| MstLancelot | 18.09.2023 20:23 |
FRST
FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2023
durchgeführt von fstra (Administrator) auf DESKTOP-TR6LTTA (Gigabyte Technology Co., Ltd. B550M S2H) (18-09-2023 21:18:47)
Gestartet von C:\Users\fstra\OneDrive\Desktop\FRST64.exe
Geladene Profile: fstra
Plattform: Microsoft Windows 11 Pro Version 22H2 22621.2283 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Spiele\Fortnite\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Spiele\Fortnite\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Spiele\Fortnite\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Users\fstra\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_29b69e720c94d54e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Plarium Global LTD -> PlariumPlayClientService) C:\Users\fstra\AppData\Local\PlariumPlay\8.6.0-0.0.1\PlariumPlayClientService\PlariumPlayClientService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\fstra\AppData\Local\Microsoft\OneDrive\23.180.0828.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\userinit.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1090784 2020-07-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Run: [Steam] => C:\Spiele\Steam\steam.exe [4374376 2023-07-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-09-22] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Run: [EpicGamesLauncher] => C:\Spiele\Fortnite\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37097936 2023-09-08] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Run: [AvastBrowserAutoLaunch_A8D3BB59C5C902D836D16FB336A4B041] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3355432 2023-09-06] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2181912 2023-04-20] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Run: [Opera Stable] => C:\Users\fstra\AppData\Local\Programs\Opera\launcher.exe [2730912 2023-08-09] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Run: [PlariumPlay] => C:\Users\fstra\AppData\Local\PlariumPlay\PlariumPlay.exe [295232 2023-06-13] (Plarium Global LTD -> PlariumPlay)
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Run: [MicrosoftEdgeAutoLaunch_37833496A573CED3E9087172950DF2DB] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4219448 2023-09-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Run: [Gaijin.Net Updater] => C:\Users\fstra\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [3053768 2023-06-16] (Gaijin Network Ltd -> Gaijin)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\116.0.22301.180\Installer\chrmstp.exe [2023-09-14] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy-Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {6C3A790C-0BC6-4129-B59C-D6A0B5D763EE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3355432 2023-09-06] (Avast Software s.r.o. -> AVAST Software)
Task: {A89D1579-6139-4B63-80D5-DEC899127B27} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3355432 2023-09-06] (Avast Software s.r.o. -> AVAST Software)
Task: {CA23A177-F7FB-4314-8973-4F3E467814F3} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {B655E370-62F6-4B3A-9618-3ABA30D51C2D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {F9A6A88D-224C-49D7-B25E-9AF8E3510DB0} - System32\Tasks\Avira_FallbackUpdater => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false
Task: {E00C425E-E329-4D8E-BA9D-A0B6E4769658} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {E00C425E-E329-4D8E-BA9D-A0B6E4769658} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {E00C425E-E329-4D8E-BA9D-A0B6E4769658} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {6E258B44-29C0-4B18-A9B5-53AFF3E296A2} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [262024 2023-08-30] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {45F0D5EE-D561-46E6-A3D1-6E568745C743} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1814672 2023-08-30] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {9635F7B1-9439-4AF5-8D10-93C376BBBC67} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [81920 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {41C68746-6D20-4584-AD7A-45B2AF963352} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [35381016 2023-03-31] (Avira Operations GmbH -> Avira Operations GmbH)
Task: {37BE8310-5A1E-47C7-98D5-9BE0333D2F61} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\WINDOWS\system32\UCPDMgr.exe [58880 2023-09-16] (Microsoft Windows -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Keine Datei)
Task: {9E76A3B4-DB93-4257-B675-A78348939B2D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Keine Datei)
Task: {F18EEDDD-02B4-4AF3-8C9E-26DC2F33EFA4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Keine Datei)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {CBE92045-D32E-4248-BB37-CBEA523D578A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E5BFBDB5-3176-4351-8501-695CAF24B346} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {68823773-9CA9-4116-B80D-8760F8FF9C4A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {56766804-2936-4B81-8EFB-583C8E1E42C5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {234BA98D-1DE1-40A4-806F-BD76B9796B03} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4BC9EDBE-CE1F-45CE-AD9F-26D785F3EBC5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {384B8704-947B-443A-B130-F547FAE7BD49} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {502FD642-994C-4B47-B5A5-BB01234CBD7C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8B156E2-81E0-4A3A-BE57-BE392B2C2DCB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CADA8C7-4E45-4199-BC7D-273D9DF97E5B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {557C984D-3A47-4801-896C-D79464D4D1BF} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD99974D-0ED2-493E-ACBC-715C9545202C} - System32\Tasks\Opera scheduled Autoupdate 1645899286 => C:\Users\fstra\AppData\Local\Programs\Opera\launcher.exe [2730912 2023-08-09] (Opera Norway AS -> Opera Software)
