| CardheinzONE | 03.05.2025 20:17 |
Zitat:
Zitat von M-K-D-B
(Beitrag 1790683)
:hallo:
Mein Name ist Matthias und ich werde dir bei der Analyse und Bereinigung deines Systems helfen.
Bitte die Hinweise für Hilfesuchende lesen und umsetzen.
Ohne FRST-Logs können wir nicht helfen.
Vielen Dank für deine Mitarbeit!
| Hi Matthias. Ich danke Dir für Deine Nachricht & den Leitfaden. Nachfolgend die Logs.
Einen schönen Abend & viele Grüße Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05-2025
durchgeführt von andre (Administrator) auf LAPTOP-0MVHCD39 (HP HP Pavilion Power Laptop 15-cb0xx) (03-05-2025 21:08:05)
Gestartet von C:\Users\andre\Downloads\FRST64(1).exe
Geladene Profile: andre
Plattform: Microsoft Windows 10 Home Version 22H2 19045.5737 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files (x86)\F-Secure\SAFE\epp\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\F-Secure\SAFE\epp\Endpoint Protection SDK\SentryEye.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Discord Inc. -> Discord Inc.) C:\Users\andre\AppData\Local\Discord\app-1.0.9190\Discord.exe <6>
(DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\igfxEM.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files\F-Secure\TOTAL\x64\fshoster64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\F-Secure\SAFE\epp\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Geek Software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_ee27fbf37ac63d95\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.54.63007.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3657408 2017-09-13] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-14] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [641752 2025-01-13] (Geek Software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [709160 2018-05-22] (HP Inc. -> HP Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1583592482-697869923-1182797743-1001\...\Run: [Spotify] => C:\Users\andre\AppData\Roaming\Spotify\Spotify.exe [36322632 2025-03-30] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1583592482-697869923-1182797743-1001\...\Run: [MicrosoftEdgeAutoLaunch_19A0A5D68E648AB4E819CDBCFEA90B00] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4045880 2025-05-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1583592482-697869923-1182797743-1001\...\Run: [Discord] => C:\Users\andre\AppData\Local\Discord\Update.exe [1516408 2025-04-22] (Discord Inc. -> Discord Inc.)
HKLM\...\Print\Monitors\Bullzip PDF Print Monitor: C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll [221696 2019-02-15] (Bullzip) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2020-05-05] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\135.0.7049.115\Installer\chrmstp.exe [2025-04-26] (Google LLC -> Google LLC)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {9FE1EFC8-7024-4627-8CD2-230840152A16} - System32\Tasks\F-Secure\F-Secure Hotfix => "C:\Program Files\F-Secure\TOTAL\x64\fs_hotfix_64.exe" (Keine Datei)
Task: {ABFD4F92-01D2-45AB-BBA6-CB506121BA42} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{37ADF9B6-9872-4077-95FD-F7CEA58CF4B9} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {49D8D63E-D9AA-4240-9131-B233888DAC3F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1004040 2025-04-22] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {C0DDC9AF-F67B-4A0B-A17D-FD974AA91725} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2025-04-22] (HP Inc. -> HP Inc.)
Task: {42442331-512C-4306-8261-14E67B28A5A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231944 2025-04-22] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {2988F9F3-F21A-41BA-81D5-5E20966AF629} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1173512 2025-04-22] (HP Inc. -> HP Inc.)
Task: {46FA98F9-31B8-4576-AE8C-F51EB3E50537} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1173512 2025-04-22] (HP Inc. -> HP Inc.)
Task: {31038976-D8A8-44C5-AEA4-C72BB1A78EA3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH1CIGY04M => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1173512 2025-04-22] (HP Inc. -> HP Inc.)
Task: {730DF19F-CE4B-4446-8208-279D9DA8F182} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1359728 2017-10-25] (HP Inc. -> HP Development Company, L.P.)
Task: {F4C6A59D-6665-44C5-8810-D296B1CE02F7} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-02] (HP Inc. -> HP Inc.)
Task: {7F1805B7-EABB-4213-B49D-3400A5C2A82A} - System32\Tasks\HPEA3JOBS => C:\Program -> Files\HP\HP ePrint\hpeprint.exe /CheckJobs
Task: {0C045A94-89FD-49B1-9BFB-792E8BD1951B} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)
Task: {E652F795-EEAF-498A-BEDA-9DE3DFA42867} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {8C3BDE70-EC4A-42AE-972B-4229E54B7639} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1583592482-697869923-1182797743-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (Der Dateneintrag hat 6 weitere Zeichen).
Task: {0753D63B-0450-46B5-8B5F-3ED5A9D639FF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-05-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {ED59E697-606C-48A0-BFBE-7FEFA399C417} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4D98ABE1-4167-4060-8CE5-8F4ABBE4891F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {167FE739-4FD4-4CB8-80E5-ED88D872937D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {1255AA2C-E16F-4C3B-B2C7-E039E7F35909} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {630EF95F-92E0-47F4-8863-44C9ED4B4A62} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {55BA78DD-988A-4DE4-9AF1-92946DDE94BB} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF076771-04E8-4D59-8B91-BE6B3923B116} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB0A19A8-6AA7-4EA8-9873-52416E349CA2} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C894D58E-D1B8-44E6-838F-86980E172F4F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE3ACA68-4F57-41AE-8495-0D54FAEE042E} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1583592482-697869923-1182797743-1001 => C:\Users\andre\AppData\Local\Microsoft\OneDrive\25.060.0330.0003\OneDriveLauncher.exe [676688 2025-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {418521E9-21DA-4CDD-937C-9B4E327A864E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {BABF9A29-1C39-4CA6-959C-6B700B6781EF} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe [497752 2020-04-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics)
Task: {F0511C02-9FDA-44BB-B446-AFB6F7174056} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-1583592482-697869923-1182797743-1001 => C:\Users\andre\AppData\Roaming\Zoom\bin\Zoom.exe [434488 2025-03-07] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}\549637C696E6765627F545F627: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}\549637C696E6765627F545F627: [DhcpDomain] Home
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}\64259445A51224F687026343930302341626C656: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}\64259445A51224F687026343930302341626C656: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}\64259445A51224F687026363630302341626C656029495: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}\64259445A51224F687026363630302341626C656029495: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}\64259445A51224F6870273439303: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}\64259445A51224F6870273439303: [DhcpDomain] fritz.box
