Popup: Kritischer Virenalarm / Avira: Warnung vor kritischem Virus Gerne. Als erstes poste ich die Addition.txt und dann kommen da noch 4x FRST.txt, die ich wegen der Länge in mehrere Beiträge splitten muss.
Code:
Alles auswählen Aufklappen ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-08.2024
durchgeführt von irmer (04-08-2024 18:26:03)
Gestartet von C:\Users\irmer\Downloads
Microsoft Windows 11 Home Version 23H2 22631.3880 (X64) (2023-03-29 07:56:20)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-382349518-860266412-3078101093-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-382349518-860266412-3078101093-503 - Limited - Disabled)
Gast (S-1-5-21-382349518-860266412-3078101093-501 - Limited - Disabled)
irmer (S-1-5-21-382349518-860266412-3078101093-1001 - Administrator - Enabled) => C:\Users\irmer
WDAGUtilityAccount (S-1-5-21-382349518-860266412-3078101093-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 24.002.20965 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Allods Online EN (HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\gcgame_13.505) (Version: 1.267 - ООО "МАЙ.ГЕЙМЗ")
Conqueror`s Blade MY.GAMES (HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\gcgame_13.2000842) (Version: 1.514 - MY.GAMES B.V.)
DeepL (HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - DeepL SE)
Epic Games Launcher (HKLM-x32\...\{A7273EDD-4192-4A9C-9A96-8056EB2DFC76}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
eve-online (HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\eve-online) (Version: 0.4.6 - CCP Games)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LDPlayer (HKLM-x32\...\LDPlayer9) (Version: 9.0.41 - XUANZHI INTERNATIONAL CO., LIMITED)
Left to Survive (HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\gcgame_0.2002134) (Version: 1.159 - MY.GAMES B.V.)
MGLauncher (HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\mglauncherlaunchpad_) (Version: 4.1704 - MY.COM B.V.)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.17726.20160 - Microsoft Corporation)
Microsoft 365 - en-gb (HKLM\...\O365HomePremRetail - en-gb) (Version: 16.0.17726.20160 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 127.0.2651.86 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.113 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\OneDriveSetup.exe) (Version: 24.146.0721.0002 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.17726.20160 - Microsoft Corporation)
Microsoft OneNote - en-gb (HKLM\...\OneNoteFreeRetail - en-gb) (Version: 16.0.17726.20160 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.14501 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 128.0.3 (x64 de)) (Version: 128.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 111.0.1 - Mozilla)
NoxPlayer (HKLM-x32\...\Nox) (Version: 7.0.5.9 - Duodian Technology Co. Ltd.)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA Grafiktreiber 546.80 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.80 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop (HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.3.1 - Telegram FZ-LLC)
VirtualDJ 2023 (HKLM\...\{833FCA9B-2139-4C22-BBBD-32FF52C16866}) (Version: 8.5.7555.0 - Atomix Productions)
Wargaming.net Game Center (HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\Wargaming.net Game Center) (Version: 24.3.0.6203 - Wargaming.net)
Yandex (HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\YandexBrowser) (Version: 24.6.4.580 - Yandex)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-07-18] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5435.0_x64__8j3eq9eme6ctt [2024-04-12] (INTEL CORP) [Startup Task]
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.35.264.0_x64__v10z8vjag6ke6 [2024-07-19] (HP Inc.)
Dropbox-Sonderaktion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.27.0_x64__xbfy0k16fey96 [2024-07-31] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2024-07-19] (HP Inc.)
HP CoolSense -> C:\Program Files\WindowsApps\AD2F1837.HPCoolSense_1.1.3.0_x64__v10z8vjag6ke6 [2023-03-29] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.5.1.0_x64__v10z8vjag6ke6 [2024-03-30] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-07-19] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2023-03-31] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-09] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.34.32.0_x64__v10z8vjag6ke6 [2024-04-16] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6 [2024-07-19] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-07-19] (INTEL CORP)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe [2024-04-11] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-16] (Microsoft Corp.)
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24180.205.2980.1757_x64__8wekyb3d8bbwe [2024-08-03] (Microsoft) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21110.548.0_x64__8wekyb3d8bbwe [2024-07-19] (Microsoft Corporation)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.1293.0_x64__8wekyb3d8bbwe [2024-07-19] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24062.51.0_x64__cw5n1h2txyewy [2024-07-23] (Microsoft Windows) [Startup Task]
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_34.52424.589.0_x64__v10z8vjag6ke6 [2024-07-20] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-29] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6 [2024-07-23] (HP Inc.) [Startup Task]
OMEN Light Studio -> C:\Program Files\WindowsApps\AD2F1837.OMENLightStudio_1.0.47.0_x64__v10z8vjag6ke6 [2024-03-09] (HP Inc.) [Startup Task]
OMEN Oasis -> C:\Program Files\WindowsApps\AD2F1837.OMENSpectate_1.24.2.0_x64__v10z8vjag6ke6 [2024-07-19] (HP Inc.)
Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.3899848563C1F_1.0.137.0_x64__kx24dqmazqk8j [2024-07-19] (Random Salad Games LLC)
Windows Feature Experience Pack -> C:\windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-07-20] (Microsoft Windows)
Windows-Fotoanzeige -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.19012.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation) [Startup Task]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-382349518-860266412-3078101093-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382349518-860266412-3078101093-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382349518-860266412-3078101093-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382349518-860266412-3078101093-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382349518-860266412-3078101093-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382349518-860266412-3078101093-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382349518-860266412-3078101093-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\irmer\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.14501\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-382349518-860266412-3078101093-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-382349518-860266412-3078101093-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> "C:\Users\irmer\AppData\Local\0install.net\implementations\sha256new_7ATQFYMYISD5LU42STURHNI33TRSMJBHVQPLEAO3EX4R5WPI6GTQ\DeepL.exe" -ToastActivated => Keine Datei