Task: {E319D380-6FB4-46FF-BE73-EB92BC2A5FBC} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-09-22] (Overwolf Ltd -> Overwolf LTD)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.188.1
Tcpip\..\Interfaces\{80fe0b8c-630f-48cd-aba9-265ffae0e01b}: [DhcpNameServer] 192.168.188.1
Edge:
=======
Edge Profile: C:\Users\fstra\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-14]
Edge StartupUrls: Default -> "hxxps://www.searchgoose.com/?path=chrome/newtab&u=b5fb4427fa14abcc&subid=11118&channel=19"
Edge Extension: (Avira Safe Shopping) - C:\Users\fstra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-06-12]
Edge Extension: (Avira Password Manager) - C:\Users\fstra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-04-29]
Edge Extension: (Edge relevant text changes) - C:\Users\fstra\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
FireFox:
========
FF DefaultProfile: spuft4tb.default
FF ProfilePath: C:\Users\fstra\AppData\Roaming\Mozilla\Firefox\Profiles\spuft4tb.default [2023-09-17]
FF ProfilePath: C:\Users\fstra\AppData\Roaming\Mozilla\Firefox\Profiles\wox421gm.default-release [2023-09-18]
FF Homepage: Mozilla\Firefox\Profiles\wox421gm.default-release -> hxxps://links.malwarebytes.com/link/restorebrowser?lic=trial&product=MBAM-C/?path=firefox/newtab&u=b5fb4427fa14abcc&subid=11118&channel=19
FF Notifications: Mozilla\Firefox\Profiles\wox421gm.default-release -> hxxps://www.lootboy.de; hxxps://www.lootboy.com
FF NewTabOverride: Mozilla\Firefox\Profiles\wox421gm.default-release -> Enabled: {c5ffbd00-71e8-4603-a19b-860104b7ac62}
FF NewTabOverride: Mozilla\Firefox\Profiles\wox421gm.default-release -> Enabled: {b98722dd-b4e2-4397-9be4-3d0a144a17d9}
FF NewTabOverride: Mozilla\Firefox\Profiles\wox421gm.default-release -> Disabled: addon@customsearchtool.com
FF Extension: (Custom Search Tool) - C:\Users\fstra\AppData\Roaming\Mozilla\Firefox\Profiles\wox421gm.default-release\Extensions\addon@customsearchtool.com.xpi [2023-07-20]
FF Extension: (Coupert - Automatic Coupon Finder & Cashback) - C:\Users\fstra\AppData\Roaming\Mozilla\Firefox\Profiles\wox421gm.default-release\Extensions\appledev@soarinfotech.com.xpi [2023-08-25] [UpdateUrl:hxxps://www.coupert.com/api/v2/extension/ffupdate]
FF Extension: (Manuals Directory Search) - C:\Users\fstra\AppData\Roaming\Mozilla\Firefox\Profiles\wox421gm.default-release\Extensions\{b98722dd-b4e2-4397-9be4-3d0a144a17d9}.xpi [2023-04-29] [UpdateUrl:hxxps://cdn.manualsdirectory-cdn.org/xpi/manualsdirectory/yhs/1120/search/updates.json]
FF Extension: (Freshy Newtab and Search ) - C:\Users\fstra\AppData\Roaming\Mozilla\Firefox\Profiles\wox421gm.default-release\Extensions\{c5ffbd00-71e8-4603-a19b-860104b7ac62}.xpi [2022-11-12] [UpdateUrl:hxxps://cdn.freshysearch-cdn.com/xpi/freshy/yhs/01020/searchnnewtab/updates.json]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Opera:
=======
OPR Profile: C:\Users\fstra\AppData\Roaming\Opera Software\Opera Stable [2023-09-18]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\fstra\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-09-11]
OPR Extension: (Opera Wallet) - C:\Users\fstra\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-09-17]
OPR Extension: (Aria) - C:\Users\fstra\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-09-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\fstra\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-02-26]
OPR Extension: (Cashback Assistant) - C:\Users\fstra\AppData\Roaming\Opera Software\Opera Stable\Extensions\ompjkhnkeoicimmaehlcmgmpghobbjoj [2023-09-13]
OPR Extension: (opera-intro) - C:\Users\fstra\AppData\Local\Programs\Opera\101.0.4843.33\resources\opera_intro_extension [2023-08-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\116.0.22301.180\elevation_service.exe [1837960 2023-09-06] (Avast Software s.r.o. -> AVAST Software)
S2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6573128 2023-08-30] (Avira Operations GmbH -> Avira Operations GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3000232 2022-02-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [389096 2023-09-06] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [267392 2023-08-30] (Avira Operations GmbH -> Avira Operations GmbH)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [297392 2023-08-30] (Avira Operations GmbH -> Avira Operations GmbH)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-03-10] (BattlEye Innovations e.K. -> )
S3 Denuvo Anti-Cheat Update Service; C:\Program Files\Denuvo Anti-Cheat\denuvo-anti-cheat-update-service.exe [977776 2023-04-23] (DENUVO GmbH -> Denuvo GmbH)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2022-07-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-05-17] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11174056 2023-09-16] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [11174056 2023-09-16] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-02-12] (Epic Games Inc. -> Epic Games, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287960 2023-09-13] (Malwarebytes Inc. -> Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [11476792 2023-02-06] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-09-22] (Overwolf Ltd -> Overwolf LTD)
R2 Plarium Play Client Service; C:\Users\fstra\AppData\Local\PlariumPlay\8.6.0-0.0.1\PlariumPlayClientService\PlariumPlayClientService.exe [200512 2023-06-13] (Plarium Global LTD -> PlariumPlayClientService)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402352 2023-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_29b69e720c94d54e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_29b69e720c94d54e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACE-BASE; C:\Windows\system32\drivers\ACE-BASE.sys [1869904 2023-08-26] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\Windows\system32\drivers\ACE-GAME.sys [772640 2022-06-10] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [190712 2023-03-17] (Avira Operations GmbH -> Avira Operations GmbH)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2023-05-29] (Avira Operations GmbH -> Avira Operations GmbH)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [310672 2023-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
