Win 11 Auf Facebook Warnmeldung hereingefallen, PC läuft langsamer , MS Defender wird blockiert

Bernd Brot · 28.05.2025, 09:10

Bitteschön:

Code:

ATTFilter

# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #
# DoesNotBelong v7.8.5
# Furtivex Computer Solutions - https://furtivex.net
# OS: Microsoft Windows 11 Pro x64 24H2 Deutsch (German) - 0407 - 1252 - 850
# Benutzername: emqi- (S-1-5-21-76596380-2333717119-1847427047-1003)
# Datum: 2025_05_28__09_48_03
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #



# Prozesse:

# Treiber:

# Dienste:

# Dateien:

C:\Windows\System32\perfc007.dat
C:\Windows\System32\perfc009.dat
C:\Windows\System32\perfh007.dat
C:\Windows\System32\perfh009.dat

# Ordner:

# Aufgaben:

AMD Install Manager - Check For Updates
AMDInstallLauncher
AMDRyzenMasterSDKTask
EOSv3 Scheduler onLogOn
EOSv3 Scheduler onTime
Launch Adobe CCXProcess
Microsoft\Office\Office Apps Prewarm
Microsoft\Office\Office Apps Prewarm Recurring
Microsoft\Office\Office Automatic Updates 2.0
Microsoft\Office\Office Background Push Maintenance
Microsoft\Office\Office ClickToRun Service Monitor
Microsoft\Office\Office Feature Updates
Microsoft\Office\Office Feature Updates Logon
Microsoft\Office\Office Performance Monitor
Microsoft\Windows\AccountHealth\RecoverabilityToastTask
Microsoft\Windows\AppID\EDP Policy Manager
Microsoft\Windows\Application Experience\MareBackup
Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser
Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Exp
Microsoft\Windows\Application Experience\PcaPatchDbTask
Microsoft\Windows\Application Experience\SdbinstMergeDbTask
Microsoft\Windows\Application Experience\StartupAppTask
Microsoft\Windows\ApplicationData\appuriverifierdaily
Microsoft\Windows\ApplicationData\appuriverifierinstall
Microsoft\Windows\ApplicationData\DsSvcCleanup
Microsoft\Windows\Autochk\Proxy
Microsoft\Windows\capabilityaccessmanager\maintenancetasks
Microsoft\Windows\Chkdsk\ProactiveScan
Microsoft\Windows\CloudExperienceHost\CreateObjectTask
Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask
Microsoft\Windows\Containers\CmCleanup
Microsoft\Windows\Customer Experience Improvement Program\Consolidator
Microsoft\Windows\Customer Experience Improvement Program\UsbCeip
Microsoft\Windows\Defrag\ScheduledDefrag
Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner
Microsoft\Windows\Diagnosis\Scheduled
Microsoft\Windows\Diagnosis\UnexpectedCodepath
Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector
Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
Microsoft\Windows\DiskFootprint\Diagnostics
Microsoft\Windows\DiskFootprint\StorageSense
Microsoft\Windows\Feedback\Siuf\DmClient
Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload
Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting
Microsoft\Windows\Flighting\FeatureConfig\ReconcileConfigs
Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing
Microsoft\Windows\Flighting\FeatureConfig\UsageDataReceiver
Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting
Microsoft\Windows\Flighting\OneSettings\RefreshCache
Microsoft\Windows\input\RemoteMouseSyncDataAvailable
Microsoft\Windows\input\RemotePenSyncDataAvailable
Microsoft\Windows\input\RemoteTouchpadSyncDataAvailable
Microsoft\Windows\InstallService\RestoreDevice
Microsoft\Windows\InstallService\ScanForUpdates
Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Microsoft\Windows\InstallService\SmartRetry
Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Microsoft\Windows\Maintenance\WinSAT
Microsoft\Windows\Maps\MapsToastTask
Microsoft\Windows\Maps\MapsUpdateTask
Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Microsoft\Windows\Network Connectivity Status Indicator\NcsiIdentifyUserProxies
Microsoft\Windows\PerformanceTrace\RequestTrace
Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Microsoft\Windows\PushToInstall\LoginCheck
Microsoft\Windows\PushToInstall\Registration
Microsoft\Windows\ReFsDedupSvc\Initialization
Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask
Microsoft\Windows\Servicing\OOBEFodSetup
Microsoft\Windows\Shell\CreateObjectTask
Microsoft\Windows\Shell\FamilySafetyMonitor
Microsoft\Windows\Shell\FamilySafetyRefreshTask
Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Microsoft\Windows\Shell\ThemesSyncedImageDownload
Microsoft\Windows\Subscription\EnableLicenseAcquisition
Microsoft\Windows\Subscription\LicenseAcquisition
Microsoft\Windows\Sustainability\PowerGridForecastTask
Microsoft\Windows\Sustainability\SustainabilityTelemetry
Microsoft\Windows\TPM\Tpm-PreAttestationHealthCheck
Microsoft\Windows\User Profile Service\HiveUploadTask
Microsoft\Windows\Windows Media Sharing\UpdateLibrary
Microsoft\Windows\WindowsAI\Recall\InitialConfiguration
Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration
Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache
Microsoft\Windows\WindowsUpdate\Scheduled Start
Microsoft\Windows\WlanSvc\CDSSync
Microsoft\Windows\WOF\WIM-Hash-Management
Microsoft\Windows\WOF\WIM-Hash-Validation
Microsoft\Windows\WwanSvc\NotificationTask
Microsoft\Windows\WwanSvc\OobeDiscovery
Microsoft\XblGameSave\XblGameSaveTask
MicrosoftEdgeUpdateTaskMachineCore{0314DEF4-2C78-42E3-98D2-7EF5DB5F46A6}
MicrosoftEdgeUpdateTaskMachineUA{323B8279-7486-43E6-B26C-D4E2B6221AA6}
ModifyLinkUpdate
Mozilla\Firefox Background Update S-1-5-21-76596380-2333717119-1847427047-1003 308046B0AF4A39CB
Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB
StartCN
StartDVR

# Registrierung:

HKLM\Software\Microsoft\Tracing\MSI_Driver_Utility_Installer_RASAPI32
HKLM\Software\Microsoft\Tracing\MSI_Driver_Utility_Installer_RASMANCS
HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\\SubscribedContent-338389Enabled
HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\\SystemPaneSuggestionsEnabled [1] => [0]
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AMDNoiseSuppression
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MicrosoftEdgeAutoLaunch_3753AF0C68244FA81F8581C5B5045ECE
HKLM\System\CurrentControlSet\Control\CrashControl\\AutoReboot [1] => [0]

# Caches:

C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex (67)
C:\Users\emqi-\AppData\Local\D3DSCache (14)
C:\Users\emqi-\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data (2789)
C:\Users\emqi-\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js (3443)
C:\Users\emqi-\AppData\Local\Microsoft\TokenBroker\Cache (24)
C:\Users\emqi-\AppData\Local\Microsoft\Windows\INetCache\IE (5)
C:\Users\emqi-\AppData\Local\Mozilla\Firefox\Profiles\<Profile>\cache2\entries (2864)
C:\Users\emqi-\AppData\Roaming\Mozilla\Firefox\Profiles\<Profile>\shader-cache (38)
C:\Windows\System32\config\systemprofile\AppData\Local (1348)
C:\Windows\System32\config\systemprofile\AppData\Local\D3DSCache (4)

# Verschiedenes:

AntiVirus Software: Windows Defender
Wiederherstellungspunkt: Does Not Belong PRESCAN - Erstellt

HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity
    Enabled    REG_DWORD    0x1


HKLM\Software\Microsoft\Windows Defender\Exclusions\Extensions

HKLM\Software\Microsoft\Windows Defender\Exclusions\IpAddresses

HKLM\Software\Microsoft\Windows Defender\Exclusions\Paths

HKLM\Software\Microsoft\Windows Defender\Exclusions\Processes

HKLM\Software\Microsoft\Windows Defender\Exclusions\TemporaryPaths

C:\FRST\Quarantine\C\Windows\Prefetch\AVIRA.SPOTLIGHT.BOOTSTRAPPER.-4A5AABF5.pf.xBAD		<50577>		<2025-05-14 21:38:59>
C:\FRST\Quarantine\C\Windows\Prefetch\AVIRA.SPOTLIGHT.BOOTSTRAPPER.-7AEF070C.pf.xBAD		<42929>		<2025-05-16 07:53:33>
C:\FRST\Quarantine\C\Windows\Prefetch\AVIRA.SPOTLIGHT.UI.ADMINISTRA-80E1237E.pf.xBAD		<46134>		<2025-05-16 07:53:41>
C:\FRST\Quarantine\C\Windows\Prefetch\AVIRA.SPOTLIGHT.UI.APPLICATIO-17D20DBA.pf.xBAD		<55674>		<2025-05-15 04:37:53>
C:\FRST\Quarantine\C\Windows\Prefetch\AVIRA.SPOTLIGHT.UI.APPLICATIO-8506823E.pf.xBAD		<49482>		<2025-05-15 15:24:40>
C:\FRST\Quarantine\C\Windows\Prefetch\AVIRA_OPTIMIZER_HOST.TMP-6E50DB22.pf.xBAD		<15992>		<2025-05-14 21:39:23>
C:\FRST\Quarantine\C\Windows\Prefetch\AVIRA_SPOTLIGHT_SETUP_PAVWWS.-8DBC0226.pf.xBAD		<33687>		<2025-05-14 21:39:13>
C:\FRST\Quarantine\C\Windows\Prefetch\AVIRA_SYSTEM_SPEEDUP.TMP-40918EEC.pf.xBAD		<39680>		<2025-05-14 21:39:21>
C:\FRST\Quarantine\C\Windows\System32\Drivers\etc\hosts.xBAD		<27>		<2024-04-01 07:26:16>
C:\FRST\Quarantine\C\Windows\SystemTemp\Avira_Spotlight_Bootstrapper_2025-05-15_06-32-44.log.xBAD		<9223>		<2025-05-15 04:32:44>
C:\FRST\Quarantine\C\Windows\SystemTemp\Avira_Spotlight_Bootstrapper_2025-05-15_16-27-00.log.xBAD		<11205>		<2025-05-15 14:27:00>
C:\FRST\Quarantine\C\Windows\SystemTemp\Avira_Spotlight_Bootstrapper_2025-05-16_09-47-11.log.xBAD		<9223>		<2025-05-16 07:47:11>
C:\Users\emqi-\AppData\Local\CrashDumps\ESETOnlineScanner.exe.11468.dmp		<1589254>		<2025-05-25 20:36:51>
C:\Users\emqi-\AppData\Local\CrashDumps\ESETOnlineScanner.exe.1188.dmp		<1457406>		<2025-05-04 11:45:18>
C:\Users\emqi-\AppData\Local\CrashDumps\ESETOnlineScanner.exe.22300.dmp		<1546368>		<2025-05-22 17:55:13>
C:\Users\emqi-\AppData\Local\CrashDumps\Lightroom.exe.1436.dmp		<49724236>		<2025-05-10 00:55:47>
C:\Users\emqi-\AppData\Local\CrashDumps\Lightroom.exe.21280.dmp		<54667092>		<2025-04-18 17:43:12>
C:\Users\emqi-\AppData\Local\CrashDumps\Lightroom.exe.21664.dmp		<47105808>		<2025-04-08 17:24:15>
C:\Users\emqi-\AppData\Local\CrashDumps\WacomCenterUI.exe.1196.dmp		<11399045>		<2025-05-10 06:10:59>
C:\Users\emqi-\AppData\Local\CrashDumps\WacomCenterUI.exe.13012.dmp		<11171772>		<2025-04-11 17:20:07>
C:\Users\emqi-\AppData\Local\CrashDumps\WacomCenterUI.exe.13408.dmp		<11198102>		<2025-04-11 07:55:47>
C:\Users\emqi-\AppData\Local\CrashDumps\WacomCenterUI.exe.3764.dmp		<11272288>		<2025-04-22 15:59:34>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\svchost.exe.3404.protected.dmp		<2282763>		<2025-03-24 22:05:05>
C:\Windows\System32\config\systemprofile\AppData\Local\CrashDumps\Wacom_Tablet.exe.19872.dmp		<3340242>		<2025-05-13 16:31:13>


# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #

Win 11 Auf Facebook Warnmeldung hereingefallen, PC läuft langsamer , MS Defender wird blockiert

Log-Analyse und Auswertung: Win 11 Auf Facebook Warnmeldung hereingefallen, PC läuft langsamer , MS Defender wird blockiert

Win 11 Auf Facebook Warnmeldung hereingefallen, PC läuft langsamer , MS Defender wird blockiert

Ähnliche Themen: Win 11 Auf Facebook Warnmeldung hereingefallen, PC läuft langsamer , MS Defender wird blockiert