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_c1175609f74fb701\OptaneShellExt.dll [2022-06-05] (Intel Corporation -> )
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_c1175609f74fb701\OptaneShellExt.dll [2022-06-05] (Intel Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_41c48f20ac7de4fb\nvshext.dll [2024-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com.lnk -> C:\Program Files (x86)\Online Services\Amazon\WizLink.exe () -> hxxp://www.amazon.com/gp/ubp/oneButton/config/redirectHome?tagbase=hpga1-ubpl&ref=aagateway-taskbar-hp
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2024-06-07 17:57 - 2023-01-16 02:34 - 001160704 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Users\irmer\AppData\Local\0install.net\implementations\sha256new_URIJA5AX26HNM7QVJKAF4VRTKDDVZDUL2XD4MMI4IJ3R32IZBLRA\CefSharp.BrowserSubprocess.Core.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 000498688 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\hlog4qt1.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 071711744 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\libcef.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 002079232 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\libcef_dll_wrapper.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 000120334 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\libgcc_s_dw2-1.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 001540622 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\libstdc++-6.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 000251904 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\MultiPlayerCef.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 000239616 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\UICommon.dll
2024-06-07 17:57 - 2023-01-13 12:19 - 194953728 _____ () [Datei ist nicht signiert] C:\Users\irmer\AppData\Local\0install.net\implementations\sha256new_URIJA5AX26HNM7QVJKAF4VRTKDDVZDUL2XD4MMI4IJ3R32IZBLRA\libcef.dll
2024-06-07 17:58 - 2023-01-13 10:08 - 000468992 _____ () [Datei ist nicht signiert] C:\Users\irmer\AppData\Local\0install.net\implementations\sha256new_URIJA5AX26HNM7QVJKAF4VRTKDDVZDUL2XD4MMI4IJ3R32IZBLRA\libEGL.dll
2024-06-07 17:57 - 2023-01-13 10:07 - 007467520 _____ () [Datei ist nicht signiert] C:\Users\irmer\AppData\Local\0install.net\implementations\sha256new_URIJA5AX26HNM7QVJKAF4VRTKDDVZDUL2XD4MMI4IJ3R32IZBLRA\libGLESv2.dll
2024-06-07 17:58 - 2023-01-13 10:03 - 004945920 _____ () [Datei ist nicht signiert] C:\Users\irmer\AppData\Local\0install.net\implementations\sha256new_URIJA5AX26HNM7QVJKAF4VRTKDDVZDUL2XD4MMI4IJ3R32IZBLRA\vk_swiftshader.dll
2024-06-07 17:58 - 2023-01-13 10:06 - 000905728 _____ () [Datei ist nicht signiert] C:\Users\irmer\AppData\Local\0install.net\implementations\sha256new_URIJA5AX26HNM7QVJKAF4VRTKDDVZDUL2XD4MMI4IJ3R32IZBLRA\vulkan-1.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 000059392 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\Nox\plugins\imageformats\qdds.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 000517120 _____ (Digia Plc and/or its subsidiary(-ies)) [Datei ist nicht signiert] C:\Program Files (x86)\Nox\plugins\imageformats\qjp2.dll
2024-07-21 10:56 - 2024-07-21 10:56 - 000432640 _____ (HP Inc.) [Datei ist nicht signiert] C:\windows\assembly\NativeImages_v4.0.30319_64\LauncherSDK\0be1de1af2b6b3030e034bb8b2f84a3b\LauncherSDK.ni.dll
2024-07-21 10:56 - 2024-07-21 10:56 - 000037888 _____ (HP Inc.) [Datei ist nicht signiert] C:\windows\assembly\NativeImages_v4.0.30319_64\Logging\f3cff26c528419f804911118d0ea719b\Logging.ni.dll
2024-07-21 10:56 - 2024-07-21 10:56 - 000153088 _____ (HP Inc.) [Datei ist nicht signiert] C:\windows\assembly\NativeImages_v4.0.30319_64\RpcClient\617e3a9ba9e4e95647eac1444ece64be\RpcClient.ni.dll
2024-07-21 10:56 - 2024-07-21 10:56 - 000118272 _____ (HP Inc.) [Datei ist nicht signiert] C:\windows\assembly\NativeImages_v4.0.30319_64\WMISDK\44d38f837e2adf927c3817d871a7b587\WMISDK.ni.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 000049152 _____ (MingW-W64 Project. All rights reserved.) [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\libwinpthread-1.dll
2024-07-21 10:56 - 2024-07-21 10:56 - 003884544 _____ (Newtonsoft) [Datei ist nicht signiert] C:\windows\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\d1f647de3f69a8a348fb6068b4d6804d\Newtonsoft.Json.ni.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 000439808 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\chrome_elf.dll
2024-06-07 17:57 - 2023-01-13 10:21 - 001412608 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Users\irmer\AppData\Local\0install.net\implementations\sha256new_URIJA5AX26HNM7QVJKAF4VRTKDDVZDUL2XD4MMI4IJ3R32IZBLRA\chrome_elf.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 001253376 _____ (The curl library, hxxps://curl.haxx.se/) [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\libcurl.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 001214976 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\LIBEAY32.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 000275456 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\ssleay32.dll
2023-11-23 18:51 - 2023-11-23 18:51 - 006147224 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Nox\bin\Qt5Core.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2024-02-01] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2024-02-01] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\windows\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-382349518-860266412-3078101093-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\themec\img28.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