S3 Denuvo Anti-Cheat; C:\Program Files\Denuvo Anti-Cheat\denuvo-anti-cheat.sys [1005056 2023-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Denuvo GmbH)
S3 HoYoProtect; C:\Windows\system32\HoYoKProtect.sys [3712576 2023-03-30] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MFDriver_Driver; C:\WINDOWS\system32\drivers\MFDriver.sys [32224 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-05-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28616 2023-07-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
R1 rtp_filter; C:\WINDOWS\System32\DRIVERS\rtp_filter.sys [358160 2023-09-16] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [41776 2023-07-13] (Avira Operations GmbH -> Avira Operations GmbH)
S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S1 epp; \??\C:\EEK\bin64\epp.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-09-18 20:53 - 2023-09-18 20:56 - 000000000 ____D C:\EEK
2023-09-18 20:53 - 2023-09-18 20:53 - 000000000 ____D C:\ProgramData\Emsisoft
2023-09-18 19:57 - 2023-09-18 19:57 - 000001382 _____ C:\Users\fstra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-09-18 19:57 - 2023-09-18 19:57 - 000000000 ____D C:\Users\fstra\AppData\Local\ESET
2023-09-17 17:55 - 2023-09-17 17:55 - 000758086 _____ C:\WINDOWS\system32\perfh007.dat
2023-09-17 17:55 - 2023-09-17 17:55 - 000156254 _____ C:\WINDOWS\system32\perfc007.dat
2023-09-16 21:34 - 2023-09-16 21:34 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-09-16 21:29 - 2023-09-16 21:29 - 000000020 ___SH C:\Users\fstra\ntuser.ini
2023-09-16 21:17 - 2023-09-17 17:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-16 21:17 - 2023-09-16 21:17 - 000003684 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-16 21:17 - 2023-09-16 21:17 - 000003596 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2023-09-16 21:17 - 2023-09-16 21:17 - 000003536 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1645899286
2023-09-16 21:17 - 2023-09-16 21:17 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-16 21:17 - 2023-09-16 21:17 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:17 - 2023-09-16 21:17 - 000003372 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2023-09-16 21:17 - 2023-09-16 21:17 - 000003330 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2023-09-16 21:17 - 2023-09-16 21:17 - 000003322 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2023-09-16 21:17 - 2023-09-16 21:17 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:17 - 2023-09-16 21:17 - 000003118 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2023-09-16 21:17 - 2023-09-16 21:17 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1947085477-1218348813-1441862315-1001
2023-09-16 21:17 - 2023-09-16 21:17 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:17 - 2023-09-16 21:17 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:17 - 2023-09-16 21:17 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:17 - 2023-09-16 21:17 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:17 - 2023-09-16 21:17 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:17 - 2023-09-16 21:17 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:17 - 2023-09-16 21:17 - 000002886 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater
2023-09-16 21:17 - 2023-09-16 21:17 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1947085477-1218348813-1441862315-1001
2023-09-16 21:17 - 2023-09-16 21:17 - 000002860 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify
2023-09-16 21:17 - 2023-09-16 21:17 - 000002814 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2023-09-16 21:17 - 2023-09-16 21:17 - 000002750 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2023-09-16 21:17 - 2023-09-16 21:17 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-09-16 21:17 - 2023-09-16 21:17 - 000002636 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2023-09-16 21:17 - 2023-09-16 21:17 - 000002028 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2023-09-16 21:17 - 2023-09-16 21:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2023-09-16 21:17 - 2023-09-16 21:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-09-16 21:17 - 2023-09-16 21:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2023-09-16 21:17 - 2023-08-10 14:22 - 000003938 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2023-09-16 21:15 - 2023-09-17 17:55 - 001751300 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-16 21:15 - 2023-09-16 21:17 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2023-09-16 21:15 - 2023-09-16 21:17 - 000011433 _____ C:\WINDOWS\diagerr.xml
2023-09-16 21:13 - 2023-09-16 21:13 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2023-09-16 21:12 - 2023-09-17 19:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-16 21:12 - 2023-09-16 21:29 - 000000000 ____D C:\Windows.old
2023-09-16 21:12 - 2023-09-16 21:12 - 000295504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-16 21:12 - 2023-09-16 21:12 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2023-09-16 21:11 - 2023-03-17 14:55 - 000190712 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\BdNet.sys
2023-09-16 19:21 - 2023-09-16 21:12 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\Crypto
2023-09-16 19:21 - 2023-09-16 19:21 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\SystemCertificates
2023-09-16 19:21 - 2023-09-16 19:21 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\Network
2023-09-16 19:20 - 2023-09-16 21:12 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2023-09-16 19:20 - 2023-09-16 19:20 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\CLR Security Config
2023-09-16 19:19 - 2023-09-16 21:29 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\Windows
