\Desktop\FRST64.exe 2024-10-28 15:21 - 2024-10-28 15:23 - 000552666 _____ C:\WINDOWS\ntbtlog.txt 2024-10-28 15:21 - 2024-10-28 15:21 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2024-10-28 01:37 - 2024-10-28 01:37 - 000001039 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2024-10-28 01:37 - 2024-10-28 01:37 - 000000000 ____D C:\Users\Stefan\AppData\Local\VS Revo Group 2024-10-28 01:37 - 2024-10-28 01:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2024-10-28 01:37 - 2024-10-28 01:37 - 000000000 ____D C:\Program Files\VS Revo Group 2024-10-28 01:18 - 2024-10-28 01:18 - 000000000 ____D C:\AdwCleaner 2024-10-28 01:10 - 2024-10-28 01:11 - 127789144 _____ (Opera Software) C:\Users\Stefan\Downloads\Opera_114.0.5282.115_Setup_x64.exe 2024-10-27 20:07 - 2024-10-28 23:14 - 000000000 ____D C:\Program Files\AVG 2024-10-27 20:07 - 2024-10-28 23:13 - 000000000 ____D C:\ProgramData\AVG 2024-10-27 20:07 - 2024-10-27 20:07 - 000050976 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe 2024-10-27 20:07 - 2024-10-27 20:07 - 000000000 ____D C:\Program Files\Common Files\AVG 2024-10-16 12:45 - 2024-10-16 12:45 - 000000000 ____D C:\Program Files (x86)\old_status 2024-10-16 12:45 - 2024-10-16 12:45 - 000000000 ____D C:\Program Files (x86)\114.0.5282.102 2024-10-13 15:20 - 2024-10-13 15:20 - 000000000 ___HD C:\$WinREAgent 2024-10-13 15:07 - 2024-10-13 15:07 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-10-13 15:04 - 2024-09-16 00:24 - 000131656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\SET5788.tmp 2024-10-13 15:04 - 2024-09-16 00:22 - 007133144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\SET40ED.tmp 2024-10-13 15:02 - 2024-10-13 15:02 - 000000000 ____D C:\Program Files (x86)\114.0.5282.94 2024-09-30 22:24 - 2024-09-30 22:24 - 000000000 ____D C:\Users\Stefan\AppData\LocalLow\Sun ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2024-10-28 23:44 - 2019-10-23 21:19 - 000000000 ___RD C:\Instmp 2024-10-28 23:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-10-28 23:20 - 2021-12-18 00:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-10-28 23:20 - 2020-11-25 00:43 - 000000000 ____D C:\Users\Stefan\AppData\Local\Google 2024-10-28 23:20 - 2020-11-25 00:43 - 000000000 ____D C:\Program Files (x86)\Google 2024-10-28 23:16 - 2019-10-24 10:17 - 000000000 ____D C:\Program Files (x86)\JDownloader 2024-10-28 23:15 - 2019-11-21 10:28 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\IrfanView 2024-10-28 23:11 - 2020-08-18 00:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-10-28 22:53 - 2024-09-25 12:27 - 000000000 ____D C:\Users\Stefan\AppData\Local\JDownloader 2.0 2024-10-28 22:53 - 2019-10-24 10:18 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2024-10-28 22:38 - 2019-10-23 21:53 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2024-10-28 20:11 - 2024-01-07 02:05 - 000000000 ____D C:\Program Files\7-Zip 2024-10-28 20:11 - 2019-10-23 21:31 - 000000000 ____D C:\ProgramData\Package Cache 2024-10-28 20:10 - 2020-12-11 19:51 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Zoom 2024-10-28 20:08 - 2019-10-24 10:25 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2024-10-28 20:08 - 2019-10-24 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2024-10-28 20:08 - 2019-10-24 10:25 - 000000000 ____D C:\Program Files\WinRAR 2024-10-28 18:40 - 2019-10-23 22:41 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\vlc 2024-10-28 17:23 - 2020-08-18 00:51 - 001733380 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-10-28 17:23 - 2019-12-07 15:51 - 000747390 _____ C:\WINDOWS\system32\perfh007.dat 2024-10-28 17:23 - 2019-12-07 15:51 - 000151256 _____ C:\WINDOWS\system32\perfc007.dat 2024-10-28 17:23 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2024-10-28 17:22 - 2020-03-11 10:12 - 000000000 ____D C:\Users\Stefan\AppData\Local\NVIDIA 2024-10-28 17:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-10-28 17:22 - 2019-10-23 21:22 - 000000000 ____D C:\ProgramData\NVIDIA 2024-10-28 17:19 - 2020-08-18 00:54 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2024-10-28 17:19 - 2020-08-18 00:54 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2024-10-28 17:19 - 2020-08-18 00:54 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2024-10-28 17:19 - 2020-08-18 00:54 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2024-10-28 17:19 - 2020-08-18 00:54 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2024-10-28 17:19 - 2020-08-18 00:54 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2024-10-28 17:19 - 2020-08-18 00:54 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2024-10-28 17:19 - 2020-08-18 00:54 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2024-10-28 17:19 - 2020-08-18 00:54 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2024-10-28 17:19 - 2019-10-23 21:22 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2024-10-28 17:19 - 2019-10-23 21:22 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2024-10-28 17:19 - 2019-10-23 21:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2024-10-28 15:34 - 2022-11-03 13:48 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Signal 2024-10-28 15:24 - 2023-11-01 20:28 - 000108792 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteDownloadAssistant.exe 2024-10-28 15:24 - 2023-11-01 20:27 - 001209144 _____ C:\WINDOWS\system32\wpbbin.exe 2024-10-28 15:24 - 2023-11-01 20:27 - 001181432 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\system32\GigabyteUpdateService.exe 2024-10-28 15:24 - 2022-01-27 01:34 - 000000000 ____D C:\Users\Stefan\AppData\Local\LGHUB 2024-10-28 15:24 - 2020-08-18 00:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-10-28 15:24 - 2020-08-18 00:47 - 000008192 ___SH C:\DumpStack.log.tmp 2024-10-28 15:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2024-10-28 15:23 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2024-10-28 15:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-10-28 01:13 - 2019-10-26 22:57 - 000000000 ____D C:\Users\Stefan\AppData\Local\CrashDumps 2024-10-27 20:10 - 2019-10-24 11:15 - 000000000 ____D C:\Users\Stefan\AppData\Local\D3DSCache 2024-10-27 20:07 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-10-27 01:41 - 2019-10-26 21:50 - 000000000 ____D C:\Program Files (x86)\Steam 2024-10-26 16:01 - 2021-12-12 21:01 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1417265821-4116366667-1805509851-1001 2024-10-26 16:01 - 2020-08-18 00:54 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1417265821-4116366667-1805509851-1001 2024-10-26 16:01 - 2020-08-18 00:06 - 000002402 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-10-26 15:59 - 2020-07-04 10:16 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-10-26 15:58 - 2024-07-28 14:35 - 000000000 ____D C:\ProgramData\EA Desktop 2024-10-24 23:15 - 2020-08-18 00:54 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2024-10-24 11:09 - 2019-10-23 21:12 - 000000000 ____D C:\Users\Stefan\AppData\Local\Packages 2024-10-20 14:17 - 2019-12-11 19:52 - 000000000 ____D C:\Program Files\Microsoft Office 