BITS: {0CB9D68A-40C5-47F5-9BF4-99FFD90CCC95} - (Yandex browser usage statistics) -> [NotifyCmdLine: C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\Application\browser.exe "C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --broupdater-stat-bits --broupdater-stat-name=dayuse --bits_job_guid={0CB9D68A-40C5-47F5-9BF4-99FFD90CCC95}] [Dateien:https://soft.export.yandex.ru/status.xml?stat=dayuse&banerid=3401000000:6424156a89374973ca7c39b2&bitness=64&brandID=int-custo&browser_bitness=64&build_id=&clid=2270482&client_id=7637399750270208784&df=1&distr_yandexuid=3277201991680086362&domain=0&eid=H4sIAAAAAAAAAC2U25HFMAhDSwpPIQ3997WD736dmNiAQZiIcm5r3H3hObAdKyYXDrG_9CWM7J2kT54dsO3pFhdpVbVoOWfByuCigPBF-gg7NjG1QypzwcbYbWHPQiFdyG7y_kXjjClbDNi2UDX9YbhjkcydgWXuwGD9MnauW3o7d8L83cM4l7bnIYA6VFTsVKRpiYrOHSomdjgT2unU811d2mFm2fnOyF6OF8_aOVxO3rWfMZdGUy0tm_iiV5FmWLbSbeUFn1VUM5YSWqvOwa1y4CtkDn6YJTMbK46BS8EyVpnyWI06tVJeNd2i1bZKm8iVuol1M8hiC4JjwaDq7uV97e2RtosJv62e1DG94xH2eMX5Zx3ZNkexe93csi8BD4MeYy60T7xzPlJ9-OVokY-XgFtwXuhyf9mWD_tjvU-5f7wAVWbPBCs98p3qmJdA98QFalmcV7iA67OnTrOVfDpx7Ex699LidEmbylq2RfWy5_xzhAO9YEtNqVZuykPwqhvWpW_u60bjqo54xeeDJ84YUF67eDuzQT_I7KGvlSjzVYXRVm11LWwCscJ19KC5Vbrm6cJ_8ognFnQ_IFeoyf7hNBMVWrFHviKE-CpOSzwPyrZYiW11YNqXs1UNxlZPIBfjN8bMKeSOU1HvkWAsrhRYVMLvMciOuVVgVh2840j1DXxYXz3uKttQ8vfU3KSb-8TNNjoWQPs9NxmpLbi1b1kV_AZW4dvRzNquPlX2OfU_1y6I4cUEAAA&install_type=2&installed=24.6.3.729&ld=477&os=win10&partner_id=&policies=0&searchbandapp=0&stats_send_status=1&sv=24.6&ud=0&ui=CFD4773E-E9B8-421A-9FFC-B068683F6B1A&user_agent=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F124.0.0.0+YaBrowser%2F24.6.0.0+Safari%2F537.36&ver=24.6.2.786&win_version=10.0.22631&yandexuid=5240212511680086451&yasoft=yabrowser -> C:\Users\irmer\AppData\Local\Temp\Yandex_Browser_BITS_{0CB9D68A-40C5-47F5-9BF4-99FFD90CCC95}_report]
BITS: {FC1EA3AB-F1C5-4721-BB9E-5D71982C7D00} - (Yandex browser usage statistics) -> [NotifyCmdLine: C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\Application\browser.exe "C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --broupdater-stat-bits --broupdater-stat-name=dayuse --bits_job_guid={FC1EA3AB-F1C5-4721-BB9E-5D71982C7D00}] [Dateien:https://soft.export.yandex.ru/status.xml?stat=dayuse&banerid=3401000000:6424156a89374973ca7c39b2&bitness=64&brandID=int-custo&browser_bitness=64&build_id=&clid=2270482&client_id=7637399750270208784&df=1&distr_yandexuid=3277201991680086362&domain=0&eid=H4sIAAAAAAAAAC2U25HFMAhDSwpPIQ3997WD736dmNgGg4CIcm5r3H3hObAdKyYXDrG_9CWM7J2kT54dsO3pFhdpVbVoOWfByuCigPBF-gg7NjG1QypzwcbYbWHPQiGdy27y_kXjjClbDNi2UDX9YbhjkcydgWXuwGD9InauG0aBnTB_7zDOhe15CKAOFRU7FWlaoqJzh4qJHc6Edjr17q4u7TCzbN0yI3s5Xjxr53A5ec9-xlwaTbW0bOKLXkWaYdlKt5UXfFZRzVhKaK06B7fKga-QOfhhlsxsrDgGLgXLWGXKYzXq1Ep52XSLVtsqbSJX6ibWzSCLLQiOBYOqe5f3lbdH2i4m_LZ6Usf0jkfY4yXnn3Vk2xzF7nVzy74APAx6jDnXPvHO-Uj14RejRT5eAG7Bea7L_UVbPuyP9T7l_vEcVJk9E6z0yHeqY14A3RPnqGXxNODC3YbqzA-v5J46-VbyScaxM-ndS4uTKG0qa9kW1cuec8URDvSCLTWlWrkpD8FLdFiXvrmv65IrAOLVgQ-eOGNAeZXj7cwG_SCzh76qosxXFUZbtdVVswnEClfcg-ZW6ZonEf8pJZ5u0P2AXKEm-4eTT1RoxR75ihDiqzhZ8W5QtsVKbKsD076crWowtnoCuRi_jmZOIXecinrzgrG4VGBRCb-5kB1zq8CsOnjHkerr_bC-fNxTtqHkb-pc05v7xLU5OhZA-02ejNQW3Nq3rAp-vavw7WhmbVefQPsu9T_i0Jfe0AQAAA&install_type=2&installed=24.6.3.770&ld=479&os=win10&partner_id=&policies=0&searchbandapp=0&stats_send_status=1&sv=24.6&ud=1&ui=CFD4773E-E9B8-421A-9FFC-B068683F6B1A&user_agent=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F124.0.0.0+YaBrowser%2F24.6.0.0+Safari%2F537.36&ver=24.6.3.770&win_version=10.0.22631&yandexuid=5240212511680086451&yasoft=yabrowser -> C:\Users\irmer\AppData\Local\Temp\Yandex_Browser_BITS_{FC1EA3AB-F1C5-4721-BB9E-5D71982C7D00}_report]
BITS: {D489B879-74CA-41EB-9334-51F9F33ADA1A} - (Yandex browser usage statistics) -> [NotifyCmdLine: C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\Application\browser.exe "C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --broupdater-stat-bits --broupdater-stat-name=dayuse --bits_job_guid={D489B879-74CA-41EB-9334-51F9F33ADA1A}] [Dateien:https://soft.export.yandex.ru/status.xml?stat=dayuse&banerid=3401000000:6424156a89374973ca7c39b2&bitness=64&brandID=int-custo&browser_bitness=64&build_id=&clid=2270482&client_id=7637399750270208784&df=1&distr_yandexuid=3277201991680086362&domain=0&eid=H4sIAAAAAAAAAC2U25HFMAhDSwpPIQ3997WD736dmNiAQYaIcm5r3H3hObAdKyYXDrG_9CWM7J2kT54dsO3pFhdpVbVoOWfByuCigPBF-gg7NjG1QypzwcbYbWHPQiFdyG7y_kXjjClbDNi2UDX9YbhjkcydgWXuwGD9MnauG0aBnTB_9zDOpe15CKAOFRU7FWlaoqJzh4qJHc6Edjr1fFeXdphZtm6Zkb0cL561c7icvGs_Yy6NplpaNvFFryLNsGyl28oLPquoZiwltFadg1vlwFfIHPwwS2Y2VhwDl4JlrDLlsRp1aqW8arpFq22VNpErdRPrZpDFFgTHgkHV3cv72tsjbRcTfls9qWN6xyPs8YrzzzqybY5i97q5ZV8CHgY9xlxon3jnfKT68MvRIh8vAbfgvNDl_rItH_bHep9y_3gBqsyeCVZ65DvVMS-B7okL1LJ4GnDhvKE680M_WURczpBHnAQ8dXKu5JOQY2fSu5cWJ1naVNayLaqXPReaIxzoBVtqSrVyUx6CV_iwLn1zX_dqriGI1xc-eOKMAeV1krczG_SDzB76uowyX1UYbdVW190mECtcsw-aW6VrnmT8p5x4OkL3A3KFmuwfTk5RoRV75CtCiK_iZMbzoGyLldhWB6Z9OVvVYGz1BHIxfi-cOYXccSrqzQ_G4kqBRSX85kR2zK0Cs-rgHUeqbxaE9dXjrrINJX9T6IaAuU_cs0fHAmi_SZSR2oJb-5ZVwe8tK3w7mlnb1SfYPqf-B1uBBs3gBAAA&install_type=2&installed=24.6.3.770&ld=484&os=win10&partner_id=&policies=0&searchbandapp=0&stats_send_status=1&sv=24.6&ud=6&ui=CFD4773E-E9B8-421A-9FFC-B068683F6B1A&user_agent=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F124.0.0.0+YaBrowser%2F24.6.0.0+Safari%2F537.36&ver=24.6.3.770&win_version=10.0.22631&yandexuid=5240212511680086451&yasoft=yabrowser -> C:\Users\irmer\AppData\Local\Temp\Yandex_Browser_BITS_{D489B879-74CA-41EB-9334-51F9F33ADA1A}_report]
ist aktiviert.
Network Binding:
=============
Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys
WLAN: Realtek RTL8852AE WiFi 6 802.11ax PCIe Adapter -> rtwlane6.sys
nt_rtf64: Realtek LightWeight Filter (NDIS6.40)
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7AAD0E11-82EF-4F06-9923-50EA985518A6}] => (Allow) C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (YANDEX LLC -> YANDEX LLC)
FirewallRules: [{CC8AA852-5F85-4727-AE8D-908075998E02}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5739A8BC-13D2-40EF-BA71-EFA64AB9CF2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DA33FFEF-34DB-47D3-BF94-605E3248A9C1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{824690AA-AA91-455A-A4FF-BA064FFDA3A3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{81C8A2C0-4F90-429D-AF37-D5C8E66F2A11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE Gold Edition Gameplay Demo\re8GEdemo.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{0E9FD8EB-1DE6-435D-9C93-FF8552362FFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE Gold Edition Gameplay Demo\re8GEdemo.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{607bdee7-3926-411b-9d8e-b4d21c0a9cb8}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [{7B371216-78BC-4A65-9093-4A3FFAAE43FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sons Of The Forest\SonsOfTheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{6D07C2B0-2C0D-4F6D-B653-AE381A7AFBD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sons Of The Forest\SonsOfTheForest.exe () [Datei ist nicht signiert]
FirewallRules: [{5E37611D-E7C5-43C6-8E72-306F0F291B28}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B56D925-2915-403B-B834-FC30E82C0AAF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{005F29F4-98AA-4EAE-B1D5-ABFEEE408ED1}C:\mglauncher\mglauncher\mgl.exe] => (Allow) C:\mglauncher\mglauncher\mgl.exe (MY.GAMES B.V. -> MY.GAMES B.V.)