2023-09-16 19:19 - 2023-09-16 21:29 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\Spelling
2023-09-16 19:19 - 2023-09-16 21:29 - 000000000 ____D C:\Users\fstra
2023-09-16 19:19 - 2023-09-16 19:19 - 000000000 _SHDL C:\Users\fstra\Vorlagen
2023-09-16 19:19 - 2023-09-16 19:19 - 000000000 _SHDL C:\Users\fstra\Startmenü
2023-09-16 19:19 - 2023-09-16 19:19 - 000000000 _SHDL C:\Users\fstra\Netzwerkumgebung
2023-09-16 19:19 - 2023-09-16 19:19 - 000000000 _SHDL C:\Users\fstra\Lokale Einstellungen
2023-09-16 19:19 - 2023-09-16 19:19 - 000000000 _SHDL C:\Users\fstra\Eigene Dateien
2023-09-16 19:19 - 2023-09-16 19:19 - 000000000 _SHDL C:\Users\fstra\Druckumgebung
2023-09-16 19:19 - 2023-09-16 19:19 - 000000000 _SHDL C:\Users\fstra\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2023-09-16 19:19 - 2023-09-16 19:19 - 000000000 _SHDL C:\Users\fstra\AppData\Local\Verlauf
2023-09-16 19:19 - 2023-09-16 19:19 - 000000000 _SHDL C:\Users\fstra\AppData\Local\Anwendungsdaten
2023-09-16 19:19 - 2023-09-16 19:19 - 000000000 _SHDL C:\Users\fstra\Anwendungsdaten
2023-09-16 19:17 - 2023-09-16 19:20 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-09-16 19:16 - 2023-09-16 19:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\mde
2023-09-16 19:09 - 2023-09-16 19:09 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2023-09-16 19:09 - 2023-09-16 19:09 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-09-16 19:09 - 2023-09-16 19:09 - 000000000 ____D C:\Program Files\MSBuild
2023-09-16 19:09 - 2023-09-16 19:09 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-09-16 19:09 - 2023-09-16 19:09 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-09-16 19:08 - 2023-09-16 19:08 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-09-16 19:08 - 2023-09-16 19:08 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-09-16 19:08 - 2023-09-16 19:08 - 000000000 ____D C:\WINDOWS\addins
2023-09-16 19:01 - 2023-09-16 19:01 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-09-16 18:42 - 2023-09-16 21:33 - 000000000 ___DC C:\WINDOWS\Panther
2023-09-16 14:23 - 2023-09-16 14:23 - 000000000 ___HD C:\$WinREAgent
2023-09-13 18:03 - 2023-09-13 18:03 - 000000000 ____D C:\AdwCleaner
2023-09-13 17:59 - 2023-09-18 19:55 - 000000000 ____D C:\Users\fstra\AppData\Local\Malwarebytes
2023-09-13 17:59 - 2023-09-13 17:59 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-13 17:59 - 2023-09-13 17:59 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-09-13 17:59 - 2023-09-13 17:59 - 000000000 ____D C:\Users\fstra\AppData\Local\mbam
2023-09-13 17:58 - 2023-09-13 17:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-13 17:58 - 2023-09-13 17:58 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-12 18:30 - 2023-09-16 18:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-11 19:35 - 2023-09-18 21:18 - 000000000 ____D C:\FRST
2023-09-02 11:48 - 2023-09-02 11:48 - 000000000 ____D C:\Users\fstra\AppData\LocalLow\Rumble
2023-09-02 11:40 - 2023-09-02 11:40 - 000002208 _____ C:\Users\fstra\Desktop\Saga of Survival.lnk
2023-09-02 11:40 - 2023-09-02 11:40 - 000000000 ____D C:\Users\fstra\AppData\LocalLow\pacific
2023-09-02 11:39 - 2023-09-02 11:39 - 000002204 _____ C:\Users\fstra\Desktop\Towers and Titans.lnk
2023-09-02 11:38 - 2023-09-02 11:38 - 000000078 _____ C:\Users\fstra\Downloads\Plarium_Play_Backup_Codes.txt
2023-08-26 08:55 - 2023-08-26 08:55 - 000000000 ____D C:\Users\fstra\AppData\Local\WorldOfWarships
2023-08-25 19:35 - 2023-08-25 19:35 - 000000000 ____D C:\Users\fstra\AppData\LocalLow\Cognosphere
2023-08-19 19:03 - 2023-08-21 17:14 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\WordPad
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-09-18 21:19 - 2023-04-14 14:48 - 000000000 ____D C:\Users\fstra\AppData\Roaming\PlariumPlay
2023-09-18 21:18 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-18 21:18 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-18 21:18 - 2022-02-05 10:32 - 000000000 ___RD C:\Users\fstra\OneDrive
2023-09-18 21:18 - 2022-02-05 10:30 - 000000000 ____D C:\Users\fstra\AppData\Local\Packages
2023-09-18 21:18 - 2022-02-05 10:17 - 000000000 ____D C:\ProgramData\Packages
2023-09-18 21:18 - 2022-02-05 10:17 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-18 20:57 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-18 20:53 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-18 20:53 - 2022-02-12 09:05 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-17 19:33 - 2022-02-11 14:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-17 18:01 - 2022-03-11 21:02 - 000000000 ___SH C:\Users\Public\Shared Files
2023-09-17 17:55 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-09-17 17:48 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-09-17 17:48 - 2022-02-05 10:30 - 000000000 ____D C:\Users\fstra\AppData\Local\D3DSCache
2023-09-17 17:48 - 2022-02-05 10:19 - 000012288 ___SH C:\DumpStack.log.tmp
2023-09-17 17:47 - 2023-02-18 10:19 - 002914160 _____ C:\WINDOWS\system32\rtp.db
2023-09-17 17:47 - 2022-09-20 17:50 - 000000000 ____D C:\Users\fstra\AppData\LocalLow\Temp
2023-09-17 17:47 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-09-17 07:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-09-17 07:37 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\appcompat
2023-09-16 21:49 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-09-16 21:48 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2023-09-16 21:48 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-16 21:34 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-09-16 21:29 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-16 21:29 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-16 21:29 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows NT
2023-09-16 21:29 - 2022-02-05 10:30 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-09-16 21:17 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows Defender