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}\65F6461666F6E656D203333343: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}\94E6475627E65647F57457563747: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{31d7af70-3cf8-4639-a5d5-7e99c1b3765c}\94E6475627E65647F57457563747: [DhcpDomain] My_net
Tcpip\..\Interfaces\{c8fbbb1e-b422-40f6-bec2-1bc2de3ef89a}: [DhcpNameServer] 192.168.178.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\andre\AppData\Local\Microsoft\Edge\User Data\Default [2025-05-02]
Edge DownloadDir: Default -> C:\Users\andre\Downloads
Edge Extension: (Browserschutz von F-Secure) - C:\Users\andre\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpikpibllpjmpnchjajlibnmmomnnhnm [2025-04-19]
Edge Extension: (Google Docs Offline) - C:\Users\andre\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-02]
Edge Extension: (Edge relevant text changes) - C:\Users\andre\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm]
Edge HKLM-x32\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm]
FireFox:
========
FF DefaultProfile: 8u4zu0vw.default
FF ProfilePath: C:\Users\andre\AppData\Roaming\Mozilla\Firefox\Profiles\8u4zu0vw.default [2025-05-03]
FF Homepage: Mozilla\Firefox\Profiles\8u4zu0vw.default -> www.duckduckgo.com
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\andre\AppData\Roaming\Mozilla\Firefox\Profiles\8u4zu0vw.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2025-04-15]
FF Extension: (Browserschutz von F-Secure) - C:\Users\andre\AppData\Roaming\Mozilla\Firefox\Profiles\8u4zu0vw.default\Extensions\ols@f-secure.com.xpi [2025-04-26]
FF Extension: (Lebubbles) - C:\Users\andre\AppData\Roaming\Mozilla\Firefox\Profiles\8u4zu0vw.default\Extensions\{199c4d83-d714-4c7d-951c-69cc1800774e}.xpi [2019-05-16]
FF Extension: (justin_murphy) - C:\Users\andre\AppData\Roaming\Mozilla\Firefox\Profiles\8u4zu0vw.default\Extensions\{3a7423bb-c877-4d95-9a4a-2abc4ca4e395}.xpi [2019-05-16]
FF Extension: (Utopia Bright by MaDonna) - C:\Users\andre\AppData\Roaming\Mozilla\Firefox\Profiles\8u4zu0vw.default\Extensions\{4a679229-1e54-40e8-bedd-24704fd9d6b1}.xpi [2022-09-01]
FF Extension: (City Nigth #2) - C:\Users\andre\AppData\Roaming\Mozilla\Firefox\Profiles\8u4zu0vw.default\Extensions\{bee16710-c474-47ae-94d9-2c8259529648}.xpi [2019-05-16]
FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_133.dll [2018-05-19] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_133.dll [2018-05-19] (Adobe Systems Incorporated -> )
Chrome:
=======
CHR Profile: C:\Users\andre\AppData\Local\Google\Chrome\User Data\Default [2025-04-30]
CHR StartupUrls: Default -> "hxxp://www.duckduckgo.com/"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Präsentationen) - C:\Users\andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-14]
CHR Extension: (Docs) - C:\Users\andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-14]
CHR Extension: (Google Drive) - C:\Users\andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-06-24]
CHR Extension: (DuckDuckGo) - C:\Users\andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-06-24]
CHR Extension: (YouTube) - C:\Users\andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-14]
CHR Extension: (Tabellen) - C:\Users\andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-24]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2021-06-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-24]
CHR Extension: (Google Mail) - C:\Users\andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-06-24]
CHR Extension: (Chrome Media Router) - C:\Users\andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-24]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 EndpointProtectionService; C:\Program Files (x86)\F-Secure\SAFE\epp\Endpoint Protection SDK\endpointprotection.exe [12233184 2025-04-04] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files (x86)\F-Secure\SAFE\epp\Endpoint Protection SDK\endpointprotection.exe [12233184 2025-04-04] (Avira Operations GmbH -> Avira Operations GmbH)
S2 fshoster; C:\Program Files\F-Secure\TOTAL\x64\fshoster64.exe [275840 2025-03-27] (F-Secure Corporation -> F-Secure Corporation)
S2 fsnethoster; C:\Program Files\F-Secure\TOTAL\x64\fshoster64.exe [275840 2025-03-27] (F-Secure Corporation -> F-Secure Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [889976 2025-03-20] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [888952 2025-03-20] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [885368 2025-03-20] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-03-07] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1075744 2017-10-11] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [889464 2025-03-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_ee27fbf37ac63d95\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [641752 2025-01-13] (Geek Software GmbH -> geek software GmbH)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 fsvpnextsvc; "C:\Program Files (x86)\F-Secure\SAFE\x64\UnifiedSDK.Service-x64_2\UnifiedSDK.Service.exe" -run "C:\ProgramData\F-Secure\NS\default\FSVpnSDK\UnifiedSDK.config"
S2 fsvpnsvc; "C:\Program Files (x86)\F-Secure\SAFE\ui_net6\fsvpnsdkhelpersvc.exe" --namespace default [X]
S2 MBAMService; "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" [X]
S3 MBVpnTunnelService; "C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [179768 2025-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [223296 2025-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH)
S3 fsfreedometap; C:\WINDOWS\System32\drivers\fsfreedometap.sys [40448 2020-04-29] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R2 fsnifdrv; C:\Program Files\F-Secure\TOTAL\x64\driver\nif_driver_64.sys [138408 2025-03-20] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [440488 2025-02-27] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [440464 2025-02-27] (Avira Operations GmbH -> Avira Operations GmbH)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28792 2025-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429288 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP)
S2 fsvpnnetfilter; \??\C:\Program Files (x86)\F-Secure\SAFE\x64\netfilter\x64\partner_netfilter2.sys [X]
S1 netprotection_network_filter; System32\drivers\netprotection_network_filter.sys [X]
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-05-03 21:08 - 2025-05-03 21:08 - 000031055 _____ C:\Users\andre\Downloads\FRST.txt
2025-05-03 21:07 - 2025-05-03 21:08 - 000000000 ____D C:\FRST
2025-05-03 21:07 - 2025-05-03 21:07 - 002405376 _____ (Farbar) C:\Users\andre\Downloads\FRST64(1).exe
2025-05-03 21:05 - 2025-05-03 21:05 - 002405376 _____ (Farbar) C:\Users\andre\Downloads\FRST64.exe
2025-05-03 13:46 - 2025-05-03 13:46 - 001162624 _____ (F-Secure Corporation) C:\Users\andre\Downloads\F-Secure-TOTAL-Setup_11bzq66maxhh6_.exe
2025-05-03 13:46 - 2025-05-03 13:46 - 000000000 ____D C:\Program Files\F-Secure
2025-05-03 06:16 - 2025-05-03 06:16 - 000002094 _____ C:\Users\andre\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars DE.lnk
2025-05-03 06:16 - 2025-05-03 06:16 - 000002070 _____ C:\Users\andre\Desktop\PokerStars DE.lnk