2024-10-20 14:17 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-10-19 17:33 - 2019-10-26 21:18 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\dvdcss 2024-10-18 11:36 - 2022-01-04 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2024-10-18 01:01 - 2020-08-18 00:47 - 000441816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-10-18 01:00 - 2019-12-07 15:52 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2024-10-18 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-10-18 00:09 - 2023-05-25 13:01 - 000000000 ____D C:\Program Files\RUXIM 2024-10-16 12:49 - 2024-03-15 12:17 - 000000000 ____D C:\Program Files (x86)\autoupdate 2024-10-16 12:45 - 2024-02-15 20:30 - 000001120 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk 2024-10-16 12:45 - 2021-09-23 13:39 - 001573784 _____ (Opera Software) C:\Program Files (x86)\opera.exe 2024-10-16 12:45 - 2021-09-23 13:39 - 001573784 _____ (Opera Software) C:\Program Files (x86)\launcher.exe 2024-10-16 12:45 - 2020-08-18 00:54 - 000004214 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1571862031 2024-10-16 12:45 - 2019-10-23 21:20 - 000013104 _____ C:\Program Files (x86)\installation_status.json 2024-10-16 12:45 - 2019-10-23 21:20 - 000000897 _____ C:\Program Files (x86)\installer_prefs.json.backup 2024-10-16 12:45 - 2019-10-23 21:20 - 000000897 _____ C:\Program Files (x86)\installer_prefs.json 2024-10-16 12:45 - 2019-10-23 21:20 - 000000057 _____ C:\Program Files (x86)\pref_default_overrides 2024-10-16 12:45 - 2019-10-23 21:20 - 000000000 ____D C:\Program Files (x86)\Assets 2024-10-13 15:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-10-13 15:22 - 2020-08-18 00:53 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-10-13 15:20 - 2019-10-26 23:41 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-10-13 15:19 - 2019-10-26 23:40 - 201324920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-10-13 15:06 - 2023-04-20 21:47 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-10-13 15:04 - 2019-10-23 21:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2024-10-13 15:02 - 2020-08-18 00:54 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-10-13 15:02 - 2020-08-18 00:54 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-10-02 21:24 - 2024-09-25 12:25 - 000000000 ____D C:\Users\Stefan\AppData\Local\Adaware 2024-10-01 22:28 - 2019-10-23 22:45 - 000000000 ____D C:\Users\Stefan\AppData\Roaming\Microsoft\Word ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2019-10-23 21:20 - 2024-10-16 12:45 - 000013104 _____ () C:\Program Files (x86)\installation_status.json 2019-10-23 21:20 - 2024-10-16 12:45 - 000000897 _____ () C:\Program Files (x86)\installer_prefs.json 2019-10-23 21:20 - 2024-10-16 12:45 - 000000897 _____ () C:\Program Files (x86)\installer_prefs.json.backup 2021-09-23 13:39 - 2024-10-16 12:45 - 001573784 _____ (Opera Software) C:\Program Files (x86)\launcher.exe 2019-10-23 21:20 - 2024-07-15 09:02 - 000000317 _____ () C:\Program Files (x86)\launcher.visualelementsmanifest.xml 2021-09-23 13:39 - 2024-10-16 12:45 - 001573784 _____ (Opera Software) C:\Program Files (x86)\opera.exe 2023-10-17 11:26 - 2024-07-15 09:02 - 000000317 _____ () C:\Program Files (x86)\opera.visualelementsmanifest.xml 2019-10-23 21:20 - 2024-10-16 12:45 - 000000057 _____ () C:\Program Files (x86)\pref_default_overrides 2019-10-23 21:20 - 2024-07-15 09:02 - 000003072 _____ () C:\Program Files (x86)\Resources.pri 2019-10-23 21:20 - 2019-10-23 21:20 - 000001048 _____ () C:\Program Files (x86)\server_tracking_data 2020-01-11 16:13 - 2023-12-04 13:41 - 000004608 _____ () C:\Users\Stefan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
28.10.2024, 23:59 | #11 |
| Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab OK Zwei Dinge. Ich habe nach den Deinstallationen nicht neu gestartet! Problem? Ich habe in Programme zwei versionen von JDownloader, eine lies sich deinstallieren, die andere nicht mit Fehlermeldung. Java Runtime Exception und lange verwirrende Meldung Logfile Code:
ATTFilter Exception: java.lang.RuntimeException: java.lang.NoClassDefFoundError: org/appwork/updatesys/client/ModuleProgress at com.install4j.runtime.installer.frontend.GUIHelper.invokeOnEDT(Unknown Source) at com.install4j.runtime.installer.config.AbstractBeanConfig.finishBatch(Unknown Source) at com.install4j.runtime.installer.ContextImpl.registerScreens(Unknown Source) at com.install4j.runtime.installer.controller.Controller.start(Unknown Source) at com.install4j.runtime.installer.Uninstaller.runInProcess(Unknown Source) at com.install4j.runtime.installer.Uninstaller.main(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at com.exe4j.runtime.LauncherEngine.launch(Unknown Source) at com.exe4j.runtime.WinLauncher.main(Unknown Source) at com.install4j.runtime.launcher.WinLauncher.main(Unknown Source) Caused by: java.lang.NoClassDefFoundError: org/appwork/updatesys/client/ModuleProgress at java.lang.Class.getDeclaredMethods0(Native Method) at java.lang.Class.privateGetDeclaredMethods(Unknown Source) at java.lang.Class.privateGetPublicMethods(Unknown Source) at java.lang.Class.getMethods(Unknown Source) at com.sun.beans.finder.MethodFinder$1.create(Unknown Source) at com.sun.beans.finder.MethodFinder$1.create(Unknown Source) at com.sun.beans.util.Cache.get(Unknown Source) at com.sun.beans.finder.MethodFinder.findMethod(Unknown Source) at java.beans.Statement.getMethod(Unknown Source) at java.beans.Statement.invokeInternal(Unknown Source) at java.beans.Statement.access$000(Unknown Source) at java.beans.Statement$2.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.beans.Statement.invoke(Unknown Source) at java.beans.Expression.getValue(Unknown Source) at com.sun.beans.decoder.ObjectElementHandler.getValueObject(Unknown Source) at com.sun.beans.decoder.NewElementHandler.getValueObject(Unknown Source) at com.sun.beans.decoder.ElementHandler.getContextBean(Unknown Source) at com.sun.beans.decoder.NewElementHandler.getContextBean(Unknown Source) at com.sun.beans.decoder.ObjectElementHandler.getValueObject(Unknown Source) at com.sun.beans.decoder.NewElementHandler.getValueObject(Unknown Source) at com.sun.beans.decoder.ElementHandler.endElement(Unknown Source) at com.sun.beans.decoder.DocumentHandler.endElement(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.endElement(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanEndElement(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(Unknown Source) at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source) at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl.parse(Unknown Source) at com.sun.beans.decoder.DocumentHandler$1.run(Unknown Source) at com.sun.beans.decoder.DocumentHandler$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) at com.sun.beans.decoder.DocumentHandler.parse(Unknown Source) at java.beans.XMLDecoder$1.run(Unknown Source) at java.beans.XMLDecoder$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.beans.XMLDecoder.parsingComplete(Unknown Source) at java.beans.XMLDecoder.readObject(Unknown Source) at com.install4j.runtime.installer.config.AbstractBeanConfig$2.invoke(Unknown Source) at com.install4j.runtime.installer.frontend.GUIHelper$3.run(Unknown Source) at java.awt.event.InvocationEvent.dispatch(Unknown Source) at java.awt.EventQueue.dispatchEventImpl(Unknown Source) at java.awt.EventQueue.access$500(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue.dispatchEvent(Unknown Source) at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source) at java.awt.EventDispatchThread.pumpEvents(Unknown Source) at java.awt.EventDispatchThread.pumpEvents(Unknown Source) at java.awt.EventDispatchThread.run(Unknown Source) Caused by: java.lang.ClassNotFoundException: org.appwork.updatesys.client.ModuleProgress at java.net.URLClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) ... 