| |
| |||||||
Log-Analyse und Auswertung: Defender meldet "HackTool:Win32/Keygen"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
02.04.2023, 21:14
| #1 |
| |  Defender meldet "HackTool:Win32/Keygen" Hallo zusammen, vielleicht kann mir hier jemand helfen. Mein Windows Defender findet immer oben genannten Trojaner. Laut Defender liegt die Datei unter: file: C:\$Recycle.Bin\S-1-5-21-3028042727-1601340073-3460995305-1001\$R7G6O11.exe Allerdings ist dieser Pfad bereits vor Ewigkeiten gelöscht und nicht mehr im System. Ich habe dann noch zusätzlich den adwcleaner von Malwarebytes gestartet und der findet nichts dahingehend. Auch ein kurzzeitig installiertes Bitdefender konnte nichts identifizieren. Wenn ich für dieses Element eine Auswahl treffe, egal ob Quarantäne, zulassen oder löschen, passiert erstmal gar nichts und beim nächsten Suchverlauf wird keine neue Bedrohung gefunden, sondern nur die eine alte. Ist das ein false positive oder kann man die Meldung irgendwie löschen? Ich benutze ein Windows 11 Pro mit dem Build 22621.1413 auf 22H2 Würde mich über eine Antwort freeuen, Liebe Grüße |
|
02.04.2023, 21:42
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Defender meldet "HackTool:Win32/Keygen" Bitte die Hinweise für Hilfesuchende lesen und umsetzen.
__________________
__________________ |
|
02.04.2023, 22:05
| #3 |
| | Defender meldet "HackTool:Win32/Keygen" Mein Fehler, tut mir leid. Anbei die Logs von FRST und dem adwcleaner.
__________________FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-03-2023
durchgeführt von tibor (Administrator) auf DESKTOP-IMO4PF8 (Gigabyte Technology Co., Ltd. Z390 AORUS MASTER) (02-04-2023 22:52:23)
Gestartet von C:\Users\tibor\Desktop
Geladene Profile: tibor
Plattform: Microsoft Windows 11 Pro Version 22H2 22621.1413 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Brave
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.135\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.135\BraveCrashHandler64.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\sonar\SteelSeriesSonar.exe
(D:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(D:\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe ->) (Skutta, Kristjan -> ) D:\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <18>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\tibor\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\steam.exe
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\No-IP\ducservice.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_abf7e4e84f20581c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (Skutta, Kristjan -> ) D:\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(services.exe ->) (SplitmediaLabs Limited -> SplitmediaLabs Limited) C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3400.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3088752 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13129600 2023-03-27] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6957520 2023-03-17] (Adobe Inc. -> Adobe Systems Inc.) [Datei ist nicht signiert]
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CL-26-01E23384-EB44-43AB-B322-A3C2EEC20F2B] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-26-01E23384-EB44-43AB-B322-A3C2EEC20F2B\setuplauncher.exe" /run:Installer.exe /args:"/setup-folder:"CL-26-01E23384-EB44-43AB-B322-A3C2EEC (Der Dateneintrag hat 7 mehr Zeichen). (Keine Datei)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\Run: [XSplitVCam] => C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe [4297016 2022-11-25] (SplitmediaLabs Limited -> SplitmediaLabs)
HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2023-03-01] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\Run: [Steam] => D:\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-11-14] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\111.1.49.132\Installer\chrmstp.exe [2023-03-29] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2023-03-12]
ShortcutTarget: MEGAsync.lnk -> C:\Users\tibor\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01155BEF-AE36-4D9A-824D-31704873265D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {2165245D-8EF4-4CB4-AC6D-A81C4CA9FE23} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{20D8DFB6-23AE-4C61-B23F-4C93B2FF6F3C} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {23C7318E-63FB-4087-B1C2-2BB9B354E37D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Keine Datei)
Task: {3368AFFC-C43C-4716-BAB3-6A492EA4F3A4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3028042727-1601340073-3460995305-1001 => C:\Users\tibor\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2023-03-27] (Mega Limited -> )
Task: {52C1D6C0-A330-46AE-8331-6EDBB28014D8} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{29450763-DDF0-4D1C-A076-202101DE02B9} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {560A6824-E2CE-4C69-AB36-520059E8AF9C} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804312 2022-11-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {6386FB30-0654-4BEC-9943-C75917CEB97E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C15B309-8426-4C97-9E5C-FC815835435A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {77C9A4B8-38E9-4BB8-A01F-08FC0910918A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B54EAD9-D015-40AC-9366-AE251686350A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {94B37D32-4552-4937-A964-AE909ECE0042} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Keine Datei)
Task: {A19F327F-E82C-49E6-85EA-A2F58EE2D85B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Keine Datei)
Task: {AFBEA63C-DA6C-484D-A3F7-D284D0F6FA10} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B8D58D7F-059C-4759-B251-A76D1FFC52BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB8DA247-3553-4EC5-A332-017A5A496ABC} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [133905984 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Keine Datei)
Task: {D70608A8-21AA-44BE-92BE-993CA3557991} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (Keine Datei)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.98.1
Tcpip\..\Interfaces\{2ad81d18-4f33-4a09-9b59-dcb94483b5ae}: [DhcpNameServer] 192.168.98.1
Tcpip\..\Interfaces\{88d30982-66f7-4038-965d-a4593a95de16}: [DhcpNameServer] 192.168.98.1
Edge:
=======
Edge Profile: C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-01]
Edge StartupUrls: Default -> "hxxp://google.com/"
Edge Extension: (7TV) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-03-27]
Edge Extension: (Ban Checker for Steam) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2023-02-26]
Edge Extension: (uBlock Origin) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-03-27]
Edge Extension: (Steam Inventory Helper) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2023-03-22]
Edge Extension: (AHA Music - Song Finder für Browser) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejfccgmelcclnoadalcepdmnpgcnglfc [2023-02-26]
Edge Extension: (FrankerFaceZ) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2023-02-26]
Edge Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2023-02-26]
Edge Extension: (Cookie AutoDelete) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhcgjolkccmbidfldomjliifgaodjagh [2023-02-26]
Edge Extension: (Return YouTube Dislike) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-02-26]
Edge Extension: (BetterTTV) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2023-03-02]
Edge Extension: (MyJDownloader Browser Erweiterung) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ieapabanbplofifeaapjocpaogdhncdd [2023-02-26]
Edge Extension: (Bitwarden - Kostenloser Passwortmanager) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbkfoedolllekgbhcbcoahefnbanhhlh [2023-03-23]
Edge Extension: (Twitch Channel Points Auto Clicker) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jdpblpklojajpopllbckephjndibljbc [2023-02-26]
Edge Extension: (SponsorBlock für YouTube - Überspringe gesponserte Videosegmente) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mnjggcdmjocbbbhaepdhchncahnbgone [2023-03-14]
Edge Extension: (MetaMask) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-03-29]
Edge Extension: (I don't care about cookies) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oholpbloipjbbhlhohaebmieiiieioal [2023-02-26]
Edge Extension: (SMG music display) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\onebnnoonaadbbdoanmpehnfmhdolmgh [2023-02-26]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Brave:
=======
BRA Profile: C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-04-02]
BRA Extension: (7TV) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-03-31]
BRA Extension: (Ban Checker for Steam) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2023-02-26]
BRA Extension: (Steam Inventory Helper) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2023-03-21]
BRA Extension: (AHA Music - Song Finder für Browser) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2023-02-27]
BRA Extension: (FrankerFaceZ) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2023-02-26]
BRA Extension: (MyJDownloader Browser Erweiterung) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2023-03-23]
BRA Extension: (Return YouTube Dislike) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-02-26]
BRA Extension: (SponsorBlock für YouTube - Überspringe gesponserte Videosegmente) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mnjggcdmjocbbbhaepdhchncahnbgone [2023-03-14]
BRA Extension: (MetaMask) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-03-29]
BRA Extension: (Bitwarden - Kostenloser Passwortmanager) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2023-02-26]
BRA Extension: (SMG music display) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\onebnnoonaadbbdoanmpehnfmhdolmgh [2023-02-26]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-04-02]
BRA Extension: (Brave NTP background images) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-02-26]
BRA Extension: (Brave Ads Resources) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\bbefpembgddgdihpkcidgdgiojjlchji [2023-03-22]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications List (plaintext))) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-04-02]
BRA Extension: (Wallet Data Files Updater) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-03-27]
BRA Extension: (Brave Ad Block Updater (Easylist-Cookie List - Filter Obtrusive Cookie Notices (plaintext))) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-04-02]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-03-31]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-04-02]
BRA Extension: (Brave Ads Resources) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\jcncoheihebhhiemmbmpfhkceomfipbj [2023-03-22]
BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2023-04-02]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-03-16]
BRA Extension: (Brave NTP sponsored images) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2023-04-02]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-03-29]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-26] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-26] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761408 2023-03-10] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2023-03-10] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.)