2025-05-03 06:16 - 2025-05-03 06:16 - 000000000 ____D C:\Users\andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars DE
2025-05-03 06:15 - 2025-05-03 06:16 - 002291296 _____ (Rational Intellectual Holdings Ltd.) C:\Users\andre\Downloads\PokerStarsInstallDE(3).exe
2025-05-01 20:13 - 2025-05-03 12:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-04-30 08:28 - 2025-04-30 08:28 - 002291272 _____ (Rational Intellectual Holdings Ltd.) C:\Users\andre\Downloads\PokerStarsInstallDE(2).exe
2025-04-30 08:28 - 2025-04-30 08:28 - 000002076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars DE.lnk
2025-04-30 08:28 - 2025-04-30 08:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars DE
2025-04-27 15:45 - 2025-04-27 15:45 - 000000000 ____D C:\Users\andre\AppData\Roaming\NVIDIA
2025-04-27 15:44 - 2025-05-03 21:00 - 000000000 ____D C:\Users\andre\AppData\Roaming\discord
2025-04-27 15:44 - 2025-05-03 20:59 - 000000000 ____D C:\Users\andre\AppData\Local\Discord
2025-04-27 15:44 - 2025-04-30 20:36 - 000002250 _____ C:\Users\andre\Desktop\Discord.lnk
2025-04-27 15:44 - 2025-04-27 15:44 - 000000000 ____D C:\Users\andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2025-04-27 15:44 - 2025-04-27 15:44 - 000000000 ____D C:\Users\andre\AppData\Local\SquirrelTemp
2025-04-27 07:58 - 2025-05-03 06:22 - 000000000 ____D C:\Program Files (x86)\PokerStars.DE
2025-04-27 07:58 - 2025-05-03 06:13 - 000000000 ____D C:\Users\andre\AppData\Local\PokerStars.DE
2025-04-27 07:58 - 2025-04-27 07:58 - 002291272 _____ (Rational Intellectual Holdings Ltd.) C:\Users\andre\Downloads\PokerStarsInstallDE(1).exe
2025-04-09 20:59 - 2025-04-09 20:59 - 000000000 ___HD C:\$WinREAgent
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-05-03 20:59 - 2018-05-19 20:32 - 000000000 __SHD C:\Users\andre\IntelGraphicsProfiles
2025-05-03 20:59 - 2018-02-07 08:27 - 000000000 ____D C:\ProgramData\NVIDIA
2025-05-03 20:59 - 2017-10-06 01:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-05-03 14:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-05-03 13:59 - 2020-06-20 12:17 - 001866264 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-05-03 13:59 - 2019-12-07 16:50 - 000788322 _____ C:\WINDOWS\system32\perfh007.dat
2025-05-03 13:59 - 2019-12-07 16:50 - 000168384 _____ C:\WINDOWS\system32\perfc007.dat
2025-05-03 13:59 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2025-05-03 13:52 - 2020-06-20 12:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-05-03 13:52 - 2020-06-20 12:14 - 000008192 ___SH C:\DumpStack.log.tmp
2025-05-03 13:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-05-03 13:51 - 2025-03-24 09:08 - 003386448 _____ C:\WINDOWS\system32\rtp.db
2025-05-03 13:51 - 2019-12-07 11:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2025-05-03 13:48 - 2020-06-20 12:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\F-Secure
2025-05-03 12:45 - 2018-05-19 20:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-05-03 12:25 - 2023-12-17 21:40 - 000000000 ____D C:\Users\andre\AppData\Roaming\.ggtmp
2025-05-03 07:00 - 2020-06-20 12:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-05-03 06:35 - 2022-01-08 19:11 - 000025160 _____ C:\Users\andre\Desktop\KP6.ods
2025-05-03 06:10 - 2021-12-17 00:47 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-05-02 22:21 - 2018-05-19 20:32 - 000000000 ____D C:\Users\andre\AppData\Local\Packages
2025-05-02 11:17 - 2018-05-19 20:45 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-05-02 09:53 - 2020-06-16 00:19 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-05-01 20:11 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-05-01 20:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-05-01 19:42 - 2018-05-20 01:08 - 000000000 ____D C:\Users\andre\AppData\Local\D3DSCache
2025-04-28 21:45 - 2025-01-20 21:56 - 000003570 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1583592482-697869923-1182797743-1001
2025-04-28 21:45 - 2021-12-14 00:33 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1583592482-697869923-1182797743-1001
2025-04-28 21:45 - 2020-06-20 12:22 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1583592482-697869923-1182797743-1001
2025-04-28 21:45 - 2020-06-20 11:54 - 000002402 _____ C:\Users\andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-26 21:17 - 2020-07-08 10:54 - 000000000 ____D C:\Program Files\Malwarebytes
2025-04-26 21:12 - 2023-05-13 06:55 - 000000000 ____D C:\Users\andre\AppData\Local\Malwarebytes
2025-04-26 21:12 - 2019-08-19 12:54 - 000000000 ____D C:\Users\andre\AppData\Local\CrashDumps
2025-04-26 21:09 - 2018-05-20 01:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2025-04-23 20:43 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-22 21:45 - 2018-09-23 23:15 - 000007597 _____ C:\Users\andre\AppData\Local\Resmon.ResmonCfg
2025-04-10 21:02 - 2020-06-20 12:14 - 000405960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-10 21:01 - 2024-07-10 23:17 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-04-10 21:01 - 2020-06-20 11:47 - 000000000 ____D C:\WINDOWS\TextInput
2025-04-10 21:01 - 2020-06-20 11:47 - 000000000 ____D C:\WINDOWS\HoloShell
2025-04-10 21:01 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-10 21:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-10 20:42 - 2020-06-20 12:18 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-06 08:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2025-04-05 22:30 - 2020-06-20 12:22 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-05 22:30 - 2020-06-20 12:22 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-04 21:01 - 2020-06-20 12:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2018-09-23 23:15 - 2025-04-22 21:45 - 000007597 _____ () C:\Users\andre\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-05-2025
durchgeführt von andre (03-05-2025 21:10:05)
Gestartet von C:\Users\andre\Downloads
Microsoft Windows 10 Home Version 22H2 19045.5737 (X64) (2020-06-20 10:22:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1583592482-697869923-1182797743-500 - Administrator - Disabled)
andre (S-1-5-21-1583592482-697869923-1182797743-1001 - Administrator - Enabled) => C:\Users\andre
DefaultAccount (S-1-5-21-1583592482-697869923-1182797743-503 - Limited - Disabled)
Gast (S-1-5-21-1583592482-697869923-1182797743-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1583592482-697869923-1182797743-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: F-Secure (Enabled - Up to date) {970B6311-2CDA-ED73-3084-2EF9DC9CA3D7}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: F-Secure SAFE (Enabled - Up to date) {31A9D001-F96D-024E-EACB-7693DE78B727}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
888poker (HKLM-x32\...\{9C28AEAE-758F-4195-842C-77C40647CDB6}) (Version: 7.13.01012 - 888) Hidden
888poker (HKLM-x32\...\{C70B2B8E-C7FE-46CB-9A5A-CCCFDB03649B}) (Version: 7.17.00033 - 888) Hidden
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.133 - Adobe Systems Incorporated)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ClubGG (HKLM-x32\...\{75F05805-CE3B-4954-A1D7-5953CD03F997}) (Version: 24.06.0079.0 - NSUS Limited)
Discord (HKU\S-1-5-21-1583592482-697869923-1182797743-1001\...\Discord) (Version: 1.0.9189 - Discord Inc.)
