Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23.02.2024
durchgeführt von flori (23-02-2024 14:17:22)
Gestartet von F:\Downloads
Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) (2022-11-04 00:03:02)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1832067924-206574212-1435721749-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1832067924-206574212-1435721749-503 - Limited - Disabled)
flori (S-1-5-21-1832067924-206574212-1435721749-1001 - Administrator - Enabled) => C:\Users\flori
Gast (S-1-5-21-1832067924-206574212-1435721749-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1832067924-206574212-1435721749-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
3DMark (HKLM\...\{23759845-E30A-4716-B054-843A28B6F927}) (Version: 2.28.8217.0 - UL) Hidden
3DMark (HKLM-x32\...\{d59513e6-b2d6-45b4-ba61-708b8d91941b}) (Version: 2.22.7359.0 - UL)
AdGuard (HKLM\...\{6B9CDBED-1E86-40C4-9A05-3D7CBB3D4A50}) (Version: 7.16.4542.0 - Adguard Software Limited) Hidden
AdGuard (HKLM-x32\...\{435f215a-51c6-4fa1-ab23-4b550fb5f0bd}) (Version: 7.16.4542.0 - Adguard Software Limited)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIMP (HKLM-x32\...\AIMP) (Version: 5.30.2533 - Artem Izmaylov)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.01.25.342 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.26.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{42e5a8d4-8fb0-48a1-9063-fc159c7566a0}) (Version: 6.01.25.342 - Advanced Micro Devices, Inc.) Hidden
Battlefield™ 2042 (HKLM-x32\...\{45e281f3-1414-47ea-bb64-4f50d50121f3}) (Version: 1.0.76.17776 - Electronic Arts)
BleachBit (HKLM-x32\...\BleachBit) (Version: 4.6.0.2537 - BleachBit)
CPUID CPU-Z 2.06 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.06 - CPUID, Inc.)
Creative Sound Blaster USB Audio Drivers Installer (HKLM-x32\...\CtKsUSBDrvInst_is1) (Version: 1.0.03.02 - Creative Technology Ltd.)
Creative USB Native ASIO (HKLM-x32\...\CtUsAsio_is1) (Version: 1.0.00.00 - Creative Technology Ltd.)
CrystalDiskInfo 8.17.11 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.11 - Crystal Dew World)
CrystalDiskMark 8.0.4b (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4b - Crystal Dew World)
Disco Elysium (HKLM-x32\...\1771589310_is1) (Version: a0a062e7 - GOG.com)
Discord (HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Dolby Digital Live Pack Version 4.02.00 (HKLM-x32\...\DDLMaster_is1) (Version: 4.02.00 - Creative Technology Ltd.)
DriverEasy 5.8.1 (HKLM\...\DriverEasy_is1) (Version: 5.8.1 - Easeware)
DTS Connect Pack Version 2.02.00 (HKLM-x32\...\DTSMaster_is1) (Version: 2.02.00 - Creative Technology Ltd.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.128.0.5641 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{94f40252-fced-42f3-b932-5e1326f76758}) (Version: 13.128.0.5641 - Electronic Arts)
EA SPORTS FC 24 (HKLM-x32\...\{D599A8A7-E083-496C-B891-5752CD4E04F3}) (Version: 1.0.85.48150 - Electronic Arts)
Futuremark SystemInfo (HKLM-x32\...\{E3C62C7F-9609-40F3-BF7D-D917C9FAB25E}) (Version: 5.70.1213.0 - Futuremark)
Geekbench 6 (HKLM-x32\...\Geekbench 6) (Version: - Primate Labs Inc.)
Geeks3D FurMark 1.35.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.35.0.0 - Geeks3D)
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.62.26 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.57 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 86.0.9.0 - Google LLC)
Guitar Pro 7 - Soundbanks (HKLM-x32\...\com.arobas-music.guitarpro7-soundbanks_is1) (Version: 1.1.123 - Arobas Music)
Guitar Pro 7 (HKLM-x32\...\{BF4EDCFF-ED20-4AF6-A636-EBAC931336CD}_is1) (Version: 7.6.0.2089 - Arobas Music)
HWiNFO64 (HKLM\...\HWiNFO64_is1) (Version: 7.72 - Martin Malik, REALiX s.r.o.)
JDownloader 2 (HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
LatencyMon 7.31 (HKLM\...\LatencyMon_is1) (Version: 7.31 - Resplendence Software Projects Sp.)
Mailbird (HKLM\...\{E8A1C240-C99F-46DF-B3B4-AAE5AB0D9923}) (Version: 2.9.97 - Mailbird)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.27 (x64) (HKLM\...\{3A96B93E-763F-41E7-85C7-1F3CCC37EF27}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.27 (x64) (HKLM\...\{7447A794-FA2E-42BE-BA9A-5FCBD54C5DF3}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.27 (x64) (HKLM\...\{79043ED0-7ED1-4227-A5E5-04C5594D21F7}) (Version: 48.108.8828 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.128 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.128 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - de-de (HKLM\...\ProPlus2021Volume - de-de) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Project Professional 2021 - de-de (HKLM\...\ProjectPro2021Volume - de-de) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visio LTSC Professional 2021 - de-de (HKLM\...\VisioPro2021Volume - de-de) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x64) (HKLM\...\{5BEE5F3E-4D78-4DE8-A8F3-36D3E9D8868C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x64) (HKLM-x32\...\{0eddeab6-01c1-4cf7-83ba-164ea8974c90}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.27 (x64) (HKLM\...\{E634F316-BEB6-4FB3-A612-F7102F576165}) (Version: 48.108.8836 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.27 (x64) (HKLM-x32\...\{d87ae0f4-64a6-4b94-859a-530b9c313c27}) (Version: 6.0.27.33320 - Microsoft Corporation)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Grafiktreiber 551.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.61 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9629.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.68.815.2023 - Realtek)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1491.16 - Rockstar Games)
RivaTuner Statistics Server 7.3.5 (HKLM-x32\...\RTSS) (Version: 7.3.5 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.67.1178 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.5 - Rockstar Games)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 8.0.1.1000 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{ff94c273-58d5-40b5-b03a-9bd41d5cff1e}) (Version: 3.3.0.2003 - Samsung Electronics)
Samsung NVM Express Driver 3.3.0.2003 (HKLM\...\{89D55DD5-FE94-497B-B5E5-91915D52DBF2}) (Version: 3.3.0.2003 - Samsung Electronics Co., Ltd) Hidden
Samsung Portable SSD Software 1.0 (HKLM-x32\...\SamsungPortableSSD_1.0_is1) (Version: 1.7.4.3 - Samsung Electronics)
SeaTools (HKLM-x32\...\SeaTools 5.0.171) (Version: 5.0.171 - Seagate)
SharePoint Client Components (HKLM\...\{95150004-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4711.1001 - Microsoft Corporation)
Sky Go 23.5.1.0 (HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\com.bskyb.skygoplayer_is1) (Version: 23.5.1.0 - Sky)
Sound Blaster Command Version 3.5.10.00 (HKLM-x32\...\Sound Blaster Command_is1) (Version: 3.5.10.00 - Creative Technology Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.28.5 - TeamViewer)
Telegram Desktop (HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.15 - Telegram FZ-LLC)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.13.0 - Unified Intents AB)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WinRAR 6.24 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Wondershare UniConverter 15(Build 15.0.1.5) (HKLM\...\UniConverter 15_is1) (Version: 15.0.1.5 - Wondershare Software)
Zoom (HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\ZoomUMX) (Version: 5.12.2 (9281) - Zoom Video Communications, Inc.)
Chrome apps:
============
Dokumente (HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\05a0407c890c4bcaae6ac3b92f0c2712) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\cca2be7557768dba70d63f256cd7494b) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\3c8a0f316fe3a261c7aae6b39515bcca) (Version: 1.0 - Google\Chrome)
Präsentationen (HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\04617bfdb61e6b6f354a94e47ef29474) (Version: 1.0 - Google\Chrome)
Tabellen (HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\628d7e9a899a76b96299d422c1487e96) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\d82feada3c309f0c9fe18e04641a5834) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\ef8d5c7c6fc0b79b69ea6e99b1d19ab9) (Version: 1.0 - Google\Chrome)
Packages:
=========
Adobe Acrobat DC -> C:\Program Files\Adobe\Acrobat DC [2022-05-16] ()
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1100.416.0_x64__8wekyb3d8bbwe [2024-02-22] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.20.2035.0_x64__rz1tebttyb220 [2024-02-02] (Dolby Laboratories)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2024.1.0.0_x64__t5j2fzbtdg37r [2024-01-16] (DTS, Inc.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-03] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-09] (Microsoft Corporation)
Microsoft.HEVCVideoExtensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.0.61933.0_x64__8wekyb3d8bbwe [2023-07-25] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-10] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-10-17] (NVIDIA Corp.)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.16.165.0_x64__43tkc6nmykmb6 [2024-01-25] (Ookla)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0 [2024-02-18] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm [2024-02-09] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-25] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-10-12] (win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1832067924-206574212-1435721749-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\flori\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-1832067924-206574212-1435721749-1001_Classes\CLSID\{9B1F8A90-DF55-4BB6-B78F-77F8C4632B37}\localserver32 -> "C:\Program Files\ABBYY FineReader 16\FineUpdate.exe" -ToastActivated => Keine Datei
CustomCLSID: HKU\S-1-5-21-1832067924-206574212-1435721749-1001_Classes\CLSID\{E5972DDB-6A80-8179-D831-BE7D5D639C65}\InprocServer32 -> C:\Program Files\Common Files\System\ole32.dll => Keine Datei
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2024-01-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2024-01-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\86.0.9.0\drivefsext.dll [2024-02-13] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\nvshext.dll [2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [1102848 2023-04-10] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [891904 2023-04-10] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\flori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Dokumente.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\flori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\flori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\flori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Präsentationen.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\flori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Tabellen.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\flori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\YouTube (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\flori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\flori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2024-02-19 15:02 - 2024-02-19 15:02 - 001156608 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.Core.dll
2024-02-19 15:02 - 2024-02-19 15:02 - 001775616 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Mailbird\x64\CefSharp.Core.Runtime.dll
2021-12-03 14:36 - 2021-12-03 14:36 - 000232960 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2021-12-03 14:36 - 2021-12-03 14:36 - 000057344 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2021-12-03 14:36 - 2021-12-03 14:36 - 000668672 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2021-12-03 14:36 - 2021-12-03 14:36 - 000074240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2021-12-03 14:36 - 2021-12-03 14:36 - 000371712 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2024-02-06 11:55 - 2024-02-06 11:55 - 000074240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2024-02-06 11:55 - 2024-02-06 11:55 - 000112128 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2024-02-06 11:55 - 2024-02-06 11:55 - 000414208 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2024-01-11 13:06 - 2023-11-22 14:42 - 002569216 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\ffmpeg.dll
2024-01-11 13:06 - 2023-11-22 14:42 - 000376320 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\libegl.dll
2024-01-11 13:06 - 2023-11-22 14:42 - 006620160 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\libglesv2.dll
2024-01-11 13:06 - 2023-11-22 14:41 - 000143360 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magutils-napi.node
2024-01-11 13:06 - 2023-11-22 14:41 - 000087040 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magvibrancy-napi.node
2024-01-11 13:06 - 2023-11-22 14:41 - 000608768 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\uimpewrapper-napi.node
2023-09-26 23:39 - 2023-11-22 14:42 - 004618752 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\vk_swiftshader.dll
2023-09-26 23:39 - 2023-11-22 14:42 - 000797184 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\vulkan-1.dll
2023-01-25 00:35 - 2023-01-25 00:35 - 196560384 _____ () [Datei ist nicht signiert] C:\Program Files\Mailbird\x64\libcef.dll
2023-01-24 22:12 - 2023-01-24 22:12 - 004945920 _____ () [Datei ist nicht signiert] C:\Program Files\Mailbird\x64\vk_swiftshader.dll
2024-02-23 13:55 - 2024-02-23 13:55 - 005511927 _____ () [Datei ist nicht signiert] C:\Users\flori\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-0EsPGE1ZKaCb\lib7-Zip-JBinding.dll
2021-10-20 20:30 - 2020-08-24 06:52 - 000158208 _____ (Creative Lab Pte Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\ClplLEDController.dll
2021-10-20 20:30 - 2020-10-26 00:54 - 000565248 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTAudEp.dll
2021-10-20 20:30 - 2020-07-21 07:49 - 002087424 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTCDC.dll
2021-10-20 20:30 - 2020-08-24 06:52 - 001830912 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTDrvLedMgr.dll
2021-10-20 20:30 - 2021-07-21 00:26 - 000124416 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTHID.dll
2021-10-20 20:30 - 2021-07-21 00:26 - 000587776 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTHIDRpA.dll