R3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2023-03-08] (Microsoft Windows -> Microsoft Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10209536 2023-03-01] (Logitech Inc -> Logitech, Inc.)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert]
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [381504 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [252176 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35200 2023-03-27] (SteelSeries ApS -> )
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11060856 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
R2 Wallpaper Engine Service; D:\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [134752 2022-10-24] (Skutta, Kristjan -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [140376 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
S3 XSplit_VCam_Updater; C:\Program Files\XSplit\VCam\XSplit_VCam_Updater.exe [3210040 2022-11-25] (SplitmediaLabs Limited -> XSplit)
R2 XSpltVidSvc; C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe [266040 2022-11-25] (SplitmediaLabs Limited -> SplitmediaLabs Limited)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\111.1.49.132\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_abf7e4e84f20581c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_abf7e4e84f20581c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 atvi-randgrid_sr; D:\Steam\steamapps\common\Call of Duty HQ\randgrid.sys [3311416 2023-02-13] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2023-03-08] (Microsoft Windows -> Microsoft Corporation)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2023-03-01] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-03-01] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2023-03-01] (Logitech Inc -> Logitech)
R3 MpKsl67ec4e47; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{091FF18B-CAE3-4151-8C1D-3637036B4E46}\MpKslDrv.sys [211208 2023-04-02] (Microsoft Windows -> Microsoft Corporation)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [42912 2023-01-17] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22292248 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49608 2023-03-27] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [495896 2023-03-27] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-27] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
R3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [244272 2022-10-14] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-04-02 22:52 - 2023-04-02 22:52 - 000030396 _____ C:\Users\tibor\Desktop\FRST.txt
2023-04-02 22:52 - 2023-04-02 22:52 - 000000000 ____D C:\FRST
2023-04-02 22:51 - 2023-04-02 22:51 - 002379264 _____ (Farbar) C:\Users\tibor\Desktop\FRST64.exe
2023-04-02 22:49 - 2023-04-02 22:49 - 000000000 ____D C:\Users\tibor\Downloads\Neuer Ordner
2023-04-02 22:09 - 2023-04-02 22:09 - 000720948 _____ C:\WINDOWS\system32\perfh007.dat
2023-04-02 22:09 - 2023-04-02 22:09 - 000149040 _____ C:\WINDOWS\system32\perfc007.dat
2023-04-02 22:00 - 2023-04-02 22:03 - 000000008 __RSH C:\ProgramData\ntuser.pol
2023-04-02 21:57 - 2023-04-02 21:57 - 000000000 ____D C:\ProgramData\Adobe
2023-04-01 23:29 - 2023-04-01 23:29 - 000083952 _____ C:\ProgramData\agent.uninstall.1680384541.bdinstall.v2.bin
2023-04-01 23:27 - 2023-04-01 23:27 - 000435048 _____ C:\ProgramData\cl.uninstall.1680384420.bdinstall.v2.bin
2023-04-01 22:07 - 2023-04-01 22:07 - 000000318 _____ C:\WINDOWS\system32\httpproxy.json
2023-04-01 22:07 - 2023-04-01 22:07 - 000000027 _____ C:\WINDOWS\system32\ctc.json
2023-04-01 21:45 - 2023-04-01 21:45 - 000628544 _____ C:\ProgramData\cl.1680378251.bdinstall.v2.bin
2023-04-01 21:45 - 2023-04-01 21:45 - 000113788 _____ C:\ProgramData\cl.kit.1680378249.bdinstall.v2.bin
2023-04-01 21:45 - 2023-04-01 21:45 - 000000000 ____D C:\WINDOWS\system32\elambkup
2023-04-01 21:45 - 2023-04-01 21:45 - 000000000 ____D C:\ProgramData\Gemma
2023-04-01 21:45 - 2023-04-01 21:45 - 000000000 ____D C:\ProgramData\BDLogging
2023-04-01 21:45 - 2023-04-01 21:45 - 000000000 ____D C:\ProgramData\Atc
2023-04-01 21:43 - 2023-04-01 21:43 - 000159056 _____ C:\ProgramData\agent.1680378196.bdinstall.v2.bin
2023-04-01 21:43 - 2023-04-01 21:43 - 000000000 ____D C:\Users\tibor\AppData\Local\Bitdefender
2023-04-01 21:43 - 2023-04-01 21:43 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2023-03-29 23:37 - 2023-03-29 23:37 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-03-29 22:34 - 2023-03-29 22:34 - 008791352 _____ (Malwarebytes) C:\Users\tibor\Desktop\adwcleaner.exe
2023-03-29 22:34 - 2023-03-29 22:34 - 000000000 ____D C:\AdwCleaner
2023-03-27 22:29 - 2023-03-27 22:29 - 000000890 _____ C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2023-03-27 22:29 - 2023-03-27 22:29 - 000000842 _____ C:\Users\tibor\Desktop\Start Tor Browser.lnk
2023-03-27 22:28 - 2023-03-27 22:29 - 000000000 ____D C:\Users\tibor\Desktop\Tor Browser
2023-03-27 22:18 - 2023-03-27 22:43 - 000000000 ____D C:\Users\tibor\AppData\Roaming\calibre
2023-03-27 22:18 - 2023-03-27 22:25 - 000000000 ____D C:\Users\tibor\AppData\Local\calibre-cache
2023-03-27 22:18 - 2023-03-27 22:18 - 000001053 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2023-03-27 22:18 - 2023-03-27 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2023-03-27 22:18 - 2023-03-27 22:18 - 000000000 ____D C:\Program Files\Calibre2
2023-03-27 21:12 - 2023-03-27 21:12 - 000001297 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2023-03-27 21:12 - 2023-03-27 21:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2023-03-27 16:01 - 2023-03-27 16:00 - 201679931 _____ C:\Users\tibor\Downloads\vzdump-lxc-101-2023_03_27-16_00_17.tar.zst
2023-03-27 16:01 - 2023-03-27 15:59 - 861066542 _____ C:\Users\tibor\Downloads\vzdump-lxc-100-2023_03_27-15_59_19.tar.zst
2023-03-26 17:57 - 2023-03-26 17:57 - 000000000 ____D C:\Users\tibor\AppData\Local\VS Revo Group
2023-03-26 17:57 - 2023-03-26 17:57 - 000000000 ____D C:\ProgramData\VS Revo Group
2023-03-22 19:53 - 2023-03-22 19:53 - 000000000 ___HD C:\$WinREAgent
2023-03-22 19:41 - 2023-03-27 21:12 - 000002594 _____ C:\WINDOWS\system32\Tasks\SamsungMagician
2023-03-22 19:41 - 2023-03-27 21:06 - 000000000 ____D C:\Program Files (x86)\Samsung
2023-03-22 19:41 - 2023-03-27 21:04 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Samsung Magician
2023-03-22 19:41 - 2023-03-22 19:41 - 000000000 ____D C:\ProgramData\Samsung
2023-03-22 19:33 - 2023-03-22 19:33 - 000001841 _____ C:\Users\tibor\Desktop\CrystalDiskMark 8.lnk
2023-03-22 19:33 - 2023-03-22 19:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark8
2023-03-22 19:33 - 2023-03-22 19:33 - 000000000 ____D C:\Program Files\CrystalDiskMark8
2023-03-22 19:21 - 2023-03-22 19:21 - 000000000 ___HD C:\$SysReset
2023-03-22 19:12 - 2023-03-22 19:12 - 000000000 ___HD C:\Users\tibor\OneDrive\Dokumente\Rubbish
2023-03-22 19:12 - 2023-03-22 19:12 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\Visual Studio 2022
2023-03-22 19:12 - 2023-03-22 19:12 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\Klausur Beschaffungsmarketing
2023-03-22 19:12 - 2023-03-22 19:12 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\Dyson Sphere Program
2023-03-22 19:12 - 2023-03-22 19:12 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\Arduino
2023-03-22 19:12 - 2022-12-05 11:46 - 000051218 _____ C:\Users\tibor\OneDrive\Dokumente\yeet.pkt
2023-03-22 19:12 - 2022-12-01 13:44 - 000578457 _____ C:\Users\tibor\OneDrive\Dokumente\letter + CV.pdf
2023-03-22 19:12 - 2022-11-22 13:32 - 000001190 _____ C:\Users\tibor\OneDrive\Dokumente\SQL Aufgaben.sql
2023-03-22 19:12 - 2022-11-21 11:57 - 000000000 _____ C:\Users\tibor\OneDrive\Dokumente\Default.rdp
2023-03-22 19:12 - 2022-11-21 10:28 - 000041296 _____ C:\Users\tibor\OneDrive\Dokumente\test.pkt
2023-03-22 19:12 - 2022-08-30 12:18 - 000629420 _____ C:\Users\tibor\OneDrive\Dokumente\UmL - Kommunikationsdiagramm.pptx
2023-03-22 19:12 - 2022-08-23 10:50 - 000000800 _____ C:\Users\tibor\OneDrive\Dokumente\Mitarbeiterverwaltung.txt
2023-03-22 19:12 - 2022-08-23 10:43 - 000000788 _____ C:\Users\tibor\OneDrive\Dokumente\Mitarbeiterverwaltung.sql
2023-03-20 17:23 - 2023-03-21 16:27 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-03-20 17:21 - 2023-03-31 17:06 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Blitz
2023-03-20 17:21 - 2023-03-31 16:45 - 000002217 _____ C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2023-03-20 17:21 - 2023-03-31 16:45 - 000002209 _____ C:\Users\tibor\Desktop\Blitz.lnk
2023-03-20 17:21 - 2023-03-31 16:45 - 000000032 _____ C:\Users\tibor\AppData\Roaming\.machineId
2023-03-20 17:21 - 2023-03-31 16:45 - 000000000 ____D C:\Users\tibor\AppData\Local\blitz-updater
2023-03-17 22:03 - 2023-03-31 13:26 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-03-17 22:03 - 2023-03-25 13:43 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2023-03-17 22:03 - 2023-03-17 22:03 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-03-17 22:00 - 2023-03-17 22:00 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2023-03-17 22:00 - 2023-03-17 22:00 - 000000000 ____D C:\Program Files\Adobe
2023-03-17 21:58 - 2023-03-17 21:58 - 000000000 ____D C:\Users\tibor\AppData\Roaming\com.adobe.dunamis
2023-03-17 21:58 - 2023-03-17 21:58 - 000000000 ____D C:\Users\tibor\AppData\Local\SolidDocuments
2023-03-17 21:58 - 2023-03-17 21:58 - 000000000 ____D C:\Users\tibor\.ms-ad
2023-03-17 21:47 - 2023-03-17 21:48 - 000492311 _____ C:\Users\tibor\OneDrive\Dokumente\Aufhebungsvertrag_geschwärzt.pdf
2023-03-17 21:44 - 2023-03-17 21:44 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2023-03-17 21:44 - 2023-03-17 21:44 - 000000000 ____D C:\Users\tibor\AppData\LocalLow\NVIDIA
2023-03-17 21:40 - 2023-03-18 14:41 - 000000000 ____D C:\Users\tibor\AppData\Local\Adobe
2023-03-17 21:40 - 2023-03-17 22:01 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-03-17 21:40 - 2023-03-17 22:00 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-03-17 21:40 - 2023-03-17 21:44 - 000000000 ____D C:\Users\tibor\AppData\LocalLow\Adobe
2023-03-17 21:36 - 2023-03-17 21:36 - 000000000 ____D C:\Users\tibor\AppData\Roaming\WinRAR
2023-03-17 21:36 - 2023-03-17 21:36 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-03-17 21:36 - 2023-03-17 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-03-17 21:36 - 2023-03-17 21:36 - 000000000 ____D C:\Program Files\WinRAR
2023-03-17 21:32 - 2023-04-02 20:53 - 000000000 ____D C:\Users\tibor\AppData\Local\JDownloader 2.0
2023-03-17 21:32 - 2023-03-17 21:32 - 000002132 _____ C:\Users\tibor\Desktop\JDownloader 2.lnk
2023-03-17 21:32 - 2023-03-17 21:32 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2023-03-17 21:31 - 2023-03-17 21:31 - 000000000 ____D C:\Users\tibor\AppData\Local\Adaware
2023-03-17 21:29 - 2023-03-17 21:29 - 000435879 _____ C:\Users\tibor\OneDrive\Dokumente\Aufhebungsvertrag.pdf
2023-03-17 21:15 - 2023-03-17 21:15 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-03-17 21:15 - 2023-03-17 21:15 - 000000028 ____H C:\.GamingRoot
2023-03-17 21:15 - 2023-03-17 21:15 - 000000000 ____D C:\XboxGames
2023-03-17 21:15 - 2023-03-17 21:15 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2023-03-17 21:15 - 2023-03-17 21:15 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2023-03-17 21:05 - 2023-03-17 21:05 - 000000000 ____D C:\Users\tibor\AppData\Local\INetHistory
2023-03-16 22:17 - 2023-04-02 18:41 - 000000000 ____D C:\WINDOWS\Minidump
2023-03-12 14:46 - 2023-03-12 14:46 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\MEGAsync
2023-03-12 14:45 - 2023-03-27 21:14 - 000000000 ____D C:\Users\tibor\AppData\Local\MEGAsync
2023-03-12 14:45 - 2023-03-12 14:45 - 000001129 _____ C:\Users\tibor\Desktop\MEGAsync.lnk
2023-03-12 14:45 - 2023-03-12 14:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\MEGA
2023-03-12 14:45 - 2023-03-12 14:45 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2023-03-12 14:45 - 2023-03-12 14:45 - 000000000 ____D C:\Users\tibor\AppData\Local\Mega Limited
2023-03-11 21:04 - 2023-03-29 22:30 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2023-03-11 00:26 - 2023-03-11 00:26 - 000000000 ____D C:\Users\tibor\AppData\Local\Embark
2023-03-11 00:17 - 2023-03-11 00:17 - 000000000 ____D C:\Users\tibor\AppData\Roaming\EasyAntiCheat
2023-03-11 00:17 - 2023-03-11 00:17 - 000000000 ____D C:\Users\tibor\AppData\Local\Discovery
2023-03-11 00:17 - 2023-03-11 00:17 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2023-03-10 23:47 - 2023-03-10 23:47 - 000000203 _____ C:\Users\tibor\Desktop\THE FINALS PLAYTEST.url
2023-03-10 21:21 - 2023-03-27 16:02 - 000000128 _____ C:\Users\tibor\AppData\Roaming\winscp.rnd
2023-03-10 21:21 - 2023-03-10 21:21 - 000001168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2023-03-10 21:21 - 2023-03-10 21:21 - 000001156 _____ C:\Users\Public\Desktop\WinSCP.lnk
2023-03-10 21:21 - 2023-03-10 21:21 - 000000000 ____D C:\Program Files (x86)\WinSCP
2023-03-10 21:13 - 2023-03-10 21:13 - 000002668 _____ C:\Users\tibor\Desktop\Word 2016.lnk
2023-03-10 21:13 - 2023-03-10 21:13 - 000002654 _____ C:\Users\tibor\Desktop\PowerPoint 2016.lnk
2023-03-10 21:04 - 2023-03-31 13:26 - 000002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2023-03-10 21:04 - 2023-03-31 13:26 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2023-03-10 21:04 - 2023-03-31 13:26 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2023-03-10 21:04 - 2023-03-25 13:43 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2023-03-10 21:04 - 2023-03-16 22:18 - 000002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2023-03-10 21:04 - 2023-03-10 21:04 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2023-03-10 21:04 - 2023-03-10 21:04 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2023-03-10 21:04 - 2023-03-10 21:04 - 000002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2023-03-10 21:04 - 2023-03-10 21:04 - 000002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ____D C:\WINDOWS\SHELLNEW
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ____D C:\WINDOWS\PCHEALTH
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ____D C:\Users\tibor\AppData\Local\Microsoft Help
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2023-03-10 21:03 - 2023-03-10 21:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-03-10 21:03 - 2023-03-10 21:03 - 000000000 __RHD C:\MSOCache
2023-03-10 21:03 - 2023-03-10 21:03 - 000000000 ____D C:\Program Files\Microsoft Office
2023-03-09 23:41 - 2023-04-02 22:17 - 000003142 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2023-03-09 23:40 - 2023-03-09 23:40 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2023-03-09 23:40 - 2023-03-09 23:40 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2023-03-09 23:40 - 2023-03-09 23:40 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2023-03-09 23:39 - 2023-03-11 23:37 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2023-03-09 23:39 - 2023-03-09 23:39 - 000001159 _____ C:\Users\tibor\Desktop\MSI Afterburner.lnk
2023-03-09 23:39 - 2023-03-09 23:39 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2023-03-09 22:21 - 2023-03-09 22:21 - 000000000 ____D C:\Users\tibor\AppData\Roaming\NVIDIA
2023-03-09 17:29 - 2023-03-09 17:29 - 000000000 ____D C:\Users\tibor\Desktop\Valorant Agent Yoinker
2023-03-09 17:24 - 2023-03-31 13:26 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2023-03-09 17:24 - 2023-03-09 23:11 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Notepad++
2023-03-09 17:24 - 2023-03-09 17:25 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.11
2023-03-09 17:24 - 2023-03-09 17:24 - 000000865 _____ C:\Users\Public\Desktop\Notepad++.lnk
2023-03-09 17:24 - 2023-03-09 17:24 - 000000000 ____D C:\Users\tibor\AppData\Local\Package Cache
2023-03-09 17:24 - 2023-03-09 17:24 - 000000000 ____D C:\Program Files\Notepad++
2023-03-09 09:40 - 2023-04-02 22:09 - 001662892 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-09 09:40 - 2023-03-09 09:40 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-03-09 09:39 - 2023-03-09 09:39 - 000000020 ___SH C:\Users\tibor\ntuser.ini
2023-03-08 23:47 - 2023-04-02 22:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-08 23:47 - 2023-03-21 16:24 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-08 23:47 - 2023-03-21 16:24 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-08 23:47 - 2023-03-08 23:47 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2023-03-08 23:47 - 2023-03-08 23:47 - 000011433 _____ C:\WINDOWS\diagerr.xml
2023-03-08 23:47 - 2023-03-08 23:47 - 000003658 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA{20D8DFB6-23AE-4C61-B23F-4C93B2FF6F3C}
2023-03-08 23:47 - 2023-03-08 23:47 - 000003434 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore{29450763-DDF0-4D1C-A076-202101DE02B9}
2023-03-08 23:45 - 2023-04-02 19:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-08 23:45 - 2023-03-23 08:23 - 000472296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-08 23:45 - 2023-03-08 23:45 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2023-03-08 23:21 - 2023-04-02 19:17 - 000000000 ____D C:\Users\tibor
2023-03-08 23:21 - 2023-03-08 23:44 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Vorlagen
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Startmenü
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Netzwerkumgebung
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Lokale Einstellungen
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Eigene Dateien
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Druckumgebung
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\AppData\Local\Verlauf
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\AppData\Local\Anwendungsdaten
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Anwendungsdaten
2023-03-08 23:20 - 2023-03-08 23:21 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-03-08 23:20 - 2023-03-08 23:20 - 000000000 ____D C:\WINDOWS\system32\SteelSeries
2023-03-08 23:20 - 2023-03-08 23:20 - 000000000 ____D C:\WINDOWS\system32\DTS
2023-03-08 23:12 - 2023-03-08 23:12 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-03-08 23:12 - 2023-03-08 23:12 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-03-08 23:12 - 2023-03-08 23:12 - 000000000 ____D C:\WINDOWS\addins
2023-03-08 23:06 - 2023-03-08 23:06 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-03-08 22:54 - 2023-03-20 14:51 - 000000000 ___DC C:\WINDOWS\Panther
2023-03-08 22:51 - 2023-03-08 23:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2023-03-08 22:49 - 2023-02-25 12:20 - 002172472 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-03-08 22:49 - 2023-02-25 12:20 - 002172472 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-03-08 22:49 - 2023-02-25 12:20 - 001607736 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-03-08 22:49 - 2023-02-25 12:20 - 001607736 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-03-08 22:49 - 2023-02-25 12:20 - 001487872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-03-08 22:49 - 2023-02-25 12:20 - 001479216 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-03-08 22:49 - 2023-02-25 12:20 - 001479216 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-03-08 22:49 - 2023-02-25 12:20 - 001227264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-03-08 22:49 - 2023-02-25 12:20 - 001211488 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-03-08 22:49 - 2023-02-25 12:20 - 001211488 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-03-08 22:49 - 2023-02-25 12:15 - 000671784 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-03-08 22:49 - 2023-02-25 12:15 - 000506392 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-03-08 22:49 - 2023-02-25 12:14 - 001534440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-03-08 22:49 - 2023-02-25 12:14 - 001193000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-03-08 22:49 - 2023-02-25 12:14 - 000851432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-03-08 22:49 - 2023-02-25 12:13 - 002163688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-03-08 22:49 - 2023-02-25 12:13 - 001619968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-03-08 22:49 - 2023-02-25 12:13 - 000978432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-03-08 22:49 - 2023-02-25 12:13 - 000758272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-03-08 22:49 - 2023-02-25 12:13 - 000741352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-03-08 22:49 - 2023-02-25 12:12 - 013765632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-03-08 22:49 - 2023-02-25 12:12 - 011645992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-03-08 22:49 - 2023-02-25 12:12 - 006083568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-03-08 22:49 - 2023-02-25 12:12 - 005911552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-03-08 22:49 - 2023-02-25 12:12 - 005835304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-03-08 22:49 - 2023-02-25 12:12 - 003429872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-03-08 22:49 - 2023-02-25 12:12 - 000458280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-03-08 22:49 - 2023-02-25 12:11 - 000853544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-03-08 22:49 - 2023-02-25 12:05 - 007924736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-03-08 22:49 - 2023-02-25 12:05 - 006788480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-03-08 22:49 - 2023-02-25 04:00 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2023-03-08 22:49 - 2023-02-25 04:00 - 000104256 _____ C:\WINDOWS\system32\nvinfo.pb
2023-03-06 17:23 - 2023-03-06 14:44 - 000501067 _____ C:\Users\tibor\OneDrive\Dokumente\handreichung-it-berufe-data.pdf
2023-03-05 19:01 - 2023-03-05 19:01 - 000000000 ____D C:\Users\tibor\AppData\Local\GolfIt
2023-03-05 18:58 - 2023-03-10 23:47 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-03-05 18:58 - 2023-03-05 18:58 - 000000202 _____ C:\Users\tibor\Desktop\Golf It!.url
2023-03-05 16:54 - 2023-03-26 18:17 - 000012288 _____ C:\Users\tibor\AppData\Roaming\emp.bin
2023-03-05 12:44 - 2023-03-08 23:44 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2023-03-05 12:44 - 2023-03-05 12:44 - 000000000 ____D C:\Users\tibor\AppData\Local\Vitalwerks
2023-03-05 12:44 - 2023-03-05 12:44 - 000000000 ____D C:\ProgramData\Vitalwerks
2023-03-05 12:44 - 2023-03-05 12:44 - 000000000 ____D C:\Program Files (x86)\No-IP
2023-03-04 17:38 - 2023-03-04 19:28 - 000000128 _____ C:\Users\tibor\AppData\Local\PUTTY.RND
2023-03-04 17:37 - 2023-03-08 23:44 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
2023-03-04 17:37 - 2023-03-04 17:37 - 000001113 _____ C:\Users\tibor\Desktop\PuTTY.lnk
2023-03-04 17:37 - 2023-03-04 17:37 - 000000000 ____D C:\Program Files\PuTTY
2023-03-04 17:36 - 2023-03-04 17:36 - 000000000 ____D C:\Users\tibor\.ssh
2023-03-04 13:55 - 2023-03-04 13:55 - 000000000 ____D C:\Users\tibor\AppData\Local\Rocket League
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-04-02 22:52 - 2023-02-26 21:21 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2023-04-02 22:49 - 2023-03-01 18:22 - 000000000 ____D C:\Users\tibor\AppData\Roaming\lghub
2023-04-02 22:49 - 2023-03-01 18:22 - 000000000 ____D C:\Users\tibor\AppData\Local\LGHUB
2023-04-02 22:49 - 2023-02-26 15:27 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-02 22:49 - 2023-02-26 15:16 - 000012288 ___SH C:\DumpStack.log.tmp
2023-04-02 22:49 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-04-02 22:49 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-02 22:17 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-04-02 22:09 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-04-02 21:59 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-04-02 21:58 - 2023-02-26 15:22 - 000000000 ____D C:\Users\tibor\AppData\Local\D3DSCache
2023-04-02 20:35 - 2023-02-26 15:36 - 000000000 ____D C:\Users\tibor\AppData\LocalLow\Mozilla
2023-04-02 20:35 - 2023-02-26 15:36 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-02 19:55 - 2023-02-26 21:42 - 000000000 ____D C:\Users\tibor\AppData\Roaming\TS3Client
2023-04-02 18:40 - 2023-02-26 15:16 - 001183998 ____N C:\WINDOWS\Minidump\040223-10546-01.dmp
2023-04-02 18:13 - 2023-02-26 21:27 - 000000000 ____D C:\Users\tibor\AppData\Local\Spotify
2023-04-02 18:12 - 2023-02-26 21:27 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Spotify
2023-04-02 17:56 - 2023-02-26 21:40 - 000002231 _____ C:\Users\tibor\Desktop\Discord.lnk
2023-04-02 17:56 - 2023-02-26 21:40 - 000000000 ____D C:\Users\tibor\AppData\Roaming\discord
2023-04-02 17:56 - 2023-02-26 21:40 - 000000000 ____D C:\Users\tibor\AppData\Local\Discord
2023-04-01 23:38 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-01 23:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-01 23:27 - 2023-02-26 15:22 - 000000000 ____D C:\Users\tibor\AppData\Local\Packages
2023-04-01 23:27 - 2023-02-26 15:22 - 000000000 ____D C:\ProgramData\Packages
2023-04-01 21:45 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-04-01 21:44 - 2023-02-26 15:54 - 000000000 ____D C:\ProgramData\Riot Games
2023-04-01 21:35 - 2023-02-26 15:16 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-31 13:26 - 2023-02-26 15:42 - 000000791 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-03-31 13:26 - 2023-02-26 15:26 - 000002356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-03-31 13:22 - 2023-02-26 15:24 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\Sicherheitsschlüssel
2023-03-31 13:21 - 2023-02-26 15:16 - 001045694 ____N C:\WINDOWS\Minidump\033123-11093-01.dmp
2023-03-29 22:26 - 2023-02-26 15:24 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\Bewerbungen
2023-03-29 21:31 - 2023-02-26 15:26 - 000002315 _____ C:\Users\Public\Desktop\Brave.lnk
2023-03-29 16:33 - 2023-03-01 18:16 - 000000000 ____D C:\Users\tibor\AppData\Roaming\steelseries-gg-client
2023-03-27 21:23 - 2023-02-26 15:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-03-26 19:39 - 2023-02-26 15:54 - 000000000 ____D C:\Users\tibor\AppData\Local\CrashDumps
2023-03-23 08:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-23 08:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-22 21:51 - 2023-02-26 15:34 - 000000000 ____D C:\Users\tibor\AppData\Local\Battle.net
2023-03-22 19:56 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-21 16:27 - 2023-02-26 15:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-20 17:27 - 2023-02-26 15:35 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-03-18 14:39 - 2023-02-26 15:22 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Adobe
2023-03-17 21:49 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-03-17 21:47 - 2023-02-26 15:24 - 000000000 ____D C:\Users\tibor\AppData\Local\PlaceholderTileLogoFolder
2023-03-16 22:17 - 2023-02-26 15:57 - 000000000 ____D C:\Program Files\Riot Vanguard
2023-03-16 22:17 - 2023-02-26 15:16 - 002137398 ____N C:\WINDOWS\Minidump\031623-11890-01.dmp
2023-03-16 22:10 - 2023-02-28 21:47 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-03-16 21:23 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-03-15 21:57 - 2023-02-26 15:40 - 000000000 ____D C:\Users\tibor\AppData\Roaming\obs-studio
2023-03-15 20:25 - 2023-02-26 21:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-15 20:24 - 2023-02-26 21:22 - 153620824 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-03-13 23:39 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-13 20:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WebThreatDefSvc
2023-03-12 15:43 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\OCR
2023-03-12 15:29 - 2023-02-26 15:23 - 000000000 ___RD C:\Users\tibor\OneDrive
2023-03-11 21:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\appcompat
2023-03-11 21:06 - 2023-02-28 21:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-03-11 00:17 - 2023-02-26 15:42 - 000000000 ____D C:\Users\tibor\AppData\Local\UnrealEngine
2023-03-10 23:27 - 2022-05-07 12:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-03-10 21:04 - 2019-12-07 11:14 - 000000167 _____ C:\WINDOWS\win.ini
2023-03-10 21:03 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-03-10 16:29 - 2023-02-26 21:42 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2023-03-10 16:25 - 2023-02-26 15:45 - 000001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMG Music Display.lnk
2023-03-10 12:39 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-03-09 17:24 - 2023-02-26 15:27 - 000000000 ____D C:\ProgramData\Package Cache
2023-03-09 15:39 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2023-03-09 15:24 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-03-09 09:41 - 2023-02-26 15:24 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\The Witcher 3
2023-03-09 09:39 - 2023-02-26 15:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-03-09 09:39 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows NT
2023-03-08 23:47 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows Defender
2023-03-08 23:46 - 2022-05-07 07:24 - 000000000 __RHD C:\Users\Public\Libraries
2023-03-08 23:45 - 2022-05-07 07:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-03-08 23:44 - 2023-03-01 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2023-03-08 23:44 - 2023-02-26 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2023-03-08 23:44 - 2023-02-26 21:40 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-03-08 23:44 - 2023-02-26 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tuna
2023-03-08 23:44 - 2023-02-26 15:55 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-03-08 23:44 - 2023-02-26 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-03-08 23:44 - 2023-02-26 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\spectralizer
2023-03-08 23:44 - 2023-02-26 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2023-03-08 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-03-08 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\spool
2023-03-08 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2023-03-08 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-03-08 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-03-08 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-03-08 23:24 - 2022-05-07 07:28 - 000000000 ____D C:\WINDOWS\Setup
2023-03-08 23:22 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-03-08 23:21 - 2023-03-01 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2023-03-08 23:19 - 2022-05-07 12:39 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemApps
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-03-08 23:18 - 2022-05-07 07:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-03-08 23:18 - 2022-05-07 07:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-03-08 23:12 - 2022-05-07 12:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-03-08 23:12 - 2022-05-07 12:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-03-08 23:12 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-03-08 23:12 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-03-08 23:12 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-03-08 23:12 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-03-08 23:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-03-08 23:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-03-08 23:12 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-03-08 23:11 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-03-08 23:11 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-03-08 23:11 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-03-08 23:11 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-03-08 23:11 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-03-08 23:11 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-03-08 23:11 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-03-08 23:11 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-03-08 23:11 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-03-08 23:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\IME
2023-03-08 23:04 - 2023-02-26 15:27 - 000000000 ____D C:\Users\tibor\AppData\Local\NVIDIA
2023-03-08 22:51 - 2023-02-26 15:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-03-08 22:46 - 2023-02-26 15:27 - 000000000 ____D C:\Users\tibor\AppData\Local\NVIDIA Corporation
2023-03-08 22:46 - 2023-02-26 15:27 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-03-08 22:46 - 2023-02-26 15:26 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-03-04 13:55 - 2023-02-26 15:42 - 000000000 ____D C:\Users\tibor\AppData\Local\Epic Games
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-03-20 17:21 - 2023-03-31 16:45 - 000000032 _____ () C:\Users\tibor\AppData\Roaming\.machineId
2023-03-05 16:54 - 2023-03-26 18:17 - 000012288 _____ () C:\Users\tibor\AppData\Roaming\emp.bin
2023-03-10 21:21 - 2023-03-27 16:02 - 000000128 _____ () C:\Users\tibor\AppData\Roaming\winscp.rnd
2023-03-17 21:40 - 2023-03-17 21:40 - 000000410 _____ () C:\Users\tibor\AppData\Local\oobelibMkey.log
2023-03-04 17:38 - 2023-03-04 19:28 - 000000128 _____ () C:\Users\tibor\AppData\Local\PUTTY.RND
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-03-2023
durchgeführt von tibor (02-04-2023 22:53:34)
Gestartet von C:\Users\tibor\Desktop
Microsoft Windows 11 Pro Version 22H2 22621.1413 (X64) (2023-03-09 07:39:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-3028042727-1601340073-3460995305-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3028042727-1601340073-3460995305-503 - Limited - Disabled)
Gast (S-1-5-21-3028042727-1601340073-3460995305-501 - Limited - Disabled)
tibor (S-1-5-21-3028042727-1601340073-3460995305-1001 - Administrator - Enabled) => C:\Users\tibor
WDAGUtilityAccount (S-1-5-21-3028042727-1601340073-3460995305-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blitz (HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 2.1.9 - Blitz, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 111.1.49.132 - Die Brave-Autoren)
calibre 64bit (HKLM\...\{85C24C86-6D8A-43B1-B07B-D57A835990E4}) (Version: 6.14.1 - Kovid Goyal)
CrystalDiskMark 8.0.4c (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4c - Crystal Dew World)
Discord (HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\Discord) (Version: 1.0.9011 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{A7273EDD-4192-4A9C-9A96-8056EB2DFC76}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.2.376231 - Logitech)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Access MUI (German) 2016 (HKLM-x32\...\{90160000-0015-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2016 (HKLM-x32\...\{90160000-0090-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft Excel MUI (German) 2016 (HKLM-x32\...\{90160000-0016-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Groove MUI (German) 2016 (HKLM-x32\...\{90160000-00BA-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2016 (HKLM-x32\...\{90160000-0044-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2016 (HKLM\...\{90160000-002A-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM-x32\...\{90160000-001F-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2016 (HKLM-x32\...\{90160000-00E1-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2016 (HKLM-x32\...\{90160000-00E2-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (German) 2016 (HKLM-x32\...\{90160000-002C-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM-x32\...\{90160000-001F-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2016 (HKLM\...\{90160000-002A-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2016 (HKLM-x32\...\{90160000-006E-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2016 (HKLM-x32\...\{90160000-00A1-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2016 (HKLM-x32\...\{90160000-001A-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2016 (HKLM-x32\...\{90160000-0018-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2016 (HKLM-x32\...\{90160000-0019-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (German) 2016 (HKLM-x32\...\{90160000-012B-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2016 (HKLM-x32\...\{90160000-001B-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.8.0 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 102.9.0 (x64 de)) (Version: 102.9.0 - Mozilla)
MSI Afterburner 4.6.5 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.5 Beta 4 - MSI Co., LTD)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.5 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA Grafiktreiber 531.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.18 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.0.2 - OBS Project)
Outils de vérification linguistique 2016 de Microsoft Office*- Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PuTTY release 0.78 (64-bit) (HKLM\...\{4EEF2644-700F-46F8-9655-915145248986}) (Version: 0.78.0.0 - Simon Tatham)
Python 3.11.2 (64-bit) (HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\{4d5f29cf-3d3f-455f-bd47-5a52fb830b25}) (Version: 3.11.2150.0 - Python Software Foundation)
Python 3.11.2 Core Interpreter (64-bit) (HKLM\...\{0D38B9A4-4312-465D-A472-450BF75A0460}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Development Libraries (64-bit) (HKLM\...\{A15F08D3-26E4-4F0B-BA8B-ED59A52D6A02}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Documentation (64-bit) (HKLM\...\{1F5C7063-8305-4755-A643-32DE2BE966F9}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Executables (64-bit) (HKLM\...\{D6BE8071-9505-4EE4-9E42-916584C2D21C}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 pip Bootstrap (64-bit) (HKLM\...\{6E84DCAA-19DD-4560-AAE7-043EADF5C1F8}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Standard Library (64-bit) (HKLM\...\{6C19B2EE-FA34-4270-A87F-1FF008C1AC6E}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Tcl/Tk Support (64-bit) (HKLM\...\{6F13A394-E3EA-4585-9ADE-046B69F1F902}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Test Suite (64-bit) (HKLM\...\{83C32D05-F3C4-4D61-877E-0A4C6717E7DC}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Utility Scripts (64-bit) (HKLM\...\{6CE85987-8440-409D-BE75-F5128943F67B}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C28EE783-FA9C-4E09-910E-181A4A28C29C}) (Version: 3.11.2150.0 - Python Software Foundation)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
RivaTuner Statistics Server 7.3.4 Beta 6 (HKLM-x32\...\RTSS) (Version: 7.3.4 Beta 6 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.3.0.1100 - Samsung Electronics)
SMG Music Display version 2.26 (HKLM-x32\...\{931AA4E3-45FE-4182-B85D-A5AF229435B1}_is1) (Version: 2.26 - Streamsoft)
spectralizer version 1.3.4 (HKLM-x32\...\{e1cb7c35-233b-464c-99a9-472b8121c03e}_is1) (Version: 1.3.4 - univrsal)
Spotify (HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\Spotify) (Version: 1.2.8.923.g4f94bf0d - Spotify AB)
SteelSeries GG 35.0.0 (HKLM\...\SteelSeries GG) (Version: 35.0.0 - SteelSeries ApS)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM-x32\...\{90160000-001F-0410-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
tuna version 1.9.3 (HKLM-x32\...\{44b785ed-eef5-4b73-bef0-42ee3493c021}_is1) (Version: 1.9.3 - univrsal)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
WinSCP 5.21.7 (HKLM-x32\...\winscp3_is1) (Version: 5.21.7 - Martin Prikryl)
XSplit VCam (HKLM\...\{6BD233B7-74E3-4141-96D5-950A0BA410F9}) (Version: 4.1.2211.2501 - XSplit) Hidden
XSplit VCam (HKLM\...\XSplit VCam 4.1.2211.2501) (Version: 4.1.2211.2501 - XSplit)
Packages:
=========
Best Player -> C:\Program Files\WindowsApps\2949193320E78.BestPlayer8.1_7.6.4.0_x64__pg6a145mvhp7p [2023-03-04] (marios g.)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-03-12] (Microsoft Corp.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_143.1.1136.0_x64__v10z8vjag6ke6 [2023-03-10] (HP Inc.)
ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-03-12] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.60611.0_x64__8wekyb3d8bbwe [2023-03-29] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2023-03-09] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-12] (NVIDIA Corp.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-03-10] (Microsoft Windows)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-26] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-03-27] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x86__8wekyb3d8bbwe [2023-03-27] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-03-17] (0)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3028042727-1601340073-3460995305-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => Keine Datei
CustomCLSID: HKU\S-1-5-21-3028042727-1601340073-3460995305-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2301.22.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-3028042727-1601340073-3460995305-1001_Classes\CLSID\{D465A476-B453-4B66-90CD-015DE7766448} -> [Dokumente] => C:\Users\tibor\OneDrive\Dokumente [2023-02-26 15:24]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2023-03-06] (Notepad++ -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_abf7e4e84f20581c\nvshext.dll [2023-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2022-11-17 11:16 - 2022-11-17 11:16 - 000232960 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2022-11-17 11:15 - 2022-11-17 11:15 - 000059392 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2022-11-17 11:16 - 2022-11-17 11:16 - 000699904 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2022-11-17 11:15 - 2022-11-17 11:15 - 000074240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2022-11-17 11:16 - 2022-11-17 11:16 - 000371712 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2023-03-01 18:22 - 2023-03-01 18:22 - 000164864 _____ () [Datei ist nicht signiert] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node
2023-03-09 09:41 - 2022-11-07 12:17 - 000387072 _____ () [Datei ist nicht signiert] D:\Steam\bin\cef\cef.win7x64\libegl.dll
2023-03-09 09:41 - 2022-11-07 12:17 - 008052736 _____ () [Datei ist nicht signiert] D:\Steam\bin\cef\cef.win7x64\libglesv2.dll
2022-11-14 12:16 - 2022-11-14 12:16 - 000022016 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu
2023-01-17 22:52 - 2023-01-17 22:52 - 002146304 _____ (Holtek Semiconductor Inc.) [Datei ist nicht signiert] C:\Program Files\SteelSeries\GG\apps\engine\HIDDLL.dll
2023-01-17 22:52 - 2023-01-17 22:52 - 002284032 _____ (Holtek) [Datei ist nicht signiert] C:\Program Files\SteelSeries\GG\apps\engine\ISPDLL.dll
2022-06-23 02:43 - 2022-06-23 02:43 - 005979824 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\tibor\AppData\Local\MEGAsync\Qt5Core.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\xvc_installer.log:8A963300F2 [4298]
AlternateDataStreams: C:\ProgramData\xvc_installer.log:DD21A44D71 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk:B76C4E1157 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk:93337121EE [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk:CB61E089FA [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk:F9B57EE960 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk:159ADC9AA1 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk:99EC184B9D [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk:86E8B79B48 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk:21BFFA7D5A [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMG Music Display.lnk:00DBA3A738 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk:4D17D28237 [4298]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 11:14 - 2023-03-17 22:04 - 000002448 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm-prd-da1.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate-da1.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 uds.licenses.adobe.com
127.0.0.1 licenses.adobe.com
127.0.0.1 license.adobe.com
127.0.0.1 helpexamples.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 genuine.adobe.com
127.0.0.1 prod.adobegenuine.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm-prd-da1.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 practivate.adobe.com
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tibor\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg
DNS Servers: 192.168.98.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\StartupApproved\Run: => "XSplitVCam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{0B2241AE-FA37-4491-8A40-698C8A2A1E0F}D:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) D:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [TCP Query User{CB33BA7B-3A00-49F4-ABD9-2DDB05432EA4}D:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) D:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [{98025D92-D151-42AB-9202-CB3AE725F809}] => (Allow) D:\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{88460595-1F47-4C62-98A3-E35EC734DBFC}] => (Allow) D:\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{C9C1C259-C708-4FD7-9E23-CB6AAB389DAF}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{9F9EEC02-CA3E-49FC-B873-067E86E520B5}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{66D744FC-4665-4CED-8A6B-D2A28B02F078}] => (Allow) D:\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{3CC14C5E-9AFB-4882-A7D4-DF7B254F5DBC}] => (Allow) D:\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{C2185AD6-5F99-4D67-90A3-B8C9D800E0B2}C:\users\tibor\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tibor\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{17C29E4F-1759-44C3-B5FE-F46B3F1EDAD0}C:\users\tibor\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tibor\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11B58281-6B31-441D-8018-EF3CD2A3063C}] => (Allow) D:\Steam\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert]
FirewallRules: [{913F7EC4-77A4-47A7-B630-1C31551839F1}] => (Allow) D:\Steam\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert]
FirewallRules: [{4DFDDECA-AD23-4491-9795-F64CB6DCBF65}] => (Allow) D:\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{53769818-10A5-4E11-9731-953FC10952A2}] => (Allow) D:\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{53EB6176-2C23-4A62-8DEE-5A0DF6DBE248}D:\riot games\riot client\riotclientservices.exe] => (Allow) D:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{911D5D08-F471-4CFA-B519-C403FD569EB1}D:\riot games\riot client\riotclientservices.exe] => (Allow) D:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{66C1C3AA-58D6-412D-A1CD-81637F5F455E}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{047B79A4-144D-4CF1-A188-9E596D234941}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{FC7EA340-7E71-4FDD-8BC1-8B62159C0B29}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{2E0993CC-DD0E-4971-8E69-C00F641BDA44}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{68584998-EF36-40E3-8B6A-C8B9F893BB16}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{A414EF36-12EE-4C51-8602-A1FA1A6638C8}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [UDP Query User{3A5CA4E4-5964-427E-AF8C-3F6D435B9E58}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{7B41C42E-8DDF-4B95-9CF5-5AD630A1824E}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{C1EF3216-152B-4B2F-A353-0F897AC77C7C}C:\users\tibor\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\tibor\appdata\local\discord\app-1.0.9011\discord.exe => Keine Datei
FirewallRules: [TCP Query User{B5F6CCC2-B81B-448C-BA75-5D0EF5B7733F}C:\users\tibor\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\tibor\appdata\local\discord\app-1.0.9011\discord.exe => Keine Datei
FirewallRules: [UDP Query User{668D6D4C-7A77-4B76-954E-E403EE0BAD7A}C:\users\tibor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tibor\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{6D5E0A5B-15B8-456B-B8D1-2A6B77DF6DF1}C:\users\tibor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tibor\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{48B073BA-14BB-426B-AE3B-8DA0354FB084}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{F03CDECD-3A8F-4923-A366-1D13B1B92BF8}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{5CD493B5-8ABD-4523-9876-CDC5C6B2F89C}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4AEDACB1-4E03-474F-B71F-8D5925AB836E}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BA651CB9-28B0-4892-89D1-D025AB447B83}] => (Allow) D:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B4E52071-BB3E-46DC-AB4E-8411B34A6A00}] => (Allow) D:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2368414B-BBDA-46F6-8A42-6C70ED37E633}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B8FB8BB-B324-46C5-B7F1-1B76DA0F1208}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F72AB3ED-B021-46E2-89B0-2EAA88CB3136}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF3C4B20-DE28-4A36-A6AC-F22048222A68}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B219C73-B39B-4DEB-87EB-588EC0B712B7}] => (Allow) D:\Steam\steamapps\common\The Finals Playtest\Discovery.exe (Embark Studios AB -> Embark Studios AB)
FirewallRules: [{F4E40829-6C36-4799-906E-B8A837289210}] => (Allow) D:\Steam\steamapps\common\The Finals Playtest\Discovery.exe (Embark Studios AB -> Embark Studios AB)
FirewallRules: [TCP Query User{7B3839BD-2B4C-4A8F-A2BE-775C3D5F5A35}C:\users\tibor\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\tibor\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{1868FAD9-30F1-472A-8DFD-3C6E3D712FDF}C:\users\tibor\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\tibor\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{159C1758-D541-41EE-B5D4-8E335B81ABDE}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23062.1103.1944.2725_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1570E449-23A2-4FC2-84A0-A5931E3E0421}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23062.1103.1944.2725_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D972E174-186D-4A0B-8894-4BBC72464323}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{362D3444-E3DE-4928-85F1-2B1418002C31}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe => Keine Datei
FirewallRules: [{C0E3C661-630E-4896-9B7A-1308F6D35057}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F68843AF-7A59-4734-A0CF-F0F4C899CC08}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{293CE62F-A89C-47A3-A8B1-38C8BDB8584F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FDBDD36-F51D-47AB-B226-5006F47B840E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0AC446C0-5B68-42E9-A226-3B9CC35329C7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
02-04-2023 20:50:26 Revo Uninstaller Pro's restore point - Adobe Acrobat (64-bit)
02-04-2023 21:01:56 Revo Uninstaller Pro's restore point - Revo Uninstaller Pro 5.1.1
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (04/02/2023 09:01:56 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {9fcaa8c0-719a-493d-b877-ee7cdc8737fb}
Error: (04/02/2023 08:53:54 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (04/02/2023 08:53:54 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (04/02/2023 08:50:26 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f1204cfa-2881-4a23-af72-4dd8b7bf2a4f}
Error: (04/02/2023 07:48:34 PM) (Source: Application Error) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Name der fehlerhaften Anwendung: SecurityHealthService.exe, Version: 10.0.22621.900, Zeitstempel: 0x45a7fb3f
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.22621.608, Zeitstempel: 0xf5fc15a3
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000007f61e
ID des fehlerhaften Prozesses: 0x0x33ac
Startzeit der fehlerhaften Anwendung: 0x0x1d9658720beb30c
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\SecurityHealthService.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ucrtbase.dll
Berichtskennung: de85d1f3-90a1-4579-8158-61c1763669aa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/02/2023 01:00:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (04/01/2023 11:28:24 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung Fehler in der Wiederherstellungsphase. beendet.
Kontext: Anwendung, SystemIndex Katalog
Details:
0x%08x (0x80040d23 - Gatherer wird heruntergefahren. (HRESULT : 0x80040d23))
Error: (04/01/2023 11:28:24 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Fehler-ID 1 in der Wiederherstellungsphase von Windows Search. Bitte starten Sie den Dienst erneut. Wenn dieser Fehler weiterhin besteht, führen Sie eine Neuerstellung des Index aus.
Kontext: Anwendung, SystemIndex Katalog
Details:
0x%08x (0x80040d23 - Gatherer wird heruntergefahren. (HRESULT : 0x80040d23))
Systemfehler:
=============
Error: (04/02/2023 10:00:03 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IMO4PF8)
Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/02/2023 08:59:11 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IMO4PF8)
Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/02/2023 08:24:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (04/02/2023 07:48:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Sicherheitsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/02/2023 06:40:56 PM) (Source: Microsoft-Windows-WER-SystemErrorReporting) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x0000000a (0xffffac8be72a0690, 0x0000000000000002, 0x0000000000000000, 0xfffff80083eafce3)C:\WINDOWS\Minidump\040223-10546-01.dmpc9e725eb-2ac8-424a-9b3c-41dbc8376975
Error: (04/02/2023 06:40:50 PM) (Source: volmgr) (EventID: 162) (User: )
Description: Generierung der Dumpdatei erfolgreich.
Error: (04/02/2023 06:40:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 02.04.2023 um 18:33:08 unerwartet heruntergefahren.
Error: (04/02/2023 05:55:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IMO4PF8)
Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
================
Date: 2023-04-02 20:43:07
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {6CBB1A65-1EB6-4F24-9660-5C6DBD7C81ED}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: DESKTOP-IMO4PF8\tibor
Date: 2023-04-02 20:24:26
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {08EBE237-EF41-4021-A91A-68400CACEAAB}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Vollständige Überprüfung
Benutzer: DESKTOP-IMO4PF8\tibor
Date: 2023-04-02 20:23:40
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Sabsik.TE.B!ml&threatid=2147780205&enterprise=0
Name: Trojan:Script/Sabsik.TE.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\tibor\Downloads\TLa1stoUsPa1rtID-Update1 0 1 6-elamigos\TLa1stoUsPa1rtID-Update1.0.1.6-elamigos.rar
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-IMO4PF8\tibor
Prozessname: C:\Program Files\WinRAR\WinRAR.exe
Sicherheitsversion: AV: 1.385.1874.0, AS: 1.385.1874.0, NIS: 1.385.1874.0
Modulversion: AM: 1.1.20100.6, NIS: 1.1.20100.6
Date: 2023-04-02 20:22:14
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Sabsik.TE.B!ml&threatid=2147780205&enterprise=0
Name: Trojan:Script/Sabsik.TE.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\tibor\Downloads\TLa1stoUsPa1rtID-Update1 0 1 6-elamigos\TLa1stoUsPa1rtID-Update1.0.1.6-elamigos.rar.part
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-IMO4PF8\tibor
Prozessname: C:\Users\tibor\AppData\Local\JDownloader 2.0\JDownloader2.exe
Sicherheitsversion: AV: 1.385.1874.0, AS: 1.385.1874.0, NIS: 1.385.1874.0
Modulversion: AM: 1.1.20100.6, NIS: 1.1.20100.6
CodeIntegrity:
===============
Date: 2023-04-02 19:48:37
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
Date: 2023-04-01 23:40:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-03-27 16:11:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. F11 11/05/2021
Hauptplatine: Gigabyte Technology Co., Ltd. Z390 AORUS MASTER-CF
Prozessor: Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 32687.2 MB
Verfügbarer physikalischer RAM: 26601.14 MB
Summe virtueller Speicher: 34735.2 MB
Verfügbarer virtueller Speicher: 26408.76 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:208.86 GB) (Free:73.27 GB) (Model: Samsung SSD 850 EVO 250GB) NTFS
Drive d: (Spiele) (Fixed) (Total:931.39 GB) (Free:251.99 GB) (Model: CT1000MX500SSD1) NTFS
Drive e: (Daten) (Fixed) (Total:931.51 GB) (Free:573.62 GB) (Model: WDC WD10EURX-63C57Y0) NTFS
\\?\Volume{76630a2f-d97f-4d99-bbc8-a17685bd9be1}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS
\\?\Volume{d0a81815-4ad7-4ccc-9446-dd342f47650c}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: F973A29B)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 2E920281)
Partition: GPT.
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 049F993E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-02-2023
# Duration: 00:00:05
# OS: Windows 11 (Build 22621.1413)
# Scanned: 32030
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1420 octets] - [29/03/2023 22:34:36]
AdwCleaner[C00].txt - [1610 octets] - [29/03/2023 22:34:51]
AdwCleaner[S01].txt - [1542 octets] - [29/03/2023 22:35:03]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
|
|
02.04.2023, 22:19
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Defender meldet "HackTool:Win32/Keygen"Zitat:
 Cracks, Keygens und andere illegale SoftwareBitte lesen => Cracks, Keygens und andere illegale Software Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.04.2023, 22:21
| #5 |
| | Defender meldet "HackTool:Win32/Keygen" Das ist seid heute mittag deinstalliert, denke da ging es sich um Acrobat. Oder muss ich da noch händisch was löschen nach der Deinstallation? |
|
02.04.2023, 22:23
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Defender meldet "HackTool:Win32/Keygen" Und du bist dir ganz sicher dass da alles andere legal ist? Auch das hier? Zitat:
__________________ --> Defender meldet "HackTool:Win32/Keygen" |
|
02.04.2023, 22:25
| #7 |
| | Defender meldet "HackTool:Win32/Keygen" Die habe ich von der Arbeit damals bekommen und seit dem habe ich die immer weiter benutzt. Kann sie aber auch deinstallieren, wenn das gewünscht ist. Das würde ich dann aber erst morgen nach Feierabend schaffen |
|
02.04.2023, 22:26
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Defender meldet "HackTool:Win32/Keygen" Ok. Und der Keygen war dann bestimmt für Adobe, richtig?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.04.2023, 06:59
| #9 |
| | Defender meldet "HackTool:Win32/Keygen" Davon gehe ich aus, ja. |
|
03.04.2023, 08:03
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Defender meldet "HackTool:Win32/Keygen" Was soll das heißen, du gehst davon aus? Das ist dein PC, du musst das wissen. Welche Keygens und Cracks hattest du du denn noch?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.04.2023, 19:17
| #11 |
| | Defender meldet "HackTool:Win32/Keygen" Ja, das ist der einzige, den ich benutzt habe |
|
03.04.2023, 21:08
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Defender meldet "HackTool:Win32/Keygen" Dann schreib es doch auch klar und deutlich. Warum druckst ihr alle so herum wenn man euch mit Keygens/Cracks erwischt?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.04.2023, 21:46
| #13 |
| /// TB-Ausbilder | Defender meldet "HackTool:Win32/Keygen" Fehlende Rückmeldung Dieses Thema wurde aus unseren Abos gelöscht. Somit bekommen wir keine Benachrichtigung über neue Antworten. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und ein eigenes Thema erstellen! |
|
| Themen zu Defender meldet "HackTool:Win32/Keygen" |
| antwort, bedrohung, bitdefender, datei, defender, false positive, gelöscht, gestartet, hack, hallo zusammen, ide, kurzzeitig, löschen, malwarebytes, melde, meldet, meldung, neue, nicht mehr, nichts, quarantäne, win, windows, windows defender windows 11, zusammen, zusätzlich |
Linear-Darstellung