ELAN Touchpad 18.2.13.1_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.13.1 - ELAN Microelectronic Corp.)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2502.5119 - Avira Operations GmbH) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
F-Secure Ultralight 1.1.24.0 (release) (HKLM-x32\...\{9FAE989F-A043-4017-B60F-9134E992BB55}) (Version: 1.1.24.0 - F-Secure Corporation) Hidden
GGPoker (HKLM-x32\...\{5E39FECF-EE13-4FA6-B68B-B51FB4A45354}) (Version: 2.0.0.4 - NSUS Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.115 - Google LLC)
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{10F0BF3E-DBDB-422A-8C12-B4D46711D7C8}) (Version: 2.22.2 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM\...\{16311D0B-D57C-46F8-AE64-9D4D44227271}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{4C246A91-6BAE-450E-BDEA-70D01663DF43}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{78525DEA-1E62-429B-9CA4-A78F899A9F29}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{B2CFD444-5088-4ECC-A1F1-28620C082C36}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{3D00C669-D447-4A04-AFDA-25E9E76E7873}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{59649835-21FD-4523-9AB0-9E67ED77F0CA}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{3EC04ABB-D60E-44B6-9403-0D9DE44F56D9}) (Version: 1.6.0.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden
HP Registration Service (HKLM-x32\...\{EBF2C31B-E9A1-4929-BE35-6EBECF286110}) (Version: 1.0.0.30 - HP Inc.) Hidden
HP System Event Utility (HKLM-x32\...\{9DD60999-A4F0-4333-9D00-E45C718EA6C1}) (Version: 1.4.30 - HP Inc.)
Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10208.5644 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{90291EBF-187A-4C7E-A9AD-DCCB6C946536}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{FBDA24D3-1A19-4D75-B3F1-F2A1FB6B61BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{8DEA4234-C97D-41BE-B2BC-313A196BCD09}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6344 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{8AAC5651-3DE3-4C1C-80AD-9D6192B1AA1A}) (Version: 16.8.3.1004 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000080-0190-1031-84C8-B8D95FA3C8C3}) (Version: 19.80.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{EF71AFFB-85B5-407C-A301-39EA25F98313}) (Version: 20.90.0.2270 - Intel Corporation) Hidden
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Microsoft .NET Host - 6.0.35 (x64) (HKLM\...\{C59601A1-771B-426B-A9F7-6CACCAC4DB4E}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.35 (x64) (HKLM\...\{E91F8AC1-4917-455E-AACA-B40B193C7A62}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.35 (x64) (HKLM\...\{C79F6EEC-3A2B-487D-A3B6-EDF4057B4E4B}) (Version: 48.140.21458 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 136.0.3240.50 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.98 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1583592482-697869923-1182797743-1001\...\OneDriveSetup.exe) (Version: 25.060.0330.0003 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{BD2E4F7B-30B0-46A7-8E5C-D99D21C52336}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{200969CA-4114-4553-832D-4286C5ACBB98}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.35 (x64) (HKLM\...\{8AA69679-CCD6-42D9-BCDA-99BE386D57B7}) (Version: 48.140.21525 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.35 (x64) (HKLM-x32\...\{ed3bbfea-cc20-425e-b845-bc087d129675}) (Version: 6.0.35.34113 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 138.0.1 (x64 de)) (Version: 138.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.1 - Mozilla)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Grafiktreiber 561.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 561.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OpenOffice 4.1.6 (HKLM-x32\...\{3651624F-019F-4B39-8AE4-A2423CE1986F}) (Version: 4.16.9790 - Apache Software Foundation)
PDF Architect 7 Create Module (HKLM\...\{B600CC13-8F68-4D44-8867-93490894FAE5}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 Edit Module (HKLM\...\{BA2C2671-B379-4101-A21C-4C549671FC8D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 View Module (HKLM\...\{E947A304-6110-4CFE-98AD-E6909072E87D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF24 Creator 11.23.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.23.0 - geek software GmbH)
PokerStars DE (HKLM-x32\...\PokerStars DE) (Version: - PokerStars DE)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.154 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.5.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.5.8 - VS Revo Group, Ltd.)
Samsung Portable SSD Software (HKLM-x32\...\SamsungPortableSSD_is1) (Version: 1.6.7.50 - Samsung Electronics)
Spotify (HKU\S-1-5-21-1583592482-697869923-1182797743-1001\...\Spotify) (Version: 1.2.57.463.g4f748c64 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows-PC-Integritätsprüfung (HKLM\...\{4254C1AD-B9B0-4020-A4B1-D8B61D12142A}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{AD47C6B2-6C72-4F0E-B66F-7685C28ACDFD}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WOW 8.15.0.0 (HKU\S-1-5-21-1583592482-697869923-1182797743-1001\...\com.bskyb.wowtv_is1) (Version: 8.15.0.0 - WOW)
Zoom Workplace (HKU\S-1-5-21-1583592482-697869923-1182797743-1001\...\ZoomUMX) (Version: 6.3.11 (60501) - Zoom Communications, Inc.)
Packages:
=========
Asphalt 9: Legends -> C:\Program Files\WindowsApps\A278AB0D.Asphalt9_4.7.30.2_x64__h6adky7gbf63m [2024-05-31] (Gameloft SE)
Best of Bing 2018 Exclusive -> C:\Program Files\WindowsApps\Microsoft.BestofBing2018Exclusive_1.0.0.0_neutral__8wekyb3d8bbwe [2019-01-03] (Microsoft Corporation)
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.443.0_x86__v10z8vjag6ke6 [2018-02-07] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_158.2.1134.0_x64__v10z8vjag6ke6 [2025-03-31] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.44.18.0_x64__v10z8vjag6ke6 [2025-04-30] (HP Inc.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-19] (Microsoft Corporation)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.18623.20178.0_x86__8wekyb3d8bbwe [2025-04-10] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.18623.20178.0_x86__8wekyb3d8bbwe [2025-04-10] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.18623.20178.0_x86__8wekyb3d8bbwe [2025-04-10] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.18623.20178.0_x86__8wekyb3d8bbwe [2025-04-10] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.18623.20178.0_x86__8wekyb3d8bbwe [2025-04-10] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.18623.20178.0_x86__8wekyb3d8bbwe [2025-04-10] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.18623.20178.0_x86__8wekyb3d8bbwe [2025-04-10] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2025-01-04] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-29] (NVIDIA Corp.)