2021-10-20 20:30 - 2018-10-23 00:25 - 000098304 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTIntrfu.dll
2021-10-20 20:30 - 2020-08-24 06:53 - 003687936 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTLEDMgr.dll
2021-10-20 20:30 - 2020-10-26 00:54 - 000095744 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTMFSess.dll
2021-10-20 20:30 - 2020-10-26 00:54 - 001878528 _____ (Creative Technology Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\MalLgcy.dll
2021-10-20 20:30 - 2023-10-05 09:41 - 000153088 _____ (Creative Technology Ltd.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\Creative.Platform.PropStore.dll
2021-10-20 20:30 - 2020-12-23 01:10 - 003988480 _____ (Creative Technology Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\SndCrUSB.dll
2024-02-23 13:55 - 2024-02-23 13:55 - 000254464 ____N (Java(TM) Native Access (JNA)) [Datei ist nicht signiert] C:\Users\flori\AppData\Local\JDownloader 2.0\tmp\jna\jna6344149299582301025.dll
2021-10-20 23:41 - 2021-10-20 23:41 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-10-20 23:41 - 2021-10-20 23:41 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2017-11-01 21:58 - 2017-11-01 21:58 - 001522688 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\AdGuard\x64\SQLite.Interop.dll
2024-02-19 14:59 - 2024-02-19 14:59 - 001614336 _____ (Robert Simpson, et al.) [Datei ist nicht signiert] C:\Program Files\Mailbird\x64\SQLite.Interop.dll
2023-11-10 14:40 - 2016-10-09 23:27 - 000556544 _____ (Soft Service Company) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\wcl.dll
2023-01-24 22:30 - 2023-01-24 22:30 - 001412608 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files\Mailbird\x64\chrome_elf.dll
2023-11-10 14:40 - 2017-05-28 21:55 - 001846272 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\libcryptoMD.dll
2023-11-10 14:40 - 2017-05-28 21:55 - 000382976 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Unified Remote 3\libsslMD.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\ntuser.dat:D4F6BC83AF [3442]
AlternateDataStreams: C:\ProgramData\ntuser.dat.LOG1:94949E25BC [3442]
AlternateDataStreams: C:\ProgramData\ntuser.dat{b52b1cc7-8148-11ed-9dec-87276761f01b}.TM.blf:AC4A12E490 [3442]
AlternateDataStreams: C:\ProgramData\ntuser.dat{b52b1cc7-8148-11ed-9dec-87276761f01b}.TMContainer00000000000000000002.regtrans-ms:7B5B7F2167 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk:1069064143 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk:9185529B88 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk:4B2FBCE6BB [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3442]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2021-06-05 13:08 - 2022-05-16 22:12 - 000001545 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\flori\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\stretched-2560-1440-1324335.jpeg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run: => "UniConverterUpdateHelper"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_34DD977FEAE09D3D9169CFED9B08DCAA"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{34C8C395-37E4-49F9-8388-0C969CB920CC}D:\steam\steamapps\common\total war warhammer iii\warhammer3.exe] => (Allow) D:\steam\steamapps\common\total war warhammer iii\warhammer3.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{6FBCA76D-B862-4ACB-8CB9-B3F8329FD6B4}D:\steam\steamapps\common\total war warhammer iii\warhammer3.exe] => (Allow) D:\steam\steamapps\common\total war warhammer iii\warhammer3.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [{936D4384-1D88-4E1D-9D4A-05349165FD7B}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{064BE047-A76D-4F2F-8DE1-96E402716051}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93757F22-6EA9-4A06-A717-A00D7536D1E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{690A85DC-9515-4E84-8EA5-42407BD8676F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0247B23D-5B21-4F8E-A419-9F306A07F2DC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E49032A3-DD58-44AE-916E-ABD8560C808B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB09AA99-3027-463A-B5C8-76980FC6D1D3}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware) [Datei ist nicht signiert]
FirewallRules: [{6CA2C28B-EC59-466D-A5DB-34E2277D459D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3173440F-8A8C-43F5-9FB0-C7B1A9F13AA5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3A7AA91D-A967-4F05-927D-729B8243E2B7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AD773689-227F-4599-BB4F-36609F5ECD2A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{02FCB2B7-6922-4FB0-AC57-8D8E31110110}E:\red dead redemption 2\rdr2.exe] => (Allow) E:\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{03D49E5F-524C-4D2D-864F-FE671FC3710F}E:\red dead redemption 2\rdr2.exe] => (Allow) E:\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{DCFC7DEF-915B-40F6-95F1-9CCD75F451F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => Keine Datei
FirewallRules: [TCP Query User{86143115-BF7D-4EF4-8AE4-7DF41F114CD3}D:\origin\battlefield 2042\bf2042.exe] => (Allow) D:\origin\battlefield 2042\bf2042.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{E3553876-5EB5-48A9-B4DC-D64200B6121B}D:\origin\battlefield 2042\bf2042.exe] => (Allow) D:\origin\battlefield 2042\bf2042.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{D7C2377B-1F67-489C-A8CD-C71715338DF5}] => (Allow) C:\Users\flori\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8394DC25-05D9-4322-9246-A3677714514B}] => (Allow) C:\Users\flori\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{55756E9F-C77B-44BB-98A1-50A57A682DDB}] => (Allow) C:\Users\flori\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{51BF3395-7779-4338-82BF-E725E20A32FF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0B807767-4F1F-4428-BAB0-908CC3E3E096}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FB0F7443-23C4-437D-A3E8-12D36D5D455C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4BD1D76E-441E-482E-B85F-22BD83871D9F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0F3E94AA-4C43-4F57-8EA5-D30B5B471ACB}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{92150A8C-BB95-4697-9D7D-A365F086BA03}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{5B59FEFB-8335-4B5D-B03C-8707FA5BE2B0}] => (Allow) D:\Origin\Battlefield 2042\BF2042_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{8339852E-7424-4FFD-AA37-070953560669}] => (Allow) D:\Origin\Battlefield 2042\BF2042_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [TCP Query User{E72029EC-F461-47AD-AC1A-0C26C62E02C8}E:\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) E:\divinity original sin 2\defed\bin\eocapp.exe => Keine Datei
FirewallRules: [UDP Query User{1C021464-DA5E-4064-9B8A-8B75038235EB}E:\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) E:\divinity original sin 2\defed\bin\eocapp.exe => Keine Datei
FirewallRules: [{29E0F7ED-7FFE-4727-A3EF-543B56043F88}] => (Allow) D:\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (LariLauncher) [Datei ist nicht signiert]
FirewallRules: [{F4F5AB08-57EB-4534-9EDA-955046C9AD8C}] => (Allow) D:\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (LariLauncher) [Datei ist nicht signiert]
FirewallRules: [{A8F40C72-0578-4747-AC43-5713ACF94D94}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{10F47B6E-094C-4A49-986F-6DB3ADC27057}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F541D61B-92A0-40D6-A55D-9AFB03ACDE29}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4BB5DB0B-2B61-4C45-93BF-D6589E19A77E}C:\users\flori\appdata\local\wondershare\wondershare nativepush\wstoastnotification.exe] => (Block) C:\users\flori\appdata\local\wondershare\wondershare nativepush\wstoastnotification.exe => Keine Datei
FirewallRules: [UDP Query User{6E54BF5A-D1CA-4887-B7AC-46ADA2EC5687}C:\users\flori\appdata\local\wondershare\wondershare nativepush\wstoastnotification.exe] => (Block) C:\users\flori\appdata\local\wondershare\wondershare nativepush\wstoastnotification.exe => Keine Datei
FirewallRules: [{EF4998ED-535A-4A47-947A-363935E1A726}] => (Allow) D:\Steam\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [{4CEB2B61-34ED-4445-803D-9CD46274C333}] => (Allow) D:\Steam\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [TCP Query User{1D88E455-8615-4466-9C6D-5EB69B421630}D:\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) D:\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{7DFF318A-BA07-4D20-857A-DCE7FFD5688F}D:\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) D:\steam\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{8CC81CF8-B4BD-44A9-9EA6-5C235F2181EA}] => (Allow) C:\Users\flori\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => Keine Datei
FirewallRules: [{8FC4B4E4-7D73-4122-98D1-8405ECE8C45C}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{4A37E6DC-FCEA-4538-B71B-6F7B9939E24D}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{C45AAC6D-CCB7-42A2-AF0C-FC373343FD45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E66E2BAF-D7FF-4F4D-95DB-A6D86E785AF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{742E970C-CF30-43EE-8C5E-3C99D9920320}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0188CC36-3AFE-4160-BB6D-D699468DC128}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{37B9C030-D219-4AF4-8678-85E4CA6BA900}] => (Allow) C:\Program Files\AdGuard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Limited)
FirewallRules: [{EFAD5196-7501-4A48-8795-72FE755BFDE3}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => Keine Datei
FirewallRules: [{415426D7-60B4-45FF-8E36-B172CC3FE3FB}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => Keine Datei
FirewallRules: [{F1118389-A0C5-467F-894C-445C93EE7BD1}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E4C28769-20AC-4B1B-ACCC-F721C5498A86}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F72913A7-4980-4322-BB58-21F6DDC43DFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{58261287-8624-46DF-AC1A-78BECA9379C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{189BD295-1D03-490A-BF54-B5FA1448A293}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3A7DEDE3-18AD-4342-AFD2-1D93913CC71C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7A3AA5B0-FC9E-42EE-8AC4-16DB19F01BA3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C378A350-03D1-4CAF-BAC6-70428D86B5B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B9A4E32E-EAAD-40D4-BECB-F43AB020FE06}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07F19969-4C0A-4363-B8D8-04C734AB503B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{76E62CFF-61F9-44C2-AF4B-E8DB01120700}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{160FC3AB-EC31-4DE3-BB60-6BCEF73945CB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{921F5E3F-EF37-4C14-908A-6463674C062D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{DE655EB0-3FCB-4FF3-AC42-912D725A1B47}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C8E8A12B-D340-403E-84C5-DFE07B9097A2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E150CB65-254F-43F7-8111-63CBC2AF6750}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C43775C3-F8E0-4D90-84AB-BF8C0AB49C9F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B3889A49-03FD-4485-99CA-317C8934B045}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0CBE42DC-4F4F-46E0-8C49-8EFC00681468}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{668D575C-EF95-472E-9F3F-17D60F8280A4}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9247E667-6639-4386-AF18-BDE5650CE360}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E0F93F26-E75F-4861-BAE3-6348AE1BBD0C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C42BDE66-B09D-41FE-8DFF-FF97E7AEC873}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{1E991710-4D13-47EF-8899-A8C820327F2C}] => (Allow) D:\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B3834638-9C99-48EF-9451-D1B5169D5924}] => (Allow) D:\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:116.48 GB) (Free:22.27 GB) (19%)
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/23/2024 11:39:08 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKFLOP$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 23 Feb 2024 10:39:11 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d0fc482a-2225-489b-8e75-6b9b6cbf68ad
Methode: GET(187ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (02/23/2024 11:39:08 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 23 Feb 2024 10:39:11 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7d844420-8474-481a-ac0f-e27db250e747
Methode: GET(1750ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (02/22/2024 10:52:36 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKFLOP)
Description: Windows kann die erweiterbare Leistungsindikator-DLL "C:\WINDOWS\system32\sysmain.dll" nicht laden (Win32-Fehlercode 126).
Error: (02/22/2024 10:43:21 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKFLOP$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 22 Feb 2024 21:43:25 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: e3b1c4de-ab02-429d-a888-e6b58aae4bd6
Methode: GET(203ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (02/22/2024 10:43:21 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für Lokales System über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 22 Feb 2024 21:43:24 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 1f16d5e7-6d22-4f1b-84d7-2555df2261e6
Methode: GET(234ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (02/22/2024 10:42:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren..
Error: (02/22/2024 10:42:38 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.]
Error: (02/22/2024 10:39:39 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKFLOP$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 22 Feb 2024 21:39:43 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 2472ef22-cceb-45ae-828e-2b4a2e8e4c5a
Methode: GET(203ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Systemfehler:
=============
Error: (02/23/2024 11:41:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/23/2024 11:41:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (120000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.
Error: (02/23/2024 12:29:40 AM) (Source: DCOM) (EventID: 10010) (User: DESKFLOP)
Description: Der Server "{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/22/2024 11:59:25 PM) (Source: DCOM) (EventID: 10000) (User: DESKFLOP)
Description: Ein DCOM-Server konnte nicht gestartet werden: {0358B920-0AC7-461F-98F4-58E32CD89148}. Fehler:
"2147942767"
Aufgetreten beim Start dieses Befehls:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (02/22/2024 11:20:56 PM) (Source: DCOM) (EventID: 10010) (User: DESKFLOP)
Description: Der Server "Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/22/2024 10:45:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/22/2024 10:45:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (120000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.
Error: (02/22/2024 10:41:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Windows Defender:
================
Date: 2023-08-15 22:02:27
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {34E49CAE-7E4D-467A-BF25-3B2EDAEE9D15}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-08-07 14:27:56
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {8C87CEBF-CD0D-443B-AA90-98A32FD30C49}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-08-02 13:00:54
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {D3843B00-8AE0-4CF6-8B4A-DFA836E2621F}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-04-15 16:29:56
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Name: HackTool:Win32/Keygen
Schweregrad: Hoch
Kategorie: Tool
Pfad: file:_C:\Program Files\Wondershare\UniConverter 14\WUC v13.x Patcher v1.2.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKFLOP\flori
Prozessname: C:\Windows\explorer.exe
Sicherheitsversion: AV: 1.387.1123.0, AS: 1.387.1123.0, NIS: 1.387.1123.0
Modulversion: AM: 1.1.20200.4, NIS: 1.1.20200.4
Date: 2023-03-11 14:12:32
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {45E7E2E0-D2D9-4F9B-BC04-8AEF5D78918C}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Event[0]
Date: 2022-12-11 17:22:36
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.381.191.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.19900.2
Fehlercode: 0x80070102
Fehlerbeschreibung: Der Wartevorgang wurde abgebrochen.
Date: 2022-12-11 17:22:36
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.381.191.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.19900.2
Fehlercode: 0x80070102
Fehlerbeschreibung: Der Wartevorgang wurde abgebrochen.
CodeIntegrity:
===============
Date: 2024-02-23 13:01:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2024-02-23 12:00:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends International, LLC. 1.I0 07/25/2022
Hauptplatine: Micro-Star International Co., Ltd B450 TOMAHAWK (MS-7C02)
Prozessor: AMD Ryzen 7 3700X 8-Core Processor
Prozentuale Nutzung des RAM: 63%
Installierter physikalischer RAM: 16309.58 MB
Verfügbarer physikalischer RAM: 6017.37 MB
Summe virtueller Speicher: 19381.58 MB
Verfügbarer virtueller Speicher: 2259.48 MB
==================== Laufwerke ================================
Drive c: (WIN) (Fixed) (Total:116.48 GB) (Free:22.27 GB) (Model: Samsung SSD 970 EVO Plus 1TB) NTFS
Drive d: (Programme1) (Fixed) (Total:767.75 GB) (Free:322.25 GB) (Model: Samsung SSD 970 EVO Plus 1TB) NTFS
Drive e: (Programme2) (Fixed) (Total:442.35 GB) (Free:143.1 GB) (Model: Samsung SSD 850 EVO 500GB) NTFS
Drive f: (Eigene Dateien) (Fixed) (Total:3726.01 GB) (Free:630.47 GB) (Model: ST4000VN006-3CW104) NTFS
Drive g: (Media) (Fixed) (Total:1863.01 GB) (Free:722.72 GB) (Model: ST2000DM001-1ER164) NTFS
Drive h: (Google Drive) (Fixed) (Total:100 GB) (Free:21.15 GB) (Model: Samsung SSD 850 EVO 500GB) FAT32
Drive j: () (Removable) (Total:29.23 GB) (Free:23.98 GB) FAT32
\\?\Volume{b3152021-d6ef-4b33-8bbc-1c3ad20e8f56}\ () (Fixed) (Total:0.59 GB) (Free:0.07 GB) NTFS
\\?\Volume{884ff8ce-c183-4eb9-91b0-c89419840b95}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 78195A95)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 29.3 GB) (Disk ID: D39D757C)
Partition 1: (Active) - (Size=29.2 GB) - (Type=FAT32)
==================== Ende von Addition.txt ======================= Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23.02.2024
durchgeführt von flori (Administrator) auf DESKFLOP (Micro-Star International Co., Ltd MS-7C02) (23-02-2024 14:16:39)
Gestartet von F:\Downloads\FRST64.exe
Geladene Profile: flori
Plattform: Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
(C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe ->) (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\86.0.9.0\crashpad_handler.exe
(C:\Program Files\Mailbird\Mailbird.exe ->) (Mailbird, Inc. -> The CefSharp Authors) C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cmd.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\Adguard.BrowserExtensionHost.exe
(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\plugins_nms.exe
(explorer.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\Adguard.exe
(explorer.exe ->) (Appwork GmbH -> AppWork GmbH) C:\Users\flori\AppData\Local\JDownloader 2.0\JDownloader2.exe
(explorer.exe ->) (Creative Technology Ltd -> Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <20>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Mailbird, Inc. -> Mailbird) C:\Program Files\Mailbird\Mailbird.exe
(explorer.exe ->) (Unified Intents AB -> Unified Intents AB) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files\AdGuard\AdguardSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Creative Technology Ltd -> Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\GameInputSvc.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_af49968a824c7864\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Martin Malik - REALiX -> REALiX s.r.o.) C:\Program Files\HWiNFO64\HWiNFO64.EXE
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics) C:\Program Files (x86)\Samsung\Portable_SSD\SamsungPortableSSDMon_1.0.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_af49968a824c7864\RtkAudUService64.exe [1964344 2024-01-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6609176 2022-04-11] (Adobe Inc. -> Adobe Systems Inc.) [Datei ist nicht signiert]
HKLM\...\Run: [Adguard] => C:\Program Files\AdGuard\Adguard.exe [7147224 2023-12-23] (Adguard Software Limited -> Adguard Software Limited)
HKLM-x32\...\Run: [Creative.SBCommand] => C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe [210904 2023-10-06] (Creative Technology Ltd -> Creative Technology Ltd)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\Run: [Mailbird] => C:\Program Files\Mailbird\Mailbird.exe [42678584 2024-02-19] (Mailbird, Inc. -> Mailbird)
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3243584 2023-02-10] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2730600 2024-02-21] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13880288 2023-04-13] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\Run: [MicrosoftEdgeAutoLaunch_34DD977FEAE09D3D9169CFED9B08DCAA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\Run: [Creative.SBCommand.exe] => C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe [210904 2023-10-06] (Creative Technology Ltd -> Creative Technology Ltd)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-13] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-04-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.57\Installer\chrmstp.exe [2024-02-21] (Google LLC -> Google LLC)
Startup: C:\Users\flori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2021-11-17]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {833EDA6F-7219-47D1-A08C-BF77B7CE794E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {967BA52B-3A84-4D77-A844-ABB489D619D2} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [4025856 2023-06-25] (Easeware) [Datei ist nicht signiert]
Task: {F584D0B5-8491-46AF-9A9F-2CB335F99262} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem123.0.6288.0{2BBC55B2-32A7-43C0-AAB8-A8BB4F79E91F} => C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ACHTUNG
Task: {69B246F7-5DA3-43B6-BAEF-3A553BD01014} - System32\Tasks\HWiNFO => C:\Program Files\HWiNFO64\HWiNFO64.EXE [8873952 2024-02-05] (Martin Malik - REALiX -> REALiX s.r.o.)