FirewallRules: [UDP Query User{0B9061C5-F435-4660-8E88-98C4502C1393}C:\mglauncher\mglauncher\mgl.exe] => (Allow) C:\mglauncher\mglauncher\mgl.exe (MY.GAMES B.V. -> MY.GAMES B.V.)
FirewallRules: [TCP Query User{B37DF1A5-DB77-4ED3-BAE5-1F344294293F}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C4947E27-29FB-48E4-AC43-2AF0399E00E9}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{22F95300-D835-41E1-A960-A423101D979D}C:\users\irmer\appdata\roaming\telegram desktop\telegram.exe] => (Block) C:\users\irmer\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{BCDBCFE5-1032-406E-A039-3065A28A28DB}C:\users\irmer\appdata\roaming\telegram desktop\telegram.exe] => (Block) C:\users\irmer\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [TCP Query User{E5A106A7-1B9B-4ACA-977A-DE97578F6DC2}C:\mglauncher\mglauncher\mgl.exe] => (Allow) C:\mglauncher\mglauncher\mgl.exe (MY.GAMES B.V. -> MY.GAMES B.V.)
FirewallRules: [UDP Query User{9E369353-01A5-406C-932E-A177F84B6F56}C:\mglauncher\mglauncher\mgl.exe] => (Allow) C:\mglauncher\mglauncher\mgl.exe (MY.GAMES B.V. -> MY.GAMES B.V.)
FirewallRules: [TCP Query User{562EE57F-E67E-4325-8695-D4CD5ACBD902}C:\program files\epic games\survivingtheaftermath\aftermath64.exe] => (Allow) C:\program files\epic games\survivingtheaftermath\aftermath64.exe (Iceflake Studios Oy -> )
FirewallRules: [UDP Query User{78C18A05-EC0D-4CAF-865D-1B489F2565DE}C:\program files\epic games\survivingtheaftermath\aftermath64.exe] => (Allow) C:\program files\epic games\survivingtheaftermath\aftermath64.exe (Iceflake Studios Oy -> )
FirewallRules: [{43AF9B62-6007-43C7-B723-171EE38C5784}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{CD05D896-E954-48E9-B744-C855517CBBFB}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> Nox Limited Corporation)
FirewallRules: [{085F12F0-DDCC-4769-8FE0-37DE02E03E7B}] => (Allow) C:\Users\irmer\AppData\Local\Programs\Opera\105.0.4970.21\opera.exe => Keine Datei
FirewallRules: [{16C1C9CA-F242-44D3-8E61-079FD6112E75}] => (Allow) C:\Users\irmer\AppData\Local\Programs\Opera\105.0.4970.29\opera.exe => Keine Datei
FirewallRules: [TCP Query User{609E93CD-7A7B-4810-B3E8-2D2C9EFA51E8}C:\program files\epic games\narakabladepoint\narakabladepoint.exe] => (Allow) C:\program files\epic games\narakabladepoint\narakabladepoint.exe (NetEase (Hangzhou) Network Co., Ltd -> )
FirewallRules: [UDP Query User{F5D5C285-C509-4856-91EE-523B126D113C}C:\program files\epic games\narakabladepoint\narakabladepoint.exe] => (Allow) C:\program files\epic games\narakabladepoint\narakabladepoint.exe (NetEase (Hangzhou) Network Co., Ltd -> )
FirewallRules: [TCP Query User{F854CCBD-8039-491A-B730-9C867E20A594}C:\program files\epic games\narakabladepoint\ccmini\ccmini_new\ccmini.exe] => (Allow) C:\program files\epic games\narakabladepoint\ccmini\ccmini_new\ccmini.exe (NetEase (Hangzhou) Network Co., Ltd -> 网易公司)
FirewallRules: [UDP Query User{0FB86894-97D3-4A33-988D-CBB142AA3287}C:\program files\epic games\narakabladepoint\ccmini\ccmini_new\ccmini.exe] => (Allow) C:\program files\epic games\narakabladepoint\ccmini\ccmini_new\ccmini.exe (NetEase (Hangzhou) Network Co., Ltd -> 网易公司)
FirewallRules: [TCP Query User{2AC6FECF-EC3B-46F7-ADF4-868BCB14E89F}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{0190FF10-0F78-4446-83C6-00AF148FAA0C}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{D67A4AB5-C7E9-4441-BAA2-1AA3DB5AB97C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4ED0E80A-A195-4D08-A47E-553A91B369DF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.102\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E24B887F-2759-451B-99FF-242FA55BB75A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.113\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{992CEBEC-6E2B-4C9E-A8F9-A6F1F90AB60C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{1BE086BD-7B46-4113-8E74-A6C7CE6DC201}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{BAAE224E-1923-45F0-AAA0-6A91BD62C403}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{DC1F21CC-2F4A-4E4F-AEBE-7A26FA731127}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B9CDD3C3-4974-46BF-8FBC-AE6EA1269E8E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{1BBC852E-7E4F-4436-BA53-8507DF433C92}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B983E331-CBD3-4A49-BD8B-77FAEAF0503F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{7BF35550-9F20-437F-862C-9952A00DFD81}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{0E0A770B-4E1D-4674-923C-29B27A84AC99}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{2DDDF0B4-9735-455A-A7A3-B197F6214AA9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{C9AB5B6A-B5A3-4975-9558-47339FBC6142}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{067B3666-F480-4C20-BEC7-983245C6CDBD}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{DC3541EA-9ECF-45AF-94EF-37A6F8CEDE87}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{F37D457D-4921-4928-9577-ABA2E42337AA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{03923DB5-F51C-4337-A025-CC67FE9AD951}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{E3258FE3-12E1-443C-8BF2-0C013A5813F9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{45E0DC0C-C1D7-473E-BD19-7A5A3EAA1033}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24165.1306.2986.9504_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67AA002D-392C-484E-9887-14D4BC7822AD}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24165.1306.2986.9504_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0388F2A0-C8EF-4A26-BF93-54A3A3E266FC}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24180.205.2980.1757_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{117C26F0-B58E-4628-9350-1FC9E795602D}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24180.205.2980.1757_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:476.08 GB) (Free:43.71 GB) (9%)
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (08/04/2024 06:16:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\windows\TEMP\sdwra_4796_2023906260\browser.exe".
Die abhängige Assemblierung "24.6.4.580,language="*",type="win32",version="24.6.4.580"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/04/2024 12:48:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\windows\TEMP\sdwra_4796_1571557607\browser.exe".
Die abhängige Assemblierung "24.6.4.580,language="*",type="win32",version="24.6.4.580"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/04/2024 12:13:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\windows\TEMP\sdwra_4796_1903657976\browser.exe".
Die abhängige Assemblierung "24.6.4.580,language="*",type="win32",version="24.6.4.580"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/04/2024 09:58:50 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\windows\TEMP\sdwra_6048_1668651107\browser.exe".
Die abhängige Assemblierung "24.6.4.580,language="*",type="win32",version="24.6.4.580"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/04/2024 07:03:21 AM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm GameBar.exe Version 7.124.5142.0 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.