2023-09-16 21:17 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-09-16 21:13 - 2022-05-07 07:24 - 000000000 __RHD C:\Users\Public\Libraries
2023-09-16 21:13 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-09-16 21:13 - 2022-02-05 10:19 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-16 21:13 - 2022-02-05 10:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2023-09-16 21:12 - 2023-08-09 17:35 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout
2023-09-16 21:12 - 2023-05-09 15:59 - 000000000 ____D C:\WINDOWS\SysWOW64\UnicTool MagicVox
2023-09-16 21:12 - 2023-03-10 20:12 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2023-09-16 21:12 - 2023-01-22 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2023-09-16 21:12 - 2022-12-22 21:02 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-09-16 21:12 - 2022-06-09 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Honkai Impact 3rd
2023-09-16 21:12 - 2022-05-29 06:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2023-09-16 21:12 - 2022-05-07 07:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-09-16 21:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-09-16 21:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\spool
2023-09-16 21:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-09-16 21:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-09-16 21:12 - 2022-04-30 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genshin Impact
2023-09-16 21:12 - 2022-04-19 11:47 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2023-09-16 21:12 - 2022-03-14 18:30 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2023-09-16 21:12 - 2022-03-14 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2023-09-16 21:12 - 2022-02-12 09:07 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2023-09-16 21:12 - 2022-02-06 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2023-09-16 21:12 - 2022-02-06 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2023-09-16 21:12 - 2022-02-05 13:53 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2023-09-16 21:12 - 2022-02-05 13:27 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-09-16 21:12 - 2022-02-05 13:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2023-09-16 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-09-16 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-09-16 19:26 - 2022-05-07 07:28 - 000000000 ____D C:\WINDOWS\Setup
2023-09-16 19:21 - 2023-04-10 11:01 - 000000000 ____D C:\Users\fstra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Live
2023-09-16 19:20 - 2023-05-09 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnicTool
2023-09-16 19:19 - 2022-05-07 07:24 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-09-16 19:16 - 2022-05-07 12:39 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-09-16 19:16 - 2022-05-07 12:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-16 19:16 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2023-09-16 19:16 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\de
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\WUModels
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemApps
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\id-ID
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-16 19:16 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-09-16 19:15 - 2022-05-07 12:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-09-16 19:15 - 2022-05-07 12:39 - 000023775 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2023-09-16 19:15 - 2022-05-07 07:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-09-16 19:15 - 2022-05-07 07:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-09-16 19:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-09-16 19:09 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-09-16 19:08 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\OCR
2023-09-16 19:07 - 2022-05-07 12:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-09-16 19:07 - 2022-05-07 12:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-09-16 19:07 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-09-16 19:07 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-09-16 19:07 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-09-16 19:07 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-09-16 19:07 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-09-16 19:07 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-09-16 19:07 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-09-16 19:07 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-09-16 19:07 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-09-16 19:07 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-09-16 19:07 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-09-16 19:07 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-09-16 19:07 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-09-16 19:07 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-09-16 19:07 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-09-16 18:37 - 2022-02-05 13:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-16 14:26 - 2023-04-24 17:17 - 000358160 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filter.sys
2023-09-16 14:21 - 2022-02-05 10:25 - 000002399 _____ C:\Users\fstra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-14 15:10 - 2023-08-09 17:35 - 000000000 ____D C:\Users\fstra\AppData\Local\Crossout
2023-09-14 15:09 - 2022-03-13 07:29 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-09-13 17:12 - 2022-10-21 14:59 - 000095848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-09-13 17:12 - 2022-10-21 14:59 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-09-13 17:12 - 2022-05-14 19:33 - 000000000 ____D C:\XboxGames