Task: {A4D32999-80FA-4BD2-9213-47669FF292B6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA61DD1E-587A-4DE4-B584-3393B2331E9E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {844C3E93-28CF-44DE-A6C7-ABF01CEFF183} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE3919DE-F2C1-4CEF-A35C-6BA0CF53E65E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDA42756-DA8F-4528-A796-965F38760207} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {9714D46F-C297-44D6-BF31-8A0FC92EF367} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {0987C7A1-E703-4572-8396-F62A22823DE9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D25FEE8A-172F-431A-BE5F-B8C9F1398264} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9DB63518-A4FE-4E3E-8F57-D61BC71030F1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EAD1EB5-4F3D-4889-BF3D-3FB436F44942} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {72E33492-755B-4FBA-85B3-5D94E6FBB486} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EDAF43CF-2261-4E5B-94E5-5119BD21DFAD} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {73030042-D9E9-4F3D-AADD-9174110713A5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16C0823E-B86D-447B-B99F-E54C42A70B8C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {51480B38-732B-40E0-8948-0C01E6C8D31C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F50B89A4-E3DC-47C0-A0BF-A3F58EE76C3A} - System32\Tasks\Samsung_PSSD_Registration_Plus => C:\Program Files (x86)\Samsung\Portable_SSD\SamsungPortableSSDMon_1.0.exe [869224 2021-08-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics)
Task: {D392C383-C4F2-4455-AEE5-BC568691F7F0} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [138741568 2023-11-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{11d2f89b-2f4e-4d3a-a9fe-f70e6b3b95fd}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Profile: C:\Users\flori\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-22]
Edge StartupUrls: Default -> "hxxp://google.de/"
Edge Extension: (Google Übersetzer) - C:\Users\flori\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-12-12]
Edge Extension: (Kaspersky Protection) - C:\Users\flori\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-01-10]
Edge Extension: (Keepa - Amazon Price Tracker) - C:\Users\flori\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejefaeioamebhekmfaclajddbpnnobje [2023-11-24]
Edge Extension: (AdGuard Browser-Assistent) - C:\Users\flori\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2024-01-10]
Edge Extension: (Return YouTube Dislike) - C:\Users\flori\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2024-01-10]
Edge Extension: (Google Docs Offline) - C:\Users\flori\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-26]
Edge Extension: (MyJDownloader Browser Erweiterung) - C:\Users\flori\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ieapabanbplofifeaapjocpaogdhncdd [2023-12-12]
Edge Extension: (Edge relevant text changes) - C:\Users\flori\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-26]
Edge Extension: (I don't care about cookies) - C:\Users\flori\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oholpbloipjbbhlhohaebmieiiieioal [2023-11-30]
Edge HKU\S-1-5-21-1832067924-206574212-1435721749-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF DefaultProfile: 8o40s7rl.default
FF ProfilePath: C:\Users\flori\AppData\Roaming\Mozilla\Firefox\Profiles\8o40s7rl.default [2021-11-09]
FF ProfilePath: C:\Users\flori\AppData\Roaming\Mozilla\Firefox\Profiles\7uebv6kp.default-release [2024-02-22]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-1832067924-206574212-1435721749-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\flori\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => nicht gefunden
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\flori\AppData\Local\Google\Chrome\User Data\Default [2024-02-23]
CHR Extension: (Google Übersetzer) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-10-11]
CHR Extension: (Kaspersky Protection) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-01-26]
CHR Extension: (MyJDownloader Browser Erweiterung) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-12-10]
CHR Extension: (AdGuard Browser-Assistent) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2024-02-23]
CHR Extension: (I don't care about cookies) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-12-01]
CHR Extension: (Return YouTube Dislike) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2024-02-19]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2024-02-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-22]
CHR Profile: C:\Users\flori\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-02-22]
CHR Profile: C:\Users\flori\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-02-22]
CHR Extension: (Kaspersky Protection) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-09-24]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-11-05]
CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-11-05]
CHR Extension: (Google Docs Offline) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\flori\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-28]
CHR Profile: C:\Users\flori\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-22]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-1832067924-206574212-1435721749-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-1832067924-206574212-1435721749-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Adguard Service; C:\Program Files\AdGuard\AdguardSvc.exe [797400 2023-12-23] (Adguard Software Limited -> Adguard Software Limited)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2021-10-20] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761664 2023-11-22] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [53217096 2024-02-14] (Electronic Arts, Inc. -> Electronic Arts)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12068456 2024-02-21] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-11-19] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [347408 2024-02-16] (Underwriters Laboratories Inc. -> Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348000 2023-04-13] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-04-13] (GOG sp. z o.o -> GOG.com)
S2 GoogleUpdaterInternalService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ACHTUNG
S2 GoogleUpdaterService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ACHTUNG
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_830091b3ebd4b98a\Display.NvContainer\NVDisplay.Container.exe [1274992 2024-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2703192 2023-01-05] (Rockstar Games, Inc. -> Rockstar Games)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [424768 2023-11-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14743984 2022-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [89272 2023-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Limited)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [27256 2022-01-27] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [544768 2023-08-09] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [188416 2023-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-11-04] (Microsoft Corporation) [Datei ist nicht signiert]
S3 CisUtMonitor; C:\WINDOWS\system32\DRIVERS\CisUtMonitor.sys [57400 2022-12-22] (Texode Technologies, LLC -> CrystalIdea Software)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HWiNFO_191; C:\Users\flori\AppData\Local\Temp\HWiNFO64A_191.SYS [57936 2024-02-23] (Microsoft Windows Hardware Compatibility Publisher -> REALiX) <==== ACHTUNG
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [824528 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1999568 2024-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [235704 2023-06-19] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [384656 2023-10-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [354640 2023-10-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [183120 2023-10-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [262712 2023-10-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 KsUSBa64; C:\WINDOWS\system32\drivers\ksUSBa64.sys [1747912 2021-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_78de62dcb501407d\rt68cx21x64.sys [779624 2024-02-22] (Realtek Semiconductor Corp. -> Realtek)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [29720 2021-11-20] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz155; \??\C:\WINDOWS\temp\cpuz155\cpuz155_x64.sys [X] <==== ACHTUNG
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-02-23 11:45 - 2024-02-23 11:45 - 000758838 _____ C:\WINDOWS\system32\perfh007.dat
2024-02-23 11:45 - 2024-02-23 11:45 - 000157058 _____ C:\WINDOWS\system32\perfc007.dat
2024-02-22 22:51 - 2024-02-22 22:51 - 000000000 ____D C:\Program Files (x86)\Futuremark
2024-02-22 22:47 - 2024-02-22 22:47 - 000000000 ____D C:\Users\Default\AppData\LocalLow\NVIDIA
2024-02-22 22:38 - 2024-01-10 16:49 - 006115184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2024-02-22 22:35 - 2024-02-22 22:35 - 000000000 ____D C:\WINDOWS\Panther
2024-02-22 22:28 - 2024-02-22 22:28 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-02-22 22:26 - 2024-02-17 12:38 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-02-22 22:26 - 2024-02-17 12:38 - 002031464 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-02-22 22:26 - 2024-02-17 12:38 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-02-22 22:26 - 2024-02-17 12:38 - 001578752 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-02-22 22:26 - 2024-02-17 12:38 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-02-22 22:26 - 2024-02-17 12:38 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-02-22 22:26 - 2024-02-17 12:38 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-02-22 22:26 - 2024-02-17 12:38 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-02-22 22:26 - 2024-02-17 12:38 - 001227296 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-02-22 22:26 - 2024-02-17 12:35 - 000669816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-02-22 22:26 - 2024-02-17 12:35 - 000505456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-02-22 22:26 - 2024-02-17 12:34 - 002173448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-02-22 22:26 - 2024-02-17 12:34 - 001625096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-02-22 22:26 - 2024-02-17 12:34 - 001541640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-02-22 22:26 - 2024-02-17 12:34 - 001199112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-02-22 22:26 - 2024-02-17 12:34 - 001024032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-02-22 22:26 - 2024-02-17 12:34 - 000842272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-02-22 22:26 - 2024-02-17 12:34 - 000786952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-02-22 22:26 - 2024-02-17 12:33 - 016033824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-02-22 22:26 - 2024-02-17 12:33 - 012928032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-02-22 22:26 - 2024-02-17 12:33 - 006780528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-02-22 22:26 - 2024-02-17 12:33 - 005773448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-02-22 22:26 - 2024-02-17 12:33 - 003721760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-02-22 22:26 - 2024-02-17 12:33 - 000459272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-02-22 22:26 - 2024-02-17 12:32 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-02-22 22:26 - 2024-02-17 12:31 - 006030584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-22 22:26 - 2024-02-15 17:42 - 000119184 _____ C:\WINDOWS\system32\nvinfo.pb
2024-02-22 18:18 - 2024-02-22 18:18 - 000000000 ____D C:\Users\flori\AppData\Roaming\BleachBit
2024-02-22 18:18 - 2024-02-22 18:18 - 000000000 ____D C:\Users\flori\.dbus-keyrings
2024-02-22 17:24 - 2024-02-22 17:24 - 000000000 ____D C:\Users\flori\AppData\Local\fontconfig
2024-02-22 17:23 - 2024-02-22 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BleachBit
2024-02-22 17:23 - 2024-02-22 17:23 - 000000000 ____D C:\Program Files (x86)\BleachBit
2024-02-22 17:01 - 2024-02-22 17:09 - 000000000 ____D C:\Users\flori\AppData\Local\FSDART
2024-02-22 17:01 - 2024-02-22 17:02 - 000000000 ____D C:\ProgramData\F-Secure
2024-02-22 17:01 - 2024-02-22 17:01 - 000000000 ____D C:\Users\flori\AppData\Local\F-Secure
2024-02-21 19:20 - 2024-02-21 19:20 - 000000000 ____D C:\Users\flori\AppData\Roaming\Electronic Arts
2024-02-20 21:04 - 2024-02-20 21:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-02-18 12:34 - 2024-02-18 12:36 - 000000000 ___HD C:\$WinREAgent
2024-02-17 23:39 - 2024-02-17 23:39 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-25 10:41 - 2024-01-25 10:41 - 000008486 _____ C:\WINDOWS\Info.xml
2024-01-24 12:56 - 2024-01-24 12:56 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-01-24 12:56 - 2024-01-24 12:56 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2024-02-23 14:16 - 2021-10-22 20:06 - 000000000 ____D C:\FRST
2024-02-23 14:06 - 2022-11-04 00:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-23 14:02 - 2021-10-20 18:44 - 000000000 ___SD C:\Users\flori\AppData\Roaming\Microsoft\Credentials
2024-02-23 14:00 - 2023-12-07 18:35 - 000000000 ____D C:\ProgramData\Adguard
2024-02-23 13:55 - 2021-10-20 23:13 - 000000000 ____D C:\Users\flori\AppData\Local\JDownloader 2.0
2024-02-23 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-23 13:06 - 2021-10-20 18:42 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-23 11:55 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-02-23 11:55 - 2021-10-20 18:46 - 000000000 ____D C:\Users\flori\AppData\Local\D3DSCache
2024-02-23 11:45 - 2022-11-04 10:43 - 001754660 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-23 11:39 - 2023-12-22 22:38 - 000000000 ____D C:\Program Files\AdGuard
2024-02-23 11:39 - 2021-10-29 01:19 - 000000000 ____D C:\ProgramData\Unified Remote
2024-02-23 11:39 - 2021-10-20 20:17 - 000000000 ____D C:\Users\flori\AppData\Roaming\Samsung Magician
2024-02-23 11:38 - 2022-11-04 01:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-23 11:38 - 2022-03-29 19:11 - 000000000 ____D C:\Program Files\TeamViewer
2024-02-23 11:38 - 2021-10-20 18:39 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-23 00:29 - 2023-07-13 16:12 - 000003128 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2024-02-23 00:29 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-23 00:15 - 2021-10-21 12:59 - 000000000 ____D C:\Program Files (x86)\Steam
2024-02-22 23:59 - 2021-10-21 17:11 - 000000000 ____D C:\Users\flori\AppData\Local\CrashDumps
2024-02-22 22:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-22 22:47 - 2021-10-20 21:04 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2024-02-22 22:47 - 2021-10-20 20:19 - 000000000 ____D C:\Users\flori\AppData\Local\NVIDIA
2024-02-22 22:45 - 2021-10-21 13:02 - 000000000 ____D C:\Users\flori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-02-22 22:40 - 2022-04-08 14:56 - 000000000 ____D C:\Program Files (x86)\Realtek
2024-02-22 22:38 - 2022-04-08 14:57 - 000000000 ___HD C:\Program Files (x86)\Temp
2024-02-22 22:38 - 2022-04-08 14:56 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-02-22 22:36 - 2021-10-20 21:03 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2024-02-22 22:34 - 2021-10-21 14:15 - 000000000 ____D C:\Users\flori\AppData\Roaming\AIMP
2024-02-22 19:41 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-22 18:18 - 2022-11-04 00:58 - 000000000 ____D C:\Users\flori
2024-02-22 17:09 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-22 14:36 - 2021-10-20 23:47 - 000000000 ____D C:\Users\flori\AppData\Roaming\Microsoft\Word
2024-02-22 14:30 - 2021-10-20 21:06 - 000000000 ____D C:\Users\flori\AppData\Roaming\vlc
2024-02-21 19:20 - 2023-07-20 20:37 - 000000000 ____D C:\ProgramData\Packer
2024-02-21 19:20 - 2023-02-05 18:13 - 000000000 ____D C:\Program Files\EA
2024-02-21 19:20 - 2023-01-27 23:16 - 000000000 ____D C:\ProgramData\Frostbite
2024-02-21 19:19 - 2022-11-19 18:21 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2024-02-21 19:19 - 2021-10-20 20:00 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-21 18:16 - 2023-02-14 17:58 - 000000000 ____D C:\ProgramData\EA Desktop
2024-02-21 10:59 - 2021-10-22 22:12 - 000002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-20 22:02 - 2022-11-04 01:02 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-20 22:02 - 2022-11-04 01:02 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-20 21:09 - 2021-10-20 18:48 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-20 10:53 - 2023-01-16 19:47 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2024-02-19 23:11 - 2021-10-20 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2024-02-19 23:11 - 2021-10-20 20:59 - 000000000 ____D C:\Program Files\HWiNFO64
2024-02-19 20:15 - 2021-12-18 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mailbird
2024-02-19 20:15 - 2021-12-18 15:06 - 000000000 ____D C:\Program Files\Mailbird
2024-02-19 20:15 - 2021-10-20 22:46 - 000000000 ____D C:\Users\flori\AppData\Roaming\Mailbird
2024-02-19 19:55 - 2021-10-20 22:46 - 000000000 ____D C:\ProgramData\Mailbird
2024-02-19 12:38 - 2021-10-21 13:16 - 000000000 ____D C:\Users\flori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2024-02-19 12:38 - 2021-10-21 13:15 - 000000000 ____D C:\Users\flori\AppData\Roaming\Telegram Desktop
2024-02-18 23:16 - 2023-09-27 02:16 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-02-18 23:16 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-18 23:16 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-18 23:16 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-18 23:16 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-18 15:17 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-02-18 12:41 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-18 12:41 - 2021-10-20 19:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-18 12:39 - 2021-10-20 19:13 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-18 12:37 - 2022-11-04 00:59 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-18 12:34 - 2021-11-04 21:17 - 000000000 ____D C:\Program Files\dotnet
2024-02-17 23:40 - 2021-10-20 18:39 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-17 23:39 - 2022-11-04 01:02 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-17 23:39 - 2021-10-20 23:41 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-17 12:38 - 2023-12-22 22:39 - 001487904 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-02-17 12:35 - 2023-12-22 22:39 - 001046152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-02-17 12:32 - 2023-12-22 22:39 - 005912712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-02-17 12:31 - 2023-12-22 22:42 - 006943344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-02-13 13:46 - 2021-10-20 23:23 - 000002169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-02-10 19:47 - 2021-10-21 00:04 - 000000000 ____D C:\Users\flori\AppData\Roaming\Sky Go
2024-02-09 14:22 - 2021-10-20 18:46 - 000000000 ____D C:\Users\flori\AppData\Local\Packages
2024-01-25 01:30 - 2022-11-04 00:57 - 000524056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-25 01:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-01-25 01:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-01-25 01:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-25 01:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-01-25 01:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-25 01:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-01-25 01:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-01-25 01:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-01-25 01:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-01-25 01:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-01-25 01:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-01-24 13:09 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-07-29 00:14 - 2023-07-29 00:14 - 000000254 _____ () C:\ProgramData\fontcacheev1.dat
2021-10-21 17:30 - 2022-12-22 00:09 - 000001025 _____ () C:\Users\flori\AppData\Local\oobelibMkey.log
2022-02-27 20:29 - 2022-02-27 20:29 - 000007608 _____ () C:\Users\flori\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== |