Error: (08/03/2024 11:52:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\windows\TEMP\sdwra_6048_164676961\browser.exe".
Die abhängige Assemblierung "24.6.4.580,language="*",type="win32",version="24.6.4.580"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/03/2024 10:03:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\windows\TEMP\sdwra_6048_1910003150\browser.exe".
Die abhängige Assemblierung "24.6.4.580,language="*",type="win32",version="24.6.4.580"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/03/2024 10:02:09 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm SpotifyWidgetProvider.exe Version 0.0.0.0 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.
Systemfehler:
=============
Error: (08/04/2024 06:15:59 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {6cbed531-066c-4943-9222-c7d9b9344bd4}" ist das Ereignis "74" aufgetreten.
Error: (08/04/2024 12:48:20 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {6cbed531-066c-4943-9222-c7d9b9344bd4}" ist das Ereignis "74" aufgetreten.
Error: (08/04/2024 12:15:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (08/04/2024 12:13:04 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 04.08.2024 um 11:48:10 unerwartet heruntergefahren.
Error: (08/04/2024 11:25:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Insights Analytics" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/04/2024 11:25:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Graphics Command Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2024 11:25:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/04/2024 11:25:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office Click-to-Run Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Windows Defender:
================
Date: 2023-11-23 16:38:24
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {3933B61F-BA4A-4B82-B74B-3130F0E97A26}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-11-20 11:00:09
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {4F3EDDFD-1D9A-4236-A324-BFB07B9452E4}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-11-19 11:09:01
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {4CA00D20-7D65-499D-A842-5F72F3F2F530}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-11-15 10:25:37
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {3BC05967-1F32-4DA1-88E8-8D562F463B84}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-11-13 09:54:16
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {35BF51D9-07C7-45BA-B6F4-853659A83857}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Event[0]
Date: 2023-11-17 18:42:34
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Security Intelligence aufgetreten. Es wird versucht, zu einer vorherigen Version zurückzukehren.
Security Intelligence versucht: Aktuell
Fehlercode: 0x80070003
Fehlerbeschreibung: Das System kann den angegebenen Pfad nicht finden.
Security Intelligence-Version: 0.0.0.0;0.0.0.0
Modulversion: 0.0.0.0
CodeIntegrity:
===============
Date: 2024-08-04 18:16:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\ControlLib.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2024-08-03 22:05:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_237b1b6e9066be9c\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2024-08-03 18:35:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Insyde F.21 10/24/2022
Hauptplatine: HP 88E7
Prozessor: 11th Gen Intel(R) Core(TM) i5-11300H @ 3.10GHz
Prozentuale Nutzung des RAM: 86%
Installierter physikalischer RAM: 7937.99 MB
Verfügbarer physikalischer RAM: 1071.08 MB
Summe virtueller Speicher: 15105.99 MB
Verfügbarer virtueller Speicher: 6270.61 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:476.08 GB) (Free:43.71 GB) (Model: NVMe SAMSUNG MZVLQ512HBLU-00BH1) (Protected) NTFS
\\?\Volume{d306e014-9899-4e02-9ecd-6d6745d41815}\ (Windows RE tools) (Fixed) (Total:0.58 GB) (Free:0.06 GB) NTFS
\\?\Volume{7ba7a943-fb83-45d9-95f3-53e1e01bf3d1}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: AE608272)
Partition: GPT.
==================== Ende von Addition.txt =======================
Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-08.2024
durchgeführt von irmer (Administrator) auf TOMMY (HP HP Pavilion Gaming Laptop 17-cd2xxx) (04-08-2024 18:24:36)
Gestartet von C:\Users\irmer\Downloads\FRST64.exe
Geladene Profile: irmer
Plattform: Microsoft Windows 11 Home Version 23H2 22631.3880 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Yandex Browser
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming Group Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <5>
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(C:\Users\irmer\AppData\Local\0install.net\implementations\sha256new_EYRJUS5B7ZXHBM3J5SUWEBGFTOF63RH2VJRKPSVL27GZPYENRXNA\DeepL.exe ->) (The CefSharp Authors) [Datei ist nicht signiert] C:\Users\irmer\AppData\Local\0install.net\implementations\sha256new_URIJA5AX26HNM7QVJKAF4VRTKDDVZDUL2XD4MMI4IJ3R32IZBLRA\CefSharp.BrowserSubprocess.exe <5>
(DeepL SE -> DeepL SE) C:\Users\irmer\AppData\Local\0install.net\implementations\sha256new_EYRJUS5B7ZXHBM3J5SUWEBGFTOF63RH2VJRKPSVL27GZPYENRXNA\DeepL.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_95bc605201b64517\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_95bc605201b64517\igfxEMN.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2407.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Nox Limited -> ) C:\Program Files (x86)\Nox\bin\MultiPlayerManager.exe
(explorer.exe ->) (YANDEX LLC -> YANDEX LLC) C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\Application\browser.exe <18>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24180.205.2980.1757_x64__8wekyb3d8bbwe\ms-teams.exe
(SECOMN64.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1d957930b3685886\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1d957930b3685886\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1d957930b3685886\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1d957930b3685886\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_95bc605201b64517\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_d9aa4f0713cc07ec\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_03b951be52cd2aa9\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_237b1b6e9066be9c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d4564390a9b1e980\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_41c48f20ac7de4fb\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe <2>
(services.exe ->) (YANDEX LLC -> YANDEX LLC) C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe <2>
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_34.52424.589.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENLightStudio_1.0.47.0_x64__v10z8vjag6ke6\LightStudio-ui\LightStudio-background.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24062.51.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_34.52424.589.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\irmer\AppData\Local\Microsoft\OneDrive\24.146.0721.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.18500.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(Wargaming Group Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe [3450728 2022-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-07-19] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\Run: [MicrosoftEdgeAutoLaunch_CC4A2CD19C19A21AC7A6F3950F13E668] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3814968 2024-08-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\Run: [YandexBrowserAutoLaunch_FD2FE7A83DEB5E5BB85E6BDD0690D6EC] => "C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --shutdown-if-not-closed-by-system-restart (Keine Datei)
HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4407656 2024-07-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36729320 2024-07-30] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\Run: [NoxMultiPlayer] => C:\Program Files (x86)\Nox\bin\MultiPlayerManager.exe [3926632 2023-11-23] (Nox Limited -> )
HKU\S-1-5-21-382349518-860266412-3078101093-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2202904 2024-07-17] (Wargaming Group Limited -> Wargaming.net)
Startup: C:\Users\irmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2023-10-07]
ShortcutTarget: DeepL auto-start.lnk -> C:\Users\irmer\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [Datei ist nicht signiert]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {266BF441-455C-48FD-90DE-3922672A761B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1558984 2024-06-25] (Adobe Inc. -> Adobe Inc.)
Task: {9A2040BA-AC1B-417A-9E4A-BAF3AA21910E} - System32\Tasks\Aktualisierung von Yandex Browser => C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [4608176 2024-07-19] (YANDEX LLC -> YANDEX LLC)
Task: {353F9921-F787-4326-AAC0-3E9B78EAF6CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2024-02-01] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {20AD6851-5E18-4ED3-883E-DCD40235AFE9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-02-01] (HP Inc. -> HP Inc.)
Task: {0D83B475-D857-4910-883D-1519D110A9DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2024-02-01] (HP Inc. -> HP Inc.)
Task: {58950E21-226B-42D6-9534-516FBD212127} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2024-02-01] (HP Inc. -> HP Inc.)
Task: {0C81A5AB-EBB7-4EC4-9474-1D8BFA4480E0} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {7C7A412C-220F-48BE-9B89-97B489A92A8F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512336 2024-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7371913-0846-4671-9092-34B7CC3FE150} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512336 2024-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {736EC430-8285-4016-83E6-BDCD531268A5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309936 2024-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CE056E8-751B-4174-B848-12974116D880} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309936 2024-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {CEEA8E63-E40E-4A85-B037-6E7B309E50CC} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [169408 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {2F1C2C7B-B096-4315-BD82-46C8B5CF76D2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-08-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E342F192-5D8F-41BD-BA17-40D900EDA743} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-08-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C2B35E8-F5A6-42FC-B1EB-09772EC349DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-08-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD5F4CC3-C793-49DB-AD68-901F229083E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpCmdRun.exe [1678960 2024-08-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7CD0280C-97E9-4682-A18E-996083792BCE} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [677448 2024-07-30] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {9C99170A-6E0B-4232-980D-217CD00BFB70} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-382349518-860266412-3078101093-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [677448 2024-07-30] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {8A60C52A-F436-4940-AF76-A240784A5F89} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34376 2024-07-30] (Mozilla Corporation -> Mozilla Foundation)
Task: {17434381-1364-46A3-82D9-00CE34E57768} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [70096 2024-07-23] (HP Inc. -> HP Inc.)
Task: {702C8043-F9AE-4088-878E-4B470A1FFD3A} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [70096 2024-07-23] (HP Inc. -> HP Inc.)
Task: {781EA5D6-18EF-4BC1-86AA-4F3525468466} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [66520 2024-07-23] (HP Inc. -> HP Inc.)
Task: {899F6EA5-5731-4E5E-B85D-4B42114D491B} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe [66520 2024-07-23] (HP Inc. -> HP Inc.)
Task: {0507F4EE-7C93-4EF7-B170-2332667E860B} - System32\Tasks\Opera scheduled assistant Autoupdate 1700758343 => C:\Users\irmer\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\irmer\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {0704453F-0129-4590-AFD1-0AC62E7B631A} - System32\Tasks\Opera scheduled Autoupdate 1700758338 => C:\Users\irmer\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei)
Task: {B3A0A38F-70DD-4DC5-9A03-169A2401A188} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-382349518-860266412-3078101093-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\windows\System32\wpninprc.dll [65536 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {0DBD902A-6245-4AEE-97ED-EF0B65A4F758} - System32\Tasks\Reparatur des Yandex-Browser-Update-Dienstes => C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe [3012920 2024-07-30] (YANDEX LLC -> YANDEX LLC)
Task: {A28705C7-2DAF-4543-9FA9-443BFF3B8EFF} - System32\Tasks\Systemaktualisierung von Yandex Browser => C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe [3012920 2024-07-30] (YANDEX LLC -> YANDEX LLC)
Task: {0DACC770-6238-4F7D-AACA-C7911157EE35} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [158672 2024-07-23] (HP Inc. -> HP Inc.)
Task: {A3FF1AE7-E9A4-4CB2-8798-A5433A0A3EDB} - System32\Tasks\SystemOptimizerCustomEvent => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [158672 2024-07-23] (HP Inc. -> HP Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Aktualisierung von Yandex Browser.job => C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
Task: C:\windows\Tasks\Reparatur des Yandex-Browser-Update-Dienstes.job => C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe
Task: C:\windows\Tasks\Systemaktualisierung von Yandex Browser.job => C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{07c761f8-5b82-4df8-aa08-fa23c18dcca7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{07c761f8-5b82-4df8-aa08-fa23c18dcca7}\45F6D6D697E65647: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{07c761f8-5b82-4df8-aa08-fa23c18dcca7}\45F6D6D697E65647: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{07c761f8-5b82-4df8-aa08-fa23c18dcca7}\64259445A51224F6870274163747A7577616E676: [DhcpNameServer] 192.168.179.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\irmer\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-04]
Edge Notifications: Default -> hxxps://sooree.co.in
Edge Extension: (Google Docs Offline) - C:\Users\irmer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
Edge Extension: (Edge relevant text changes) - C:\Users\irmer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]
FireFox:
========
FF DefaultProfile: g3fkgooi.default
FF ProfilePath: C:\Users\irmer\AppData\Roaming\Mozilla\Firefox\Profiles\g3fkgooi.default [2023-04-01]
FF ProfilePath: C:\Users\irmer\AppData\Roaming\Mozilla\Firefox\Profiles\76griper.default-release [2024-08-03]
FF NetworkProxy: Mozilla\Firefox\Profiles\76griper.default-release -> type", 0
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-07-23] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\irmer\AppData\Local\Google\Chrome\User Data\Default [2024-02-09]
CHR Extension: (Google Docs Offline) - C:\Users\irmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\irmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-08]
CHR HKU\S-1-5-21-382349518-860266412-3078101093-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-382349518-860266412-3078101093-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaialadjjkjjkdhfmehfgmgkoeniabam]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR DefaultProfile: Default
Yandex:
=======
YAN Profile: C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\User Data\Default [2024-08-04]
YAN Notifications: Default -> hxxps://norlys.dk; hxxps://web.whatsapp.com
YAN Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\irmer\AppData\Local\Yandex\YandexBrowser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-07-18]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-06-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14023752 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1d957930b3685886\x64\AppHelperCap.exe [928192 2024-07-18] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1d957930b3685886\x64\DiagsCap.exe [926768 2024-07-18] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1d957930b3685886\x64\NetworkCap.exe [922672 2024-07-18] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_f1b47696babae655\x64\OmenCap\OmenCap.exe [755152 2023-10-19] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1d957930b3685886\x64\SysInfoCap.exe [926248 2024-07-18] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MpDefenderCoreService.exe [1377416 2024-08-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 mracsvc; C:\windows\System32\mracsvc.exe [30057640 2023-06-06] (My.Com B.V. -> My.com B.V.)
R2 NVDisplay.ContainerLocalSystem; C:\windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_41c48f20ac7de4fb\Display.NvContainer\NVDisplay.Container.exe [1275544 2024-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R2 SECOMNService; C:\windows\System32\SECOMN64.exe [741832 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\NisSrv.exe [3236728 2024-08-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24060.7-0\MsMpEng.exe [133688 2024-08-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 YandexBrowserService; C:\Program Files (x86)\Yandex\YandexBrowser\24.6.4.580\service_update.exe [3012920 2024-07-30] (YANDEX LLC -> YANDEX LLC)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AcxHdAudio; C:\windows\System32\drivers\AcxHdAudio.sys [561152 2024-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 AppleLowerFilter; C:\windows\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 BthA2dp; C:\windows\System32\drivers\BthA2dp.sys [544768 2023-08-08] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\windows\System32\drivers\bthhfenum.sys [184320 2023-06-14] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\windows\System32\drivers\bthmodem.sys [106496 2022-07-09] (Microsoft Corporation) [Datei ist nicht signiert]
R3 GlPciSD; C:\windows\System32\drivers\GlPciSD.sys [220360 2022-03-02] (GENESYS LOGIC, INC. -> Genesys Logic)
S3 GSCAuxDriver; C:\windows\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_e6d306df02347bd3\GSCAuxDriverx64.sys [94824 2022-06-16] (Intel Corporation -> Intel Corporation)
S3 GSCx64; C:\windows\System32\DriverStore\FileRepository\gscheci.inf_amd64_f262f39474370927\TeeDriverGSCW8x64.sys [266320 2022-06-16] (Intel Corporation -> Intel Corporation)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [26648 2022-06-24] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23896 2021-09-28] (HP Inc. -> HP Inc.)
R2 HpReadHWData; C:\windows\system32\drivers\HpReadHWData.sys [55880 2024-07-23] (HP Inc. -> Windows (R) Win 7 DDK provider)
R3 iaLPSS2_GPIO2_TGL; C:\windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2022-03-02] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2022-03-02] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_SPI_TGL; C:\windows\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_fc1ed3a5a1d514f2\iaLPSS2_SPI_TGL.sys [158352 2022-03-02] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_TGL; C:\windows\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_cd8c3a141c1b1284\iaLPSS2_UART2_TGL.sys [313504 2022-03-02] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\windows\System32\drivers\iaStorVD.sys [1546432 2022-06-05] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\windows\System32\DriverStore\FileRepository\gna.inf_amd64_b8b6f6df4a75225e\gna.sys [87192 2022-03-02] (Intel Corporation -> Intel Corporation)
R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2023-03-29] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R3 MpKsla8a36934; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F83CB462-B1B0-4BF8-8A73-7F1B47B9DC08}\MpKslDrv.sys [271640 2024-08-04] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\windows\System32\drivers\mracdrv1.sys [29287768 2023-06-06] (My.Com B.V. -> My.com B.V.)
S3 Neac; C:\windows\System32\drivers\NeacSafe.sys [4405936 2023-12-13] (NetEase(Hangzhou) Network Co. Ltd. -> 网易(杭州)网络有限公司杭州)
S3 rtcx21; C:\windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R1 rtf64; C:\windows\system32\DRIVERS\rtf64x64.sys [74712 2022-06-10] (Realtek Semiconductor Corp. -> Realtek)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [21968 2024-08-03] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [602520 2024-08-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-03] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2023-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation)
U3 AVG Business Console Client Antivirus Service; kein ImagePath
U3 AVG Firewall; kein ImagePath
U3 avgBcc; kein ImagePath
U3 avgbdisk; kein ImagePath
S3 MpKsl016fedad; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2F07DAC5-AE0C-425E-B247-18C8C1286E43}\MpKslDrv.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-08-04 18:23 - 2024-08-04 18:23 - 002397184 _____ (Farbar) C:\Users\irmer\Downloads\FRST64.exe
2024-08-04 12:20 - 2024-08-04 12:20 - 000723674 _____ C:\windows\system32\perfh007.dat
2024-08-04 12:20 - 2024-08-04 12:20 - 000149714 _____ C:\windows\system32\perfc007.dat
2024-08-04 11:22 - 2024-08-04 11:25 - 000000000 ____D C:\AdwCleaner
2024-08-04 11:22 - 2024-08-04 11:22 - 008790880 _____ (Malwarebytes) C:\Users\irmer\Downloads\adwcleaner.exe
2024-08-03 16:58 - 2024-08-03 16:58 - 000000000 ___HD C:\$AV_AVG
2024-08-03 16:56 - 2024-08-03 16:57 - 000057692 _____ C:\Users\irmer\Downloads\Addition.txt
2024-08-03 16:54 - 2024-08-04 18:25 - 000032482 _____ C:\Users\irmer\Downloads\FRST.txt
2024-08-03 16:53 - 2024-08-04 18:24 - 000000000 ____D C:\FRST
2024-07-30 17:55 - 2024-08-03 16:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-07-27 09:04 - 2024-07-27 09:04 - 045151200 _____ (Telegram FZ-LLC ) C:\Users\irmer\Downloads\tsetup-x64.5.2.3.exe
2024-07-26 10:28 - 2024-07-26 10:28 - 000358824 _____ (G5 Entertainment AB) C:\Users\irmer\Downloads\JewelsOfEgyptSetup_34011329-60cf-4fe9-9af1-02613e860585.exe
2024-07-17 23:04 - 2024-07-17 23:04 - 000025684 _____ C:\windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-07-17 23:03 - 2024-07-17 23:03 - 000025684 _____ C:\windows\system32\IntegratedServicesRegionPolicySet.json
2024-07-17 22:59 - 2024-07-17 23:02 - 000000000 ___HD C:\$WinREAgent
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-08-04 18:17 - 2023-04-04 20:21 - 000000000 ____D C:\Users\irmer\AppData\Local\OGH
2024-08-04 18:16 - 2023-11-23 18:50 - 000000000 ____D C:\Users\irmer\AppData\Local\Nox
2024-08-04 18:16 - 2023-03-29 12:45 - 000000000 ____D C:\Program Files (x86)\Steam
2024-08-04 18:16 - 2023-03-29 12:40 - 000000490 _____ C:\windows\Tasks\Systemaktualisierung von Yandex Browser.job
2024-08-04 18:16 - 2023-03-29 12:40 - 000000454 _____ C:\windows\Tasks\Aktualisierung von Yandex Browser.job
2024-08-04 18:16 - 2023-03-29 12:40 - 000000434 _____ C:\windows\Tasks\Reparatur des Yandex-Browser-Update-Dienstes.job
2024-08-04 18:16 - 2023-03-29 12:35 - 000000000 __SHD C:\Users\irmer\IntelGraphicsProfiles
2024-08-04 18:16 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-04 13:06 - 2022-08-31 22:39 - 000000000 ____D C:\ProgramData\NVIDIA
2024-08-04 13:03 - 2023-03-29 13:15 - 000000000 ____D C:\Users\irmer\AppData\Roaming\Telegram Desktop
2024-08-04 12:33 - 2023-03-29 12:28 - 000000000 ____D C:\Users\irmer
2024-08-04 12:23 - 2022-05-07 07:24 - 000000000 ____D C:\windows\SystemTemp
2024-08-04 12:20 - 2022-07-01 03:07 - 001713906 _____ C:\windows\system32\PerfStringBackup.INI
2024-08-04 12:20 - 2022-05-07 07:22 - 000000000 ____D C:\windows\INF
2024-08-04 12:13 - 2022-07-09 00:38 - 000000000 ____D C:\Intel
2024-08-04 12:13 - 2022-07-01 03:01 - 000592464 _____ C:\windows\system32\FNTCACHE.DAT
2024-08-04 12:13 - 2022-07-01 03:01 - 000012288 ___SH C:\DumpStack.log.tmp
2024-08-04 12:13 - 2022-07-01 03:01 - 000000006 ____H C:\windows\Tasks\SA.DAT
2024-08-04 12:13 - 2022-07-01 03:01 - 000000000 ____D C:\windows\system32\SleepStudy
2024-08-04 12:13 - 2022-05-07 07:24 - 000000000 ____D C:\windows\ServiceState
2024-08-03 22:13 - 2022-07-01 03:01 - 000000000 ____D C:\windows\system32\Drivers\wd
2024-08-03 22:02 - 2023-03-29 12:28 - 000000000 ____D C:\Users\irmer\AppData\Local\Packages
2024-08-03 22:02 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-03 22:02 - 2022-05-07 07:24 - 000000000 ____D C:\windows\AppReadiness
2024-08-03 22:02 - 2022-05-07 07:17 - 001048576 _____ C:\windows\system32\config\BBI
2024-08-03 22:00 - 2022-08-31 22:50 - 000000000 ____D C:\ProgramData\McAfee
2024-08-03 21:59 - 2022-08-31 22:45 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2024-08-03 21:57 - 2022-07-09 00:44 - 000000000 ____D C:\Program Files\HP
2024-08-03 21:54 - 2023-04-08 13:05 - 000000000 ____D C:\Program Files (x86)\Google
2024-08-03 21:53 - 2022-08-31 22:39 - 000000000 ____D C:\ProgramData\Package Cache
2024-08-03 21:53 - 2022-05-07 07:17 - 000032768 _____ C:\windows\system32\config\ELAM
2024-08-03 21:52 - 2023-11-23 19:23 - 000000000 ____D C:\Users\irmer\AppData\Local\AVG
2024-08-03 21:52 - 2023-11-23 18:53 - 000000000 ____D C:\Users\irmer\AppData\Roaming\AVG
2024-08-03 21:52 - 2023-11-23 18:51 - 000000000 ____D C:\ProgramData\AVG
2024-08-03 21:52 - 2023-03-29 15:19 - 000918944 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2024-08-03 16:42 - 2023-04-01 05:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-08-03 16:42 - 2023-03-29 12:40 - 000003670 _____ C:\windows\system32\Tasks\Systemaktualisierung von Yandex Browser
2024-08-03 16:42 - 2023-03-29 12:40 - 000003528 _____ C:\windows\system32\Tasks\Reparatur des Yandex-Browser-Update-Dienstes
2024-08-03 16:42 - 2023-03-29 12:40 - 000003512 _____ C:\windows\system32\Tasks\Aktualisierung von Yandex Browser
2024-08-03 16:41 - 2024-02-01 03:22 - 000003354 _____ C:\windows\system32\Tasks\OmenInstallMonitorCustomEvent
2024-08-03 16:41 - 2024-02-01 03:22 - 000003294 _____ C:\windows\system32\Tasks\OmenOverlayCustomEvent
2024-08-03 16:41 - 2024-01-31 23:00 - 000003330 _____ C:\windows\system32\Tasks\SystemOptimizerCustomEvent
2024-08-03 16:41 - 2023-11-24 12:49 - 000002912 _____ C:\windows\system32\Tasks\OmenInstallMonitor
2024-08-03 16:41 - 2023-11-24 09:46 - 000000000 ____D C:\windows\system32\Tasks\AVAST Software
2024-08-03 16:41 - 2023-11-23 18:52 - 000003814 _____ C:\windows\system32\Tasks\Opera scheduled assistant Autoupdate 1700758343
2024-08-03 16:41 - 2023-11-23 18:52 - 000003582 _____ C:\windows\system32\Tasks\Opera scheduled Autoupdate 1700758338
2024-08-03 16:41 - 2023-09-17 02:22 - 000002854 _____ C:\windows\system32\Tasks\OmenOverlay
2024-08-03 16:41 - 2023-06-27 14:40 - 000003482 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2024-08-03 16:41 - 2023-04-04 20:21 - 000002890 _____ C:\windows\system32\Tasks\SystemOptimizer
2024-08-03 16:41 - 2023-03-29 12:37 - 000003058 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-382349518-860266412-3078101093-1001
2024-08-03 16:41 - 2023-03-29 12:37 - 000002854 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-382349518-860266412-3078101093-1001
2024-08-03 16:41 - 2022-08-31 23:07 - 000002850 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-382349518-860266412-3078101093-500
2024-08-03 16:41 - 2022-07-01 03:01 - 000003684 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-08-03 16:41 - 2022-07-01 03:01 - 000003460 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-08-03 01:02 - 2023-04-01 05:54 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-08-02 03:06 - 2022-07-01 03:01 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-01 19:14 - 2024-03-30 23:12 - 000000299 _____ C:\Users\irmer\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2024-08-01 19:14 - 2023-11-23 18:52 - 000000000 ____D C:\Users\irmer\AppData\Local\NoxSrv
2024-08-01 19:14 - 2023-11-23 18:52 - 000000000 ____D C:\Users\irmer\.android
2024-08-01 19:14 - 2023-11-23 18:51 - 000000000 ____D C:\Users\irmer\vmlogs
2024-08-01 19:14 - 2023-11-23 18:51 - 000000000 ____D C:\Users\irmer\.BigNox
2024-08-01 16:04 - 2022-07-01 03:02 - 000000000 ____D C:\ProgramData\Packages
2024-08-01 16:03 - 2023-03-29 12:37 - 000002402 _____ C:\Users\irmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-07-31 19:31 - 2023-06-27 14:40 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-07-30 23:33 - 2023-04-01 05:55 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2024-07-30 23:33 - 2023-04-01 05:54 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-07-30 04:41 - 2023-03-29 12:40 - 000002567 _____ C:\Users\irmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk
2024-07-27 20:55 - 2024-04-21 20:21 - 000015648 _____ C:\Users\irmer\OneDrive\Desktop\Lohnzeddel.odt
2024-07-27 09:52 - 2023-03-30 03:11 - 000000000 ____D C:\Users\irmer\Downloads\Telegram Desktop
2024-07-27 06:35 - 2022-05-07 07:24 - 000000000 ___HD C:\windows\ELAMBKUP
2024-07-23 05:37 - 2023-06-21 13:01 - 000055880 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\HpReadHWData.sys
2024-07-20 07:46 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-07-20 05:20 - 2023-12-15 03:47 - 000000000 ____D C:\windows\InboxApps
2024-07-20 05:20 - 2023-10-13 03:30 - 000000000 ____D C:\windows\system32\Microsoft-Edge-WebView
2024-07-20 05:20 - 2022-09-01 08:30 - 000000000 ____D C:\windows\HoloShell
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ____D C:\windows\UUS
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ____D C:\windows\SysWOW64\WinMetadata
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ____D C:\windows\SystemResources
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\WinMetadata
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\Sgrm
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\SecureBootUpdates
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\oobe
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ____D C:\windows\ShellExperiences
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ____D C:\windows\ShellComponents
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ____D C:\windows\Provisioning
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ____D C:\windows\PolicyDefinitions
2024-07-20 05:20 - 2022-05-07 07:24 - 000000000 ____D C:\windows\bcastdvr
2024-07-19 06:26 - 2023-03-29 12:36 - 000000000 ____D C:\Users\irmer\AppData\Local\D3DSCache
2024-07-17 23:06 - 2022-05-07 07:17 - 000000000 ____D C:\windows\CbsTemp
2024-07-17 23:04 - 2022-07-01 03:04 - 003212800 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2024-07-17 22:54 - 2023-03-31 09:50 - 194135240 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2024-07-17 22:54 - 2023-03-31 09:50 - 000000000 ____D C:\windows\system32\MRT
2024-07-17 15:20 - 2022-07-09 00:46 - 000000000 ____D C:\Program Files\Microsoft Office
2024-07-17 15:15 - 2023-03-29 12:47 - 000000000 ____D C:\Users\irmer\AppData\Local\Steam
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2022-06-01 16:06 - 2022-06-01 16:06 - 000000293 _____ () C:\ProgramData\fontcacheev1.dat
2023-03-29 13:41 - 2023-03-29 13:41 - 000000068 _____ () C:\Users\irmer\AppData\Roaming\changzhi_leidian.data
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
04.08.2024, 18:25
Baum-Darstellung