2023-09-13 17:12 - 2022-02-05 10:45 - 002688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-09-13 17:12 - 2022-02-05 10:45 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-09-13 17:12 - 2022-02-05 10:45 - 000210536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-09-13 17:12 - 2022-02-05 10:45 - 000181864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-09-13 17:12 - 2022-02-05 10:45 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-09-13 17:08 - 2022-02-05 13:11 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-13 17:07 - 2022-02-07 17:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-13 17:06 - 2022-12-22 21:02 - 000000000 ____D C:\Users\fstra\AppData\Roaming\discord
2023-09-13 17:06 - 2022-12-22 21:02 - 000000000 ____D C:\Users\fstra\AppData\Local\Discord
2023-09-13 17:06 - 2022-02-07 17:20 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-09 09:35 - 2022-07-11 11:26 - 000000000 ____D C:\Users\fstra\AppData\Local\HoYoverse
2023-09-09 09:17 - 2023-04-14 14:47 - 000000000 ____D C:\Users\fstra\AppData\Local\PlariumPlay
2023-09-09 09:16 - 2022-04-28 19:54 - 000000000 ____D C:\Users\fstra\AppData\Local\CrashDumps
2023-09-02 21:08 - 2022-02-06 10:03 - 000000000 ____D C:\Users\fstra\AppData\Local\Battle.net
2023-09-02 11:48 - 2023-04-10 11:11 - 000000000 ____D C:\Users\fstra\AppData\LocalLow\Unity
2023-08-26 08:00 - 2022-06-10 08:34 - 001869904 _____ (ANTICHEATEXPERT.COM) C:\WINDOWS\system32\Drivers\ACE-BASE.sys
2023-08-25 17:20 - 2022-03-11 19:08 - 000000000 ____D C:\Users\fstra\AppData\Local\UnrealEngine
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-08-10 14:21 - 2023-08-10 14:21 - 083625064 _____ (now.gg, Inc.) C:\ProgramData\BlueStacksServicesSetup.exe
2023-04-14 14:47 - 2023-04-14 14:48 - 000027624 _____ () C:\Users\fstra\AppData\Local\PlariumPlay.log
2022-08-12 18:46 - 2022-08-26 19:25 - 000094208 _____ () C:\Users\fstra\AppData\Local\Tempwd.tmp
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
--- --- ---
Addition Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-09-2023
durchgeführt von fstra (18-09-2023 21:19:42)
Gestartet von C:\Users\fstra\OneDrive\Desktop
Microsoft Windows 11 Pro Version 22H2 22621.2283 (X64) (2023-09-16 19:29:32)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1947085477-1218348813-1441862315-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1947085477-1218348813-1441862315-503 - Limited - Disabled)
fstra (S-1-5-21-1947085477-1218348813-1441862315-1001 - Administrator - Enabled) => C:\Users\fstra
Gast (S-1-5-21-1947085477-1218348813-1441862315-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1947085477-1218348813-1441862315-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {22506E8C-C967-80C9-C0A6-F566BC41AC04}
FW: Avira Security (Enabled) {BE55A40C-05CA-1096-36EB-CCA92DEAF539}
FW: Avira Security (Enabled) {877B141C-E73B-9A54-223E-108CC963426A}
FW: Avira Security (Enabled) {71EC0A3F-391C-0E33-A103-0C8A6DF0EBF0}
FW: Avira Security (Enabled) {4EFB3EBA-D5BC-D311-F570-D3065B48D523}
FW: Avira Security (Enabled) {12CE3622-C811-64DE-1773-AA1774F2B8E1}
FW: Avira Security (Disabled) {76867038-CFEB-AE32-EFDA-5DE782F629FF}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software)
Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version: - ) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.43.1.16819 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.94.4 - Avira Operations GmbH) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.25.0.17 - Avira Operations GmbH)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BUFF (HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Overwolf_caboggillkkpgkiokbjmgldfkedbfnpkgadakcdl) (Version: 0.7.12.0 - Overwolf app)
Crossout Launcher 1.0.3.194 (HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\CrossOutLauncher_is1) (Version: - )
CurseForge (HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.222.2.9650 - Overwolf app)
Denuvo Anti-Cheat (HKLM\...\Denuvo Anti-Cheat) (Version: 6.0.1.967 - Denuvo GmbH)
Discord (HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Discord) (Version: 1.0.9008 - Discord Inc.)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2205.2882 - Avira Operations GmbH & Co. KG) Hidden
Epic Games Launcher (HKLM-x32\...\{E0419FB0-0C46-4F07-9D5B-2FD78A8C45ED}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.28.1.0 - COGNOSPHERE PTE. LTD.)
Honkai Impact 3rd (HKLM\...\Honkai Impact 3rd) (Version: 2.25.2.0 - miHoYo Co.,Ltd)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MagicVox (HKLM\...\{32A165EC-A509-4E13-8A06-A4FB403FB096}_is1) (Version: 5.0.0.2 - Shenzhen UnicTool Technology Co., Ltd.)
Malwarebytes version 4.6.2.281 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.2.281 - Malwarebytes)
Microsoft .NET Host - 6.0.10 (x64) (HKLM\...\{0222FFF1-57A3-48A6-9AD2-0D6B5D0172B3}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x64) (HKLM\...\{A93C4E12-1BAB-4CFB-ADBC-9CE0B93176FF}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x64) (HKLM\...\{A2A39CB9-677D-4299-8537-C00B99F3D4A4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.31 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.31 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\OneDriveSetup.exe) (Version: 23.180.0828.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{AF47B488-9780-4AB5-A97E-762E28013CA6}) (Version: 5.71.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM\...\{3EC7701F-54F2-491D-AFD1-0395F465BC5A}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM-x32\...\{ff748137-9c9a-4056-be0a-48c7e465453c}) (Version: 6.0.10.31726 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 117.0.1 (x64 de)) (Version: 117.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 96.0.3 - Mozilla)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Grafiktreiber 531.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.79 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Opera Stable 101.0.4843.43 (HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Opera 101.0.4843.43) (Version: 101.0.4843.43 - Opera Software)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.204.2.2 - Overwolf Ltd.)
Plarium Play (HKLM-x32\...\{02504791-598a-4183-b752-dffab0d49ba6}) (Version: 8.6.0 - Plarium)
PlariumPlay (HKLM-x32\...\{41E6BF94-1BCD-4C91-B4AE-1A9B0D4887D6}) (Version: 8.6.0 - Plarium) Hidden
Pokémon Trading Card Game Live (HKLM\...\{F199AF9A-277C-4369-B0B7-EF2627C14025}) (Version: 1.4.0.0 - The Pokémon Company International)
Roblox Player for fstra (HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for fstra (HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\roblox-studio) (Version: - Roblox Corporation)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Wargaming.net Game Center (HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\Wargaming.net Game Center) (Version: 23.1.0.2222 - Wargaming.net)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
World of Tanks EU (HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\2314027414) (Version: - Wargaming.net)
Packages:
=========
Asphalt 8: Airborne -> C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_7.3.13.0_x64__0pp20fcewvvtj [2023-08-18] (GAMELOFT SA)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-12] (Microsoft Corporation)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.62.5.0_x64__6rarf9sa4v8jt [2023-09-17] (Disney)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-11-26] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-09-16] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.1501.0_x64__8wekyb3d8bbwe [2023-08-18] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.3.7.0_x64__8wekyb3d8bbwe [2023-09-12] (Microsoft Studios)
Nitro Nation -> C:\Program Files\WindowsApps\CreativeMobile.NitroNationbeta_7.5.4.0_x64__ewn699wwxwmvy [2023-05-30] (Creative Mobile)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-09-16] (NVIDIA Corp.)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.148.0_x64__pwbj9vvecjh7j [2023-08-25] (Amazon Development Centre (London) Ltd)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.11.217.0_x64__dt26b99r8h8gj [2022-02-05] (Realtek Semiconductor Corp)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2022-02-05] (Samsung Electronics Co. Ltd.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-25] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0 [2023-09-18] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-09-16] (Microsoft Corporation)
Xbox Zubehör -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2209.2209.14005.0_x64__8wekyb3d8bbwe [2022-09-24] (Microsoft Corporation)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2022-02-05] (New Work SE)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1947085477-1218348813-1441862315-1001_Classes\CLSID\{9c351269-5076-c563-2601-104413b3b433}\localserver32 -> C:\Users\fstra\AppData\Local\PlariumPlay\8.6.0-0.0.1\dotnet\info\PlariumPlayInfo.exe (Plarium Global LTD -> PlariumPlayInfo)
CustomCLSID: HKU\S-1-5-21-1947085477-1218348813-1441862315-1001_Classes\CLSID\{d7ff99b5-729e-0408-f797-d334de5ad40c}\localserver32 -> C:\Users\fstra\AppData\Local\PlariumPlay\8.6.0-0.0.0\dotnet\info\PlariumPlayInfo.exe (Plarium Global LTD -> PlariumPlayInfo)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-03-28] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2023-08-30] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2023-08-30] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-13] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-03-28] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_29b69e720c94d54e\nvshext.dll [2023-04-26] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2023-03-28] (Avira Operations GmbH -> Avira Operations GmbH)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-13] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2023-09-18 21:18 - 2023-09-18 21:18 - 000147456 _____ () [Datei ist nicht signiert] \\?\C:\Users\fstra\AppData\Local\Temp\12ae5ff0-1d4a-4586-9c43-6e83e645b2dc.tmp.node
2023-09-18 21:18 - 2023-09-18 21:18 - 000109568 _____ () [Datei ist nicht signiert] \\?\C:\Users\fstra\AppData\Local\Temp\56d7c916-b119-4864-a88d-07263b2989b1.tmp.node
2022-02-05 10:45 - 2023-09-13 17:12 - 000483328 _____ (Microsoft Corporation) [Datei ist nicht signiert] C:\WINDOWS\SYSTEM32\gameplatformservices.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [4028]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 11:14 - 2023-09-17 17:46 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\fstra\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\1589831603_341_Best-Naruto-Shippuden-Wallpapers-2020.jpg
DNS Servers: 192.168.188.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_A8D3BB59C5C902D836D16FB336A4B041"
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_37833496A573CED3E9087172950DF2DB"
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-1947085477-1218348813-1441862315-1001\...\StartupApproved\Run: => "Opera Stable"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{62E45C74-0CD4-48E3-B68F-89682DA302F1}C:\spiele\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\spiele\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{2C5CB386-E3D3-444E-A923-635357698F95}C:\spiele\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\spiele\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{21B645FF-D800-4947-94A0-9FF33D6DC36C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1F734882-4674-48C2-87EF-9795028E5D0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF386E57-F201-445F-ACC8-5AB814738A42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A0FECB21-892D-4012-9C09-6D8FD7810051}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{84C9713D-1A0E-4C3E-B9FE-C179F804B6BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AB37D374-F6AD-4A08-9095-E2CCA707B385}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8D87D383-0D06-4248-97AB-8D21D03FB777}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E34A5429-C476-48FB-90B9-48F8FA33B78D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8FA7809A-67C1-4670-8ED9-3F8626C54117}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5AEB6438-96A6-4344-9031-C2ADC980C185}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Wiederherstellungspunkte =========================
16-09-2023 21:44:10 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (09/18/2023 08:00:26 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Error: (09/18/2023 08:00:26 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT-AUTORITÄT)
Description: Erfassung von Leistungsindikatordaten von „Lsa“ deaktiviert Dienst, weil die Leistungsindikatorbibliothek für diesen Dienst einen oder mehrere Fehler generiert hat. Die Fehler, die diese Aktion erzwungen haben, wurden in das Anwendungsereignisprotokoll geschrieben. Korrigieren Sie die Fehler, bevor Sie die Leistungsindikatoren für diesen Dienst aktivieren.
Error: (09/18/2023 08:00:26 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: NT-AUTORITÄT)
Description: Fehler beim Suchen der Open-Prozedur "OpenLsaPerformanceData" in der DLL "C:\Windows\System32\Secur32.dll" für den "Lsa"-Dienst mit dem Win32-Fehlercode 127. Für diesen Dienst sind keine Systemleistungsdaten verfügbar.
Error: (09/17/2023 05:50:24 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Der Windows-Sicherheitscenterdienst konnte keine Instanzen von FirewallProduct aus dem Datastore laden.
Error: (09/17/2023 05:48:24 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-TR6LTTA$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 17 Sep 2023 15:48:23 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: c9045584-e21e-40fe-b3c0-1223024e6f9d
Methode: GET(125ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (09/17/2023 05:48:24 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 17 Sep 2023 15:48:23 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 8aea7db9-2b22-4f6d-a175-385505560df0
Methode: GET(172ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (09/17/2023 05:43:12 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (09/16/2023 09:31:37 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Der Windows-Sicherheitscenterdienst konnte keine Instanzen von FirewallProduct aus dem Datastore laden.
Systemfehler:
=============
Error: (09/18/2023 08:00:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/18/2023 08:00:01 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\fstra\AppData\Local\Temp\ehdrv.sys
Error: (09/18/2023 08:00:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/18/2023 08:00:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\fstra\AppData\Local\Temp\ehdrv.sys
Error: (09/18/2023 08:00:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/18/2023 08:00:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\fstra\AppData\Local\Temp\ehdrv.sys
Error: (09/18/2023 08:00:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/18/2023 08:00:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\fstra\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===============
Date: 2023-09-18 21:18:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\fstra\AppData\Local\PlariumPlay\8.6.0-0.0.1\PlariumPlay.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.204.2.2\OWClient.dll that did not meet the Microsoft signing level requirements.
Date: 2023-09-18 21:18:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\fstra\AppData\Local\PlariumPlay\8.6.0-0.0.1\PlariumPlay.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.204.2.2\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements.
Date: 2023-09-18 21:18:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\fstra\AppData\Local\PlariumPlay\8.6.0-0.0.1\PlariumPlay.exe) attempted to load \Device\HarddiskVolume3\Users\fstra\AppData\Local\PlariumPlay\8.6.0-0.0.1\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2023-09-18 21:18:40
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
BIOS: American Megatrends International, LLC. F14f 10/13/2021
Hauptplatine: Gigabyte Technology Co., Ltd. B550M S2H
Prozessor: AMD Ryzen 7 5800X 8-Core Processor
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 16289.32 MB
Verfügbarer physikalischer RAM: 10934.67 MB
Summe virtueller Speicher: 18721.32 MB
Verfügbarer virtueller Speicher: 11757.05 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.75 GB) (Free:290.02 GB) (Model: CT1000P2SSD8) NTFS
\\?\Volume{95a9db74-dc52-4047-ae22-43d88925bcb5}\ () (Fixed) (Total:0.64 GB) (Free:0.08 GB) NTFS
\\?\Volume{95b0e598-5cef-289f-7c39-1efdc41a6154}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{95652a1c-c942-4cd0-8f58-b416f5afa013}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== Ende von Addition.txt =======================
Security Code:
SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21]
WebSite: www.safezone.cc
DateLog: 18.09.2023 21:21:04
Path starting: C:\Users\fstra\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: fstra
VersionXML: 10.68is-17.09.2023
___________________________________________________________________________
Windows 11(6.3.22621) (x64) Professional Release: 22H2 Lang: German(0407)
Installation date OS: 16.09.2023 19:29:32
LicenseStatus: Windows(R), Professional edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Users\fstra\AppData\Local\Programs\Opera\Launcher.exe
SystemDrive: C: FS: [NTFS] Capacity: [930.8 Gb] Used: [640.9 Gb] Free: [289.9 Gb]
------------------------------- [ Windows ] -------------------------------
User Account Control enabled (Level 3)
Sicherheitscenter (wscsvc) - The service is running
Remoteregistrierung (RemoteRegistry) - The service has stopped
SSDP-Suche (SSDPSRV) - The service is running
Remotedesktopdienste (TermService) - The service has stopped
Windows-Remoteverwaltung (WS-Verwaltung) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Malwarebytes (disabled and up to date)
Windows Defender (disabled and up to date)
Avira Security (enabled and up to date)
---------------------------- [ Firewall_WMI ] -----------------------------
Avira Security (enabled)
Avira Security (enabled)
Avira Security (enabled)
Avira Security (enabled)
Avira Security (enabled)
Avira Security (disabled)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Malwarebytes version 4.6.2.281 v.4.6.2.281
Avira Fallback Updater
Avira Security v.1.1.94.4
--------------------------- [ OtherUtilities ] ----------------------------
NVIDIA GeForce Experience 3.27.0.112 v.3.27.0.112
Steam v.2.10.91.91
Epic Games Launcher v.1.3.0.0
------------------------------- [ Backup ] --------------------------------
Microsoft OneDrive v.23.180.0828.0001 [+]
-------------------------- [ IMAndCollaborate ] ---------------------------
Discord v.1.0.9008 Warning! Download Update
---------------------------- [ ProxyAndVPNs ] -----------------------------
Avira Phantom VPN v.2.43.1.16819
------------------------------- [ Browser ] -------------------------------
Mozilla Firefox (x64 de) v.117.0.1
Opera Stable 101.0.4843.43 v.101.0.4843.43 Warning! Download Update
Avast Secure Browser v.116.0.22301.180
Microsoft Edge v.117.0.2045.31
------------------ [ AntivirusFirewallProcessServices ] -------------------
Malwarebytes Service (MBAMService) - The service has stopped
Microsoft Defender Antivirus-Dienst (WinDefend) - The service has stopped
Microsoft Defender Antivirus-Netzwerkinspektionsdienst (WdNisSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
Avira System Speedup v.6.25.0.17 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
----------------------------- [ End of Log ] ------------------------------
|
Lesestoff: