| |
| |||||||
Log-Analyse und Auswertung: Fernsteuerung des PC wärend de Browser geöffnet warWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
12.02.2023, 00:49
| #1 |
| |  Fernsteuerung des PC wärend de Browser geöffnet war Hallo zusammen, Heute abend ist folgendes vorgefallen: Während ich im Internet am surfen war. Wurde mein PC plötzlich ferngesteuert. in die Suchzeile wurde "edge://settings/profiles" eingetitppt. dann öffnete sich plötzlich das Druckerfenster und es wurde etwas ausgedruckt. Ich habe dann den PC so schnell wie möglich vom Internet getrennt und ausgeschaltet. Ausgedruckt wurde dann ein ziemlich langer Code angefangen hat das ganze so: "Es gibt keine Ergebnisse für "var tmpBaseUrl = "https://browser.services/"; var tmpSetUrl =..." Das ganze war dann auf der Microsoft Bing website. Ich habe dann offline den Windows Defender durchlaufen lassen, dieser hat aber nichts gefunden. Habe dann Malewarebytes offline installiert und durchlaufen lassen, der hat aber auch nichts gefunden. Als ich AdwCleaner durchlaufen lies wurde etwas gefunden, dies habe ich dann entfernt. Bin mir jetzt unsicher, ob ich etwas auf dem PC habe oder ob irgend ein Script aus dem Browser, dass hervorufen kann. Hier die Logs FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01
durchgeführt von Alex (Administrator) auf DESKTOP-U40FNCE (Gigabyte Technology Co., Ltd. B550 AORUS PRO) (12-02-2023 00:16:23)
Gestartet von E:\User\Alex\Downloads
Geladene Profile: Alex
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.2486 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft OneDrive\OneDrive.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.020.0125.0003\Microsoft.SharePoint.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudFirefox.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <7>
(DriverStore\FileRepository\u0386458.inf_amd64_e0283e9e7966f704\B386218\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0386458.inf_amd64_e0283e9e7966f704\B386218\atieclxx.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATISFE.EXE
(explorer.exe ->) (Valve Corp. -> Valve Corporation) P:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(P:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) P:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0386458.inf_amd64_e0283e9e7966f704\B386218\atiesrxx.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) P:\Program Files\PDF24\pdf24.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (ASCOMP Software GmbH -> ASCOMP Software GmbH) P:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21318.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21318.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [PDF24] => P:\Program Files\PDF24\pdf24.exe [619192 2023-01-02] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1090784 2020-07-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3089288 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2629512 2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\Run: [Steam] => P:\Program Files (x86)\Steam\steam.exe [4253032 2023-02-10] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3544592 2023-02-03] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (Keine Datei)
HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Alex\AppData\Local\Microsoft\Teams\Update.exe [2587360 2023-02-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\Run: [MicrosoftEdgeAutoLaunch_9907A6E846273BFEEA9614E5E48A76AD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2023-02-01] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATISFE.EXE [418736 2019-08-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3544592 2023-02-03] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Print\Monitors\EPSON ET-3750 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBSFE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EPSON Universal Print Driver 64MonitorBE: C:\WINDOWS\system32\E_2LM0DE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2023-02-02]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00D8BF63-40DA-4B7C-9093-C9B734CD9C88} - System32\Tasks\GoogleUpdateTaskMachineUA{1611367E-E6FA-4B9F-88BC-D4166601C2E5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-05] (Google LLC -> Google LLC)
Task: {124E760B-DC69-4CE2-B97B-9D10B37039D7} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [679352 2022-11-30] (Advanced Micro Devices Inc. -> AMD)
Task: {13AF870C-197E-4FFA-A48E-4600173F3B49} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2411324124-3755587723-3982668853-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4190088 2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {13BB4A46-C896-4750-9956-F985943CA680} - System32\Tasks\EPSON ET-3750 Series Update {97A27B5B-AE39-462E-B826-F98E82F80D8A} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSFE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {157DB44B-7059-4628-AA73-79214D11D6AC} - System32\Tasks\GoogleUpdateTaskMachineCore{E442AAC7-06C3-4550-A2C5-05A3A0616933} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-05] (Google LLC -> Google LLC)
Task: {20BB4E23-0743-429F-BE38-8F32F6A0CE44} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183224 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {2902598E-D6E2-4423-B04D-FC25C23739E4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [710560 2023-02-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {357B7985-9BFF-4ECC-B866-57D3F976072D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {4127792E-FBBE-4BA6-93B5-551B9FCA222B} - System32\Tasks\XMLDSB => C:\Users\Alex\AppData\Local\Startfenster\setupbds.exe (Keine Datei)
Task: {44BED469-52EE-407F-94B1-7FA5C0DCE9CC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {56C7301F-D920-43BF-9790-8937A377DDEA} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56760 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {59A2C779-DFAD-428D-9DEC-48AE603EFDB4} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [121595968 2023-01-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {665D4776-5835-4B8B-84F4-B939C1AD93A3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [661408 2023-02-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {681A9F0E-7E3D-4B4F-969D-C423CE709E49} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168920 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {68655DE5-71EE-4781-A6C5-A017303E2A91} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2023-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {757D2FAC-474A-494E-9D44-C1CD21E00EEA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2023-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {83021BCC-16A3-4686-B106-9DB6FE8CD97F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {875689B3-D951-45C4-B0CC-B8AE2678DB1D} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954808 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {8CA02C56-073A-417D-BA75-6875087326B2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2411324124-3755587723-3982668853-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4190088 2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {8DC9F994-F0C1-4F80-8207-D7E2A7A9B71A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56760 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {A392AC47-B1BC-4953-912C-751E1C527DDB} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954808 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {AD88703A-6016-4E6C-832B-09BCC586F99F} - System32\Tasks\BackUp_Maker-Alex => P:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe [11308832 2022-02-13] (ASCOMP Software GmbH -> ASCOMP Software GmbH)
Task: {B947DE2C-C5BA-4EC7-9CC8-C466ACA5A4A5} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4190088 2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD79E1D2-F339-413A-887A-98B1443112BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2023-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C42DD6E6-1E1C-4A69-8244-701526838CBC} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {CDDC44B5-843C-4774-A394-9249785387B4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8E225A2-63F4-4811-947E-0A2AB6629AFE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E6D64830-A43D-4F9C-9BAB-3A4CD3F705F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2023-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F1C6840F-7ACC-4D13-8CE7-340F9F8219C3} - System32\Tasks\VLC Plus Player Updater => C:\Users\Alex\AppData\Local\VLC [Argument = Plus Player Updater\Updater.exe]
Task: {FE4E0ACE-0759-445B-B5F3-FA0033052F4A} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3826312 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON ET-3750 Series Update {97A27B5B-AE39-462E-B826-F98E82F80D8A}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSFE.EXE:/EXE:{97A27B5B-AE39-462E-B826-F98E82F80D8A} /F:UpdateWORKGROUP\DESKTOP-U40FNCE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.188.1
Tcpip\..\Interfaces\{ab488566-dcfc-46fd-896d-64007c27faf5}: [DhcpNameServer] 192.168.188.1
Edge:
=======
Edge Profile: C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-11]
FireFox:
========
FF DefaultProfile: l1zdlh02.default
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\l1zdlh02.default [2023-01-05]
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\i3xl0zmk.default-release-1676153967236 [2023-02-12]
FF Extension: (AdBlocker Ultimate) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\i3xl0zmk.default-release-1676153967236\Extensions\adblockultimate@adblockultimate.net.xpi [2023-02-11]
FF Extension: (iCloud Bookmarks) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\i3xl0zmk.default-release-1676153967236\Extensions\firefoxdav@icloud.com.xpi [2023-02-11]
FF Extension: (NoScript) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\i3xl0zmk.default-release-1676153967236\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2023-02-11]
FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-01-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-01-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-01-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-01-05] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default [2023-02-11]
CHR Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-05]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe [509880 ] (Advanced Micro Devices Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761408 2023-01-16] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncHelper.exe [3486584 2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10172672 2023-02-01] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8967840 2023-02-11] (Malwarebytes Inc. -> Malwarebytes)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2022-09-08] (Microsoft Windows -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.020.0125.0003\OneDriveUpdaterService.exe [3857296 2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; P:\Program Files\PDF24\pdf24.exe [619192 2023-01-02] (geek software GmbH -> geek software GmbH)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2022-11-16] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300552 2023-02-02] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-10-24] (Razer USA Ltd. -> Razer Inc.)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [371776 2023-01-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10430256 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\NisSrv.exe [3191264 2023-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MsMpEng.exe [133592 2023-01-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54720 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2023-01-05] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV19; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [43336 2022-11-30] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0386458.inf_amd64_e0283e9e7966f704\B386218\amdkmdag.sys [94464432 2022-12-07] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2023-01-12] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-01-12] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2023-01-12] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_007e; C:\WINDOWS\System32\drivers\RzDev_007e.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0086; C:\WINDOWS\System32\drivers\RzDev_0086.sys [53288 2021-09-28] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0088; C:\WINDOWS\System32\drivers\RzDev_0088.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22216888 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2023-01-05] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2023-01-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2023-01-05] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-02-12 00:16 - 2023-02-12 00:16 - 000000000 ____D C:\FRST
2023-02-11 23:23 - 2023-02-11 23:23 - 000000000 ____D C:\AdwCleaner
2023-02-11 22:45 - 2023-02-11 22:45 - 000000000 ____D C:\Users\Alex\AppData\Local\mbam
2023-02-11 22:44 - 2023-02-11 22:44 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-02-11 22:44 - 2023-02-11 22:44 - 000002027 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-02-11 22:43 - 2023-02-11 22:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-02-11 22:24 - 2023-02-11 22:43 - 000000000 ____D C:\Program Files\Malwarebytes
2023-02-11 22:07 - 2023-02-12 00:11 - 097517568 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-02-11 22:05 - 2023-02-11 22:07 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-02-11 12:18 - 2023-02-11 12:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Game Manager Service
2023-02-10 19:31 - 2023-02-11 21:35 - 000000000 ____D C:\Users\Alex\AppData\Local\SvRmt
2023-02-10 19:31 - 2023-02-10 19:31 - 000002988 _____ C:\WINDOWS\system32\Tasks\XMLDSB
2023-02-10 19:29 - 2023-02-10 19:29 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2023-02-02 15:52 - 2023-02-02 15:52 - 000000000 ____D C:\Users\Alex\AppData\Roaming\StardewValley
2023-02-01 18:37 - 2023-02-01 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2023-02-01 18:30 - 2023-02-02 15:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-01 18:21 - 2023-02-01 18:21 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2023-02-01 18:18 - 2023-02-01 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2023-02-01 18:18 - 2023-02-01 18:18 - 000000000 ____D C:\Program Files\LGHUB
2023-01-25 19:17 - 2023-01-25 19:17 - 000002067 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-22 19:22 - 2023-01-30 20:46 - 000000000 ____D C:\Users\Alex\AppData\Roaming\PapDesigner
2023-01-21 20:27 - 2023-01-21 20:27 - 000000000 ____D C:\Users\Alex\AppData\LocalLow\Oracle
2023-01-20 17:43 - 2023-01-20 17:43 - 000001833 _____ C:\Users\Public\Desktop\Glooko Uploader.lnk
2023-01-20 17:43 - 2023-01-20 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glooko Uploader
2023-01-20 17:43 - 2023-01-20 17:43 - 000000000 ____D C:\Program Files\Glooko Uploader
2023-01-18 22:15 - 2023-01-18 22:15 - 000000000 ____D C:\Users\Alex\AppData\Local\VALORANT
2023-01-18 22:15 - 2023-01-18 22:15 - 000000000 ____D C:\Users\Alex\AppData\Local\UnrealEngine
2023-01-18 21:17 - 2023-01-18 21:37 - 000001529 _____ C:\Users\Public\Desktop\VALORANT.lnk
2023-01-18 21:17 - 2023-01-18 21:17 - 000000000 ____D C:\Program Files\Riot Vanguard
2023-01-18 20:36 - 2023-01-18 20:36 - 001958420 _____ C:\WINDOWS\Minidump\011823-9031-01.dmp
2023-01-18 20:20 - 2023-01-18 20:36 - 1414515589 _____ C:\WINDOWS\MEMORY.DMP
2023-01-18 20:20 - 2023-01-18 20:36 - 000000000 ____D C:\WINDOWS\Minidump
2023-01-18 20:20 - 2023-01-18 20:20 - 001895116 _____ C:\WINDOWS\Minidump\011823-9156-01.dmp
2023-01-18 19:55 - 2023-01-18 19:55 - 000000000 ____D C:\Users\Alex\AppData\Local\TeamSpeak 3
2023-01-18 19:53 - 2023-02-12 00:15 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2023-01-18 19:52 - 2023-01-18 19:52 - 000000823 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2023-01-18 19:51 - 2023-01-18 21:14 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-01-18 19:46 - 2023-01-25 21:32 - 000000000 ____D C:\ProgramData\Riot Games
2023-01-18 19:46 - 2023-01-18 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-01-18 19:46 - 2023-01-18 21:16 - 000000000 ____D C:\Users\Alex\AppData\Local\Riot Games
2023-01-16 20:02 - 2023-01-18 19:53 - 000000951 _____ C:\WINDOWS\Tasks\EPSON ET-3750 Series Update {97A27B5B-AE39-462E-B826-F98E82F80D8A}.job
2023-01-16 20:02 - 2023-01-16 20:02 - 000004150 _____ C:\WINDOWS\system32\Tasks\EPSON ET-3750 Series Update {97A27B5B-AE39-462E-B826-F98E82F80D8A}
2023-01-16 20:02 - 2023-01-16 20:02 - 000000000 ____D C:\Users\Alex\AppData\Roaming\EPSON
2023-01-16 20:02 - 2023-01-16 20:02 - 000000000 ____D C:\Program Files\EpsonNet
2023-01-16 20:02 - 2023-01-16 20:02 - 000000000 ____D C:\Program Files\Common Files\EPSON
2023-01-16 20:01 - 2023-01-16 20:01 - 000000000 ____D C:\WINDOWS\twain_64
2023-01-16 20:01 - 2023-01-16 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2023-01-16 20:01 - 2023-01-16 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2023-01-16 20:01 - 2023-01-16 20:01 - 000000000 ____D C:\Program Files\epson
2023-01-16 20:01 - 2023-01-16 20:01 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2023-01-16 20:01 - 2023-01-16 20:01 - 000000000 ____D C:\Program Files (x86)\epson
2023-01-16 20:01 - 2020-10-02 18:10 - 000206304 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2023-01-16 20:01 - 2020-10-02 18:10 - 000165392 _____ (TWAIN Working Group) C:\WINDOWS\system32\twaindsm.dll
2023-01-16 20:01 - 2020-10-02 18:10 - 000147472 _____ (TWAIN Working Group) C:\WINDOWS\SysWOW64\twaindsm.dll
2023-01-16 19:59 - 2023-01-16 20:02 - 000000000 ____D C:\ProgramData\EPSON
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-02-12 00:16 - 2023-01-05 14:22 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-12 00:15 - 2023-01-05 14:22 - 000000000 ____D C:\Users\Alex\AppData\LocalLow\Mozilla
2023-02-12 00:14 - 2023-01-05 14:37 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-12 00:14 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-12 00:12 - 2023-01-12 20:39 - 000000000 ____D C:\Users\Alex\AppData\Roaming\LGHUB
2023-02-12 00:12 - 2023-01-12 20:39 - 000000000 ____D C:\Users\Alex\AppData\Local\LGHUB
2023-02-12 00:12 - 2023-01-05 17:30 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Samsung Magician
2023-02-12 00:12 - 2023-01-05 15:21 - 000000000 ___RD C:\Users\Alex\iCloudDrive
2023-02-12 00:12 - 2023-01-05 15:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-12 00:12 - 2023-01-05 14:59 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-12 00:12 - 2023-01-05 14:12 - 000000000 ___RD C:\Users\Alex\OneDrive
2023-02-12 00:11 - 2023-01-05 14:18 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2023-02-12 00:11 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-02-11 23:19 - 2023-01-05 15:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-02-11 22:51 - 2023-01-05 14:10 - 000000000 ____D C:\Users\Alex\AppData\Local\Packages
2023-02-11 22:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-11 22:44 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-02-11 22:39 - 2023-01-05 15:19 - 000000000 ____D C:\Users\Alex\AppData\Local\CrashDumps
2023-02-11 22:15 - 2023-01-05 15:05 - 001632020 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-11 22:15 - 2019-12-07 15:51 - 000705894 _____ C:\WINDOWS\system32\perfh007.dat
2023-02-11 22:15 - 2019-12-07 15:51 - 000142188 _____ C:\WINDOWS\system32\perfc007.dat
2023-02-11 22:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-11 21:22 - 2023-01-05 14:59 - 000002402 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-11 21:22 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-11 12:19 - 2023-01-05 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2023-02-11 12:17 - 2023-01-05 15:10 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-02-10 19:32 - 2023-01-05 15:03 - 000003832 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{EEB57A7C-2933-4A33-A051-D724946BE8F1}
2023-02-10 19:32 - 2023-01-05 15:03 - 000003708 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{E4C6B6FA-AD59-4891-A0F3-2AC75A13E8FD}
2023-02-10 19:31 - 2023-01-05 18:52 - 000003440 _____ C:\WINDOWS\system32\Tasks\VLC Plus Player Updater
2023-02-10 19:30 - 2023-01-05 15:02 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2411324124-3755587723-3982668853-1001
2023-02-10 19:30 - 2023-01-05 15:02 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2411324124-3755587723-3982668853-1000
2023-02-10 19:30 - 2023-01-05 15:02 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-02-10 19:30 - 2023-01-05 14:37 - 000002154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-05 20:56 - 2023-01-05 14:34 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Element
2023-02-05 19:53 - 2023-01-05 14:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-05 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-02-04 13:03 - 2023-01-06 21:52 - 000000000 ____D C:\Users\Alex\AppData\Roaming\BiBox 2.0
2023-02-02 22:02 - 2023-01-06 21:57 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Unterrichtsmanager
2023-02-02 21:32 - 2023-01-05 19:39 - 000000000 ____D C:\Users\Alex\AppData\Local\AMD_Common
2023-02-02 15:51 - 2023-01-05 14:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-01 19:20 - 2023-01-05 14:22 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-01 18:37 - 2023-01-05 17:30 - 000003350 _____ C:\WINDOWS\system32\Tasks\SamsungMagician
2023-02-01 15:07 - 2023-01-05 17:38 - 000000000 ____D C:\Users\Alex\AppData\Local\D3DSCache
2023-02-01 15:06 - 2023-01-06 16:17 - 000002369 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2023-02-01 14:32 - 2023-01-05 14:34 - 000000000 ____D C:\Users\Alex\AppData\Local\element-desktop
2023-01-31 16:22 - 2023-01-05 14:33 - 000000000 ____D C:\Program Files\Microsoft Office
2023-01-28 17:59 - 2023-01-08 13:18 - 000000000 ____D C:\Users\Alex\AppData\Roaming\Worksheet Crafter
2023-01-27 17:14 - 2023-01-05 14:37 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-26 20:16 - 2023-01-05 17:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-25 21:32 - 2023-01-05 19:25 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2023-01-25 21:32 - 2023-01-05 18:06 - 000000811 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.32.lnk
2023-01-25 21:32 - 2023-01-05 14:44 - 000000846 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2023-01-25 21:32 - 2023-01-05 14:43 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-25 21:32 - 2023-01-05 14:36 - 000002543 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-01-25 21:32 - 2023-01-05 14:22 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk
2023-01-25 19:17 - 2023-01-05 15:02 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-01-24 20:51 - 2023-01-06 21:52 - 000000961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BiBox 2.0.lnk
2023-01-24 20:51 - 2023-01-05 14:36 - 000002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-01-23 18:54 - 2023-01-05 15:14 - 000000000 ____D C:\Users\Alex\AppData\Local\PlaceholderTileLogoFolder
2023-01-23 17:07 - 2023-01-06 21:52 - 000000000 ____D C:\Users\Alex\AppData\Local\bibox2-updater
2023-01-21 20:28 - 2023-01-05 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-01-21 20:28 - 2023-01-05 15:57 - 000000000 ____D C:\Program Files\Java
2023-01-18 21:08 - 2023-01-05 15:00 - 000000000 ____D C:\Users\Alex
2023-01-18 20:59 - 2023-01-05 14:10 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-01-17 16:52 - 2023-01-05 14:25 - 000000000 ___DC C:\WINDOWS\Panther
2023-01-16 20:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-02-2023 01
durchgeführt von Alex (12-02-2023 00:17:05)
Gestartet von E:\User\Alex\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.2486 (X64) (2023-01-05 14:02:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-2411324124-3755587723-3982668853-500 - Administrator - Disabled)
Alex (S-1-5-21-2411324124-3755587723-3982668853-1001 - Administrator - Enabled) => C:\Users\Alex
DefaultAccount (S-1-5-21-2411324124-3755587723-3982668853-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2411324124-3755587723-3982668853-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2411324124-3755587723-3982668853-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2411324124-3755587723-3982668853-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 22.003.20314 - Adobe)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.4 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.11.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{cf77cf6b-71ff-4a71-802d-43adb9b271b7}) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.) Hidden
BackUp Maker (HKLM-x32\...\BackUp Maker_is1) (Version: 8.1.0.0 - ASCOMP Software GmbH)
BiBox 2.0 2.4.2 (HKLM\...\2e1ea4ea-03c5-5b40-afa3-380fbece6940) (Version: 2.4.2 - Westermann Gruppe GmbH & Co. KG)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
Druckerdeinstallation für EPSON Universal Print Driver (HKLM\...\EPSON Universal Print Driver) (Version: - SEIKO EPSON Corporation)
Element (HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\element-desktop) (Version: 1.11.22 - Element)
EPSON ET-3750 Series Printer Uninstall (HKLM\...\EPSON ET-3750 Series) (Version: - Seiko Epson Corporation)
EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{26A9B753-4B5D-46D8-A329-5CEF96FC22D2}) (Version: 4.6.5 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
GIMP 2.10.32-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team)
Glooko Uploader Version 3.13.1_BuildR3n06 (HKLM\...\{560BABF3-65FD-4102-9669-5ECC2720EE0C}_is1) (Version: 3.13.1_BuildR3n06 - Glooko)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
iCloud Numbers (HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\5e37d8ec732c281015f6fdcdeccae095) (Version: 1.0 - Google\Chrome)
iCloud Outlook (HKLM\...\{11727D12-D910-486F-9B36-B496F4AB334D}) (Version: 14.1.0.108 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 361 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180361F0}) (Version: 8.0.3610.9 - Oracle Corporation)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.1.364056 - Logitech)
Malwarebytes version 4.5.22.236 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.22.236 - Malwarebytes)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.16026.20146 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.41 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.020.0125.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\Teams) (Version: 1.6.00.376 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 109.0.1 (x64 de)) (Version: 109.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 108.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16026.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
PDF24 Creator 11.9.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.9.1 - PDF24.org)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.8.0209.020311 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.56.119.2022 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
RyzenMasterSDK (HKLM\...\{85A2A688-4A95-4298-9FEC-F18F42B8EB7E}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.2.1.980 - Samsung Electronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.8070 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
VALORANT (HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.2183 - Microsoft Corporation)
WinRAR 6.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Worksheet Crafter (HKLM-x32\...\{BA0ADF97-5ED4-415F-AA1B-1716582FF267}_is1) (Version: 2022.3.3.120 - SchoolCraft GmbH)
Packages:
=========
AirServer Windows 10 Desktop Edition -> C:\Program Files\WindowsApps\F3F176BD.AirServer_2021.2.23.2_x64__p8qzvses5c8me [2023-01-05] (App Dynamic ehf.) [Startup Task]
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52851.0_x64__8wekyb3d8bbwe [2023-01-23] (Microsoft Corporation)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.45.5.0_x64__6rarf9sa4v8jt [2023-02-01] (Disney)
GeoGebra Grafikrechner -> C:\Program Files\WindowsApps\18FD273D.GeoGebraGraphingCalculator_6.0.573.0_neutral__1f5eszzrqmqpy [2023-01-05] (Internationales GeoGebra Institut)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa [2023-01-05] (Apple Inc.) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa [2023-01-05] (Apple Inc.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2023-01-05] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2023-01-05] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-01-05] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2304.6.0_x64__cv1g1gvanyjgm [2023-02-10] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x64__8wekyb3d8bbwe [2023-01-05] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x86__8wekyb3d8bbwe [2023-01-05] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2411324124-3755587723-3982668853-1001_Classes\CLSID\{04271989-C4D2-5D0A-6D7A-C08142CB6CA3} -> [OneDrive - ******] => E:\OneDrive - ******* [2022-08-10 19:27]
CustomCLSID: HKU\S-1-5-21-2411324124-3755587723-3982668853-1001_Classes\CLSID\{0AC4BAD3-F3CE-4256-A30F-0C41AE0604A2} -> [iCloud Drive] => C:\Users\Alex\iCloudDrive [2023-01-05 15:21]
CustomCLSID: HKU\S-1-5-21-2411324124-3755587723-3982668853-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Alex\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22321.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2411324124-3755587723-3982668853-1001_Classes\CLSID\{ECCA7D80-4D43-4179-995F-8A65EDD15B17} -> [iCloud-Fotos] => C:\Users\Alex\Pictures\iCloud Photos\Photos [2023-01-05 15:21]
CustomCLSID: HKU\S-1-5-21-2411324124-3755587723-3982668853-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\FileSyncApi64.dll => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => P:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => P:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-11] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.020.0125.0003\FileSyncShell64.dll [2023-02-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-11] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => P:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => P:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\iCloud Numbers.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=emddpcbmhfoldbegbngkhepdbflbbmop
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2022-10-24 06:03 - 2022-08-09 04:52 - 001427968 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2023-02-01 18:36 - 2023-01-16 18:25 - 002566656 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\ffmpeg.dll
2023-02-01 18:36 - 2023-01-16 18:25 - 000357888 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\libegl.dll
2023-02-01 18:36 - 2023-01-16 18:25 - 006829568 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\libglesv2.dll
2023-02-01 18:36 - 2023-01-16 18:25 - 000097280 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magutils-napi.node
2023-02-01 18:36 - 2023-01-16 18:25 - 000087040 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magvibrancy-napi.node
2023-02-01 18:36 - 2023-01-16 18:25 - 000568320 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\uimpewrapper-napi.node
2022-10-28 15:06 - 2022-10-28 15:06 - 000912896 _____ () [Datei ist nicht signiert] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2022-10-28 15:06 - 2022-10-28 15:06 - 003109888 _____ () [Datei ist nicht signiert] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2023-02-01 18:18 - 2023-02-01 18:18 - 000155136 _____ () [Datei ist nicht signiert] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node
2023-01-05 14:27 - 2022-11-07 11:17 - 000387072 _____ () [Datei ist nicht signiert] P:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2023-01-05 14:27 - 2022-11-07 11:17 - 008052736 _____ () [Datei ist nicht signiert] P:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2023-01-05 14:36 - 2023-01-05 14:36 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2023-01-05 14:36 - 2023-01-05 14:36 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\enppmon.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BiBox 2.0.lnk:D1561EB195 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Privater Modus.lnk:83A68E50E4 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.32.lnk:BFDD4D0564 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk:CF0BC1546B [3442]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_361\bin\ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_361\bin\jp2ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-01-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\sharepoint.com -> hxxps://clakreuz-files.sharepoint.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2411324124-3755587723-3982668853-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.188.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "PDF24"
HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2411324124-3755587723-3982668853-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_9907A6E846273BFEEA9614E5E48A76AD"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{43601875-8E5D-4866-932D-6843F78285BC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3828F700-C1AF-4051-B483-784048FEFF69}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43CC77C9-2F06-4211-87C1-DE11D2F366C3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C94E6AB7-64B5-47C5-9F34-C4AD892A25A9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{90AEBBC8-D192-4EF0-AB53-DAE72A86C904}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{656FEE9D-16D6-41D5-86F0-E2A5DB9CA289}] => (Allow) P:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{43932AA3-640A-4C2D-AA47-650D903BF3C1}] => (Allow) P:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E1480C56-92C1-4092-8E1F-23B7268A76C1}] => (Allow) P:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F03FAA95-3702-4EAE-BD22-E2AE056C4A4C}] => (Allow) P:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2AB8F550-EB4C-4D96-8BB2-21013CB44DC5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A11610AA-3F29-4B58-A430-29968DE144A5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{858F25AD-19D3-4352-A4A6-997A24A36C07}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1B2EAE91-2EB7-4032-8CF5-1235C04BEE1A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{253AE7D8-D2F1-4F6D-BB2B-6863CB63DB9D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{64E0D8C9-B772-4517-8FCA-4DB6B0E48811}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CA6B9DD3-6FD4-493D-94FD-0F1BF4532343}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{716E3DAF-6DF4-4BBE-B602-9A10F3D69951}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AE6BE1BF-DD12-4CC5-8C1D-5B553FFFBEF3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5F570D60-26FC-4BF6-ACE0-DB8EE15C84B6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12127.1.57051.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{30CB30E9-F578-429B-B346-05CD6F249DA1}] => (Allow) S:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{106FE268-D4A4-4D97-81CC-85BA50CDF5A6}] => (Allow) S:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{67B04F3D-7013-4BFA-B2B5-4FC1203313EC}] => (Allow) S:\SteamLibrary\steamapps\common\Guild Wars 2\Gw2-64.exe (ArenaNet, LLc -> ArenaNet)
FirewallRules: [{0D95C999-477D-40C9-BEE3-24D1A5588BCF}] => (Allow) S:\SteamLibrary\steamapps\common\Guild Wars 2\Gw2-64.exe (ArenaNet, LLc -> ArenaNet)
FirewallRules: [TCP Query User{380DA648-D886-4BFB-99C5-D36806C53795}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{6319B85D-D4D9-4DF2-830D-1EA3F4A6D06E}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [TCP Query User{D7F49C42-CCAC-457B-8E34-DBB2C24316F7}E:\user\alex\downloads\unterrichtsmanager\windows\unterrichtsmanager.exe] => (Allow) E:\user\alex\downloads\unterrichtsmanager\windows\unterrichtsmanager.exe => Keine Datei
FirewallRules: [UDP Query User{446FF6C0-F776-4E12-B950-3FAADAC15FEB}E:\user\alex\downloads\unterrichtsmanager\windows\unterrichtsmanager.exe] => (Allow) E:\user\alex\downloads\unterrichtsmanager\windows\unterrichtsmanager.exe => Keine Datei
FirewallRules: [TCP Query User{977A0F72-CDF4-4EC9-A147-EB64C23799CF}P:\program files (x86)\unterrichtsmanager\windows\unterrichtsmanager.exe] => (Allow) P:\program files (x86)\unterrichtsmanager\windows\unterrichtsmanager.exe (Cornelsen Verlag GmbH -> Cornelsen Verlag GmbH)
FirewallRules: [UDP Query User{AF8BD17E-6C75-495B-ACA6-8BFF366BBB01}P:\program files (x86)\unterrichtsmanager\windows\unterrichtsmanager.exe] => (Allow) P:\program files (x86)\unterrichtsmanager\windows\unterrichtsmanager.exe (Cornelsen Verlag GmbH -> Cornelsen Verlag GmbH)
FirewallRules: [{6748ED69-947A-48CD-A5C9-3AEB8D85B0D8}] => (Allow) C:\Users\Alex\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => Keine Datei
FirewallRules: [{CE3FC523-4FDB-4751-89C0-ED28069379DD}] => (Allow) C:\Users\Alex\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => Keine Datei
FirewallRules: [TCP Query User{737532F4-907B-4BE1-AB29-D4B8D101D551}S:\riot games\riot client\riotclientservices.exe] => (Allow) S:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{225D28AE-7CF8-48C2-BE06-45005B8382B6}S:\riot games\riot client\riotclientservices.exe] => (Allow) S:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{0776716C-5B07-4158-8269-2FA65110CD52}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FA56A093-7A67-4C25-8150-B07BBA9FF5DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{218111F7-1A37-4584-82A3-C6B2E881CB10}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79568202-274A-4765-95C6-39D709BB8970}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8FC51F0C-E6DD-4D5C-BB85-2E30D7647621}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3406.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{8AF52A6F-DDEB-44B1-9AEC-91F01FBF34D2}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{0C2E65FD-0C99-467D-BAEB-B69F379B1F87}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{9CB44479-4594-4163-8FD5-550C880B2E92}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
18-01-2023 21:17:52 DirectX wurde installiert
28-01-2023 15:22:25 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/12/2023 12:12:14 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-U40FNCE$ über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 11 Feb 2023 23:12:12 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 9c8d6e8d-3396-4928-958f-38a22ab02479
Methode: GET(250ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (02/12/2023 12:10:09 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6784,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/11/2023 11:52:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11928,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/11/2023 11:47:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5944,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (02/11/2023 10:55:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm PhoneExperienceHost.exe Version 1.22112.142.0 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 8f0
Startzeit: 01d93e5d00a321d7
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
Bericht-ID: a65c2d84-84f0-457f-a1bb-95ac1b1cd21e
Vollständiger Name des fehlerhaften Pakets: Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe
Relative Anwendungs-ID des fehlerhaften Pakets: App
Absturztyp: Quiesce
Error: (02/11/2023 10:39:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: msedge_pwa_launcher.exe, Version: 110.0.1587.41, Zeitstempel: 0x63e3fb60
Name des fehlerhaften Moduls: msedge_pwa_launcher.exe, Version: 110.0.1587.41, Zeitstempel: 0x63e3fb60
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000000000039e0e
ID des fehlerhaften Prozesses: 0x15e8
Startzeit der fehlerhaften Anwendung: 0x01d93e615b7e9139
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft\Edge\Application\110.0.1587.41\msedge_pwa_launcher.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Microsoft\Edge\Application\110.0.1587.41\msedge_pwa_launcher.exe
Berichtskennung: 523b0527-5d60-4f78-bac4-d2fb51bec95c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/11/2023 10:08:21 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-U40FNCE$ über https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
Methode: GET(31ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (02/11/2023 09:58:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20184,R,98) TILEREPOSITORYS-1-5-18: Fehler -1023 (0xfffffc01) beim Öffnen von Protokolldatei C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Systemfehler:
=============
Error: (02/12/2023 12:11:33 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-U40FNCE)
Description: Der Server "{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/11/2023 11:25:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office Click-to-Run Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2023 11:25:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "LGHUB Updater Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2023 11:25:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "PDF24" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2023 11:25:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Realtek Audio Universal Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2023 11:23:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Synapse Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.
Error: (02/11/2023 11:23:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Razer Game Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/11/2023 11:23:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Razer Central Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
================
Date: 2023-02-12 00:12:31
Description:
Controlled Folder Access blocked P:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe from making changes to memory.
Detection time: 2023-02-11T23:12:31.443Z
Path: \Device\CdRom0
Process Name: P:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe
Security intelligence Version: 1.381.3455.0
Engine Version: 1.1.19900.2
Product Version: 4.18.2211.5
Date: 2023-02-11 23:19:32
Description:
C:\Program Files\Mozilla Firefox\firefox.exe has been blocked from modifying E:\User\Alex\Favoriten by Controlled Folder Access.
Detection time: 2023-02-11T22:19:32.586Z
Path: E:\User\Alex\Favoriten
Process Name: C:\Program Files\Mozilla Firefox\firefox.exe
Security intelligence Version: 1.381.3453.0
Engine Version: 1.1.19900.2
Product Version: 4.18.2211.5
Date: 2023-02-11 23:08:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Date: 2023-02-11 22:18:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
Date: 2023-02-10 19:43:05
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Schnellüberprüfung
CodeIntegrity:
===============
Date: 2023-01-11 09:48:27
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume9\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
BIOS: American Megatrends International, LLC. F15d 07/20/2022
Hauptplatine: Gigabyte Technology Co., Ltd. B550 AORUS PRO
Prozessor: AMD Ryzen 7 3700X 8-Core Processor
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 16288 MB
Verfügbarer physikalischer RAM: 10049.9 MB
Summe virtueller Speicher: 18720 MB
Verfügbarer virtueller Speicher: 9443.64 MB
==================== Laufwerke ================================
Drive b: (Backup) (Fixed) (Total:111.79 GB) (Free:53.28 GB) (Model: Samsung SSD 840 EVO 120GB) NTFS
Drive c: (System) (Fixed) (Total:164.89 GB) (Free:100.34 GB) (Model: Samsung SSD 970 EVO 500GB) NTFS
Drive e: (Medien, Dokumente & mehr) (Fixed) (Total:447.11 GB) (Free:393.71 GB) (Model: CT480BX300SSD1) NTFS
Drive f: () (Removable) (Total:3.76 GB) (Free:3.75 GB) FAT
Drive p: (Programme) (Fixed) (Total:299.75 GB) (Free:293.61 GB) (Model: Samsung SSD 970 EVO 500GB) NTFS
Drive s: (Spiele) (Fixed) (Total:931.5 GB) (Free:601.49 GB) (Model: Samsung SSD 990 PRO 1TB) NTFS
\\?\Volume{a66cb7e5-967b-407a-8041-4b686efcc1a9}\ (Wiederherstellung) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{9c345bbd-152d-4b43-af72-8c2331fdcde3}\ () (Fixed) (Total:0.58 GB) (Free:0.08 GB) NTFS
\\?\Volume{977da1a0-4a7b-490c-8ed8-2ed39e81f9bd}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: EE767D15)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 3 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 4 (Size: 3.8 GB) (Disk ID: 6E652072)
No partition Table on disk 4.
==================== Ende von Addition.txt =======================
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 12.02.23
Scan-Zeit: 00:14
Protokolldatei: e1c04f18-aa61-11ed-b90d-001a7dda7111.json
-Softwaredaten-
Version: 4.5.22.236
Komponentenversion: 1.0.1909
Version des Aktualisierungspakets: 1.0.65586
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.2486)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-U40FNCE\Alex
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 310333
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 0 Min., 21 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-08-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-11-2023
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2486)
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Alex\AppData\Local\Startfenster
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1465 octets] - [11/02/2023 23:23:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
|
| Themen zu Fernsteuerung des PC wärend de Browser geöffnet war |
| administrator, adobe, antivirus, browser, defender, failed, fernsteuerung, firefox, firewall, google, internet, internet explorer, mozilla, neustart, performance, port, prozesse, realtek, registry, rundll, scan, svchost.exe, system, teamspeak, temp, windows |
Baum-Darstellung