| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virenwarnung durch websvs.co.inWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.07.2023, 12:47
| #1 |
| |  Virenwarnung durch websvs.co.in Guten Tag zusammen, ich melde mich hier, weil mir mein Laptop heute mitteilte, dass 5 Viren erkannt worden seien. "Mitteiler" ist anscheinend "websvs.co.in". Einen Screenshot füge ich bei. Da ich mit dem Laptop auch die Sicherungssoftware von Norton erworben habe, habe ich diese analysieren lassen. Als Antwort bekam ich den Hinweis, dass der Laptop sicher sei. Die Virus-Meldung popte unterdessen immer wieder auf. Aufgrund eines Hinweises meines Sohnes habe ich dann das Programm Malwarebytes installiert und ebenfalls analysieren lassen. Demnach wurden 5 verdächtige Elemente erkannt. Auch dazu habe ich einen Screenshot gefertigt und hier beigefügt. Wenn jemand gleichartige Meldungen erhalten hat und kann mir Hinweise geben kann, was zu tun ist, wäre ich sehr dankbar. Mit freundlichen Grüßen Heinrich55 |
|
09.07.2023, 12:50
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Virenwarnung durch websvs.co.in Bitte unsere Hinweise richtig lesen und umsetzen.
__________________Logfiles werden als reiner Text in CODE-Tags gepostet und nicht als Screenshots, die fast nichts aussagen. Auerßdem fehlen beide FRST-Logs.
__________________ |
|
09.07.2023, 17:54
| #3 |
| | Virenwarnung durch websvs.co.in Hallo Cosinus,
__________________danke für Deine Antwort. Hier die Informationen. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2023
durchgeführt von Heinz (Administrator) auf HTR (Acer Swift SF316-51) (09-07-2023 18:22:09)
Gestartet von C:\Users\Heinz\Downloads\FRST64.exe
Geladene Profile: Heinz
Plattform: Microsoft Windows 11 Home Version 22H2 22621.1848 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.67\msedgewebview2.exe <13>
(C:\Users\Heinz\Downloads\FRST64.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2112.32.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>
(DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxEMN.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <17>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_a5ea1b1d8db1527e\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a439e07c373809e2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3a2f90c1eb2e1524\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_e5855ce1805681c2\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_e3868713e3d137ef\esif_uf.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.23.1.21\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.23.1.21\nsWscSvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe <3>
(sihost.exe ->) (EAF76292-FADE-4EAB-A62C-FE5E78661D58 -> ) C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3030.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxextN.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.StorePurchaseApp_12008.1001.1.0_x64__8wekyb3d8bbwe\StoreExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\Heinz\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe [1262512 2021-06-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [558144 2020-12-15] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [414432 2023-03-14] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2605960 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\Run: [MicrosoftEdgeAutoLaunch_D2E8542DDDEBFF636897817371F35F7C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113872 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\MountPoints2: {f4a34dfe-bb98-11ed-b128-3ce9f7e7c169} - "D:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [Norton Download ManagerFORCE_UPGRADE_22_22_9] => C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui /instversion "22.22.9" (Keine Datei)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PDFCreator: C:\Windows\system32\pdfcmnnt.dll [87040 2005-03-12] () [Datei ist nicht signiert]
Startup: C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon MX490 series Printer.lnk [2023-07-09]
ShortcutAndArgument: Canon IJ Status Monitor Canon MX490 series Printer.lnk -> C:\Windows\system32\rundll32.exe => "C:\Users\Heinz\CNMSSC~1.DLL",SMStarterEntryPoint LPT1:;Canon MX490 series Printer;cnmss Canon MX490 series Printer (Local).dll;Canon IJ Status Monitor Canon MX490 series Printer.lnk
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00C1CB4C-4013-43B4-A3B3-9FA6C674FEE8} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971792 2022-05-20] (Acer Incorporated -> )
Task: {4D17532F-F0E6-4E56-BFF8-751A8A3AF982} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41616 2022-05-20] (Acer Incorporated -> )
Task: {3D79F00C-BA34-4324-917E-112A33C83BF0} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836496 2022-05-20] (Acer Incorporated -> )
Task: {909C9B34-C9A2-473C-8B0F-51228640E5FA} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {E8CE6E63-7A79-4A42-8321-F567BBB1FC1A} - System32\Tasks\App Explorer => C:\Users\Heinz\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7574560 2023-03-29] (SweetLabs Inc -> SweetLabs, Inc) <==== ACHTUNG
Task: {549AD1C3-0C12-402B-B7DC-24F57339639E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616792 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {019111CD-26C3-48AB-B951-E18FBB8DE797} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616792 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F518B8E-E19F-4421-B62F-53423FA4C853} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {33AB6707-0B8E-4629-B933-4E0E1116BB17} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {27BE13A2-5B5C-4734-AF73-9A8076E81D44} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [164752 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {06CC9D5A-BA5A-4B80-B3EA-303FC559B4B4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-06-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {2F3FD616-E12E-4C85-977B-42970DDA6218} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Autofix => C:\Program Files\Norton Security\Engine\22.23.1.21\SymErr.exe [379024 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {9193F4DA-1EF3-4E20-9178-2533D20B882F} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Analyzer => C:\Program Files\Norton Security\Engine\22.23.1.21\SymErr.exe [379024 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {70B969BB-BB44-4B3F-AD4C-FBB21CF22388} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Processor => C:\Program Files\Norton Security\Engine\22.23.1.21\SymErr.exe [379024 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {7F53DE7C-C294-4EF5-9615-FAB4CCF1C911} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.23.1.21\WSCStub.exe [646520 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {42EA0A94-0283-4A4E-A53B-7E2DA4788B76} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {4BD30EC5-CA49-4BCF-8018-E788717A3ED2} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-22] (Acer Incorporated -> )
Task: {3D740331-AC06-4F87-A9E9-DB8CDB4B77F8} - System32\Tasks\Oem\xvpnHelperTask => C:\Users\Heinz\AppData\Local\OEM\PromoX\XvpnHelper\XvpnInstaller.exe [70016 2022-10-24] (Acer Incorporated -> )
Task: {6DFEDF3F-03CD-423E-BD87-2C7A997239EA} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {683D3C7A-270C-4B90-BAD9-8152A9632442} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3774415946-2383157043-3044040638-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {DCE0376C-794D-41B4-854C-47EB7E1D323F} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [450536 2022-05-24] (Acer Incorporated -> Acer Incorporated)
Task: {C1E04C3A-9069-4AF9-ABC2-1147D4271E23} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Ultra\Upgrade.exe [2353000 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {AD0804EC-04C6-49B8-8587-9DCE94DB8E9E} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-03-01] (Acer Incorporated -> Acer Incorporated)
Task: {A1FC2F21-C369-4A0A-8659-3443CCAE410F} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2021-03-29] (Acer Incorporated -> Microsoft)
Task: {54851851-A4C2-4B12-A1C9-7A801CC8F99E} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [342672 2022-06-01] (Acer Incorporated -> Acer Incorporated)
Task: {F9B3CA6F-4ADB-4D1C-B335-14044044D0F8} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211560 2022-05-17] (Acer Incorporated -> Acer Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9488c15e-b339-44a4-9085-4584ff6f1e23}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Heinz\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-09]
Edge Notifications: Default -> hxxps://websvs.co.in
Edge Extension: (Edge relevant text changes) - C:\Users\Heinz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-25]
FireFox:
========
FF DefaultProfile: sk6g5hu0.default
FF ProfilePath: C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\sk6g5hu0.default [2023-02-12]
FF ProfilePath: C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release [2023-07-09]
FF Homepage: Mozilla\Firefox\Profiles\0v7o52re.default-release -> hxxps://www.bing.com/?PC=L621
FF Extension: (Language: Deutsch (German)) - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release\Extensions\langpack-de@firefox.mozilla.org.xpi [2023-06-20]
FF Extension: (uBlock Origin) - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-06-14]
FF Extension: (Add-ons Restricted Domains) - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release\features\{52f9b337-33c7-47e4-8e80-95a05c6630ce}\addons-restricted-domains@mozilla.com.xpi [2023-06-22]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259216 2022-05-20] (Acer Incorporated -> Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11851144 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [210872 2021-03-21] (DTS, Inc. -> DTS Inc.)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\elfoService.exe [1283336 2017-06-15] (Bayerisches Landesamt fuer Steuern -> )
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncHelper.exe [3447176 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_e5855ce1805681c2\\AS\\IAS\\IntelAudioService.exe [539832 ] (Intel Corporation -> Intel)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [74464 2023-03-14] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9266864 2023-07-09] (Malwarebytes Inc. -> Malwarebytes)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.23.1.21\NortonSecurity.exe [344888 2023-02-02] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.23.1.21\nsWscSvc.exe [1059176 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.127.0618.0001\OneDriveUpdaterService.exe [3783048 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [558144 2020-12-15] (geek software GmbH -> geek software GmbH)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [469992 2022-05-24] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [508392 2022-05-24] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [334992 2022-06-01] (Acer Incorporated -> Acer Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-01] (Acer Incorporated -> Acer Incorporated)
S3 AcxHdAudio; C:\Windows\System32\drivers\AcxHdAudio.sys [561152 2023-05-10] (Microsoft Windows -> Microsoft Corporation)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.22.9.11\Definitions\BASHDefs\20230705.001\BHDrvx64.sys [1696736 2023-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2022-07-05] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2022-07-05] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-07-05] (Microsoft Corporation) [Datei ist nicht signiert]
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1617010.015\ccSetx64.sys [198280 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2023-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\Windows\System32\drivers\fse.sys [218464 2023-02-20] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_ab87bf17a571e523\iaLPSS2_I2C_TGL.sys [197272 2020-08-12] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_b6ea3d48ee329530\iaLPSS2_SPI_TGL.sys [155816 2020-08-12] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_1a8e964d43720594\iaLPSS2_UART2_TGL.sys [310440 2020-08-12] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1544912 2021-08-29] (Intel Corporation -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.22.9.11\Definitions\IPSDefs\20230707.061\IDSvia64.sys [1527816 2023-02-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 IntcSDW; C:\Windows\System32\DriverStore\FileRepository\intcsdw.inf_amd64_c447f3ebbd1456bd\IntcSDW.sys [864336 2021-05-17] (Intel Corporation -> Intel(R) Corporation)
R3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_781687200d129207\IntcUSB.sys [1668672 2021-05-17] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84880 2020-11-06] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-07-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [233216 2023-07-09] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77752 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181984 2023-07-09] (Malwarebytes Inc. -> Malwarebytes)
S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\1617010.015\nsvst.sys [57120 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 rtux64w10; C:\Windows\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation)
R3 SRTSP; C:\Windows\System32\drivers\NGCx64\1617010.015\SRTSP64.SYS [956048 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1617010.015\SRTSPX64.SYS [52872 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1617010.015\SYMEFASI64.SYS [2180248 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1617010.015\SymELAM.sys [36016 2023-02-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Broadcom)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100328 2022-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.22.9.11\SymPlatform\SymEvnt.sys [722400 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1617010.015\Ironx64.SYS [306824 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1617010.015\symnets.sys [492728 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2022-10-18] (Microsoft Windows -> )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49608 2023-03-28] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [495896 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1617010.015\wpCtrlDrv.sys [1016792 2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-07-09 18:21 - 2023-07-09 18:21 - 000032531 _____ C:\Users\Heinz\Downloads\Addition.txt
2023-07-09 18:20 - 2023-07-09 18:22 - 000028423 _____ C:\Users\Heinz\Downloads\FRST.txt
2023-07-09 18:20 - 2023-07-09 18:22 - 000000000 ____D C:\FRST
2023-07-09 18:18 - 2023-07-09 18:19 - 002383872 _____ (Farbar) C:\Users\Heinz\Downloads\FRST64.exe
2023-07-09 13:40 - 2023-07-09 13:40 - 000000000 ____D C:\Windows\system32\Tasks\Remediation
2023-07-09 13:18 - 2023-07-09 13:18 - 000761564 _____ C:\Windows\system32\perfh007.dat
2023-07-09 13:18 - 2023-07-09 13:18 - 000157732 _____ C:\Windows\system32\perfc007.dat
2023-07-09 13:14 - 2023-07-09 13:14 - 000233216 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2023-07-09 13:14 - 2023-07-09 13:14 - 000181984 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-07-09 13:04 - 2023-07-09 13:15 - 000000000 ____D C:\Users\Heinz\AppData\Local\Malwarebytes
2023-07-09 13:04 - 2023-07-09 13:04 - 000000000 ____D C:\Users\Heinz\AppData\Local\mbam
2023-07-09 13:03 - 2023-07-09 13:03 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-07-09 13:03 - 2023-07-09 13:03 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-07-09 13:03 - 2023-07-09 13:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-07-09 13:03 - 2023-07-09 13:03 - 000000000 ____D C:\Program Files\Malwarebytes
2023-07-09 13:00 - 2023-07-09 13:00 - 002649072 _____ (Malwarebytes) C:\Users\Heinz\Downloads\MBSetup.exe
2023-07-09 12:16 - 2023-07-09 12:16 - 000070672 _____ C:\Users\Heinz\Downloads\0907231216.pdf
2023-07-06 18:53 - 2023-07-06 18:59 - 000003788 _____ C:\Users\Heinz\Downloads\1087463459(1).csv
2023-07-05 21:19 - 2023-07-05 21:19 - 000109772 _____ C:\Users\Heinz\Downloads\invoice_nordic-nest_2023-06-02_e590-1.pdf
2023-07-05 21:18 - 2023-07-05 21:18 - 000109769 _____ C:\Users\Heinz\Downloads\invoice_nordic-nest_2023-06-02_e590.pdf
2023-07-05 16:35 - 2023-07-05 16:35 - 000000022 _____ C:\Users\Heinz\Downloads\Anhänge_20230705.zip
2023-07-04 22:46 - 2023-07-04 22:46 - 000020696 _____ C:\Users\Heinz\Downloads\IQQH_holdings.csv
2023-07-04 22:46 - 2023-07-04 22:46 - 000020696 _____ C:\Users\Heinz\Downloads\IQQH_holdings(1).csv
2023-07-04 09:33 - 2023-07-04 09:34 - 000000152 _____ C:\Users\Heinz\Downloads\Anhänge_20230704.zip
2023-07-03 21:26 - 2023-07-03 21:26 - 000200967 _____ C:\Users\Heinz\Downloads\Serienbrief_2058740466_2023-05-24_MKK_fbcff34c-0505-487d-96bf-578a69efd6fe.pdf
2023-07-03 21:23 - 2023-07-03 21:23 - 000028409 _____ C:\Users\Heinz\Downloads\Untitled.pdf
2023-07-03 21:21 - 2023-07-03 21:21 - 000054289 _____ C:\Users\Heinz\Downloads\Kontoauszug_205721067700EUR_2023-06-30_KK_205721067700KD401E05070100501479457.pdf
2023-07-03 18:45 - 2023-07-03 18:45 - 000014234 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230703_184522.csv
2023-07-02 17:53 - 2023-07-02 17:53 - 000002709 _____ C:\Users\Heinz\Downloads\Energiebilanz_2023_06.csv
2023-07-01 14:13 - 2023-07-01 14:13 - 000001688 _____ C:\Users\Heinz\Downloads\1087463459.csv
2023-06-28 07:52 - 2023-06-28 07:52 - 000012100 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230628_075201.csv
2023-06-26 22:26 - 2023-06-26 22:26 - 000342240 _____ C:\Windows\SysWOW64\LxDNT121.dll
2023-06-26 22:26 - 2023-06-26 22:26 - 000233184 _____ C:\Windows\SysWOW64\LXPrnUtil10.dll
2023-06-26 22:26 - 2023-06-26 22:26 - 000161504 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxReportManage.ocx
2023-06-26 22:26 - 2023-06-26 22:26 - 000148192 _____ C:\Windows\SysWOW64\LxDNTvmc121.dll
2023-06-26 22:26 - 2023-06-26 22:26 - 000083680 _____ C:\Windows\SysWOW64\LxDNTvm121.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 004971232 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxXtreme130.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 001262304 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxTool200.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 000220384 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxBasics200.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 000132832 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxMail200.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 000095456 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxPXTree200.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 000093920 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxCI20.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 000080608 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LXCurr200.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 000053472 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxTPSW200.dll
2023-06-25 19:50 - 2023-06-25 19:50 - 000119008 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxUISettingsN200.dll
2023-06-23 15:54 - 2023-06-23 15:54 - 000005623 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230623_155427.csv
2023-06-23 14:02 - 2023-06-23 14:02 - 000326734 _____ C:\Users\Heinz\Downloads\Zusammenfassung Kontowechsel-1.pdf
2023-06-23 12:04 - 2023-06-23 12:04 - 000109029 _____ C:\Users\Heinz\Downloads\Zusammenfassung Kontowechsel.pdf
2023-06-22 11:15 - 2023-06-22 13:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-06-21 12:58 - 2023-06-21 12:58 - 000038918 _____ C:\Users\Heinz\Downloads\DHL-Paketmarke_EZLNSVGND5890_Michael_Grünke.pdf
2023-06-19 20:35 - 2023-06-19 20:38 - 000002554 _____ C:\Users\Heinz\Downloads\Umsatzanzeige_DE80500105170773411765_20230619.csv
2023-06-19 20:24 - 2023-06-19 20:24 - 000263070 _____ C:\Users\Heinz\Downloads\Direkt_Depot_8011141080_Abrechnung_Kauf_LU1861136247_Order_297890447_001_20230616.pdf
2023-06-19 20:23 - 2023-06-19 20:23 - 000263067 _____ C:\Users\Heinz\Downloads\Direkt_Depot_8011141080_Abrechnung_Kauf_IE00BJ0KDQ92_Order_298006742_001_20230616-1.pdf
2023-06-19 20:22 - 2023-06-19 20:22 - 000263067 _____ C:\Users\Heinz\Downloads\Direkt_Depot_8011141080_Abrechnung_Kauf_IE00BJ0KDQ92_Order_298006742_001_20230616.pdf
2023-06-18 12:40 - 2023-06-18 12:40 - 000001426 _____ C:\Users\Heinz\Downloads\watchlist.csv
2023-06-18 09:36 - 2023-06-18 09:36 - 003253492 _____ C:\Users\Heinz\Downloads\Anhänge_20230618.zip
2023-06-16 21:40 - 2023-06-16 21:40 - 004235819 _____ C:\Users\Heinz\Downloads\ubs-etf-visa-stamped-prospectus.pdf
2023-06-16 21:40 - 2023-06-16 21:40 - 000050990 _____ C:\Users\Heinz\Downloads\kiid-LU0950674332-de.pdf
2023-06-15 17:56 - 2023-06-15 17:56 - 000074776 _____ C:\Users\Heinz\Downloads\Synthetische Fondszusammensetzung_Amundi MSCI Europe Small Cap ESG Climate Net Zero Ambition CTB UCITS ETF Acc_LU1681041544_13_06_2023.xlsx
2023-06-15 14:29 - 2023-06-15 14:29 - 000045741 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230615_122925.csv
2023-06-14 18:31 - 2023-06-14 18:31 - 000000000 ___HD C:\$WinREAgent
2023-06-13 10:16 - 2023-06-13 10:16 - 002336953 _____ C:\Users\Heinz\Downloads\Energiedepesche Heft 2 2023.pdf
2023-06-12 20:42 - 2023-06-12 20:42 - 000068055 _____ C:\Users\Heinz\Downloads\SUSW_holdings.csv
2023-06-12 20:27 - 2023-06-12 20:27 - 000032563 _____ C:\Users\Heinz\Downloads\Synthetic Fund Holdings_Lyxor EURO STOXX 50 (DR) UCITS ETF - Daily Hedged to USD - Acc_FR0012399806_08_06_2023.xlsx
2023-06-11 21:24 - 2023-06-11 21:25 - 000039546 _____ C:\Users\Heinz\Downloads\Synthetische Fondszusammensetzung_Lyxor MSCI Future Mobility ESG Filtered (DR) UCITS ETF - Acc_LU2023679090_07_06_2023.xlsx
2023-06-11 21:23 - 2023-06-11 21:23 - 000069944 _____ C:\Users\Heinz\Downloads\Indexaufteilung_Lyxor MSCI Future Mobility ESG Filtered (DR) UCITS ETF_LU2023679090_07_06_2023.xlsx
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-07-09 18:19 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-09 18:07 - 2022-10-18 01:57 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-07-09 17:28 - 2023-02-12 15:44 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-09 16:35 - 2023-02-12 14:59 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\Microsoft\Excel
2023-07-09 16:30 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\NDF
2023-07-09 14:32 - 2023-03-11 11:05 - 000000000 ____D C:\Windows\system32\Tasks\Norton Security Ultra
2023-07-09 14:01 - 2023-02-18 17:41 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\Microsoft\Word
2023-07-09 13:18 - 2022-10-18 02:04 - 001754668 _____ C:\Windows\system32\PerfStringBackup.INI
2023-07-09 13:18 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2023-07-09 13:15 - 2022-05-07 07:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-07-09 13:14 - 2023-02-18 15:42 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-07-09 13:14 - 2023-02-12 14:47 - 000000000 ___RD C:\Users\Heinz\OneDrive
2023-07-09 13:14 - 2023-02-12 14:45 - 000000000 __SHD C:\Users\Heinz\IntelGraphicsProfiles
2023-07-09 13:14 - 2022-10-18 01:57 - 000012288 ___SH C:\DumpStack.log.tmp
2023-07-09 13:14 - 2022-10-18 01:57 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2023-07-09 13:14 - 2022-10-18 01:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-07-09 13:14 - 2022-10-18 01:57 - 000000000 ___HD C:\Intel
2023-07-09 13:14 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2023-07-09 13:14 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2023-07-09 13:14 - 2022-05-07 07:17 - 000524288 _____ C:\Windows\system32\config\BBI
2023-07-09 13:05 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2023-07-09 13:03 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-07-09 12:57 - 2023-02-12 14:45 - 000000000 ____D C:\Users\Heinz\AppData\Local\D3DSCache
2023-07-09 11:59 - 2023-02-12 14:27 - 000000000 ____D C:\Users\Heinz\AppData\Local\Host App Service
2023-07-07 19:46 - 2023-02-22 18:24 - 000000000 ____D C:\ProgramData\Lexware
2023-07-07 18:03 - 2023-02-23 12:50 - 000000000 ____D C:\Users\Heinz\AppData\Local\ElevatedDiagnostics
2023-07-07 17:56 - 2023-02-12 14:27 - 000000000 ____D C:\Users\Heinz
2023-07-07 16:16 - 2023-02-12 14:45 - 000000000 ____D C:\Users\Heinz\AppData\Local\Packages
2023-07-07 16:16 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-06 19:30 - 2023-02-12 15:45 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\Microsoft\Office
2023-07-06 18:35 - 2023-02-22 18:29 - 000002247 _____ C:\Users\Public\Desktop\Lexware buchhaltung.lnk
2023-07-06 18:35 - 2023-02-22 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2023-07-06 18:35 - 2022-10-18 02:32 - 000000000 ____D C:\ProgramData\Package Cache
2023-07-06 18:28 - 2022-10-18 01:57 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-06 18:28 - 2022-10-18 01:57 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-06 08:41 - 2022-10-18 02:33 - 000000000 ____D C:\Program Files\Microsoft Office
2023-07-06 08:33 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2023-07-01 14:49 - 2023-05-29 18:52 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\vlc
2023-07-01 11:38 - 2022-10-18 01:57 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-29 09:33 - 2023-02-15 21:04 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-06-29 09:33 - 2023-02-15 21:04 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-29 09:33 - 2023-02-12 14:47 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3774415946-2383157043-3044040638-1001
2023-06-22 13:28 - 2022-10-18 02:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-06-22 11:22 - 2022-10-18 02:31 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-06-22 11:17 - 2022-10-18 01:57 - 000482200 _____ C:\Windows\system32\FNTCACHE.DAT
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\WUModels
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2023-06-22 11:17 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2023-06-14 18:36 - 2023-02-12 15:51 - 000000000 ____D C:\Windows\system32\MRT
2023-06-14 18:34 - 2023-02-12 15:51 - 170078616 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-06-14 18:34 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2023-06-14 18:33 - 2022-10-18 02:02 - 003211776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-06-14 11:05 - 2023-02-18 17:59 - 000000000 ____D C:\EIGENE DATEIEN
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-07-07 17:56 - 2014-09-10 06:00 - 000106496 _____ (CANON INC.) C:\Users\Heinz\cnmss Canon MX490 series Printer (Local).dll
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-07-2023
durchgeführt von Heinz (09-07-2023 18:22:52)
Gestartet von C:\Users\Heinz\Downloads
Microsoft Windows 11 Home Version 22H2 22621.1848 (X64) (2023-02-11 16:38:48)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-3774415946-2383157043-3044040638-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3774415946-2383157043-3044040638-503 - Limited - Disabled)
Gast (S-1-5-21-3774415946-2383157043-3044040638-501 - Limited - Disabled)
Heinz (S-1-5-21-3774415946-2383157043-3044040638-1001 - Administrator - Enabled) => C:\Users\Heinz
WDAGUtilityAccount (S-1-5-21-3774415946-2383157043-3044040638-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security Ultra (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
FW: Norton Security Ultra (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
App Explorer (HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\Host App Service) (Version: 0.273.4.677 - SweetLabs)
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3046 - Acer Incorporated)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
ElsterFormular (HKLM-x32\...\{80B76B12-92BE-4177-BB7B-070AAEED239B}) (Version: 18.4.1 - Thüringer Landesfinanzdirektion)
ExpressVPN (HKLM-x32\...\{5B1D5290-DC0D-43D1-8220-8BB29BDDA0BE}) (Version: 2.5.22300.30 - Acer)
Lexware buchhalter 2023 (HKLM-x32\...\{2DDAC478-5E03-456F-A534-51E795778EBE}) (Version: 28.07.00.0337 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware buchhaltung plus 2023 (HKLM-x32\...\{773dbd33-b64b-440a-b530-18bb9c2ef9fb}) (Version: 28.7.0.239 - Haufe-Lexware GmbH & Co. KG)
Lexware EasyArchive 2023 (HKLM-x32\...\{BCCD6706-BDCF-437C-8079-305ED891091A}) (Version: 8.02.00.0171 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2023 (HKLM-x32\...\{57286E5F-1704-4309-846F-852C65F30848}) (Version: 23.03.00.0352 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2023 (HKLM-x32\...\{c375d4c4-b145-49aa-bb65-2dba05fbc847}) (Version: 23.3.0.258 - Haufe-Lexware GmbH & Co. KG)
Lexware FolderPermission 2023 (HKLM-x32\...\{CF7B7E51-2475-4102-934D-C09300DA5E7C}) (Version: 5.02.00.0211 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service 2023 (HKLM-x32\...\{D46EC7B4-83EE-436B-8DF2-576C5BD593BC}) (Version: 23.01.00.0200 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst 2023 (HKLM-x32\...\{14F7538D-3BE1-4E9A-BA85-C436FB46BB0A}) (Version: 12.01.00.0184 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking 2023 (HKLM-x32\...\{C9495433-F6BF-4355-8051-756BD8D51682}) (Version: 30.04.00.0223 - Haufe-Lexware GmbH & Co.KG) Hidden
Malwarebytes version 4.5.32.271 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.32.271 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.67 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.67 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.16529.20154 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.127.0618.0001 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.16529.20154 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e52a6842-b0ac-476e-b48f-378a97a67346}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.10.25017 (HKLM\...\{E512788E-C50B-3858-A4B9-73AD5F3F9E93}) (Version: 14.10.25017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.10.25017 (HKLM\...\{8D4F7A6D-6B81-3DC8-9C21-6008E4866727}) (Version: 14.10.25017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 114.0.2 (x64 en-US)) (Version: 114.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0 - Mozilla)
Norton Security Ultra (HKLM-x32\...\NGC) (Version: 22.23.1.21 - NortonLifeLock Inc)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20154 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20154 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16529.20154 - Microsoft Corporation) Hidden
PDF24 Creator 10.0.7 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.7 - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.9 - Frank Heindörfer, Philip Chinery)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3044 - Acer Incorporated)
TAXMAN 2023 (HKLM-x32\...\{C8AF0B55-2410-4F16-81B3-946ABA364FDA}) (Version: 28.28.59 - Haufe-Lexware GmbH & Co.KG)
User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3016 - Acer Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3030.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)
Any Word to PDF -> C:\Program Files\WindowsApps\AnywaySoftInc.AnyWordtoPDF_1.2.8.0_x64__0qkrc2qacwvfm [2023-02-21] (AnywaySoft, Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-02-23] (Canon Inc.)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3046.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)
DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.9.0_x64__t5j2fzbtdg37r [2023-02-12] (DTS, Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-02-12] (INTEL CORP)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corp.)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.54.42772.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corporation) [Startup Task]
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.50332.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.D3DMappingLayers_1.2201.1.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2023-02-21] (Microsoft Corporation)
ms-resource:gameName -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.3899848563C1F_1.0.81.0_x64__kx24dqmazqk8j [2023-02-12] (Random Salad Games LLC)
ms-resource:GameTitle -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.12.89.0_x64__kx24dqmazqk8j [2023-02-12] (Random Salad Games LLC)
ms-resource:OEMAppName -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.2.0_x64__xbfy0k16fey96 [2023-02-12] (Dropbox Inc.)
ms-resource:PACKAGE_DISPLAY_NAME -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2023-02-12] (INTEL CORP)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt [2023-02-12] (INTEL CORP) [Startup Task]
Norton Security -> C:\Program Files\Norton Security\Engine\22.23.1.21 [2023-07-09] (0)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3044.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2023-02-12] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0 [2023-02-12] (Spotify AB) [Startup Task]
User Experience Improvement Program V5 -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgramV_5.0.3016.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.1.21\NavShExt.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.1.21\NavShExt.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-09] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.1.21\buShell.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-09] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.1.21\NavShExt.dll [2023-02-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2023-02-21 21:41 - 2005-03-12 01:07 - 000087040 _____ () [Datei ist nicht signiert] C:\Windows\System32\pdfcmnnt.dll
2022-10-18 02:33 - 2022-10-18 02:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2022-10-18 02:33 - 2022-10-18 02:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Heinz\Downloads\FRST64.exe:MBAM.Zone.Identifier [193]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 ____N C:\Windows\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{23A321A7-6086-4800-A4FE-C8C1AA9DFD4D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{29E56D7E-0E93-416D-B555-B9B90223E456}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CD877A6B-8840-4A4C-A1BF-151F755CB747}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E8266791-E65D-44C8-A0D9-98BD180E60BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{19B385ED-EA80-4F4C-A036-750EB663F7AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13E9812A-2461-4162-B101-F8A03A1EC1FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2CD333F6-8E4A-4868-8657-1702955FA5F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{722815D3-AC46-4D95-8F4D-444B508247A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E81B3C14-8FD1-41EB-BBE7-C3792ADA0A2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A3F2EB9E-CFC8-41AE-BACE-E42BD499EDB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B6D38968-06AE-4763-A7D0-5F9D07202C99}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29587350-3534-45AB-8835-E93D3945DEE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D58D08D9-934D-448B-B525-FAD35196EFB0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{408AEDCC-4E5F-4AE5-BC67-F47EAA741487}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6AA5E224-2660-476F-AA55-96A52165ABEE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{026EDBE9-1F66-412C-B50D-4BB72AF7B65E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{76DEA0B3-F267-4B96-830F-422F4AD6E890}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63603F86-6232-43E1-A478-77A4E1C4C9F5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:475.67 GB) (Free:120.81 GB) (25%)
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (07/09/2023 06:18:37 PM) (Source: IntelAPO) (EventID: 138) (User: NT-AUTORITÄT)
Description: [1] Intel SST APO (MFX)APO Watchdog -> Out of rythm: time_ms = 439927.98 frames_ms = 439930.00 diff = -2.017600.2
Error: (07/09/2023 06:17:23 PM) (Source: IntelAPO) (EventID: 138) (User: NT-AUTORITÄT)
Description: [0] Intel SST APO (DNSMFX)APO Watchdog -> Out of rythm: time_ms = 365467.99 frames_ms = 365470.00 diff = -2.012200.2
Error: (07/09/2023 05:54:43 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm ShellExperienceHost.exe Version 10.0.22621.1778 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.
Error: (07/09/2023 04:52:59 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (07/09/2023 12:49:46 PM) (Source: Application Error) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Name der fehlerhaften Anwendung: SecurityHealthService.exe, Version: 10.0.22621.1635, Zeitstempel: 0xc9cb2878
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.22621.608, Zeitstempel: 0xf5fc15a3
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000007f61e
ID des fehlerhaften Prozesses: 0x0x2bd4
Startzeit der fehlerhaften Anwendung: 0x0x1d9a4fcca034f81
Pfad der fehlerhaften Anwendung: C:\Windows\system32\SecurityHealthService.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ucrtbase.dll
Berichtskennung: 92f901b3-25cb-456b-8144-4161492fce0f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/09/2023 11:56:13 AM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Error: (07/08/2023 05:09:39 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (07/07/2023 06:45:55 PM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Systemfehler:
=============
Error: (07/09/2023 03:01:24 PM) (Source: DCOM) (EventID: 10010) (User: HTR)
Description: Der Server "{628ACE20-B77A-456F-A88D-547DB6CEEDD5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/09/2023 02:42:58 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/09/2023 02:40:30 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/09/2023 02:38:30 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/09/2023 12:49:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Sicherheitsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/09/2023 11:56:14 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {b8254bba-7337-4c52-8082-cfd4f2424c9b}" ist das Ereignis "74" aufgetreten.
Error: (07/09/2023 11:55:48 AM) (Source: DCOM) (EventID: 10010) (User: HTR)
Description: Der Server "{628ACE20-B77A-456F-A88D-547DB6CEEDD5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/09/2023 10:16:18 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {b8254bba-7337-4c52-8082-cfd4f2424c9b}" ist das Ereignis "74" aufgetreten.
CodeIntegrity:
===============
Date: 2023-07-09 18:08:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.1.21\symamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Insyde Corp. V1.13 07/29/2022
Hauptplatine: TGL Sangria_TL
Prozessor: 11th Gen Intel(R) Core(TM) i7-11370H @ 3.30GHz
Prozentuale Nutzung des RAM: 55%
Installierter physikalischer RAM: 16179.3 MB
Verfügbarer physikalischer RAM: 7276.97 MB
Summe virtueller Speicher: 17203.3 MB
Verfügbarer virtueller Speicher: 7148.46 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:475.67 GB) (Free:120.83 GB) (Model: NVMe WDC PC SN530 SDBPNPZ-512G-1114) NTFS
\\?\Volume{e5535db4-9f3e-4daf-b9fc-c030b385aa2a}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.48 GB) NTFS
\\?\Volume{4ec376b2-6c66-463a-9c97-2fd0a3877093}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
==================== MBR & Partitionstabelle ====================
==================== Ende von Addition.txt =======================
Code:
ATTFilter Kategorie: Scanergebnisse
Datum/Uhrzeit,Risiko,Aktivität,Status,Scandauer (T:S:M:S),Insgesamt gescannte Elemente,Dateien und Verzeichnisse,Registrierungseinträge,Prozesse und Startobjekte,Netzwerk- und Browserelemente,Andere,Vertrauenswürdige Dateien,Übersprungene Dateien,Insgesamt erkannte Sicherheitsrisiken,Insgesamt behobene Sicherheitsrisiken,"Sicherkeitsrisiken insgesamt, die ein Eingreifen erfordern",Sicherheitsrisiko,Sicherheitsrisiko behoben
09.07.2023 14:27:02,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,12.607,7.898,654,3.338,604,113,808,78,0,0,0,,
,,,,,,,,,,,,,,,,,,
09.07.2023 12:46:48,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,12.566,7.877,652,3.313,611,113,793,78,0,0,0,,
09.07.2023 11:55:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:17,12.453,7.871,652,3.206,611,113,789,76,0,0,0,,
08.07.2023 17:09:38,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:03:33,14.533,8.547,652,4.610,611,113,1.411,0,0,0,0,,
05.07.2023 12:22:46,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:31:07,12.516,7.880,652,3.267,604,113,802,0,0,0,0,,
02.07.2023 22:18:40,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:26:06,12.496,7.881,652,3.246,604,113,804,0,0,0,0,,
30.06.2023 17:43:25,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:42,12.501,7.879,652,3.253,604,113,803,0,0,0,0,,
29.06.2023 21:01:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:39,12.513,7.884,656,3.256,604,113,807,0,0,0,0,,
29.06.2023 19:34:46,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,12.551,7.887,656,3.291,604,113,809,0,0,0,0,,
29.06.2023 19:10:24,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,12.536,7.884,656,3.279,604,113,807,0,0,0,0,,
28.06.2023 18:00:35,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:37,12.546,7.887,652,3.290,604,113,807,0,0,0,0,,
23.06.2023 19:48:59,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:05,12.310,7.761,652,3.173,611,113,784,71,0,0,0,,
23.06.2023 15:04:27,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:41,12.422,7.779,652,3.274,604,113,800,0,0,0,0,,
23.06.2023 12:24:16,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:39,12.414,7.781,652,3.264,604,113,749,0,0,0,0,,
22.06.2023 18:52:23,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:44,12.418,7.780,652,3.269,604,113,748,0,0,0,0,,
20.06.2023 18:34:05,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:38,12.222,7.599,652,3.254,604,113,806,0,0,0,0,,
20.06.2023 17:30:24,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:41,12.174,7.597,652,3.208,604,113,802,0,0,0,0,,
18.06.2023 21:46:01,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:36,12.267,7.627,652,3.271,604,113,932,67,0,0,0,,
14.06.2023 19:21:50,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:21:07,11.944,7.291,652,3.284,604,113,810,0,0,0,0,,
12.06.2023 21:11:37,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:39,11.818,7.204,652,3.245,604,113,807,0,0,0,0,,
12.06.2023 18:48:19,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:18:09,11.819,7.203,652,3.247,604,113,805,0,0,0,0,,
09.06.2023 21:17:35,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:11:16,11.838,7.153,652,3.316,604,113,807,0,0,0,0,,
09.06.2023 12:01:13,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:03:37,11.763,7.234,652,3.153,611,113,832,26,0,0,0,,
09.06.2023 10:07:14,Infos,Schnellscan - Ergebnisse,Abgebrochen,0:00:00:28,1.657,447,0,1.210,0,0,417,0,0,0,0,,
08.06.2023 12:25:53,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:22:09,11.824,7.152,652,3.303,604,113,805,0,0,0,0,,
08.06.2023 09:26:17,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:39:37,11.722,7.232,652,3.121,604,113,837,60,0,0,0,,
07.06.2023 12:18:04,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,11.827,7.141,652,3.317,604,113,812,0,0,0,0,,
05.06.2023 12:03:07,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:41,11.902,7.146,654,3.385,604,113,817,0,0,0,0,,
04.06.2023 17:39:36,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:36,11.808,7.136,652,3.303,604,113,806,0,0,0,0,,
01.06.2023 18:12:34,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:49,11.776,7.122,652,3.285,604,113,810,0,0,0,0,,
31.05.2023 19:59:39,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:51,11.752,7.119,652,3.264,604,113,807,0,0,0,0,,
29.05.2023 21:28:20,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,11.810,7.124,654,3.315,604,113,812,0,0,0,0,,
28.05.2023 19:44:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:41,11.536,7.087,646,3.086,604,113,775,57,0,0,0,,
28.05.2023 14:36:58,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:39,11.761,7.118,646,3.280,604,113,735,0,0,0,0,,
25.05.2023 18:29:43,Infos,Schnellscan - Ergebnisse,Abgebrochen,0:00:00:16,3.598,939,610,1.922,14,113,802,135,0,0,0,,
25.05.2023 14:07:18,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:15:11,11.653,7.115,644,3.177,604,113,726,3,0,0,0,,
24.05.2023 19:00:09,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:41,11.854,7.217,648,3.272,604,113,898,0,0,0,0,,
23.05.2023 10:51:03,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:11:09,11.778,7.118,644,3.299,604,113,845,0,0,0,0,,
21.05.2023 20:29:30,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:39,11.773,7.120,644,3.292,604,113,847,0,0,0,0,,
20.05.2023 18:39:30,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:48,11.865,7.214,648,3.286,604,113,887,0,0,0,0,,
11.05.2023 17:56:44,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:17:05,11.688,7.112,644,3.215,604,113,841,0,0,0,0,,
11.05.2023 16:22:15,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:34,11.527,7.081,644,3.078,611,113,811,28,0,0,0,,
11.05.2023 16:18:20,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:08:50,11.803,7.170,644,3.272,604,113,900,0,0,0,0,,
10.05.2023 22:37:22,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:21:15,11.767,7.122,644,3.284,604,113,850,0,0,0,0,,
09.05.2023 17:29:48,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:19:12,11.728,7.117,644,3.250,604,113,845,0,0,0,0,,
09.05.2023 11:09:43,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:33,11.807,7.208,644,3.238,604,113,888,0,0,0,0,,
06.05.2023 17:08:41,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:32,11.740,7.120,644,3.259,604,113,848,0,0,0,0,,
06.05.2023 17:05:27,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:35,12.024,7.251,644,3.412,604,113,976,0,0,0,0,,
02.05.2023 21:39:04,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:38,11.770,7.120,644,3.289,604,113,848,0,0,0,0,,
29.04.2023 14:22:33,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:36,11.628,7.100,655,3.156,604,113,828,0,0,0,0,,
28.04.2023 10:37:58,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:13:02,11.503,7.078,655,3.053,604,113,809,19,0,0,0,,
27.04.2023 09:43:00,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:34,11.893,7.207,659,3.303,611,113,933,24,0,0,0,,
27.04.2023 09:41:21,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:15,11.812,7.267,655,3.173,604,113,948,6,0,0,0,,
24.04.2023 09:59:06,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:29,11.662,7.110,655,3.180,604,113,839,0,0,0,0,,
21.04.2023 10:23:00,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:36,11.677,7.112,655,3.193,604,113,840,0,0,0,0,,
21.04.2023 01:06:00,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:02:45,10.869,6.892,655,2.605,604,113,818,0,0,0,0,,
21.04.2023 00:05:02,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:10:41,10.875,6.893,655,2.610,604,113,815,0,0,0,0,,
19.04.2023 20:53:31,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:35,11.770,7.118,655,3.280,604,113,834,0,0,0,0,,
17.04.2023 21:15:17,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:41,11.703,7.115,655,3.216,604,113,831,0,0,0,0,,
17.04.2023 17:39:31,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,11.681,7.117,655,3.192,604,113,785,0,0,0,0,,
17.04.2023 12:16:27,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:44,12.096,7.249,655,3.475,604,113,962,0,0,0,0,,
12.04.2023 22:31:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,11.791,7.117,655,3.302,604,113,830,0,0,0,0,,
12.04.2023 22:30:10,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:39,11.566,7.078,655,3.116,604,113,785,51,0,0,0,,
12.04.2023 21:48:06,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:25,11.946,7.211,655,3.356,611,113,919,42,0,0,0,,
09.04.2023 17:34:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:42,11.594,7.097,657,3.123,604,113,812,0,0,0,0,,
08.04.2023 19:37:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:25:43,11.772,7.117,655,3.283,604,113,831,0,0,0,0,,
07.04.2023 20:15:02,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:45,11.592,7.081,655,3.139,604,113,797,34,0,0,0,,
07.04.2023 11:53:00,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,11.802,7.114,654,3.317,604,113,829,0,0,0,0,,
07.04.2023 11:51:50,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,11.820,7.117,654,3.332,604,113,831,0,0,0,0,,
06.04.2023 19:55:16,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:38,11.809,7.115,654,3.323,604,113,829,0,0,0,0,,
06.04.2023 19:53:11,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:33,11.922,7.208,654,3.343,604,113,875,0,0,0,0,,
01.04.2023 17:43:48,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,11.975,7.182,658,3.418,604,113,896,0,0,0,0,,
29.03.2023 15:37:34,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:54,11.659,7.172,654,3.109,611,113,889,42,0,0,0,,
29.03.2023 15:22:18,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,11.800,7.119,654,3.310,604,113,834,0,0,0,0,,
27.03.2023 19:31:59,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:50,11.767,7.120,656,3.273,604,114,835,0,0,0,0,,
27.03.2023 16:59:33,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:25:02,11.691,7.146,656,3.171,604,114,863,36,0,0,0,,
24.03.2023 18:22:54,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:14:29,11.818,7.120,656,3.324,604,114,835,0,0,0,0,,
24.03.2023 11:32:45,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:06:22,11.744,7.119,656,3.251,604,114,833,0,0,0,0,,
23.03.2023 12:41:56,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:19:25,11.616,7.088,658,3.152,604,114,803,18,0,0,0,,
19.03.2023 22:09:53,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:42,11.783,7.101,656,3.308,604,114,803,0,0,0,0,,
16.03.2023 17:32:24,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:01:07:11,11.868,7.102,678,3.370,604,114,805,0,0,0,0,,
16.03.2023 15:14:50,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:38,11.819,7.102,678,3.321,604,114,800,0,0,0,0,,
15.03.2023 10:07:36,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,11.734,7.096,674,3.246,604,114,830,0,0,0,0,,
10.03.2023 09:56:01,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:40,11.720,7.095,674,3.234,604,113,836,0,0,0,0,,
09.03.2023 17:47:26,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:15:59,11.860,7.102,674,3.367,604,113,843,0,0,0,0,,
08.03.2023 20:01:38,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:43,11.794,7.102,677,3.298,604,113,837,0,0,0,0,,
06.03.2023 22:35:54,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:41,11.754,7.094,673,3.270,604,113,835,0,0,0,0,,
21.02.2023 17:24:28,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:37,11.517,7.066,627,3.106,604,114,819,0,0,0,0,,
21.02.2023 10:57:15,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:13:58,11.629,7.077,627,3.207,604,114,787,7,0,0,0,,
19.02.2023 17:54:29,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:25:20,11.572,7.075,627,3.152,604,114,830,0,0,0,0,,
18.02.2023 19:38:58,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:00:24,11.558,7.079,627,3.135,604,113,585,138,1,1,0,1,1
12.02.2023 14:13:41,Infos,Schnellscan - Ergebnisse,Abgeschlossen,0:00:01:52,11.493,7.090,548,3.136,606,113,117,1,0,0,0,,
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 09.07.23
Scan-Zeit: 13:05
Protokolldatei: 7be94982-1e48-11ee-81a8-3ce9f7e7c169.json
-Softwaredaten-
Version: 4.5.32.271
Komponentenversion: 1.0.2051
Version des Aktualisierungspakets: 1.0.72137
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 11 (Build 22621.1848)
CPU: x64
Dateisystem: NTFS
Benutzer: HTR\Heinz
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 256787
Erkannte Bedrohungen: 5
In die Quarantäne verschobene Bedrohungen: 5
Abgelaufene Zeit: 1 Min., 10 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 5
PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-3774415946-2383157043-3044040638-1001\$RCTOCQ7.EXE, In Quarantäne, 6894, 562568, 1.0.72137, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B
PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-3774415946-2383157043-3044040638-1001\$R15EP0T.EXE, In Quarantäne, 6894, 562568, 1.0.72137, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B
PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-3774415946-2383157043-3044040638-1001\$R5I0XUC.EXE, In Quarantäne, 6894, 562568, 1.0.72137, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B
PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-3774415946-2383157043-3044040638-1001\$RFEKN51.EXE, In Quarantäne, 6894, 562568, 1.0.72137, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B
PUP.Optional.ChipDe, C:\$RECYCLE.BIN\S-1-5-21-3774415946-2383157043-3044040638-1001\$RG0P0T5.EXE, In Quarantäne, 6894, 562568, 1.0.72137, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Heinrich |
|
09.07.2023, 17:57
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenwarnung durch websvs.co.inZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
09.07.2023, 18:09
| #5 |
| | Virenwarnung durch websvs.co.in Hallo Cosinus, vielen Dank für die schnelle Rückmeldung. Alle 3 genannten Programme werden auf einem privaten Laptop für den 1-Frau-Betrieb meiner Ehefrau benötigt. |
|
09.07.2023, 18:23
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenwarnung durch websvs.co.in Alles klar, ich verstehe. Selbstverständlich helfen wir Kleinbetrieben Mach bitte nun weiter mit adwCleaner: adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner zwecks Kontrolle bitte wiederholen, falls es Funde gab.
__________________ --> Virenwarnung durch websvs.co.in |
|
10.07.2023, 17:54
| #7 |
| | Virenwarnung durch websvs.co.in Vielen Dank, hier die LOG-Dateien. Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-10-2023
# Duration: 00:00:01
# OS: Windows 11 (Build 22621.1928)
# Cleaned: 13
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Heinz\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\APP EXPLORER
***** [ Registry ] *****
Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8CE6E63-7A79-4A42-8321-F567BBB1FC1A}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5329 octets] - [10/07/2023 18:43:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-10-2023
# Duration: 00:00:04
# OS: Windows 11 (Build 22621.1928)
# Scanned: 32080
# Detected: 36
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Adware.pokki C:\Users\Default\AppData\Local\Host App Service
Adware.pokki C:\Users\Heinz\AppData\Local\Host App Service
Adware.pokki C:\Users\Public\App Explorer
***** [ Files ] *****
Adware.pokki C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
Adware.pokki C:\Windows\System32\Tasks\APP EXPLORER
***** [ Registry ] *****
Adware.pokki HKCU\Software\App Host Service
Adware.pokki HKCU\Software\Host App Service
Adware.pokki HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8CE6E63-7A79-4A42-8321-F567BBB1FC1A}
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D17532F-F0E6-4E56-BFF8-751A8A3AF982}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D79F00C-BA34-4324-917E-112A33C83BF0}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D17532F-F0E6-4E56-BFF8-751A8A3AF982}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AFB52E98-7597-4484-9202-58F0FD3512ED}
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCE0376C-794D-41B4-854C-47EB7E1D323F}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerQuickAccessService Folder C:\Program Files\ACER\QUICK ACCESS SERVICE
Preinstalled.AcerQuickAccessService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB25551C-74EF-4BAB-9989-891517FCF9FF}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54851851-A4C2-4B12-A1C9-7A801CC8F99E}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9B3CA6F-4ADB-4D1C-B335-14044044D0F8}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UEIPInvitation
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UEIPINVITATION
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.UserExperienceImprovementProgramService Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM SERVICE\FRAMEWORK
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
|
|
10.07.2023, 23:28
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenwarnung durch websvs.co.in Bitte adwCleaner wiederholen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.07.2023, 10:28
| #9 |
| | Virenwarnung durch websvs.co.in Die Virenwarnung erscheint weiterhin, offenbar ist das Problem noch nicht gelöst. Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-15-2023
# Duration: 00:00:01
# OS: Windows 11 (Build 22621.1928)
# Cleaned: 23
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D17532F-F0E6-4E56-BFF8-751A8A3AF982}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D79F00C-BA34-4324-917E-112A33C83BF0}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D17532F-F0E6-4E56-BFF8-751A8A3AF982}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Deleted Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AFB52E98-7597-4484-9202-58F0FD3512ED}
Deleted Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Deleted Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Deleted Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCE0376C-794D-41B4-854C-47EB7E1D323F}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Deleted Preinstalled.AcerQuickAccessService Folder C:\Program Files\ACER\QUICK ACCESS SERVICE
Deleted Preinstalled.AcerQuickAccessService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB25551C-74EF-4BAB-9989-891517FCF9FF}
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54851851-A4C2-4B12-A1C9-7A801CC8F99E}
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9B3CA6F-4ADB-4D1C-B335-14044044D0F8}
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UEIPInvitation
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Deleted Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Deleted Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UEIPINVITATION
Deleted Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Deleted Preinstalled.UserExperienceImprovementProgramService Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM SERVICE\FRAMEWORK
Needs Reboot Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Program Files (x86)\ACER\CARE CENTER
*************************
AdwCleaner[S00].txt - [5329 octets] - [10/07/2023 18:43:40]
AdwCleaner[C00].txt - [2512 octets] - [10/07/2023 18:44:58]
AdwCleaner[S01].txt - [4308 octets] - [15/07/2023 11:18:22]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
|
|
15.07.2023, 12:57
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenwarnung durch websvs.co.in Ich hab auch nicht gesgat, dass wir schon fertig seien. adwCleaner bitte wiederholen, da wurde immer noch was gefunden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.07.2023, 13:22
| #11 |
| | Virenwarnung durch websvs.co.inCode:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-15-2023
# Duration: 00:00:00
# OS: Windows 11 (Build 22621.1992)
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5329 octets] - [10/07/2023 18:43:40]
AdwCleaner[C00].txt - [2512 octets] - [10/07/2023 18:44:58]
AdwCleaner[S01].txt - [4308 octets] - [15/07/2023 11:18:22]
AdwCleaner[C01].txt - [4978 octets] - [15/07/2023 11:18:58]
AdwCleaner[S02].txt - [1712 octets] - [15/07/2023 14:20:02]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-15-2023
# Duration: 00:00:04
# OS: Windows 11 (Build 22621.1992)
# Scanned: 32076
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [5329 octets] - [10/07/2023 18:43:40]
AdwCleaner[C00].txt - [2512 octets] - [10/07/2023 18:44:58]
AdwCleaner[S01].txt - [4308 octets] - [15/07/2023 11:18:22]
AdwCleaner[C01].txt - [4978 octets] - [15/07/2023 11:18:58]
AdwCleaner[S02].txt - [1712 octets] - [15/07/2023 14:20:02]
AdwCleaner[C02].txt - [1913 octets] - [15/07/2023 14:20:15]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
Geändert von Heinrich55 (15.07.2023 um 13:30 Uhr) |
|
15.07.2023, 13:31
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenwarnung durch websvs.co.in Gut. Dann bitte jetzt neue FRST-Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.07.2023, 16:28
| #13 |
| | Virenwarnung durch websvs.co.inCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2023
durchgeführt von Heinz (Administrator) auf HTR (Acer Swift SF316-51) (15-07-2023 17:26:26)
Gestartet von C:\Users\Heinz\Downloads\FRST64.exe
Geladene Profile: Heinz
Plattform: Microsoft Windows 11 Home Version 22H2 22621.1992 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Users\Heinz\Downloads\adwcleaner.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2112.32.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Users\Heinz\Downloads\adwcleaner.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_e3868713e3d137ef\esif_uf.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.23.4.6\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.23.4.6\nsWscSvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftTeams_23167.1300.2174.9186_x64__8wekyb3d8bbwe\msteamsupdate.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe [1262512 2021-06-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [558144 2020-12-15] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [414432 2023-03-14] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2607536 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\Run: [MicrosoftEdgeAutoLaunch_D2E8542DDDEBFF636897817371F35F7C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\MountPoints2: {f4a34dfe-bb98-11ed-b128-3ce9f7e7c169} - "D:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [Norton Download ManagerFORCE_UPGRADE_22_22_9] => C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui /instversion "22.22.9" (Keine Datei)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PDFCreator: C:\Windows\system32\pdfcmnnt.dll [87040 2005-03-12] () [Datei ist nicht signiert]
Startup: C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon MX490 series Printer.lnk [2023-07-15]
ShortcutAndArgument: Canon IJ Status Monitor Canon MX490 series Printer.lnk -> C:\Windows\system32\rundll32.exe => "C:\Users\Heinz\CNMSSC~1.DLL",SMStarterEntryPoint LPT1:;Canon MX490 series Printer;cnmss Canon MX490 series Printer (Local).dll;Canon IJ Status Monitor Canon MX490 series Printer.lnk
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00C1CB4C-4013-43B4-A3B3-9FA6C674FEE8} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Keine Datei)
Task: {909C9B34-C9A2-473C-8B0F-51228640E5FA} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {549AD1C3-0C12-402B-B7DC-24F57339639E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616792 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {019111CD-26C3-48AB-B951-E18FBB8DE797} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616792 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F518B8E-E19F-4421-B62F-53423FA4C853} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {33AB6707-0B8E-4629-B933-4E0E1116BB17} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158664 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {27BE13A2-5B5C-4734-AF73-9A8076E81D44} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [164752 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {06CC9D5A-BA5A-4B80-B3EA-303FC559B4B4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {336A7833-DF39-4E36-982B-97EF45CBD033} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Autofix => C:\Program Files\Norton Security\Engine\22.23.4.6\SymErr.exe [379024 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {D5D6C19E-8FCA-4AD9-9FDD-B06976572C12} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Analyzer => C:\Program Files\Norton Security\Engine\22.23.4.6\SymErr.exe [379024 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {BBB51FD1-34EE-4174-9E39-EED426600D89} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Processor => C:\Program Files\Norton Security\Engine\22.23.4.6\SymErr.exe [379024 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {9C1075EE-481C-4A63-BDFD-B9BD19F5CAD3} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.23.4.6\WSCStub.exe [646520 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {42EA0A94-0283-4A4E-A53B-7E2DA4788B76} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (Keine Datei)
Task: {4BD30EC5-CA49-4BCF-8018-E788717A3ED2} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-22] (Acer Incorporated -> )
Task: {3D740331-AC06-4F87-A9E9-DB8CDB4B77F8} - System32\Tasks\Oem\xvpnHelperTask => C:\Users\Heinz\AppData\Local\OEM\PromoX\XvpnHelper\XvpnInstaller.exe [70016 2022-10-24] (Acer Incorporated -> )
Task: {51F86D31-F53E-40AB-94BA-8A003CB43D66} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125616 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {683D3C7A-270C-4B90-BAD9-8152A9632442} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3774415946-2383157043-3044040638-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125616 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8E98854-C93E-4404-A9CF-6D9D521CE9C3} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Ultra\Upgrade.exe [2353000 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {AD0804EC-04C6-49B8-8587-9DCE94DB8E9E} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-03-01] (Acer Incorporated -> Acer Incorporated)
Task: {A1FC2F21-C369-4A0A-8659-3443CCAE410F} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2021-03-29] (Acer Incorporated -> Microsoft)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9488c15e-b339-44a4-9085-4584ff6f1e23}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Heinz\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-15]
Edge Notifications: Default -> hxxps://websvs.co.in
Edge Extension: (Edge relevant text changes) - C:\Users\Heinz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-25]
FireFox:
========
FF DefaultProfile: sk6g5hu0.default
FF ProfilePath: C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\sk6g5hu0.default [2023-02-12]
FF ProfilePath: C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release [2023-07-15]
FF Homepage: Mozilla\Firefox\Profiles\0v7o52re.default-release -> hxxps://www.bing.com/?PC=L621
FF Extension: (Language: Deutsch (German)) - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release\Extensions\langpack-de@firefox.mozilla.org.xpi [2023-07-13]
FF Extension: (uBlock Origin) - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\0v7o52re.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-06-14]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11851144 2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
S2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [210872 2021-03-21] (DTS, Inc. -> DTS Inc.)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\elfoService.exe [1283336 2017-06-15] (Bayerisches Landesamt fuer Steuern -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncHelper.exe [3447712 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
S2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_e5855ce1805681c2\\AS\\IAS\\IntelAudioService.exe [539832 ] (Intel Corporation -> Intel)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [74464 2023-03-14] (Haufe-Lexware GmbH & Co. KG -> Haufe-Lexware GmbH & Co. KG)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9266864 2023-07-09] (Malwarebytes Inc. -> Malwarebytes)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.23.4.6\NortonSecurity.exe [344888 2023-05-10] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.23.4.6\nsWscSvc.exe [1059176 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.137.0702.0001\OneDriveUpdaterService.exe [3783584 2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [558144 2020-12-15] (geek software GmbH -> geek software GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ACCSvc; "C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe" [X]
S3 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-01] (Acer Incorporated -> Acer Incorporated)
S3 AcxHdAudio; C:\Windows\System32\drivers\AcxHdAudio.sys [561152 2023-07-09] (Microsoft Windows -> Microsoft Corporation)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.22.9.11\Definitions\BASHDefs\20230713.001\BHDrvx64.sys [1696736 2023-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2022-07-05] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2022-07-05] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-07-05] (Microsoft Corporation) [Datei ist nicht signiert]
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1617040.006\ccSetx64.sys [198280 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2023-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2023-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\Windows\System32\drivers\fse.sys [218464 2023-02-20] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_ab87bf17a571e523\iaLPSS2_I2C_TGL.sys [197272 2020-08-12] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_b6ea3d48ee329530\iaLPSS2_SPI_TGL.sys [155816 2020-08-12] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_1a8e964d43720594\iaLPSS2_UART2_TGL.sys [310440 2020-08-12] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1544912 2021-08-29] (Intel Corporation -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.22.9.11\Definitions\IPSDefs\20230714.062\IDSvia64.sys [1527816 2023-02-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 IntcSDW; C:\Windows\System32\DriverStore\FileRepository\intcsdw.inf_amd64_c447f3ebbd1456bd\IntcSDW.sys [864336 2021-05-17] (Intel Corporation -> Intel(R) Corporation)
R3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_781687200d129207\IntcUSB.sys [1668672 2021-05-17] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84880 2020-11-06] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-07-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [233216 2023-07-15] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77752 2023-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181984 2023-07-15] (Malwarebytes Inc. -> Malwarebytes)
S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\1617040.006\nsvst.sys [57120 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 rtux64w10; C:\Windows\System32\DriverStore\FileRepository\rtux64w10.inf_amd64_03831aeaaa2c730e\rtux64w10.sys [683520 2022-05-07] (Microsoft Windows -> Realtek Corporation)
R3 SRTSP; C:\Windows\System32\drivers\NGCx64\1617040.006\SRTSP64.SYS [956048 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1617040.006\SRTSPX64.SYS [52872 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1617040.006\SYMEFASI64.SYS [2180248 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1617040.006\SymELAM.sys [36016 2023-05-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Broadcom)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100328 2022-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.22.9.11\SymPlatform\SymEvnt.sys [722400 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1617040.006\Ironx64.SYS [306824 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1617040.006\symnets.sys [492728 2023-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2022-10-18] (Microsoft Windows -> )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49608 2023-03-28] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [495896 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1617040.006\wpCtrlDrv.sys [1016792 2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-07-15 17:26 - 2023-07-15 17:26 - 000000000 ____D C:\Users\Heinz\Downloads\FRST-OlderVersion
2023-07-15 12:32 - 2023-07-15 12:32 - 000000000 ____D C:\Windows\system32\Tasks\Remediation
2023-07-15 11:27 - 2023-07-15 16:57 - 000000000 ____D C:\Windows\system32\Tasks\Norton Security Ultra
2023-07-15 11:27 - 2023-07-15 11:27 - 000761564 _____ C:\Windows\system32\perfh007.dat
2023-07-15 11:27 - 2023-07-15 11:27 - 000157732 _____ C:\Windows\system32\perfc007.dat
2023-07-15 11:21 - 2023-07-15 11:21 - 000233216 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2023-07-15 11:21 - 2023-07-15 11:21 - 000181984 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-07-15 11:20 - 2023-07-15 11:20 - 000003374 _____ C:\Windows\system32\Tasks\Norton WSC Integration
2023-07-15 11:20 - 2023-07-15 11:20 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2023-07-15 10:54 - 2023-07-15 10:54 - 000033719 _____ C:\Users\Heinz\Downloads\DHL-Paketmarke_AAMABHYL4HN80_Martin_Vahlbruch.pdf
2023-07-14 17:49 - 2023-07-14 17:49 - 000025005 _____ C:\Users\Heinz\Downloads\Fund_Holdings_INV_LU2365458145_de.xlsx
2023-07-13 20:25 - 2023-07-13 20:25 - 000026656 _____ C:\Users\Heinz\Downloads\Persoenliche_Nachricht_20230713-1.pdf
2023-07-13 20:23 - 2023-07-13 20:23 - 000026179 _____ C:\Users\Heinz\Downloads\Persoenliche_Nachricht_20230713.pdf
2023-07-13 11:00 - 2023-07-13 11:00 - 000141661 _____ C:\Users\Heinz\Downloads\23RN133484.PDF
2023-07-11 10:50 - 2023-07-11 10:50 - 000030457 _____ C:\Users\Heinz\Downloads\2023-05-05__Rechnung_0661748496.pdf
2023-07-10 20:55 - 2023-07-10 20:55 - 000004506 _____ C:\Users\Heinz\Downloads\1087463459(2).csv
2023-07-10 20:27 - 2023-07-10 20:27 - 000030455 _____ C:\Users\Heinz\Downloads\2023-03-06__Rechnung_0661453991.pdf
2023-07-10 20:27 - 2023-07-10 20:27 - 000030455 _____ C:\Users\Heinz\Downloads\2023-01-05__Rechnung_0661106309.pdf
2023-07-10 20:25 - 2023-07-10 20:25 - 000030455 _____ C:\Users\Heinz\Downloads\2023-04-05__Rechnung_0661606912.pdf
2023-07-10 18:42 - 2023-07-10 18:44 - 000000000 ____D C:\AdwCleaner
2023-07-10 18:39 - 2023-07-10 18:42 - 008791352 _____ (Malwarebytes) C:\Users\Heinz\Downloads\adwcleaner.exe
2023-07-09 18:50 - 2023-07-09 18:50 - 000002616 _____ C:\Users\Heinz\Desktop\Scan-Ergebnisse Malwarebytes.txt
2023-07-09 18:41 - 2023-07-09 18:41 - 000023426 _____ C:\Users\Heinz\Desktop\Scanergebnisse.txt
2023-07-09 18:21 - 2023-07-09 18:23 - 000032531 _____ C:\Users\Heinz\Downloads\Addition.txt
2023-07-09 18:20 - 2023-07-15 17:26 - 000023343 _____ C:\Users\Heinz\Downloads\FRST.txt
2023-07-09 18:20 - 2023-07-15 17:26 - 000000000 ____D C:\FRST
2023-07-09 18:18 - 2023-07-15 17:26 - 002384384 _____ (Farbar) C:\Users\Heinz\Downloads\FRST64.exe
2023-07-09 13:04 - 2023-07-15 11:22 - 000000000 ____D C:\Users\Heinz\AppData\Local\Malwarebytes
2023-07-09 13:04 - 2023-07-09 13:04 - 000000000 ____D C:\Users\Heinz\AppData\Local\mbam
2023-07-09 13:03 - 2023-07-09 13:03 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-07-09 13:03 - 2023-07-09 13:03 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-07-09 13:03 - 2023-07-09 13:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-07-09 13:03 - 2023-07-09 13:03 - 000000000 ____D C:\Program Files\Malwarebytes
2023-07-09 13:00 - 2023-07-09 13:00 - 002649072 _____ (Malwarebytes) C:\Users\Heinz\Downloads\MBSetup.exe
2023-07-09 12:16 - 2023-07-09 12:16 - 000070672 _____ C:\Users\Heinz\Downloads\0907231216.pdf
2023-07-06 18:53 - 2023-07-06 18:59 - 000003788 _____ C:\Users\Heinz\Downloads\1087463459(1).csv
2023-07-05 21:19 - 2023-07-05 21:19 - 000109772 _____ C:\Users\Heinz\Downloads\invoice_nordic-nest_2023-06-02_e590-1.pdf
2023-07-05 21:18 - 2023-07-05 21:18 - 000109769 _____ C:\Users\Heinz\Downloads\invoice_nordic-nest_2023-06-02_e590.pdf
2023-07-04 22:46 - 2023-07-04 22:46 - 000020696 _____ C:\Users\Heinz\Downloads\IQQH_holdings.csv
2023-07-04 22:46 - 2023-07-04 22:46 - 000020696 _____ C:\Users\Heinz\Downloads\IQQH_holdings(1).csv
2023-07-03 21:26 - 2023-07-03 21:26 - 000200967 _____ C:\Users\Heinz\Downloads\Serienbrief_2058740466_2023-05-24_MKK_fbcff34c-0505-487d-96bf-578a69efd6fe.pdf
2023-07-03 21:23 - 2023-07-03 21:23 - 000028409 _____ C:\Users\Heinz\Downloads\Untitled.pdf
2023-07-03 21:21 - 2023-07-03 21:21 - 000054289 _____ C:\Users\Heinz\Downloads\Kontoauszug_205721067700EUR_2023-06-30_KK_205721067700KD401E05070100501479457.pdf
2023-07-03 18:45 - 2023-07-03 18:45 - 000014234 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230703_184522.csv
2023-07-02 17:53 - 2023-07-02 17:53 - 000002709 _____ C:\Users\Heinz\Downloads\Energiebilanz_2023_06.csv
2023-07-01 14:13 - 2023-07-01 14:13 - 000001688 _____ C:\Users\Heinz\Downloads\1087463459.csv
2023-06-28 07:52 - 2023-06-28 07:52 - 000012100 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230628_075201.csv
2023-06-26 22:26 - 2023-06-26 22:26 - 000342240 _____ C:\Windows\SysWOW64\LxDNT121.dll
2023-06-26 22:26 - 2023-06-26 22:26 - 000233184 _____ C:\Windows\SysWOW64\LXPrnUtil10.dll
2023-06-26 22:26 - 2023-06-26 22:26 - 000161504 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxReportManage.ocx
2023-06-26 22:26 - 2023-06-26 22:26 - 000148192 _____ C:\Windows\SysWOW64\LxDNTvmc121.dll
2023-06-26 22:26 - 2023-06-26 22:26 - 000083680 _____ C:\Windows\SysWOW64\LxDNTvm121.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 004971232 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxXtreme130.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 001262304 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxTool200.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 000220384 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxBasics200.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 000132832 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxMail200.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 000095456 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxPXTree200.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 000093920 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxCI20.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 000080608 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LXCurr200.dll
2023-06-26 20:35 - 2023-06-26 20:35 - 000053472 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxTPSW200.dll
2023-06-25 19:50 - 2023-06-25 19:50 - 000119008 _____ (Haufe-Lexware GmbH & Co. KG) C:\Windows\SysWOW64\LxUISettingsN200.dll
2023-06-23 15:54 - 2023-06-23 15:54 - 000005623 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230623_155427.csv
2023-06-23 14:02 - 2023-06-23 14:02 - 000326734 _____ C:\Users\Heinz\Downloads\Zusammenfassung Kontowechsel-1.pdf
2023-06-23 12:04 - 2023-06-23 12:04 - 000109029 _____ C:\Users\Heinz\Downloads\Zusammenfassung Kontowechsel.pdf
2023-06-22 11:15 - 2023-07-15 11:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-06-21 12:58 - 2023-06-21 12:58 - 000038918 _____ C:\Users\Heinz\Downloads\DHL-Paketmarke_EZLNSVGND5890_Michael_Grünke.pdf
2023-06-19 20:35 - 2023-06-19 20:38 - 000002554 _____ C:\Users\Heinz\Downloads\Umsatzanzeige_DE80500105170773411765_20230619.csv
2023-06-19 20:24 - 2023-06-19 20:24 - 000263070 _____ C:\Users\Heinz\Downloads\Direkt_Depot_8011141080_Abrechnung_Kauf_LU1861136247_Order_297890447_001_20230616.pdf
2023-06-19 20:23 - 2023-06-19 20:23 - 000263067 _____ C:\Users\Heinz\Downloads\Direkt_Depot_8011141080_Abrechnung_Kauf_IE00BJ0KDQ92_Order_298006742_001_20230616-1.pdf
2023-06-19 20:22 - 2023-06-19 20:22 - 000263067 _____ C:\Users\Heinz\Downloads\Direkt_Depot_8011141080_Abrechnung_Kauf_IE00BJ0KDQ92_Order_298006742_001_20230616.pdf
2023-06-18 12:40 - 2023-06-18 12:40 - 000001426 _____ C:\Users\Heinz\Downloads\watchlist.csv
2023-06-16 21:40 - 2023-06-16 21:40 - 004235819 _____ C:\Users\Heinz\Downloads\ubs-etf-visa-stamped-prospectus.pdf
2023-06-16 21:40 - 2023-06-16 21:40 - 000050990 _____ C:\Users\Heinz\Downloads\kiid-LU0950674332-de.pdf
2023-06-15 17:56 - 2023-06-15 17:56 - 000074776 _____ C:\Users\Heinz\Downloads\Synthetische Fondszusammensetzung_Amundi MSCI Europe Small Cap ESG Climate Net Zero Ambition CTB UCITS ETF Acc_LU1681041544_13_06_2023.xlsx
2023-06-15 14:29 - 2023-06-15 14:29 - 000045741 _____ C:\Users\Heinz\Downloads\Kontoumsaetze_205_7210677_00_20230615_122925.csv
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-07-15 17:23 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-15 17:21 - 2022-10-18 01:57 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-07-15 14:31 - 2023-02-12 15:44 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-15 14:20 - 2022-10-18 02:30 - 000000000 ____D C:\Program Files (x86)\Acer
2023-07-15 12:58 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2023-07-15 12:32 - 2023-02-17 21:12 - 000000000 ____D C:\Program Files\Common Files\AV
2023-07-15 11:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2023-07-15 11:27 - 2022-10-18 02:04 - 001754668 _____ C:\Windows\system32\PerfStringBackup.INI
2023-07-15 11:27 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2023-07-15 11:25 - 2023-02-12 14:45 - 000000000 ____D C:\Users\Heinz\AppData\Local\Packages
2023-07-15 11:25 - 2023-02-11 18:38 - 000000000 ____D C:\ProgramData\Packages
2023-07-15 11:25 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-15 11:22 - 2023-02-12 14:47 - 000000000 ___RD C:\Users\Heinz\OneDrive
2023-07-15 11:21 - 2023-02-12 14:45 - 000000000 __SHD C:\Users\Heinz\IntelGraphicsProfiles
2023-07-15 11:21 - 2022-10-18 01:57 - 000012288 ___SH C:\DumpStack.log.tmp
2023-07-15 11:21 - 2022-10-18 01:57 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2023-07-15 11:21 - 2022-10-18 01:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-07-15 11:21 - 2022-10-18 01:57 - 000000000 ___HD C:\Intel
2023-07-15 11:21 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2023-07-15 11:20 - 2022-10-18 02:35 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2023-07-15 11:20 - 2022-10-18 01:57 - 000483120 _____ C:\Windows\system32\FNTCACHE.DAT
2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS
2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\setup
2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-07-15 11:20 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2023-07-15 11:20 - 2022-05-07 07:17 - 000524288 _____ C:\Windows\system32\config\BBI
2023-07-15 11:19 - 2023-02-18 15:42 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-07-15 11:19 - 2022-10-18 02:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-15 11:18 - 2022-10-18 02:32 - 000000000 ____D C:\Program Files\Acer
2023-07-15 11:18 - 2022-10-18 02:30 - 000000000 ____D C:\ProgramData\Acer
2023-07-15 10:50 - 2022-10-18 01:57 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-14 22:14 - 2023-02-12 14:45 - 000000000 ____D C:\Users\Heinz\AppData\Local\D3DSCache
2023-07-14 22:10 - 2023-02-12 14:59 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\Microsoft\Excel
2023-07-14 21:15 - 2023-02-12 15:45 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\Microsoft\Office
2023-07-14 17:28 - 2023-02-18 17:41 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\Microsoft\Word
2023-07-14 17:03 - 2023-02-12 16:11 - 000000000 ____D C:\Users\Heinz\AppData\Local\CrashDumps
2023-07-13 11:23 - 2023-02-15 21:04 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-07-13 11:23 - 2023-02-15 21:04 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-13 11:23 - 2023-02-12 14:47 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3774415946-2383157043-3044040638-1001
2023-07-13 10:53 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2023-07-13 10:51 - 2023-02-12 15:51 - 000000000 ____D C:\Windows\system32\MRT
2023-07-13 10:48 - 2023-02-12 15:51 - 173351160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-07-13 09:58 - 2022-10-18 02:31 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-07-12 21:09 - 2023-02-22 18:24 - 000000000 ____D C:\ProgramData\Lexware
2023-07-09 19:18 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-07-09 19:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2023-07-09 19:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\migwiz
2023-07-09 19:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\DDFs
2023-07-09 19:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser
2023-07-09 19:18 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2023-07-09 19:08 - 2022-10-18 02:02 - 003211776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-07-09 16:30 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\NDF
2023-07-09 13:15 - 2022-05-07 07:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-07-09 13:03 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-07-07 18:03 - 2023-02-23 12:50 - 000000000 ____D C:\Users\Heinz\AppData\Local\ElevatedDiagnostics
2023-07-07 17:56 - 2023-02-12 14:27 - 000000000 ____D C:\Users\Heinz
2023-07-06 18:35 - 2023-02-22 18:29 - 000002247 _____ C:\Users\Public\Desktop\Lexware buchhaltung.lnk
2023-07-06 18:35 - 2023-02-22 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2023-07-06 18:35 - 2022-10-18 02:32 - 000000000 ____D C:\ProgramData\Package Cache
2023-07-06 18:28 - 2022-10-18 01:57 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-06 18:28 - 2022-10-18 01:57 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-06 08:41 - 2022-10-18 02:33 - 000000000 ____D C:\Program Files\Microsoft Office
2023-07-06 08:33 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2023-07-01 14:49 - 2023-05-29 18:52 - 000000000 ____D C:\Users\Heinz\AppData\Roaming\vlc
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\WUModels
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism
2023-06-22 11:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2023-06-22 11:17 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-07-07 17:56 - 2014-09-10 06:00 - 000106496 _____ (CANON INC.) C:\Users\Heinz\cnmss Canon MX490 series Printer (Local).dll
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-07-2023
durchgeführt von Heinz (15-07-2023 17:27:15)
Gestartet von C:\Users\Heinz\Downloads
Microsoft Windows 11 Home Version 22H2 22621.1992 (X64) (2023-02-11 16:38:48)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-3774415946-2383157043-3044040638-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3774415946-2383157043-3044040638-503 - Limited - Disabled)
Gast (S-1-5-21-3774415946-2383157043-3044040638-501 - Limited - Disabled)
Heinz (S-1-5-21-3774415946-2383157043-3044040638-1001 - Administrator - Enabled) => C:\Users\Heinz
WDAGUtilityAccount (S-1-5-21-3774415946-2383157043-3044040638-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security Ultra (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
FW: Norton Security Ultra (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
ElsterFormular (HKLM-x32\...\{80B76B12-92BE-4177-BB7B-070AAEED239B}) (Version: 18.4.1 - Thüringer Landesfinanzdirektion)
ExpressVPN (HKLM-x32\...\{5B1D5290-DC0D-43D1-8220-8BB29BDDA0BE}) (Version: 2.5.22300.30 - Acer)
Lexware buchhalter 2023 (HKLM-x32\...\{2DDAC478-5E03-456F-A534-51E795778EBE}) (Version: 28.07.00.0337 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware buchhaltung plus 2023 (HKLM-x32\...\{773dbd33-b64b-440a-b530-18bb9c2ef9fb}) (Version: 28.7.0.239 - Haufe-Lexware GmbH & Co. KG)
Lexware EasyArchive 2023 (HKLM-x32\...\{BCCD6706-BDCF-437C-8079-305ED891091A}) (Version: 8.02.00.0171 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2023 (HKLM-x32\...\{57286E5F-1704-4309-846F-852C65F30848}) (Version: 23.03.00.0352 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2023 (HKLM-x32\...\{c375d4c4-b145-49aa-bb65-2dba05fbc847}) (Version: 23.3.0.258 - Haufe-Lexware GmbH & Co. KG)
Lexware FolderPermission 2023 (HKLM-x32\...\{CF7B7E51-2475-4102-934D-C09300DA5E7C}) (Version: 5.02.00.0211 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service 2023 (HKLM-x32\...\{D46EC7B4-83EE-436B-8DF2-576C5BD593BC}) (Version: 23.01.00.0200 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst 2023 (HKLM-x32\...\{14F7538D-3BE1-4E9A-BA85-C436FB46BB0A}) (Version: 12.01.00.0184 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking 2023 (HKLM-x32\...\{C9495433-F6BF-4355-8051-756BD8D51682}) (Version: 30.04.00.0223 - Haufe-Lexware GmbH & Co.KG) Hidden
Malwarebytes version 4.5.32.271 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.32.271 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.82 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.79 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.16529.20154 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.137.0702.0001 - Microsoft Corporation)
Microsoft OneNote - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.16529.20154 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e52a6842-b0ac-476e-b48f-378a97a67346}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.10.25017 (HKLM\...\{E512788E-C50B-3858-A4B9-73AD5F3F9E93}) (Version: 14.10.25017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.10.25017 (HKLM\...\{8D4F7A6D-6B81-3DC8-9C21-6008E4866727}) (Version: 14.10.25017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 115.0.2 (x64 en-US)) (Version: 115.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0 - Mozilla)
Norton Security Ultra (HKLM-x32\...\NGC) (Version: 22.23.4.6 - NortonLifeLock Inc)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20154 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20154 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16529.20154 - Microsoft Corporation) Hidden
PDF24 Creator 10.0.7 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.7 - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.9 - Frank Heindörfer, Philip Chinery)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
TAXMAN 2023 (HKLM-x32\...\{C8AF0B55-2410-4F16-81B3-946ABA364FDA}) (Version: 28.28.59 - Haufe-Lexware GmbH & Co.KG)
User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3016 - Acer Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3030.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)
Any Word to PDF -> C:\Program Files\WindowsApps\AnywaySoftInc.AnyWordtoPDF_1.2.8.0_x64__0qkrc2qacwvfm [2023-02-21] (AnywaySoft, Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-02-23] (Canon Inc.)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3046.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)
DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.9.0_x64__t5j2fzbtdg37r [2023-02-12] (DTS, Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-02-12] (INTEL CORP)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.50332.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.D3DMappingLayers_1.2201.1.0_x64__8wekyb3d8bbwe [2023-02-12] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2023-02-21] (Microsoft Corporation)
ms-resource:gameName -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.3899848563C1F_1.0.81.0_x64__kx24dqmazqk8j [2023-02-12] (Random Salad Games LLC)
ms-resource:GameTitle -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.12.89.0_x64__kx24dqmazqk8j [2023-02-12] (Random Salad Games LLC)
ms-resource:OEMAppName -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.2.0_x64__xbfy0k16fey96 [2023-02-12] (Dropbox Inc.)
ms-resource:PACKAGE_DISPLAY_NAME -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2023-02-12] (INTEL CORP)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt [2023-02-12] (INTEL CORP) [Startup Task]
Norton Security -> C:\Program Files\Norton Security\Engine\22.23.4.6 [2023-07-15] (NortonLifeLock Inc.)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3044.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2023-02-12] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0 [2023-02-12] (Spotify AB) [Startup Task]
User Experience Improvement Program V5 -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgramV_5.0.3016.0_x64__48frkmn4z8aw4 [2023-02-12] (Acer Incorporated)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.4.6\NavShExt.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.4.6\NavShExt.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-09] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.137.0702.0001\FileSyncShell64.dll [2023-07-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.4.6\buShell.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-09] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.4.6\NavShExt.dll [2023-05-10] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2023-02-21 21:41 - 2005-03-12 01:07 - 000087040 _____ () [Datei ist nicht signiert] C:\Windows\System32\pdfcmnnt.dll
2022-10-18 02:33 - 2022-10-18 02:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2022-10-18 02:33 - 2022-10-18 02:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Heinz\Downloads\adwcleaner.exe:MBAM.Zone.Identifier [141]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-07-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 ____N C:\Windows\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run32: => "LexwareInfoService"
HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3774415946-2383157043-3044040638-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D2E8542DDDEBFF636897817371F35F7C"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{23A321A7-6086-4800-A4FE-C8C1AA9DFD4D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{29E56D7E-0E93-416D-B555-B9B90223E456}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CD877A6B-8840-4A4C-A1BF-151F755CB747}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E8266791-E65D-44C8-A0D9-98BD180E60BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{19B385ED-EA80-4F4C-A036-750EB663F7AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13E9812A-2461-4162-B101-F8A03A1EC1FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2CD333F6-8E4A-4868-8657-1702955FA5F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{722815D3-AC46-4D95-8F4D-444B508247A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E81B3C14-8FD1-41EB-BBE7-C3792ADA0A2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A3F2EB9E-CFC8-41AE-BACE-E42BD499EDB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.204.912.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B6D38968-06AE-4763-A7D0-5F9D07202C99}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29587350-3534-45AB-8835-E93D3945DEE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D58D08D9-934D-448B-B525-FAD35196EFB0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{408AEDCC-4E5F-4AE5-BC67-F47EAA741487}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6AA5E224-2660-476F-AA55-96A52165ABEE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1886E52-EE37-4D10-97FC-5C5B1F503AE5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.79\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1929428-C8CE-4F1B-834A-C84A257342C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23167.1300.2174.9186_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EBFC7126-919A-4246-937B-7D6F501D9C3A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23167.1300.2174.9186_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:475.67 GB) (Free:118.69 GB) (25%)
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (07/15/2023 05:23:45 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (07/14/2023 07:25:06 PM) (Source: Application Hang) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Das Programm Microsoft.Photos.exe Version 21.21030.25003.0 hat aufgehört mit Windows zu interagieren und wurde geschlossen. Weitere Informationen zum Problem finden Sie im Problemverlauf in der Systemsteuerung „Sicherheit und Wartung“.
Error: (07/14/2023 05:09:22 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (07/14/2023 05:03:53 PM) (Source: Application Error) (EventID: 1000) (User: HTR)
Description: Name der fehlerhaften Anwendung: GameBar.exe, Version: 0.0.0.0, Zeitstempel: 0x623b79fe
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.22621.1928, Zeitstempel: 0x0fee6cd5
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000000c07f3
ID des fehlerhaften Prozesses: 0x0x21b0
Startzeit der fehlerhaften Anwendung: 0x0x1d9b66466bb763d
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.622.3232.0_x64__8wekyb3d8bbwe\GameBar.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\twinapi.appcore.dll
Berichtskennung: 3a58373d-069d-4d64-9557-8565af5f5e29
Vollständiger Name des fehlerhaften Pakets: Microsoft.XboxGamingOverlay_2.622.3232.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (07/14/2023 05:03:21 PM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Error: (07/13/2023 07:52:41 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (07/13/2023 07:46:40 PM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Error: (07/13/2023 09:20:20 AM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Systemfehler:
=============
Error: (07/15/2023 02:20:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office Click-to-Run Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/15/2023 02:20:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Lexware Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/15/2023 02:20:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "FileSyncHelper" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/15/2023 02:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "PDF24" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/15/2023 02:20:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Realtek Audio Universal Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/15/2023 02:20:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Audio Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/15/2023 02:20:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Content Protection HDCP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/15/2023 02:20:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Graphics Command Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===============
Date: 2023-07-15 17:25:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.4.6\symamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-15 17:21:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.4.6\symamsi.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Insyde Corp. V1.13 07/29/2022
Hauptplatine: TGL Sangria_TL
Prozessor: 11th Gen Intel(R) Core(TM) i7-11370H @ 3.30GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 16179.3 MB
Verfügbarer physikalischer RAM: 9741.84 MB
Summe virtueller Speicher: 17203.3 MB
Verfügbarer virtueller Speicher: 10670.61 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:475.67 GB) (Free:118.69 GB) (Model: NVMe WDC PC SN530 SDBPNPZ-512G-1114) NTFS
\\?\Volume{e5535db4-9f3e-4daf-b9fc-c030b385aa2a}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.42 GB) NTFS
\\?\Volume{4ec376b2-6c66-463a-9c97-2fd0a3877093}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: E75A8308)
Partition: GPT.
==================== Ende von Addition.txt =======================
|
|
15.07.2023, 20:51
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virenwarnung durch websvs.co.in Kontrollscans mit MBAM und RK Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.07.2023, 10:07
| #15 |
| | Virenwarnung durch websvs.co.inCode:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 16.07.23
Scan-Zeit: 10:56
Protokolldatei: a079ddb6-23b6-11ee-b18c-3ce9f7e7c169.json
-Softwaredaten-
Version: 4.5.32.271
Komponentenversion: 1.0.2051
Version des Aktualisierungspakets: 1.0.72497
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 11 (Build 22621.1992)
CPU: x64
Dateisystem: NTFS
Benutzer: HTR\Heinz
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 256626
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 1 Min., 14 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Program : RogueKiller Anti-Malware
Version : 15.11.0.0
x64 : Yes
Program Date : Jun 22 2023
Location : C:\Users\Heinz\Downloads\RogueKiller_portable64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 11 (10.0.22621) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : Heinz
User is Admin : Yes
Date : 2023/07/16 09:05:10
Type : Scan
Aborted : No
Scan Mode : Standard
Duration : 284
Found items : 0
Total scanned : 104823
Signatures Version : 20230704_071208
Truesight Driver : Yes
Updates Count : 4
************************* Warnings *************************
************************* Updates *************************
VLC media player (64-bit), version 3.0.16
[+] Available Version : 3.0.18
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\VideoLAN\VLC
PDF24 Creator 10.0.7 (64-bit), version 10.0.7
[+] Available Version : 11.13.2
[+] Size : 220 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\PDF24\
PDFCreator (32-bit), version 0.9.9
[+] Available Version : 5.1.1
[+] Wow6432 : Yes
[+] Portable : No
ExpressVPN (32-bit), version 2.5.22300.30
[+] Available Version : 12.53.0.32
[+] Size : 913 KB
[+] Wow6432 : Yes
[+] Portable : No
************************* Processes *************************
************************* Modules *************************
************************* Services *************************
************************* Scheduled Tasks *************************
************************* Registry *************************
************************* WMI *************************
************************* Hosts File *************************
is_too_big : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts
************************* Filesystem *************************
************************* Web Browsers *************************
************************* Antirootkit *************************
|
|
| Themen zu Virenwarnung durch websvs.co.in |
| analysieren, antwort, ebenfalls, erhalte, erhalten, erkannt, gen, guten, heute, hinweis, installiert, laptop, malwarebytes, melde, meldungen, norton, programm, schei, screenshot, verdächtige, verdächtige elemente, viren, virenwarnung, warnung, zusammen |
Linear-Darstellung