60 more System properties: java.runtime.name=Java(TM) SE Runtime Environment exe4j.moduleName=C:\Program Files (x86)\JDownloader\Uninstall JDownloader.exe exe4j.processCommFile=C:\Users\Stefan\AppData\Local\Temp\e4j_p15160.tmp exe4j.semaphoreName=Local\c:_program_files_(x86)_jdownloader_uninstall_jdownloader.exe sun.boot.library.path=c:\program files (x86)\jdownloader\jre\bin java.vm.version=25.40-b25 java.vm.vendor=Oracle Corporation java.vendor.url=hxxp://java.oracle.com/ exe4j.consoleCodepage=cp0 path.separator=; java.vm.name=Java HotSpot(TM) 64-Bit Server VM file.encoding.pkg=sun.io user.country=DE user.script= sun.os.patch.level= install4j.exeDir=C:\Program Files (x86)\JDownloader\ java.vm.specification.name=Java Virtual Machine Specification user.dir=C:\Program Files (x86) java.runtime.version=1.8.0_40-b25 java.awt.graphicsenv=sun.awt.Win32GraphicsEnvironment java.endorsed.dirs=c:\program files (x86)\jdownloader\jre\lib\endorsed os.arch=amd64 java.io.tmpdir=C:\Users\Stefan\AppData\Local\Temp\ line.separator= java.vm.specification.vendor=Oracle Corporation user.variant= exe4j.tempDir= os.name=Windows 8 sun.jnu.encoding=Cp1252 java.library.path=C:\Program Files (x86)\JDownloader\.\.install4j;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Stefan\AppData\Local\Microsoft\WindowsApps;C:\Users\Stefan\AppData\Roaming\Programs\Zero Install;c:\program files (x86)\jdownloader\jre\bin sun.awt.enableExtraMouseButtons=true java.specification.name=Java Platform API Specification java.class.version=52.0 sun.management.compiler=HotSpot 64-Bit Tiered Compilers exe4j.isInstall4j=true os.version=6.2 user.home=C:\Users\Stefan user.timezone=Europe/Berlin java.awt.printerjob=sun.awt.windows.WPrinterJob file.encoding=Cp1252 java.specification.version=1.8 java.class.path=C:\Program Files (x86)\JDownloader\.install4j\i4jruntime.jar;C:\Program Files (x86)\JDownloader\.\.install4j\user.jar;C:\Program Files (x86)\JDownloader\.\.install4j\user\proxyVole.jar;;C:\Program Files (x86)\JDownloader\jre\lib\deploy.jar;C:\Program Files (x86)\JDownloader\jre\lib\plugin.jar;C:\Program Files (x86)\JDownloader\JDownloader.jar user.name=Stefan java.vm.specification.version=1.8 sun.java.command=C:\Program Files (x86)\JDownloader\Uninstall JDownloader.exe java.home=c:\program files (x86)\jdownloader\jre sun.arch.data.model=64 exe4j.launchName=C:\Program Files (x86)\JDownloader\Uninstall JDownloader.exe user.language=de java.specification.vendor=Oracle Corporation awt.toolkit=sun.awt.windows.WToolkit java.vm.info=mixed mode exe4j.unextractedPosition=0 java.version=1.8.0_40 java.ext.dirs=c:\program files (x86)\jdownloader\jre\lib\ext;C:\WINDOWS\Sun\Java\lib\ext sun.boot.class.path=c:\program files (x86)\jdownloader\jre\lib\resources.jar;c:\program files (x86)\jdownloader\jre\lib\rt.jar;c:\program files (x86)\jdownloader\jre\lib\sunrsasign.jar;c:\program files (x86)\jdownloader\jre\lib\jsse.jar;c:\program files (x86)\jdownloader\jre\lib\jce.jar;c:\program files (x86)\jdownloader\jre\lib\charsets.jar;c:\program files (x86)\jdownloader\jre\lib\jfr.jar;c:\program files (x86)\jdownloader\jre\classes install4j.appDir=C:\Program Files (x86)\JDownloader\ java.vendor=Oracle Corporation file.separator=\ java.vendor.url.bug=hxxp://bugreport.sun.com/bugreport/ sun.io.unicode.encoding=UnicodeLittle sun.cpu.endian=little install4j.systemLanguage=de sun.desktop=windows sun.cpu.isalist=amd64 Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-09-2024 durchgeführt von Stefan (28-10-2024 23:46:31) Gestartet von C:\Users\Stefan\Desktop Microsoft Windows 10 Pro Version 22H2 19045.5011 (X64) (2020-08-17 23:54:06) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-1417265821-4116366667-1805509851-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1417265821-4116366667-1805509851-503 - Limited - Disabled) Gast (S-1-5-21-1417265821-4116366667-1805509851-501 - Limited - Disabled) Stefan (S-1-5-21-1417265821-4116366667-1805509851-1001 - Administrator - Enabled) => C:\Users\Stefan WDAGUtilityAccount (S-1-5-21-1417265821-4116366667-1805509851-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 24.08 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2408-000001000000}) (Version: 24.08.00.0 - Igor Pavlov) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 24.003.20180 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Anno 1404 - History Edition (HKLM-x32\...\Uplay Install 16232) (Version: - Ubisoft) ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft) Anno 1404 Gold Edition Version 1.03 (HKLM-x32\...\{52057027-985F-4455-9D84-46D3D99AB138}_is1) (Version: 1.03 - UBISoft) Anno 1800 (HKLM-x32\...\Uplay Install 4553) (Version: - Ubisoft) APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.24.0315.1 - Gigabyte) Hidden APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.24.0315.1 - Gigabyte) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 - Asmedia Technology) ASUS Xonar DGX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version: - ASUSTeK Computer Inc.) AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1693.6 - AVG Technologies) Hidden Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.34.223.5 - Broadcom Corporation) Call of Duty Modern Warfare Remastered MULTi2 1.0 (HKLM-x32\...\Call of Duty Modern Warfare Remastered MULTi2 1.0) (Version: - ) CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden Canon MF Toolbox 4.9.1.1.mf18 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf18 - CANON INC.) Canon MF4320-4350 (HKLM\...\{99A5569D-9F86-4f32-A227-1538B731DA42}) (Version: - ) CORSAIR iCUE Software (HKLM-x32\...\{10730A22-FBFF-43C4-92EA-1583832711B4}) (Version: 3.37.140 - Corsair) Corsair Plugin for Asus Aura Sync (HKLM-x32\...\{25861D65-396D-415F-B57A-E47C44C9916E}) (Version: 2.0.30 - Corsair) CPUID CPU-Z 2.09 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.09 - CPUID, Inc.) DeepL (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - ) Dynamic Application Loader Host Interface Service (HKLM\...\{5047EF99-2D0B-47B9-88D7-E78348B9CEAB}) (Version: 1.0.0.0 - Intel Corporation) Hidden EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.329.0.5842 - Electronic Arts) Hidden EA app (HKLM-x32\...\{ca963244-24a3-43c7-aaab-e80951403bd4}) (Version: 13.329.0.5842 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{9483ABD9-C772-487B-ADF8-09347CF8F2D2}) (Version: 1.3.93.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.) erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden FreeTube 0.21.2 (HKLM\...\609c326f-6a5e-5cd1-9fc0-6e966fad073f) (Version: 0.21.2 - PrestonN) Futuremark SystemInfo (HKLM-x32\...\{2AB5AED3-CF11-4476-9F73-886C4AB10BDD}) (Version: 5.56.1143.0 - Futuremark) GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.) GoToMeeting 10.20.0.19992 (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\GoToMeeting) (Version: 10.20.0.19992 - LogMeIn, Inc.) Heroes of Might and Magic 3 Complete (HKLM-x32\...\Heroes of Might and Magic 3 Complete_is1) (Version: - GOG.com) Intel(R) Chipset Device Software (HKLM\...\{3FE2DA7E-38D2-48B2-ACD4-C217EFF817D1}) (Version: 10.1.19198.8339 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{8f86005b-e8f2-4524-ace1-eb9c9be88a1a}) (Version: 10.1.19198.8339 - Intel(R) Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2233.3.26.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{5B75F912-9941-4DC6-92E8-D29BDAA3DB74}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{84D68DFE-6152-4086-9689-98176A13D8D0}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) ME UninstallLegacy (HKLM\...\{335F9123-9306-4DB0-AF07-9C636317EE9D}) (Version: 1.0.1.0 - Intel Corporation) Hidden Intel(R) ME WMI Provider (HKLM\...\{7065C5AB-83EF-4C94-920B-5C09067C6881}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Network Connections 20.1.2019.0 (HKLM\...\{3E64A1AF-7250-4BA7-A149-8EF830B3847D}) (Version: 20.1.2019.0 - Intel) Hidden Intel(R) Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel) Intel(R) Rapid Storage Technology (HKLM\...\{205AE40D-8AD7-4F29-A430-DD2168DA562D}) (Version: 14.5.0.1081 - Intel Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.5.586677 - Logitech) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.) LWS Facebook (HKLM-x32\...\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}) (Version: 13.50.854.0 - Logitech) Hidden LWS Gallery (HKLM-x32\...\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}) (Version: 13.51.827.0 - Logitech) Hidden LWS Help_main (HKLM-x32\...\{1651216E-E7AD-4250-92A1-FB8ED61391C9}) (Version: 13.51.828.0 - Logitech) Hidden LWS Launcher (HKLM-x32\...\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}) (Version: 13.51.828.0 - Logitech) Hidden LWS Motion Detection (HKLM-x32\...\{71E66D3F-A009-44AB-8784-75E2819BA4BA}) (Version: 13.51.815.0 - Logitech) Hidden LWS Pictures And Video (HKLM-x32\...\{08610298-29AE-445B-B37D-EFBE05802967}) (Version: 13.51.815.0 - Logitech) Hidden LWS Twitter (HKLM-x32\...\{174A3B31-4C43-43DD-866F-73C9DB887B48}) (Version: 13.30.1346.0 - Logitech) Hidden LWS Webcam Software (HKLM-x32\...\{8937D274-C281-42E4-8CDB-A0B2DF979189}) (Version: 13.51.815.0 - Logitech) Hidden LWS WLM Plugin (HKLM-x32\...\{9DAEA76B-E50F-4272-A595-0124E826553D}) (Version: 1.30.1201.0 - Logitech) Hidden LWS YouTube Plugin (HKLM-x32\...\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}) (Version: 13.31.1038.0 - Logitech) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 130.0.2849.56 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.89 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.18025.20160 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.18025.20160 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\OneDriveSetup.exe) (Version: 24.192.0923.0006 - Microsoft Corporation) Microsoft Project - de-de (HKLM\...\ProjectPro2019Retail - de-de) (Version: 16.0.18025.20160 - Microsoft Corporation) Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.18025.20160 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visio - de-de (HKLM\...\VisioPro2019Retail - de-de) (Version: 16.0.18025.20160 - Microsoft Corporation) Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.18025.20160 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33816 (HKLM-x32\...\{77169412-f642-45e7-b533-0c6f48de12f9}) (Version: 14.40.33816.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33816 (HKLM-x32\...\{4373d0b5-4457-4a80-bad9-029de8df097b}) (Version: 14.40.33816.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33816 (HKLM\...\{5904914B-9FC8-44C2-AE48-5C7F30A603EC}) (Version: 14.40.33816 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33816 (HKLM\...\{560D2DA4-096E-4868-B22A-DA6418FDE6FB}) (Version: 14.40.33816 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33816 (HKLM-x32\...\{0DF1D9F9-6038-4641-AB6D-13DD654758A7}) (Version: 14.40.33816 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33816 (HKLM-x32\...\{D7A66DA5-B103-45C1-A0A7-736C08E2F464}) (Version: 14.40.33816 - Microsoft Corporation) Hidden MiniTool Partition Wizard 12.7 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.7 - MiniTool Software Limited) Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 131.0.3 (x64 de)) (Version: 131.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 131.0.3 - Mozilla) MSI Afterburner 4.6.5 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.5 Beta 4 - MSI Co., LTD) My Lockbox 4.3.7 (HKLM\...\My Lockbox_is1) (Version: 4.3.7 - ) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation) NVIDIA Grafiktreiber 566.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.03 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20126 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20160 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.18025.20126 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 114.0.5282.102 (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\Opera 114.0.5282.102) (Version: 114.0.5282.102 - Opera Software) PDF24 Creator 11.18.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.18.0 - geek software GmbH) Plex (HKLM-x32\...\Plex) (Version: 1.93.0 - Plex, Inc.) Plex Media Server 1.41.0.8992 (x64) (HKLM\...\{688e1d8f-188e-49cd-83ca-2669a7e3f8cc}_is1) (Version: 1.41.0.8992 - Plex, Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.1008.100321 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.56.119.2022 - Realtek) Revo Uninstaller 2.5.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.5.0 - VS Revo Group, Ltd.) RivaTuner Statistics Server 7.3.4 Beta 6 (HKLM-x32\...\RTSS) (Version: 7.3.4 Beta 6 - Unwinder) SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology) Sid Meiers Civilization VI Digital Deluxe MULTi12 - ElAmigos Version 1.0.0.216 (HKLM-x32\...\{F3E80C7D-386C-402A-8963-5EC267114571}_is1) (Version: 1.0.0.216 - 2K) Signal 5.62.0 (HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.62.0 - Signal Messenger, LLC) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 83.0 - Ubisoft) Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation) VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN) Windows-PC-Integritätsprüfung (HKLM\...\{4254C1AD-B9B0-4020-A4B1-D8B61D12142A}) (Version: 3.7.2204.15001 - Microsoft Corporation) WinRAR 7.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH) Zoom Workplace (64-bit) (HKLM\...\{226FFF6C-3704-420E-A649-0840E4B7451D}) (Version: 6.2.49050 - Zoom) Packages: ========= Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-16] () Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-02] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-26] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-26] (Microsoft Corporation) [MS Ad] MPEG-2-Videoerweiterung -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-18] (Microsoft Corporation) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-07-27] (Netflix, Inc.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-10-28] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.35.266.0_x64__dt26b99r8h8gj [2023-11-01] (Realtek Semiconductor Corp) Sniper Training 3D -> C:\Program Files\WindowsApps\2739ChimpiGames.SniperTraining3D_1.0.0.0_x86__7pgfw3wsaeyma [2021-06-30] (Chimpi Games) WinAppRuntime.Main.1.2-p1 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2-p1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-05-25] (Microsoft Corp.) WinAppRuntime.Singleton-p1 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton-p1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-05-25] (Microsoft Corp.) Windows App Runtime DDLM 2000.609.1413.0-x6-p1 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.609.1413.0-x6-p1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-05-25] (Microsoft Corporation) Windows App Runtime DDLM 2000.609.1413.0-x8-p1 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.2000.609.1413.0-x8-p1_2000.609.1413.0_x86__8wekyb3d8bbwe [2024-05-25] (Microsoft Corporation) WindowsAppRuntime.1.2-preview1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2-preview1_2000.609.1413.0_x64__8wekyb3d8bbwe [2024-05-25] (Microsoft Corporation) WindowsAppRuntime.1.2-preview1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2-preview1_2000.609.1413.0_x86__8wekyb3d8bbwe [2024-05-25] (Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1417265821-4116366667-1805509851-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> "c:\program files\macrium\common\reflectmonitor.exe" -ToastActivated => Keine Datei CustomCLSID: HKU\S-1-5-21-1417265821-4116366667-1805509851-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-1417265821-4116366667-1805509851-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Stefan\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1417265821-4116366667-1805509851-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> "C:\Users\Stefan\AppData\Local\0install.net\implementations\sha256new_7ATQFYMYISD5LU42STURHNI33TRSMJBHVQPLEAO3EX4R5WPI6GTQ\DeepL.exe" -ToastActivated => Keine Datei ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-08-11] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-08-11] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\nvshext.dll [2024-10-16] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-08-11] (Igor Pavlov) [Datei ist nicht signiert] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert] HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert] ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"Skip TPM Check on Dynamic Update\"",Filter="__EventFilter.Name=\"Skip TPM Check on Dynamic Update\":: WMI:subscription\__EventFilter->Skip TPM Check on Dynamic Update::[Query => SELECT SessionID from Win32_ProcessStartTrace WHERE ProcessName='vdsldr.exe'] WMI:subscription\CommandLineEventConsumer->Skip TPM Check on Dynamic Update::[CommandLineTemplate => C:\WINDOWS\system32\cmd.exe /q Skip TPM Check on Dynamic Update (c) AveYo, 2021 /d /rerase appraiserres.dll /f /s /q][ExecutablePath => C:\WINDOWS\system32\cmd.exe][WorkingDirectory => C:\$WINDOWS.~BT] ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2023-03-02 07:55 - 2023-02-27 21:39 - 001393152 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll 2022-11-03 13:48 - 2022-10-06 02:29 - 004392448 _____ () [Datei ist nicht signiert] \\?\C:\Users\Stefan\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\@signalapp\libsignal-client\prebuilds\win32-x64\node.napi.node 2022-11-03 13:48 - 2022-10-06 02:29 - 005626880 _____ () [Datei ist nicht signiert] \\?\C:\Users\Stefan\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\better-sqlite3\build\Release\better_sqlite3.node 2022-11-03 13:48 - 2022-10-06 02:29 - 011139584 _____ () [Datei ist nicht signiert] \\?\C:\Users\Stefan\AppData\Local\Programs\signal-desktop\resources\app.asar.unpacked\node_modules\ringrtc\build\win32\libringrtc-x64.node 2024-10-26 15:58 - 2024-10-26 15:58 - 196495872 _____ () [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcef.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000473088 _____ () [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libEGL.DLL 2024-10-26 15:58 - 2024-10-26 15:58 - 007472640 _____ () [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libGLESv2.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 004950528 _____ () [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\vk_swiftshader.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000909824 _____ () [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\vulkan-1.dll 2022-11-03 13:48 - 2022-10-06 02:29 - 002788352 _____ () [Datei ist nicht signiert] C:\Users\Stefan\AppData\Local\Programs\signal-desktop\ffmpeg.dll 2022-11-03 13:48 - 2022-10-06 02:29 - 000468992 _____ () [Datei ist nicht signiert] C:\Users\Stefan\AppData\Local\Programs\signal-desktop\libegl.dll 2022-11-03 13:48 - 2022-10-06 02:29 - 007410176 _____ () [Datei ist nicht signiert] C:\Users\Stefan\AppData\Local\Programs\signal-desktop\libglesv2.dll 2022-11-03 13:48 - 2022-10-06 02:29 - 004873728 _____ () [Datei ist nicht signiert] C:\Users\Stefan\AppData\Local\Programs\signal-desktop\vk_swiftshader.dll 2020-11-12 19:25 - 2012-01-06 02:30 - 000122880 ____N (C-Media Electronics Inc.) [Datei ist nicht signiert] C:\Windows\System\HsSrv64.dll 2024-08-11 18:00 - 2024-08-11 18:00 - 000101376 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll 2020-04-19 21:54 - 2020-04-19 21:54 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll 2020-04-19 21:54 - 2020-04-19 21:54 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll 2020-11-15 15:51 - 2020-11-15 15:51 - 000090112 _____ (Silicon Laboratories, Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 001416192 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\chrome_elf.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000046592 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000031744 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qgif.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000039936 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qicns.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000031232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qico.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000415232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qjpeg.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000025600 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qsvg.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000025088 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtga.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000380416 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtiff.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000023552 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwbmp.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000532992 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwebp.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 001455616 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\platforms\qwindows.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000227328 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt\labs\platform\qtlabsplatformplugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 006270976 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 006947328 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Gui.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 001389568 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 003798528 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Qml.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000440832 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlModels.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000054784 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlWorkerScript.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 004254720 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Quick.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000171520 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickControls2.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000222208 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickShapes.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 001128960 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickTemplates2.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000334848 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Svg.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000133120 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebChannel.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000157184 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 005611520 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Widgets.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000463360 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WinExtras.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000210432 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000056832 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000059392 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000018432 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick.2\qtquick2plugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000294400 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000106496 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Layouts\qquicklayoutsplugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000017920 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Shapes\qmlshapesplugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000325120 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000045568 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Window.2\windowplugin.dll 2024-10-26 15:58 - 2024-10-26 15:58 - 000135680 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\styles\qwindowsvistastyle.dll 2015-10-14 00:15 - 2015-10-14 00:15 - 002042368 _____ (TODO: <Company name>) [Datei ist nicht signiert] C:\Program Files (x86)\Gigabyte\AppCenter\osvi.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData:BDSDRMHK [64] AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64] AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64] AlternateDataStreams: C:\ProgramData\Application Data:BDSDRMHK [64] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8540] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ============= BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-01] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-03-19 05:49 - 2023-05-01 18:26 - 000000984 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 on4u3.buhl.de 127.0.0.1 www.on4u3.buhl.de 127.0.0.1 DRM.BUHL.DE 127.0.0.1 www.DRM.BUHL.DE 2020-11-25 14:53 - 2021-01-12 18:20 - 000000526 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 92.168.137.1 DESKTOP-41UIG6B.mshome.net # 2025 11 1 24 20 55 1 915 192.168.137.73 HUAWEI_P30_Pro-e84921de44.mshome.net # 2020 12 3 2 14 26 3 744 44 ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) ist aktiviert. Network Binding: ============= Ethernet 2: Realtek Gaming 2.5GbE Family Controller -> rt640x64.sys ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "WinZip FAH" HKLM\...\StartupApproved\Run: => "WinZip UN" HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software" HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\StartupApproved\Run: => "Plex Media Server" HKU\S-1-5-21-1417265821-4116366667-1805509851-1001\...\StartupApproved\Run: => "EpicGamesLauncher" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{83D86BDE-EBC4-4DB9-94DD-C358DD1A0BDB}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{534C7692-F56B-4E50-B3CE-56F6C882ACCE}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{7D149FF3-E229-411C-9B3C-543AB893B8A2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C91B8FF3-BE31-4CBB-A00E-2D3523B5B4E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C30D82C0-0CC7-4169-B569-DB8FC3611A85}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{F3F3E873-6E3D-4DBC-88CF-1D2E7E426E44}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [TCP Query User{9C7D3A93-F415-4C96-AAFA-F6B21DEE95A2}C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1800\bin\win64\anno1800.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1800\bin\win64\anno1800.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [UDP Query User{F6E59BF3-1479-403C-AE07-C3DF5402AA08}C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1800\bin\win64\anno1800.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1800\bin\win64\anno1800.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [TCP Query User{CF3CF312-9D53-4C2C-9FF2-0B295EBE7E24}C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe (Ubisoft Blue Byte GmbH -> Ubisoft) FirewallRules: [UDP Query User{6BA8B87D-EA32-4EB0-A8FF-2B937788D121}C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe (Ubisoft Blue Byte GmbH -> Ubisoft) FirewallRules: [TCP Query User{8B10A558-3F14-40D2-A7E9-36A1F8585EDE}C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe (Ubisoft Blue Byte GmbH -> Ubisoft) FirewallRules: [UDP Query User{4EAAFE7D-1BA6-428E-B8DB-ADB95389661F}C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\anno 1404 - history edition\anno1404addon.exe (Ubisoft Blue Byte GmbH -> Ubisoft) FirewallRules: [{1DA0981F-1A53-4455-83C4-A016002E7504}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3B57F426-2771-498C-B958-0DCAB05DFAED}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{21226927-5404-44ED-B51F-151B8C7FFCDE}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{12F07B1A-E780-4C8E-A52D-C8E32D0A47AB}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{3B93E36D-0D51-4600-8D0C-5BE0E54C90D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8B20B206-596E-46DF-870B-2A5B50295890}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D724038B-6A3A-42A5-8C89-61EA43DE6695}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{8CC91542-4BFA-494E-A25A-F006ECB8D60A}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{24A57E74-1E39-4987-9F8C-94089F8A8EC0}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{B5C7ABA5-E706-4922-8F6D-59BE866EB868}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{DA7DC733-DAB8-4D84-89A9-1EA2989A9503}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{9CB076F2-151A-434E-981A-E94C34F23068}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{5459027D-032A-4F56-AA08-E385F2F42A7D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3ACE7353-DDB8-4309-846F-2112E985520E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E6E44741-0A76-4B41-978F-CD01349ABF08}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{3C388E45-0CB1-47F3-A590-12578F7FECCE}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) FirewallRules: [{3200F619-901B-4EB2-92CA-47501A99B501}] => (Allow) C:\Users\Stefan\AppData\Roaming\Zoom\bin\Zoom.exe => Keine Datei FirewallRules: [{BADA70F3-34E0-45A7-98E8-DD4DD7020758}] => (Allow) C:\Users\Stefan\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei FirewallRules: [{75245B03-BEDF-41F7-8579-6763DE99946A}] => (Allow) C:\Users\Stefan\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei FirewallRules: [TCP Query User{512F298C-C89C-4071-AB05-372ECB23156C}C:\program files\plex\plex\plex.exe] => (Allow) C:\program files\plex\plex\plex.exe (Plex, Inc. -> ) FirewallRules: [UDP Query User{ED9A748E-CD1A-4F9F-A424-91701C324945}C:\program files\plex\plex\plex.exe] => (Allow) C:\program files\plex\plex\plex.exe (Plex, Inc. -> ) FirewallRules: [TCP Query User{0C51049C-9826-4AA5-B7FE-B9D4AFBF67A7}C:\program files (x86)\anno 1404 gold edition\tools\addonweb.exe] => (Allow) C:\program files (x86)\anno 1404 gold edition\tools\addonweb.exe () [Datei ist nicht signiert] FirewallRules: [UDP Query User{B36986FD-252D-4A7D-9B1A-CED52FD40157}C:\program files (x86)\anno 1404 gold edition\tools\addonweb.exe] => (Allow) C:\program files (x86)\anno 1404 gold edition\tools\addonweb.exe () [Datei ist nicht signiert] FirewallRules: [{A1FADD0B-8F70-44A3-A254-1A9B52C70DBC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E2FFD8F9-3AFB-4EEA-918F-CA5244A783ED}] => (Allow) C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.) FirewallRules: [{34F6231A-C136-4AA0-AC74-2E33248FB853}] => (Allow) C:\Program Files\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> ) FirewallRules: [{CBB249B3-F02D-4073-854F-1953B307099E}] => (Allow) C:\Program Files\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.) FirewallRules: [{1D82506E-F930-40D5-9FB8-1A67B72F43D2}] => (Allow) C:\Program Files\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> ) FirewallRules: [{6F9EA6C9-A2A3-4E02-B211-32097D26B6CF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{72215802-1A1A-4E5D-8735-B247E8810E31}] => (Allow) C:\Program Files (x86)\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{1279B982-CBB0-40D4-AB02-533C3BA90296}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.130.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E74DEAAD-BEC8-464A-AC0F-55134A2AFC99}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.130.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0CE98167-8148-4A0D-B040-0D2BAC083763}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.130.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C2B3F336-7B4D-45EB-975E-9D47A5EDD064}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.130.3205.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D4479544-2029-44B9-AE2A-B8D107BEC140}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{715627FC-9E50-42D4-B113-217204ACBCB9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{FBD52AD6-2772-4411-9229-5EC6B313CDE7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{59AA08C5-CD7B-4734-91AB-5F8D84B5C53D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{B59F3687-4A53-42D3-9EF8-595249AEAF9D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{99804F4B-6DB0-4B43-BC1F-C6C92C5472EB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{B0F19772-A4C3-44D0-A450-0576B2DCB05A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{CCBAC901-D80F-49D9-8053-F1305014AB7D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{F8DBB8B0-14E5-4414-B785-21F74B35C547}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{AC9D3721-AB7B-4AE7-A0AE-54D047018381}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{A3028C65-85FE-4663-B507-335B0EC423AD}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{90173E0D-5596-47BB-B502-CF24ABD5AF0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9B136869-6370-4959-9B57-15BCE5AA9AA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{41E920A4-DAB9-4893-96D1-15AA31FB61BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{CB70EC6C-DEC5-46DE-85CF-BF390B2E3B64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{91594A9A-5BDF-42F3-BABC-DAF8A4B83620}] => (Allow) C:\Program Files\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{5A11A8B2-B868-45C1-BCBD-270007C877AE}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{4C4E2385-DDEA-4783-BBDC-21134F0EAB88}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{DB22E574-7F7E-4BD0-8561-85EACC1591A9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{EAC54EDB-8D4F-4725-8804-2ED63890DFCD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard-USB-Hostcontroller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (10/28/2024 11:24:57 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/28/2024 11:24:57 PM) (Source: Firefox Default Browser Agent) (EventID: 5) (User: ) Description: Event-ID 5 Error: (10/28/2024 11:17:59 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Microsoft Office Professional Edition 2003 wird entfernt; Fehler = 0x80070422). Error: (10/28/2024 11:17:58 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Microsoft Office Professional Edition 2003 wird entfernt; Fehler = 0x80070422). Error: (10/28/2024 11:16:17 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Java 8 Update 431 (64-bit) wurde entfernt; Fehler = 0x80070422). Error: (10/28/2024 11:16:16 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Removed Java 8 Update 431 (64-bit); Fehler = 0x80070422). Error: (10/28/2024 11:16:10 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Java 8 Update 431 wurde entfernt; Fehler = 0x80070422). Error: (10/28/2024 11:16:08 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Removed Java 8 Update 431; Fehler = 0x80070422). Systemfehler: ============= Error: (10/28/2024 03:27:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/28/2024 03:26:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (10/28/2024 03:26:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht. Error: (10/28/2024 03:24:14 PM) (Source: TPM) (EventID: 15) (User: NT-AUTORITÄT) Description: Beim Gerätetreiber für das Trusted Platform Module (TPM) ist ein nicht behebbarer Fehler in der TPM-Hardware aufgetreten, der die Verwendung der TPM-Dienste (z. B. Datenverschlüsselung) verhindert. Wenden Sie sich an den Computerhersteller, um weitere Hilfe zu erhalten. Error: (10/28/2024 03:24:10 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: ACPI2 Error: (10/28/2024 03:23:30 PM) (Source: DCOM) (EventID: 10005) (User: MORTLACH) Description: Fehler "1084" in DCOM, als der Dienst "ShellHWDetection" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/28/2024 03:23:30 PM) (Source: DCOM) (EventID: 10005) (User: MORTLACH) Description: Fehler "1084" in DCOM, als der Dienst "TokenBroker" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden: Windows.Internal.Security.Authentication.Web.WamProviderRegistration Error: (10/28/2024 03:23:30 PM) (Source: DCOM) (EventID: 10005) (User: MORTLACH) Description: Fehler "1084" in DCOM, als der Dienst "TokenBroker" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden: Windows.Internal.Security.Authentication.Web.WamProviderRegistration Windows Defender: ================ Date: 2024-10-27 00:05:02 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {F365D2AF-CE33-46E9-8AD7-AB5D35229DA0} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2024-10-25 00:06:04 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {2A40293E-A23C-43C0-871F-286EA9AE565C} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2024-10-24 12:53:27 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {C77E4400-AF0C-4446-A053-17E368113E25} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2024-10-21 23:36:54 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {CAA068E7-798A-4233-B130-AB162FB3C650} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2024-10-21 00:06:04 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {0D48F832-19EF-454C-BE9E-937042E248DB} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Event[0]: Date: 2023-12-06 22:16:20 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.401.1664.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.23100.2009 Fehlercode: 0x80240438 Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support". CodeIntegrity: =============== Date: 2024-10-27 20:07:57 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2024-01-07 01:54:44 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume1\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2024-01-07 01:54:44 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-11-16 18:45:57 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-11-02 12:39:25 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== BIOS: American Megatrends International, LLC. F22 12/07/2022 Hauptplatine: Gigabyte Technology Co., Ltd. Z690 UD DDR4 Prozessor: 13th Gen Intel(R) Core(TM) i5-13600KF Prozentuale Nutzung des RAM: 39% Installierter physikalischer RAM: 24405.57 MB Verfügbarer physikalischer RAM: 14699.86 MB Summe virtueller Speicher: 25429.57 MB Verfügbarer virtueller Speicher: 12802.2 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:930.41 GB) (Free:539.52 GB) (Model: Corsair MP600 PRO XT) (Protected) NTFS Drive d: (Volume) (Fixed) (Total:3725.9 GB) (Free:1519.14 GB) (Model: WDC WD40EZRX-00SPEB0) (Protected) NTFS Drive e: (Volume) (Fixed) (Total:7451.91 GB) (Free:1583.57 GB) (Model: ST8000AS0002-1NA17Z) (Protected) NTFS Drive f: (Volume) (Fixed) (Total:3725.9 GB) (Free:1388.08 GB) (Model: ST4000NM0033-9ZM170) (Protected) NTFS Drive g: (Volume) (Fixed) (Total:7452.02 GB) (Free:2992.73 GB) (Model: ST8000DM004-2CX188) (Protected) NTFS Drive h: (Volume) (Fixed) (Total:2794.52 GB) (Free:2007.64 GB) (Model: ST3000DM001-1CH166) (Protected) NTFS Drive i: (Volume) (Fixed) (Total:237.4 GB) (Free:204.6 GB) (Model: SAMSUNG MZVPV256HDGL-00000) (Protected) NTFS Drive k: () (Fixed) (Total:465.15 GB) (Free:162.97 GB) (Model: Samsung SSD 970 EVO Plus 500GB) NTFS \\?\Volume{0f7f77bb-0000-0000-0000-90b9e8000000}\ () (Fixed) (Total:0.61 GB) (Free:0.16 GB) NTFS \\?\Volume{3f35de60-26e3-01d9-30ef-88927193ec00}\ () (Fixed) (Total:0.61 GB) (Free:0.16 GB) NTFS \\?\Volume{f78851c5-c02f-408c-942e-78e77c8fc0e1}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS \\?\Volume{2de9e8e0-46fa-41c7-9fd4-b4623f5483a0}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS \\?\Volume{c1cd725e-1a3c-4b5e-b61f-a4f9603c4d7f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 7452 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 3 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 4 (Protective MBR) (Size: 7452 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 5 (Size: 931.5 GB) (Disk ID: 0F7F77BB) Partition 1: (Not Active) - (Size=930.4 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=627 MB) - (Type=07 NTFS) ========================================================== Disk: 6 (Size: 465.8 GB) (Disk ID: 170CB89E) Partition: GPT. ========================================================== Disk: 7 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Ende von Addition.txt ======================= Geändert von Garmirian007 (Gestern um 00:07 Uhr) |
Gestern, 09:08 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab Das hat aber mit Schädlingen nichts zu tun. Das sind Fehler in der Deinstallationsroutine oder deine Windows-Installation ist hinüber. Manchmal hilft es, das Programm in der exakt selben Version noch neu zu installieren.
__________________ Logfiles bitte immer in CODE-Tags posten |
Gestern, 10:32 | #13 | ||
/// TB-Ausbilder | Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab Ich möchte noch ergänzend hinzufügen, dass es scheinbar ein hardware-technisches Problem mit TPM gibt: Zitat:
Zitat:
Ob man dies mit Firmware-Update bzw. Treiber-Update beheben kann, bezweifle ich. Sicherheitstechnisch gesehen ist das natürlich sub-optimal. |
Gestern, 11:01 | #14 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab Bezieht sich das nicht nur auf Bitlocker? Edit: Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten Geändert von cosinus (Gestern um 12:35 Uhr) |
Gestern, 12:51 | #15 |
| Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab Ja! TPM habe ich versucht für Windows 11 zu aktivieren. Hat bei mir nicht hingehauen, weil letztendlich meine Systemplatte im falschen Format formatiert ist und ich das selbst mit einem anderen Programm damals nicht geändert bekommen habe. Habe das dann aufgegeben. Hatte irgendwas mit Windows Boot zu tun, dass eine bestimmte Form der Formatierung erforderte. Ich kann gerne nochmal schauen ob ich das Bios Update hinbekomme. Das habe ich bei dem in der Tat noch nie gemacht, müsste mal schauen wo das Handbuch ist. :-) Fällt dir sonst noch was ein für das konkrete Problem? |
Themen zu Opera öffnet immer beim Start und permant regelmässig danach einen Youtube Tab |
abgesicherte, abgesicherten, adware, avg, beim starten, cleaner, datei, geladen, gestern, konnte, meldung, modus, nichts, opera, runter, stable, start, starte, starten, stürzt, tab, unregelmäßige, versuche, youtube, öffnet |