XING -> C:\Program Files\WindowsApps\XINGAG.XING_4.0.9.0_x86__xpfg3f7e9an52 [2025-04-09] (New Work SE)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [F-Secure DataGuard Icon Overlay] -> {CA789262-D278-40F7-AC12-19C0395F9DD9} => C:\Program Files (x86)\F-Secure\SAFE\FsShellExtension64.dll -> Keine Datei
ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => C:\Program Files\PDF Architect 7\context-menu.dll -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\igfxDTCM.dll [2018-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_ee27fbf37ac63d95\nvshext.dll [2024-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2025-04-26 21:46 - 2025-04-26 21:46 - 000160768 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\1a1199ffcdd2f95588c5a7bf9ecad1cf\BRIDGECommon.ni.dll
2025-04-26 21:47 - 2025-04-26 21:47 - 000125440 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\f52f77688c33ede257474a81b7e8a7c0\BridgeExtension.ni.dll
2025-04-26 21:56 - 2025-04-26 21:56 - 000395264 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\f3e4f7f2229a5d7d46df4d4a390ade23\CleanStartController.ni.dll
2025-04-26 21:57 - 2025-04-26 21:57 - 000138240 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\3b38289e98692f75f323790bcbffbc58\Interop.IWshRuntimeLibrary.ni.dll
2025-04-26 21:47 - 2025-04-26 21:47 - 000079872 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NativeInterop\457f67d63a2f5ecd71900bdad9f5d81c\NativeInterop.ni.dll
2025-04-26 21:56 - 2025-04-26 21:56 - 000145920 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\91dd3e8b212847ebf48a9c78dfd1d5c7\RegistrationUtilities.ni.dll
2020-05-05 14:53 - 2019-02-15 17:12 - 000221696 ____C (Bullzip) [Datei ist nicht signiert] C:\Program Files\Common Files\Bullzip\PDF Printer\Ports\BULLZIP\bzpdf.dll
2025-04-26 21:57 - 2025-04-26 21:57 - 000134656 _____ (hardcodet.net) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\12c27ac81744fd092b15575e18668fc1\Hardcodet.Wpf.TaskbarNotification.ni.dll
2025-04-26 21:47 - 2025-04-26 21:47 - 000136704 _____ (HP Inc.) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\ed2176dff440e872252858cbf0fd7c94\CommonPortable.ni.dll
2025-04-26 21:57 - 2025-04-26 21:57 - 001585664 _____ (Mark Heath) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\7c0c2e955451f6fe709bd443ea67fc8d\NAudio.ni.dll
2025-04-26 21:46 - 2025-04-26 21:46 - 002305536 _____ (Newtonsoft) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\97f5884e2a2862b5e4c92679a439b283\Newtonsoft.Json.ni.dll
2025-04-26 21:57 - 2025-04-26 21:57 - 000792064 _____ (The Apache Software Foundation) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\489945b36639fb3aaf5785f4a09bdad1\log4net.ni.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) =============
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1583592482-697869923-1182797743-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> DefaultScope {B4032C75-C6F4-4FFD-B144-E3FABF3EEC31} URL =
SearchScopes: HKLM -> {7F1E63C3-3C09-4BEB-843A-3F0337F435F1} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {7F1E63C3-3C09-4BEB-843A-3F0337F435F1} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1583592482-697869923-1182797743-1001 -> DefaultScope {B4032C75-C6F4-4FFD-B144-E3FABF3EEC31} URL =
SearchScopes: HKU\S-1-5-21-1583592482-697869923-1182797743-1001 -> {7F1E63C3-3C09-4BEB-843A-3F0337F435F1} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll => Keine Datei
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2025-04-22] (HP Inc. -> HP Inc.)
BHO-x32: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2025-04-22] (HP Inc. -> HP Inc.)
Toolbar: HKLM - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll Keine Datei
Toolbar: HKLM-x32 - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files (x86)\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2022-01-20 23:03 - 2022-01-20 23:03 - 000000511 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.20 BRX626DC71A90BD.mshome.net # 2022 1 4 27 21 3 49 756
192.168.137.1 LAPTOP-0MVHCD39.mshome.net # 2027 1 2 19 21 3 49 756
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-1583592482-697869923-1182797743-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\andre\Pictures\Saved Pictures\BB2.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
Network Binding:
=============
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
FreedomeVPNConnection: Freedome Wintun Userspace Tunnel ->
WLAN: Intel(R) Dual Band Wireless-AC 7265 -> Netwtw04.sys
Bluetooth-Netzwerkverbindung 2: Bluetooth Device (Personal Area Network) #2 -> bthpan.sys
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKU\S-1-5-21-1583592482-697869923-1182797743-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1583592482-697869923-1182797743-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1583592482-697869923-1182797743-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_19A0A5D68E648AB4E819CDBCFEA90B00"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{9D14A9DD-65AA-4CAA-8F7E-C10DF3B698F1}] => (Block) C:9\steam\steam.exe => Keine Datei
FirewallRules: [{473185FB-889C-4449-8078-7447D2E7BBDE}] => (Block) C:9\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{E4AD6ED5-0E6F-4052-8B61-B0ADD04100A9}C:9\steam\steam.exe] => (Allow) C:9\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{2F1D8A21-D362-4C6E-8DE6-CC6ACD4182EF}C:9\steam\steam.exe] => (Allow) C:9\steam\steam.exe => Keine Datei
FirewallRules: [{E8760145-3896-4AD8-A188-D52CA08290AB}] => (Block) C:7\steam\steam.exe => Keine Datei
FirewallRules: [{EA08230B-0B99-419E-AFBC-4740AFF63DD3}] => (Block) C:7\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{00D4F38A-29EC-4DE7-A9C4-A4FFF03FEBB6}C:7\steam\steam.exe] => (Allow) C:7\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{45F45084-677D-4DBA-BA51-1583EF074243}C:7\steam\steam.exe] => (Allow) C:7\steam\steam.exe => Keine Datei
FirewallRules: [{39298766-2E8D-4B08-A9E8-4DCF43D38CF0}] => (Block) C:5\steam\steam.exe => Keine Datei
FirewallRules: [{FA529D88-2CFC-4DE4-8FDC-74E34C643B8E}] => (Block) C:5\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{192833FD-4955-4B3E-9BF5-428DD77F1357}C:5\steam\steam.exe] => (Allow) C:5\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{AC99847C-BB94-4CB8-AD9B-BE6AB47AEF78}C:5\steam\steam.exe] => (Allow) C:5\steam\steam.exe => Keine Datei
FirewallRules: [{99298AF8-5076-483E-8657-EDAD1EC6BE7B}] => (Block) C:3\steam\steam.exe => Keine Datei
FirewallRules: [{5BBE83B6-89E8-450A-8793-CD2DFA090DE6}] => (Block) C:3\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{BF0CCF1C-5979-4324-82D6-2740D838A23C}C:3\steam\steam.exe] => (Allow) C:3\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{7ED90C0D-80D2-4450-8B1A-C462BE0C15F8}C:3\steam\steam.exe] => (Allow) C:3\steam\steam.exe => Keine Datei
FirewallRules: [{F2D3E057-6B37-48CA-A644-9F420604328E}] => (Block) C:1\steam\steam.exe => Keine Datei
FirewallRules: [{DF19BC26-0E66-4A3F-918F-BDFCF57291DF}] => (Block) C:1\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{36F83F4D-5C19-469C-83B2-84B237C58C10}C:1\steam\steam.exe] => (Allow) C:1\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{45F69BF7-278F-4FE2-99DB-11A8DA6EC338}C:1\steam\steam.exe] => (Allow) C:1\steam\steam.exe => Keine Datei
FirewallRules: [{B94E3BF4-4A2F-49BE-8B7B-978EF6E8168E}] => (Block) E:9\steam\steam.exe => Keine Datei
FirewallRules: [{EF918A92-8DD2-4F52-8EF4-F47883664171}] => (Block) E:9\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{9515E6E3-7BA4-4CEA-BDB3-1459E56726B4}E:9\steam\steam.exe] => (Allow) E:9\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{96D04413-2672-4378-B9BD-987E137BB0C7}E:9\steam\steam.exe] => (Allow) E:9\steam\steam.exe => Keine Datei
FirewallRules: [{E82AB40D-771F-41ED-8F6F-4464CDE50270}] => (Block) E:7\steam\steam.exe => Keine Datei
FirewallRules: [{A2BBB90F-66E3-4A3F-B68C-520C67ED6990}] => (Block) E:7\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{841EBDFF-DEC5-4419-A1A3-0C97F507FD8F}E:7\steam\steam.exe] => (Allow) E:7\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{000F2A88-342F-42B7-8769-0A59B50A7CB4}E:7\steam\steam.exe] => (Allow) E:7\steam\steam.exe => Keine Datei
FirewallRules: [{D085BC9E-FEBE-4781-8217-78280C05611F}] => (Block) E:5\steam\steam.exe => Keine Datei
FirewallRules: [{CE622616-7563-4C58-8378-0D9C17125A44}] => (Block) E:5\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{AD8FE232-6870-43DA-9E42-C4D681E63275}E:5\steam\steam.exe] => (Allow) E:5\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{1CD60D4A-5C42-499B-B4B6-C68A5ABFB493}E:5\steam\steam.exe] => (Allow) E:5\steam\steam.exe => Keine Datei
FirewallRules: [{7793037B-B348-46F2-B536-5B394EA7327D}] => (Block) E:3\steam\steam.exe => Keine Datei
FirewallRules: [{7EC788E4-1604-4E91-BF24-E5811B891B06}] => (Block) E:3\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{E31946D8-FA0F-48F9-804D-2DFB22018BEB}E:3\steam\steam.exe] => (Allow) E:3\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{9C246C82-30F1-47EF-8C4F-72F7C90C04F8}E:3\steam\steam.exe] => (Allow) E:3\steam\steam.exe => Keine Datei
FirewallRules: [{35D09679-70B6-4733-B697-8ADB95C0467E}] => (Block) E:1\steam\steam.exe => Keine Datei
FirewallRules: [{9B1D9BB1-A71A-4807-925D-4A0DAE76187E}] => (Block) E:1\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{4BB1DABE-C67A-4A7A-BF86-7744EB57E0FB}E:1\steam\steam.exe] => (Allow) E:1\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{89A5C73E-EC93-4A92-877C-3C4CD1A33CF8}E:1\steam\steam.exe] => (Allow) E:1\steam\steam.exe => Keine Datei
FirewallRules: [{60FC53B6-AE72-449D-89C7-63DC8C0E7B39}] => (Block) D:9\steam\steam.exe => Keine Datei
FirewallRules: [{7A949954-28A3-41AE-B2B9-80693FAECD91}] => (Block) D:9\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{501BFF67-706C-4F65-9A4F-481AB258E421}D:9\steam\steam.exe] => (Allow) D:9\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{97C30D4A-89AF-44A7-A268-80D4482E3398}D:9\steam\steam.exe] => (Allow) D:9\steam\steam.exe => Keine Datei
FirewallRules: [{B8A7892F-BA04-4D15-8293-240F728A815C}] => (Block) D:7\steam\steam.exe => Keine Datei
FirewallRules: [{3EE4B1BD-BD25-4609-8972-24B6178C5FEA}] => (Block) D:7\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{11AE5EAB-73DD-4915-9605-D63A769DB729}D:7\steam\steam.exe] => (Allow) D:7\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{25A0FD08-D9CA-4792-9CD1-38A4DF342E70}D:7\steam\steam.exe] => (Allow) D:7\steam\steam.exe => Keine Datei
FirewallRules: [{57321F5A-F0E5-4815-83AB-613DA55B69E5}] => (Allow) D:1\Steam\steamapps\common\NBA 2K20\NBA2K20.exe => Keine Datei
FirewallRules: [{537B9B8C-D6F0-4E07-AAEB-5350EAA2FE63}] => (Allow) D:1\Steam\steamapps\common\NBA 2K20\NBA2K20.exe => Keine Datei
FirewallRules: [{34647C61-7030-4AC6-B10E-F501059567E0}] => (Block) C:8\steam\steam.exe => Keine Datei
FirewallRules: [{5F983617-BF17-4D25-93F7-1EBEA5D6F9A3}] => (Block) C:8\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{94A28C4E-5551-4DFB-8B5E-CC0633137E82}C:8\steam\steam.exe] => (Allow) C:8\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{D5D2EF7E-D9E7-4F85-87A7-CC25410CB04D}C:8\steam\steam.exe] => (Allow) C:8\steam\steam.exe => Keine Datei
FirewallRules: [{F71CDDD7-6814-4568-8EE2-3090D7F5DA84}] => (Block) C:6\steam\steam.exe => Keine Datei
FirewallRules: [{51704051-62A5-4455-8591-207F8C6ABFBB}] => (Block) C:6\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{80733A93-BEA7-456D-A240-A61155AA7E08}C:6\steam\steam.exe] => (Allow) C:6\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{A5106E53-93C3-41A3-9DBE-5397991684D3}C:6\steam\steam.exe] => (Allow) C:6\steam\steam.exe => Keine Datei
FirewallRules: [{EDA7B1C5-6F90-4EB7-ABBF-AD9D6A1E8A38}] => (Block) C:4\steam\steam.exe => Keine Datei
FirewallRules: [{71751EC4-4CA3-4744-875B-B4D2C34AB868}] => (Block) C:4\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{7E12482D-651B-43F1-830A-31C35F4E926D}C:4\steam\steam.exe] => (Allow) C:4\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{F195A7EB-81C3-426D-B87E-F7B1408EBF25}C:4\steam\steam.exe] => (Allow) C:4\steam\steam.exe => Keine Datei
FirewallRules: [{88887DAB-F5FD-4E57-BC5B-C2C6551B5532}] => (Block) C:2\steam\steam.exe => Keine Datei
FirewallRules: [{6C9F9F35-83AA-415D-9797-A95C8688DC5C}] => (Block) C:2\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{C389F80F-0281-41FC-B279-DA2718BA367A}C:2\steam\steam.exe] => (Allow) C:2\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{00893C12-EBE4-4EAD-BD6A-02B7E9163CAA}C:2\steam\steam.exe] => (Allow) C:2\steam\steam.exe => Keine Datei
FirewallRules: [{CFE09109-72DD-483F-9298-AD9D7501E2E6}] => (Block) C:0\steam\steam.exe => Keine Datei
FirewallRules: [{75BFE8EA-6CBE-4FE1-9A52-BDBC96A4B3A0}] => (Block) C:0\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{4F907A0B-F634-4093-8141-EF78B944C84F}C:0\steam\steam.exe] => (Allow) C:0\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{B978629C-5484-4F7C-A74A-C34AFEBEF3F3}C:0\steam\steam.exe] => (Allow) C:0\steam\steam.exe => Keine Datei
FirewallRules: [{5D083666-A521-4338-ABDC-72DFD104022D}] => (Block) E:8\steam\steam.exe => Keine Datei
FirewallRules: [{D06D68CC-0F8E-419F-B159-116A141E0BB8}] => (Block) E:8\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{12F6C2CB-D046-47DA-8BC3-68EF06F25EA9}E:8\steam\steam.exe] => (Allow) E:8\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{4F876678-23FA-47CD-A286-B8F1DDE1A835}E:8\steam\steam.exe] => (Allow) E:8\steam\steam.exe => Keine Datei
FirewallRules: [{AED0A8F1-E55D-4D09-BED2-E98A98971EE2}] => (Block) E:6\steam\steam.exe => Keine Datei
FirewallRules: [{7F65C8A5-EF6B-44C0-83CD-CA5EAB0BD9EC}] => (Block) E:6\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{E0D3AC59-F13A-47C4-B2C5-95FED45221AF}E:6\steam\steam.exe] => (Allow) E:6\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{830779B1-2E79-4C23-84A6-50BBCEE36510}E:6\steam\steam.exe] => (Allow) E:6\steam\steam.exe => Keine Datei
FirewallRules: [{50B9FC5E-BDED-46A0-946B-D96AF134AAAA}] => (Block) E:4\steam\steam.exe => Keine Datei
FirewallRules: [{53E81463-1AAF-458F-803F-AAC037CC17E7}] => (Block) E:4\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{ACE2DFDE-5562-40F5-B7E9-610B4A8125B6}E:4\steam\steam.exe] => (Allow) E:4\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{EFBD6DB7-B34F-4DBB-B62E-C7FDB649473B}E:4\steam\steam.exe] => (Allow) E:4\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{EAC23F81-3DE0-4608-8178-F9DD112B6535}E:2\steam\steam.exe] => (Allow) E:2\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{626092E2-61F8-4861-AE4A-19E52928E2FD}E:2\steam\steam.exe] => (Allow) E:2\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{0DC110EB-2F2E-4F83-9447-E5259A96F544}E:0\steam\steam.exe] => (Allow) E:0\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{1311B496-28B0-4723-A46B-D5EF88981223}E:0\steam\steam.exe] => (Allow) E:0\steam\steam.exe => Keine Datei
FirewallRules: [{D87A31AD-1909-47D3-91F0-848048939D8F}] => (Block) D:5\steam\steam.exe => Keine Datei
FirewallRules: [{5BCE8539-96C9-4E28-8A09-071D54BEF77D}] => (Block) D:5\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{6FB02F3F-8ED8-455F-B659-F344C21635AA}D:5\steam\steam.exe] => (Allow) D:5\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{ABBB5AE0-BC96-4357-91C7-BDCB8816FAB5}D:5\steam\steam.exe] => (Allow) D:5\steam\steam.exe => Keine Datei
FirewallRules: [{7BD8A642-1397-4F56-9313-939A2A4BF4DA}] => (Block) D:3\steam\steam.exe => Keine Datei
FirewallRules: [{169E0CAA-CA70-4BE0-BB6C-4D09CFB54F63}] => (Block) D:3\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{46CE5196-747E-4C5B-8C81-926E227056B5}D:3\steam\steam.exe] => (Allow) D:3\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{BAE01E9C-6445-4742-98C9-E096910A41B5}D:3\steam\steam.exe] => (Allow) D:3\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{59181734-B760-45EE-AD48-839A9BB6C3CD}D:2\steam\steam.exe] => (Allow) D:2\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{C01A1640-BF70-4F95-A6D3-BB4092E64D35}D:2\steam\steam.exe] => (Allow) D:2\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{F4CA373C-A084-4839-9C32-5EA75FC34538}D:0\steam\steam.exe] => (Allow) D:0\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{BFC66938-D589-4794-B94B-A80582FDCD2B}D:0\steam\steam.exe] => (Allow) D:0\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{4A2F7347-2FAB-43FC-8F55-C342FBF21F81}D:8\steam\steam.exe] => (Allow) D:8\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{E70B516C-B36B-41BB-A8D5-CE1B0405E026}D:8\steam\steam.exe] => (Allow) D:8\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{A64293C6-ADA9-42CC-AFD6-790073F65086}D:6\steam\steam.exe] => (Allow) D:6\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{E4E9855A-891D-45E3-8F97-B3B9A3515C64}D:6\steam\steam.exe] => (Allow) D:6\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{3B29283A-C415-4E56-8C91-A74C94064D15}D:4\steam\steam.exe] => (Allow) D:4\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{BF1EEECF-525C-4938-8E8F-39E35D34540A}D:4\steam\steam.exe] => (Allow) D:4\steam\steam.exe => Keine Datei
FirewallRules: [UDP Query User{5E8F883D-DC36-4117-8D4D-3CF92EFA8EC8}D:1\steam\steam.exe] => (Allow) D:1\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{2CE8F6D8-E9B3-43F6-9BC4-E941E3BD0FF8}D:1\steam\steam.exe] => (Allow) D:1\steam\steam.exe => Keine Datei
FirewallRules: [{9905239E-CB1D-4A68-B2C6-F68CF45F97E1}] => (Allow) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei
FirewallRules: [{2ABBED15-E414-4392-9BA5-859D60929D6A}] => (Allow) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei
FirewallRules: [UDP Query User{6068ED33-9A7A-4BF0-88A3-8C89665FEC58}F:\steam\steam.exe] => (Allow) F:\steam\steam.exe => Keine Datei
FirewallRules: [TCP Query User{766FBEC1-80DA-475B-A898-C7E58B9C5F9A}F:\steam\steam.exe] => (Allow) F:\steam\steam.exe => Keine Datei
FirewallRules: [{39B4229B-3795-4CFF-A833-59DE18B1F102}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe => Keine Datei
FirewallRules: [{05FCA958-B299-4936-91A7-C01A9590064A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019.exe => Keine Datei
FirewallRules: [{63399978-5E94-4F0B-B0B5-F69FA33DA3BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe => Keine Datei
FirewallRules: [{FC7C31E6-9E77-4C04-A02B-2B2453625C47}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe => Keine Datei
FirewallRules: [{9DB86D4D-0715-4D94-9952-012347F4BAE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NBA 2K20\NBA2K20.exe => Keine Datei
FirewallRules: [{282612F8-1306-44C0-96FF-526ED9E87F7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NBA 2K20\NBA2K20.exe => Keine Datei
FirewallRules: [{236A86D0-7634-42F7-AF91-E70CAF1CE658}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DC6C12BB-C6B9-40D3-AB15-8DB0EA4F80F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4A241476-FFA5-432A-BBC1-326C8D3F85C3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei
FirewallRules: [{4538FD2B-0946-4CE2-9D22-84A7523BB93C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => Keine Datei
FirewallRules: [{7432B72F-555C-4C0B-A23E-5E2651122022}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Keine Datei
FirewallRules: [{58588F9F-157C-4E82-BE4A-9BC3A9E136B4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => Keine Datei
FirewallRules: [{DCD0A41B-EFB4-403B-8823-A38C2B97D16D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [UDP Query User{0290372E-CAEF-4007-BF90-0E139E68B221}C:\users\andre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andre\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{3BEE1BB0-8E90-4E31-8E59-63DBB821C54D}C:\users\andre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andre\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5FE6956B-ABBC-42C8-A8B7-4509E72DB7D7}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Keine Datei
FirewallRules: [{E8D8D4D7-AE38-4ED8-B559-6C14EF1A3A9B}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Keine Datei
FirewallRules: [{0085385C-0401-474F-A9AE-A8587F5BCE39}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0753A371-A82E-4F64-AB10-B944E009381B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2EB60B3D-63E3-46A2-8F51-B28D53D89AE6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8F41070C-7E30-4979-92EB-531D1C97816E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{86A69A3E-83A9-47AA-9A63-C0DE69EDF073}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{38029654-8C49-49E3-913A-D65556116790}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{533E6623-F53A-4527-B815-9CE2472ACDF2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{128764E4-5E5A-4FDC-88D9-13F7376CD33D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{E951150E-BF4B-412F-9374-A9B06B7541D4}C:\windows\system32\oobe\useroobebroker.exe] => (Block) C:\windows\system32\oobe\useroobebroker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{D9DF2414-6E90-450A-A17A-5480C6B96FDB}C:\windows\system32\oobe\useroobebroker.exe] => (Block) C:\windows\system32\oobe\useroobebroker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E92E5266-21DE-4C28-AF17-A0553EDE604E}] => (Allow) C:\Users\andre\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
FirewallRules: [{57067FEB-06CB-4F66-8E60-4ED92FC86761}] => (Allow) C:\Users\andre\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{54B325C6-C264-4162-B1B0-E6A28340BEFC}] => (Allow) C:\Users\andre\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8ABA7B0C-F447-4DE3-A099-D890BADDBD19}] => (Allow) F:\Steam\steamapps\common\NBA 2K22\NBA2K22.exe => Keine Datei
FirewallRules: [{A217F052-947C-4F28-A80E-38E19DD24470}] => (Allow) F:\Steam\steamapps\common\NBA 2K22\NBA2K22.exe => Keine Datei
FirewallRules: [{D7DB347E-749B-4235-89E2-CEE356ED5C6F}] => (Allow) C:\Users\andre\Downloads\install\wlan_wiz\.\wlan_assistant\waw.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [{96E98F6D-BC2F-451F-B51C-C07DDF5ABCE6}] => (Allow) C:\Users\andre\Downloads\install\wlan_wiz\.\wlan_assistant\waw.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [TCP Query User{86A118F2-97E4-4EC7-8998-145A68868043}C:\users\andre\appdata\roaming\ggpcom\meta-inf\air\extensions\com.nsuslab.lockneane\meta-inf\ane\windows-x86\ggnet.exe] => (Allow) C:\users\andre\appdata\roaming\ggpcom\meta-inf\air\extensions\com.nsuslab.lockneane\meta-inf\ane\windows-x86\ggnet.exe (NSUS Ltd. -> )
FirewallRules: [UDP Query User{34FDE04A-FA82-47F1-B258-83F43FD4167E}C:\users\andre\appdata\roaming\ggpcom\meta-inf\air\extensions\com.nsuslab.lockneane\meta-inf\ane\windows-x86\ggnet.exe] => (Allow) C:\users\andre\appdata\roaming\ggpcom\meta-inf\air\extensions\com.nsuslab.lockneane\meta-inf\ane\windows-x86\ggnet.exe (NSUS Ltd. -> )
FirewallRules: [{28ABD3B0-71C5-4FBE-8A76-F2A5860C2EB5}] => (Allow) F:\Steam\steamapps\common\NBA 2K23\NBA2K23.exe => Keine Datei
FirewallRules: [{0543413B-B1E9-4818-8D26-B71B752C9496}] => (Allow) F:\Steam\steamapps\common\NBA 2K23\NBA2K23.exe => Keine Datei
FirewallRules: [{4A0C0C35-9D20-4959-BF5B-30D11FDD5AE1}] => (Allow) F:\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe => Keine Datei
FirewallRules: [{D7E3737A-E2AE-4AB8-9B45-113E4E20C8C5}] => (Allow) F:\Steam\steamapps\common\F1 2019\F1_2019_dx12.exe => Keine Datei
FirewallRules: [{F1FFA822-3464-455B-A920-665AAC6952BC}] => (Allow) F:\Steam\steamapps\common\F1 2019\F1_2019.exe => Keine Datei
FirewallRules: [{F901AB39-AFFA-4346-81B4-3431DFD7478B}] => (Allow) F:\Steam\steamapps\common\F1 2019\F1_2019.exe => Keine Datei
FirewallRules: [{3524C592-C36B-48DB-8587-EA7F537C9619}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B5A4BE29-9C8B-4B6A-BE34-51A057547E2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A75479CF-379B-4746-A8B6-B949E523238F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8EF318B8-098E-457C-BAD6-0744AD09CEDF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7B7C03D9-F3C3-4A63-A385-03496C097C87}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C71C1490-CD41-4C26-BB9E-6C10325A3F81}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1A173E1-664B-452E-987E-4606CD5541D7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F78076B7-B9D5-4D58-8DE7-E835E45434F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93397081-EA7B-4D51-95D5-930A93ABA7A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.18623.20178.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E3C33EF-343E-403C-A577-5C9A3527AC3B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25C88A00-508D-4CD4-B997-B1B1D2250D6B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.98\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{983939BB-2AEF-4EF6-9690-C7D94F59478D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Wiederherstellungspunkte =========================
01-05-2025 20:31:18 Geplanter Prüfpunkt
03-05-2025 12:40:41 Revo Uninstaller's restore point - F-Secure
03-05-2025 12:42:57 Revo Uninstaller's restore point - Freedome
03-05-2025 12:46:44 Revo Uninstaller's restore point - Freedome
03-05-2025 21:00:57 Revo Uninstaller's restore point - F-Secure
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Freedome Wintun Userspace Tunnel
Description: Freedome Wintun Userspace Tunnel
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: F-Secure Corporation
Service: fsfreedomewintun
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (05/03/2025 09:00:56 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert.Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {c3dd5ff3-36ff-4303-b95a-b9d5a9b31200}
Error: (05/03/2025 01:51:50 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.]
Error: (05/03/2025 12:49:17 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren..
Error: (05/03/2025 12:49:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.]
Error: (05/03/2025 12:46:43 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert.Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {46163449-432a-4e31-ad66-bb609b684d95}
Error: (05/03/2025 12:44:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren..
Error: (05/03/2025 12:44:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren..
Error: (05/03/2025 12:44:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren..
Systemfehler:
=============
Error: (05/03/2025 09:02:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "F-Secure Hoster (Restricted)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/03/2025 09:02:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "F-Secure Hoster" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/03/2025 01:54:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Broker für Laufzeitüberwachung der Systemüberwachung" wurde mit folgendem Fehler beendet:
%%3489660935
Error: (05/03/2025 01:54:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (05/03/2025 01:54:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.
Error: (05/03/2025 01:52:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "fsvpnextsvc" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (05/03/2025 01:52:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (05/03/2025 01:52:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LMS" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
CodeIntegrity:
===============
Date: 2025-05-03 21:03:40
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\F-Secure\SAFE\epp\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
BIOS: Insyde F.19 12/12/2019
Hauptplatine: HP 836B
Prozessor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 16269.22 MB
Verfügbarer physikalischer RAM: 9350.91 MB
Summe virtueller Speicher: 18701.22 MB
Verfügbarer virtueller Speicher: 11011.66 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:237.24 GB) (Free:132 GB) (Model: KXG50ZNV256G TOSHIBA) NTFS
Drive d: (DATA) (Fixed) (Total:915.1 GB) (Free:914.92 GB) (Model: ST1000LM049-2GH172) NTFS
Drive e: (RECOVERY) (Fixed) (Total:16.41 GB) (Free:1.94 GB) (Model: ST1000LM049-2GH172) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
\\?\Volume{7012d703-7baf-424c-bf81-4a028e8ce154}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.25 GB) NTFS
\\?\Volume{29ae8d42-9f98-438f-b22c-d81ce8801dfd}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3F2A433C)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: D49EA0B2)
Partition: GPT.
==================== Ende von Addition.txt =======================
|
Lesestoff: