| gandatronkea | 15.01.2022 18:10 |
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!
Hi Zusammen,
ich bekomme seit 3 Monaten ca 1x pro Monat einen Sicherheitsalarm von der Telekom per Email & Brief. Mit "Die folgende IP-Adresse war Ihrem Anschluss an dem genannten Zeitpunkt zugeordnet:"
IP-Adresse: 91.20.xx.xx
Zeitpunkt: 09.01.2022 11:07:17 MEZ
Ich habe dort angerufen und eine Telekom Frau meinte ich hätte drei Schädlinge mit dem Namen "Bamital; Matsnu & Nymaim" . Diese versenden von meiner IP Emails oder greifen wo drauf zu. ?!?!?!
Zu wissen: An den Zeitpunkten (wie oben) war mein PC aus und es könnten nur Saugroboter und 3 Smarte Steckdosen sein ?!
Das aller erste mal das diese Sicherheitswarnung kam war im September an einem Wochenende wo ich noch nicht mal zu-hause war ! 100%
Das macht mir große Angst.
Meine Unternehmungen:
FRST64.exe scan
Bitdefener scan
Smarte Steckdosen rausgezogen (am 09.01. waren sie nicht am Strom...)
Logfile vom Router
Könnt ihr weiterhelfen?
VIELEN DANK :)
Logfile vom Router vom letzten Zeitpunkt : 09.01.2022 11:07:17 Code:
09.01.2022 14:50:53 (NT101) Das Gerät mit der Firmware Version 010137.4.9.002.0 hat die IPv6 Systemzeit erfolgreich aktualisiert.
09.01.2022 14:32:33 (H001) DHCP ist aktiv: WLAN ESP11BAF2 50:02:91:11:ba:f2 191.168.2.153 255.255.255.0 191.168.2.1 191.168.2.1 1814400
09.01.2022 13:30:21 (W001) WLAN-Station vom <5.0> Ghz Frequenzband abgemeldet: Rechnername: <Galaxy-S9>, Mac-Adresse: <5E:F6:F4:F1:40:97>
09.01.2022 13:26:23 (H001) DHCP ist aktiv: WLAN Galaxy-S9-polzovatela-Olga 5e:f6:f4:f1:40:97 191.168.2.110 255.255.255.0 191.168.2.1 191.168.2.1 1814400
09.01.2022 13:26:21 (W019) WLAN-Anmeldung via <5.0> Ghz Frequenzband erfolgreich: Rechnername: <Galaxy-S9>, Mac-Adresse: <5E:F6:F4:F1:40:97> verbunden mit SSID <WLANimir P.> mit <5.0> Ghz Frequenzband
09.01.2022 12:22:27 (FW001) Firewall-Ereignis: Es wurde ein Ereignis [TCP SYN FLOOD IP] : erkannt. Als Absender wurde die Adresse 41.231.108.25 : 62022 identifiziert. Als Empfänger wurde die 91.20.70.45 : 8008 identifiziert.
09.01.2022 12:22:27 (FW001) Firewall-Ereignis: Es wurde ein Ereignis [TCP SYN FLOOD] : erkannt. Als Absender wurde die Adresse 41.231.108.25 : 1796 identifiziert. Als Empfänger wurde die 91.20.70.45 : 9 identifiziert.
09.01.2022 11:55:49 (GW004) WLAN-Anmeldung am Gastzugang wlan2.0 war erfolgreich: Rechnername:ESP02C440, Mac-Adresse: 50:02:91:02:C4:40.
09.01.2022 11:55:49 (GW005) WLAN-Abmeldung am Gastzugang wlan2.0 war erfolgreich: Rechnername:ESP02C440, Mac-Adresse: 50:02:91:02:C4:40, IPv4-address 191.168.2.154.
09.01.2022 10:59:14 (H001) DHCP ist aktiv: WLAN ESP02C440 50:02:91:02:c4:40 191.168.2.154 255.255.255.0 191.168.2.1 191.168.2.1 1814400
09.01.2022 09:17:16 (W001) WLAN-Station vom <5.0> Ghz Frequenzband abgemeldet: Rechnername: <10eNEW>, Mac-Adresse: <CE:35:6A:1A:6B:1D>
09.01.2022 09:14:27 (H001) DHCP ist aktiv: WLAN Galaxy-S10e ce:35:6a:1a:6b:1d 191.168.2.139 255.255.255.0 191.168.2.1 191.168.2.1 1814400
09.01.2022 09:14:26 (W019) WLAN-Anmeldung via <5.0> Ghz Frequenzband erfolgreich: Rechnername: <10eNEW>, Mac-Adresse: <CE:35:6A:1A:6B:1D> verbunden mit SSID <WLANimir P.> mit <5.0> Ghz Frequenzband
09.01.2022 08:50:53 (NT101) Das Gerät mit der Firmware Version 010137.4.9.002.0 hat die IPv6 Systemzeit erfolgreich aktualisiert.
09.01.2022 08:24:44 (GW004) WLAN-Anmeldung am Gastzugang wlan2.0 war erfolgreich: Rechnername:ESPC87408, Mac-Adresse: 10:52:1C:C8:74:08.
09.01.2022 08:24:43 (GW005) WLAN-Abmeldung am Gastzugang wlan2.0 war erfolgreich: Rechnername:ESPC87408, Mac-Adresse: 10:52:1C:C8:74:08, IPv4-address 191.168.2.152.
09.01.2022 08:21:15 (GW004) WLAN-Anmeldung am Gastzugang wlan2.0 war erfolgreich
FRST LOG Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2022
Ran by Micha (administrator) on MICHA (Micro-Star International Co., Ltd. MS-7C52) (15-01-2022 17:15:37)
Running from F:\DownloadFF
Loaded Profiles: Micha
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1415 (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373547.inf_amd64_5f3ab38efc92cf9f\B373550\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373547.inf_amd64_5f3ab38efc92cf9f\B373550\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\25.0.1.194\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\odscanui.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe
(Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
(Discord Inc. -> Discord Inc.) C:\Users\Micha\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\139.4.4896\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) F:\tmp\Games_nebenOrdner\Origin\OriginWebHelperService.exe
(GNE) [File not signed] C:\Program Files (x86)\Dual Monitor Tools\DMT.exe
(Károly Pados -> Károly Pados) C:\Program Files (x86)\TinyWall\TinyWall.exe <2>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <24>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe <2>
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8806688 2022-01-02] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Run: [Steam] => E:\Games\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Run: [GNE_DualMonitorTools] => C:\Program Files (x86)\Dual Monitor Tools\DMT.exe [705536 2016-02-01] (GNE) [File not signed]
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Run: [Spotify] => C:\Users\Micha\AppData\Roaming\Spotify\Spotify.exe [24731784 2021-11-26] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443968 2022-01-13] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Windows x64\Print Processors\us015PC: C:\Windows\System32\spool\prtprocs\x64\us015pc.dll [52088 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65488 2020-03-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\us015 Langmon: C:\WINDOWS\system32\us015lm.dll [31096 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-07] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03F121F6-7E76-4110-97D9-92E1E44F6290} - System32\Tasks\TinyWall Controller => C:\Program Files (x86)\TinyWall\TinyWall.exe [867080 2021-10-26] (Károly Pados -> Károly Pados)
Task: {0625CAC7-3A3A-459C-A6E1-07EC944912B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22840688 2021-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1037E8D6-3271-462F-A9CB-D1E0B8EA1AD1} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2021-11-10] (Advanced Micro Devices, Inc.) [File not signed]
Task: {283DC856-FBBE-45F8-9162-A46D560DBA91} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\25.0.1.194\WatchDog.exe [937064 2021-08-10] (Bitdefender SRL -> Bitdefender)
Task: {2CABB814-06F0-48DB-9205-1A242A47CDC8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {439C6CB5-5FDE-4A6D-960D-5F33C2AC04E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-14] (Google LLC -> Google LLC)
Task: {57577966-B261-4A82-9439-906F88176976} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (No File)
Task: {59162E6D-5F72-4338-AC33-D5CDA1D2144A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-11-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {5946F92B-A408-4C97-888F-16452112FBCA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6D147DFD-DCB6-4A0D-BF4B-D8D5424A7FD7} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-11-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {75356371-DFE8-4680-BACD-FD9A91A9A291} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F40635C-FAF2-4406-9E37-A6F8B9737977} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22840688 2021-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {81474BB0-0EDE-4B68-A2AC-ABA1D0978EE9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1620888 2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {85F253FE-C2C7-48D4-AA68-13B823427244} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {8CF4B3A5-4722-4695-9954-7E7BA705E6C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-14] (Google LLC -> Google LLC)
Task: {9D3AA858-539B-481A-ACA9-A6EB2835ADBF} - System32\Tasks\Opera scheduled assistant Autoupdate 1595762747 => C:\Users\Micha\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Micha\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A3FE6C0B-2F32-4894-B503-04854167112D} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-11-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {BA858A27-EC6A-4EF5-A814-3E8A48B266E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE4F282F-DF94-45C3-A578-48C41D3ACA87} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {C02B86F6-37BC-4AD3-ADEE-DC7501926B70} - System32\Tasks\Opera scheduled Autoupdate 1595762743 => C:\Users\Micha\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {D3FA36B6-FE75-4B44-8846-D9D18788B5AE} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-11-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {DE0C9987-099B-40F7-BC21-E32BBA359C03} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1175342-2B4B-4673-93A5-7EB80A7C6235} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {EA008909-2DB0-4228-9F3F-FA131D06B890} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [580696 2021-12-21] (Bitdefender SRL -> Bitdefender)
Task: {F7813658-A2BC-4C2D-BA40-B894000A6D98} - System32\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A} => C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe -> /i "C:\Users\Micha\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi" AI_SETUPEXEPATH="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe" SETUPEXEDIR="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\" ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS="1" PRIMARYFOLDER="APPDIR" ROOTDRIVE="E:\" AI_PREREQFILES="C:\Users\Micha\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites\Visual C++ Redistributable for Visual Studio 2015-2019\VC_redist.x64.exe" AI_PREREQDIRS="C:\Users\Micha\AppData\Roaming" AI_MISSING_PREREQS="Visual C++ Redistributable for Visual Studio 2017 x64" AI_SETUPEXEPATH="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe" SETUPEXEDIR="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\" AI_INSTALL="1" BIPROCESSTIME="2020-07-20T11:22:01.1731459Z" TARGETLOCKED="TRUE" TARGETDIR="E:\" APPDIR="C:\Program Files (x86)\Wizards of the Coast\MTGA\" AI_SETUPEXEPATH_ORIGINAL="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exeѤ/i C:\Users\Micha\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi AI_SETUPEXEPATH=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe SETUPEXEDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\ ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS=1 PRIMARYFOLDER=APPDIR ROOTDRIVE=E:\ AI_PREREQFILES=C:\Users\Micha\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites\Visual C++ Redistributable for Visual Studio 2015-2019\VC_redist.x64.exe AI_PREREQDIRS=C:\Users\Micha\AppData\Roaming AI_MISSING_PREREQS=Visual C++ Redistributable for Visual Studio 2017 x64 AI_SETUPEXEPATH=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe SETUPEXEDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\ AI_INSTALL=1 BIPROCESSTIME=2020-07-20T11:22:01.1731459Z TARGETLOCKED=TRUE TARGETDIR=E:\ APPDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\ AI_SETUPEXEPATH_ORIGINAL=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{aee9ba6a-ea49-42ba-bfef-0bc92c3370eb}: [NameServer] 1.1.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Micha\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-01]
FireFox:
========
FF DefaultProfile: 30kp1i8c.default
FF ProfilePath: C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\30kp1i8c.default [2021-02-02]
FF ProfilePath: C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release [2022-01-15]
FF DownloadDir: F:\DownloadFF
FF Notifications: Mozilla\Firefox\Profiles\kwlm1iu3.default-release -> hxxps://www.lieferando.de; hxxps://untap.in
FF Extension: (English United States Dictionary) - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release\Extensions\@unitedstatesenglishdictionary.xpi [2022-01-14]
FF Extension: (German Dictionary) - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release\Extensions\de-DE@dictionaries.addons.mozilla.org.xpi [2020-04-21]
FF Extension: (Privacy Badger) - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-11-29]
FF Extension: (uBlock Origin) - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-01-03]
FF Extension: (MetaMask) - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release\Extensions\webextension@metamask.io.xpi [2021-12-28]
FF Extension: (Nano Defender for Firefox) - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release\Extensions\{fcf60470-b210-4c17-969e-9ae01491071e}.xpi [2020-10-13]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2021-08-09] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-Tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-09-17] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2021-08-16] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2020-05-04] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-02-02] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-02-02] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default [2022-01-15]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.reddit.com
CHR Extension: (Präsentationen) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-14]
CHR Extension: (Docs) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-14]
CHR Extension: (Google Drive) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (YouTube) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-16]
CHR Extension: (Tabellen) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-14]
CHR Extension: (Binance Wallet) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2022-01-08]
CHR Extension: (Better Cardmarket (MTG) unofficial) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplghokcfgbdedalpmbmjlafpagclbef [2020-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-28]
CHR Extension: (Bitdefender Anti-Tracker) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2021-02-02]
CHR Extension: (polkadot{.js} extension) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-01-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (Nash Extension) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\onofpnbbkehpmmoabgpcpmigafmmnjhl [2021-04-06]
CHR Extension: (Google Mail) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [198256 2021-01-25] (Pango Inc. -> AnchorFree Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2021-12-21] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2021-12-21] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [256616 2021-10-04] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12121040 2021-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-01-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-03-17] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11174464 2022-01-13] (Logitech Inc -> Logitech, Inc.)
R2 MicronCacheMonitor; C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe [689152 2016-07-26] (Micron Technology, Inc.) [File not signed]
S3 Origin Client Service; F:\tmp\Games_nebenOrdner\Origin\OriginClientService.exe [2533952 2021-01-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; F:\tmp\Games_nebenOrdner\Origin\OriginWebHelperService.exe [3479112 2021-01-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [785512 2021-08-10] (Bitdefender SRL -> Bitdefender)
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2021-03-18] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TinyWall; C:\Program Files (x86)\TinyWall\TinyWall.exe [867080 2021-10-26] (Károly Pados -> Károly Pados)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [284760 2021-12-21] (Bitdefender SRL -> Bitdefender)
S3 VBoxSDS; I:\Programme_SSD\VirtualBox\VBoxSDS.exe [694016 2020-04-09] (Oracle Corporation -> Oracle Corporation)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2021-12-21] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [43336 2021-07-07] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_50fee1227e96ec14\amdsafd.sys [100792 2021-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0373547.inf_amd64_5f3ab38efc92cf9f\B373550\amdkmdag.sys [80536104 2021-11-11] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [3864480 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [800672 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [32152 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> © Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [55864 2021-11-30] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1188744 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [185312 2020-10-07] (Bitdefender SRL -> Bitdefender)
S3 ksaud; C:\WINDOWS\system32\drivers\ksaud.sys [2116824 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-06-28] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-06-28] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-06-28] (Logitech Inc -> Logitech)
R1 mtihint; C:\Windows\system32\Drivers\mtihint.sys [18504 2015-07-13] (Micron Technology, Inc. -> Micron Technology, Inc.) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [623008 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [237384 2020-04-09] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [248264 2020-04-09] (Oracle Corporation -> Oracle Corporation)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [483728 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-02-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-02-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-02-02] (Microsoft Windows -> Microsoft Corporation)
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-15 17:15 - 2022-01-15 17:16 - 000000000 ____D C:\FRST
2022-01-15 12:34 - 2022-01-15 12:34 - 000000000 ___HD C:\$WinREAgent
2022-01-13 18:44 - 2022-01-13 18:44 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2022-01-13 18:44 - 2022-01-13 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-01-13 18:44 - 2022-01-13 18:44 - 000000000 ____D C:\Program Files\LGHUB
2022-01-06 12:09 - 2022-01-06 12:13 - 000000000 ____D C:\Program Files\Sublime Text 3
2022-01-06 11:51 - 2022-01-06 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-01-02 00:57 - 2022-01-02 00:57 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-01-02 00:57 - 2022-01-02 00:57 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-01-02 00:57 - 2022-01-02 00:57 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-01-02 00:57 - 2022-01-02 00:57 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-12-28 09:44 - 2021-12-28 09:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-18 11:17 - 2021-12-18 11:17 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-18 09:00 - 2021-12-18 09:00 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-18 09:00 - 2021-12-18 09:00 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-18 08:59 - 2021-12-18 08:59 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-18 08:59 - 2021-12-18 08:59 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-15 17:15 - 2020-04-21 16:34 - 000000000 ____D C:\Users\Micha\AppData\Roaming\discord
2022-01-15 17:11 - 2020-04-08 19:31 - 000000000 ____D C:\Users\Micha\Documents\Outlook-Dateien
2022-01-15 17:06 - 2020-04-09 06:47 - 000000000 ____D C:\ProgramData\TinyWall
2022-01-15 17:02 - 2020-04-21 16:34 - 000000000 ____D C:\Users\Micha\AppData\Local\Discord
2022-01-15 16:57 - 2020-07-14 09:46 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-15 16:38 - 2021-11-22 13:28 - 000000000 ____D C:\Users\Micha\AppData\Local\LGHUB
2022-01-15 16:38 - 2020-07-12 04:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-15 15:15 - 2021-12-01 19:19 - 000000000 ____D C:\Users\Micha\Documents\Acrobat Pro DC 2020.006.20042
2022-01-15 14:05 - 2020-05-02 13:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-01-15 14:02 - 2020-07-12 04:09 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-15 14:02 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-15 12:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-15 11:19 - 2019-03-19 06:07 - 000000000 ____D C:\Users\Micha\AppData\Local\Packages
2022-01-15 10:58 - 2021-04-11 14:54 - 000003098 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2022-01-15 10:58 - 2020-04-14 12:48 - 000000000 ____D C:\Users\Micha\AppData\Roaming\WTablet
2022-01-14 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-14 17:52 - 2020-07-14 09:46 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-14 17:52 - 2020-07-14 09:46 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-14 17:48 - 2020-04-08 09:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-14 17:46 - 2020-04-08 09:42 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-13 19:35 - 2021-05-09 19:30 - 000000000 ____D C:\Users\Micha\AppData\Roaming\station-electron
2022-01-13 18:45 - 2021-11-22 13:29 - 000000000 ____D C:\Users\Micha\AppData\Roaming\LGHUB
2022-01-13 18:44 - 2020-04-08 19:37 - 000000000 ____D C:\Users\Micha\AppData\Local\Dropbox
2022-01-13 18:43 - 2020-07-12 04:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-13 18:43 - 2020-07-12 04:03 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-13 18:43 - 2020-04-08 14:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-13 18:43 - 2020-04-08 13:58 - 000000000 ____D C:\Users\Micha\AppData\LocalLow\Mozilla
2022-01-13 18:43 - 2020-04-08 13:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-13 18:43 - 2019-12-07 10:03 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2022-01-10 22:10 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-08 18:58 - 2020-11-20 11:10 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-08 18:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-08 18:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-07 21:16 - 2020-04-08 16:56 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-07 20:07 - 2020-07-14 09:48 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-07 20:07 - 2020-07-14 09:48 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-06 12:13 - 2020-04-23 15:59 - 000000000 ____D C:\Users\Micha\AppData\Local\Sublime Text 3
2022-01-06 11:51 - 2020-04-08 19:37 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-01-03 12:13 - 2021-11-20 17:16 - 000000000 ____D C:\Users\Micha\AppData\Roaming\Firefly
2022-01-03 12:07 - 2021-11-20 17:16 - 000002423 _____ C:\Users\Micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefly.lnk
2022-01-03 12:07 - 2021-11-20 17:16 - 000002415 _____ C:\Users\Micha\Desktop\Firefly.lnk
2022-01-03 11:38 - 2020-12-01 19:47 - 000000000 ____D C:\Users\Micha\AppData\Local\AMD_Common
2021-12-28 09:44 - 2020-04-08 13:58 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-18 11:18 - 2020-07-12 04:03 - 000482504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-18 11:17 - 2019-12-07 15:49 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-18 09:22 - 2020-07-12 04:07 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-12-18 09:03 - 2020-04-08 09:02 - 000000000 ____D C:\Users\Micha\AppData\Local\PlaceholderTileLogoFolder
2021-12-18 08:49 - 2021-11-23 12:23 - 000116200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2021-12-18 08:49 - 2020-05-17 12:53 - 002225640 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-12-18 08:49 - 2020-05-17 12:53 - 000333288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-12-18 08:49 - 2020-05-17 12:53 - 000217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-12-18 08:49 - 2020-05-17 12:53 - 000197048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-12-18 08:49 - 2020-05-17 12:53 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-12-18 08:49 - 2020-05-17 12:53 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-12-16 18:32 - 2020-05-08 07:31 - 000000117 ___RH C:\WINDOWS\ctfile.rfc
2021-12-16 18:10 - 2021-11-28 17:14 - 000000000 ____D C:\Users\Micha\AppData\Roaming\ASGARDEX
==================== Files in the root of some directories ========
2021-01-13 23:26 - 2021-01-13 23:26 - 000000048 ____H () C:\Program Files (x86)\idik7cmdwx.dat
2020-05-01 20:07 - 2020-05-01 20:07 - 000000410 _____ () C:\Users\Micha\AppData\Local\oobelibMkey.log
2021-11-18 11:32 - 2021-11-18 11:32 - 000004882 _____ () C:\Users\Micha\AppData\Local\recently-used.xbel
2020-08-11 17:39 - 2020-08-11 17:39 - 000000017 _____ () C:\Users\Micha\AppData\Local\resmon.resmoncfg
==================== FCheck ================================
(If an entry is included in the fixlist, the file/folder will be moved.)
FCheck: C:\WINDOWS\system32\xactengine2_8.dll [2007-06-20] <==== ATTENTION (zero byte File/Folder)
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
ADDITION LOG Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2022
Ran by Micha (15-01-2022 17:17:50)
Running from F:\DownloadFF
Microsoft Windows 10 Pro Version 21H1 19043.1415 (X64) (2020-07-12 03:07:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4047565373-3235933586-3377775174-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4047565373-3235933586-3377775174-503 - Limited - Disabled)
Guest (S-1-5-21-4047565373-3235933586-3377775174-501 - Limited - Disabled)
Micha (S-1-5-21-4047565373-3235933586-3377775174-1001 - Administrator - Enabled) => C:\Users\Micha
WDAGUtilityAccount (S-1-5-21-4047565373-3235933586-3377775174-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.11.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{aebb22c8-1fcb-4e7d-92ae-98f1012da7a2}) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.) Hidden
ASGARDEX 0.5.0 (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\5bcaf717-02bc-561e-bd5c-5ecf0e404bb5) (Version: 0.5.0 - ASGARDEX Maintainers)
Assassin's Creed Odyssey Gold Edition ReRelease MULTi2 1.5.3 (HKLM-x32\...\Assassin's Creed Odyssey Gold Edition ReRelease MULTi2 1.5.3) (Version: 1.5.3 - x.X.RIDDICK.X.x)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 25.0.1.194 - Bitdefender)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 25.0.10.52 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.4.4.44 - Bitdefender)
Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
Creative ASIO (USB) (HKLM-x32\...\Creative_ASIO(USB)) (Version: 1.00 - Creative Technology Limited)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Crucial Storage Executive (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Crucial Storage Executive 5.05.082019.02) (Version: 5.05.082019.02 - Crucial)
Crusader Kings III Royal Edition Incl. Update 1 MULTi7 5482039 (HKLM-x32\...\Crusader Kings III Royal Edition Incl. Update 1 MULTi7 5482039) (Version: 5482039 - x.X.RIDDICK.X.x)
CrystalDiskMark 7.0.0h (HKLM\...\CrystalDiskMark7_is1) (Version: 7.0.0h - Crystal Dew World)
Cyberpunk 2077 MULTi18 - ElAmigos version 1.03 (HKLM-x32\...\{8A985B76-8BB5-4325-92DB-E3B9F8A62D1F}_is1) (Version: 1.03 - CD PROJEKT RED)
Discord (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.05 - Creative Technology Limited)
DOOM Eternal Deluxe Edition (HKLM-x32\...\DOOM Eternal Deluxe Edition_is1) (Version: 1.0.0.0 - Bethesda Softworks)
DOOM Eternal Deluxe Edition Convert Steam to Bethesda MULTi2 1.0 (HKLM-x32\...\DOOM Eternal Deluxe Edition Convert Steam to Bethesda MULTi2 1.0) (Version: 1.0 - x.X.RIDDICK.X.x)
Dropbox (HKLM-x32\...\Dropbox) (Version: 139.4.4896 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden
Dual Monitor Tools (HKLM-x32\...\{14DF3258-CA2F-4166-9713-EB7BB9D55307}) (Version: 2.3.0.0 - GNE)
Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Exodus (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\exodus) (Version: 21.7.17 - Exodus Movement Inc)
Firefly 1.3.2 (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\5892dd0c-8983-51d7-b337-6e1d1da9ad4b) (Version: 1.3.2 - IOTA Foundation)
GameInput Redistributable (HKLM-x32\...\{AD78C5EF-EAAF-12E7-83A3-B335A79A3DB1}) (Version: 10.1.19041.1870 - Microsoft Corporation)
GIMP 2.10.20 (HKLM\...\GIMP-2_is1) (Version: 2.10.20 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.71 - Google LLC)
Hellblade: Senua's Sacrifice (HKLM-x32\...\1573355755_is1) (Version: 1.03 - GOG.com)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
IOTA DevNet Wallet 0.7.0 (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\99438aeb-e8ef-5e38-b45f-8f3a84170f98) (Version: 0.7.0 - Martyn Janes)
Iron Harvest Deluxe Edition MULTi13 5487982 (HKLM-x32\...\Iron Harvest Deluxe Edition MULTi13 5487982) (Version: 5487982 - x.X.RIDDICK.X.x)
K-Lite Mega Codec Pack 15.4.7 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.4.7 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.1.3492 - Logitech)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.14729.20194 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.55 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.55 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Teams) (Version: 1.3.00.4461 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.67 - mIRC Co. Ltd.)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 95.0.2 (x64 de)) (Version: 95.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0.1 - Mozilla)
MTG Arena (HKLM\...\{5D99BC14-3C73-4413-8434-4C2E8704884F}) (Version: 0.1.3892 - Wizards of the Coast)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14729.20108 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.0.20 (HKLM\...\{A083A77B-5541-4C84-B420-B37C312BFFCC}) (Version: 6.0.20 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.90.46284 - Electronic Arts, Inc.)
PingPlotter 5 (HKLM-x32\...\{36813793-6997-4A21-A284-D80DA10F80F9}) (Version: 5.18.3.8189 - Pingman Tools, LLC) Hidden
PingPlotter 5 (HKLM-x32\...\PingPlotter 5 5.18.3.8189) (Version: 5.18.3.8189 - Pingman Tools, LLC)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8858.1 - Realtek Semiconductor Corp.)
RyzenMasterSDK (HKLM\...\{EFA9CC7C-F230-42A8-888B-5E7B6AE2DB12}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.21075.3 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.21075.3 - Samsung Electronics Co., Ltd.)
Sound Blaster X-Fi Surround 5.1 Pro (HKLM-x32\...\{05627579-2BA6-4DA2-8243-0EEF752EF14B}) (Version: 1.0 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Spotify) (Version: 1.1.66.578.gc54d0f69 - Spotify AB)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.2 - TeamSpeak Systems GmbH)
Terra Station 1.1.0 (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\544bd55a-4210-5d1d-8eb2-7ec231919777) (Version: 1.1.0 - Terra)
TinyWall (HKLM-x32\...\{6A366BCB-2A38-4D2A-80FD-A5E0C32C97C8}) (Version: 3.2.3.0 - Károly Pados)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.93 - Samsung Electronics CO., LTD.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.38-2 - Wacom Technology Corp.)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Packages:
=========
Age of Empires II: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSPhoenix_101.101.43210.0_x64__8wekyb3d8bbwe [2020-12-03] (0)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-16] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_20.10420.5102.0_x64__8wekyb3d8bbwe [2020-05-12] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-09] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2021-12-15] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4047565373-3235933586-3377775174-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Micha\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4047565373-3235933586-3377775174-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Micha\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4047565373-3235933586-3377775174-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => F:\z_txt\!!_OnlineOrdner\Dropbox [2020-04-09 15:27]
CustomCLSID: HKU\S-1-5-21-4047565373-3235933586-3377775174-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [Test Dropbox] => F:\z_txt\!!_OnlineOrdner\Test Dropbox
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-11-11] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Micha\Desktop\DOOM Eternal.lnk -> E:\Games\DOOM Eternal Deluxe Edition\Run in English.bat ()
==================== Loaded Modules (Whitelisted) =============
2022-01-13 18:44 - 2022-01-13 18:43 - 000635904 _____ () [File not signed] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2021-04-21 03:39 - 2021-04-21 03:39 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-07-07 05:37 - 2021-07-07 05:37 - 000562688 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Device.dll
2021-07-07 05:37 - 2021-07-07 05:37 - 000058880 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Platform.dll
2021-11-10 14:51 - 2021-11-10 14:51 - 001711616 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2020-05-08 18:27 - 2004-11-16 16:06 - 000065536 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\CTAudSeu.dll
2020-05-08 18:27 - 2006-06-07 15:23 - 000126976 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\RC System\RCRx\RcHidUsb.dll
2020-05-08 18:26 - 2009-10-21 16:36 - 000163840 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\ShareDLL\CADI\ctcadi.dll
2020-05-08 18:26 - 2009-03-18 15:00 - 000151552 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTCadiEP.dll
2020-05-08 18:27 - 2009-02-23 10:41 - 000413696 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\CTAudEp.dll
2020-05-08 18:27 - 2008-01-11 09:10 - 000065536 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\CTAudSeu.dll
2020-05-08 18:27 - 2005-01-06 16:26 - 000053248 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\CTIniFu.dll
2020-05-08 18:27 - 2007-03-07 13:07 - 000176128 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\CTThemeU.dll
2020-05-08 18:27 - 2006-03-31 16:26 - 000335872 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\GDICtrl.sku
2020-05-08 18:27 - 2007-03-07 13:56 - 000151552 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\GDICtrl2.sku
2020-05-08 18:27 - 2006-05-04 16:11 - 000110592 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\GDICtrl3.sku
2020-05-08 18:27 - 2006-03-28 15:21 - 000114757 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\RtxCtrl.sku
2020-05-08 18:27 - 2008-12-29 10:25 - 000077824 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanel.crl
2020-05-08 18:27 - 2007-12-13 16:36 - 000077824 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll
2020-05-08 18:27 - 2007-05-04 14:27 - 000233472 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\OSD\PanelSvc.dll
2020-05-08 18:27 - 2009-03-16 13:55 - 000020480 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\RC System\AudSet.crl
2020-05-08 18:27 - 2009-12-21 14:14 - 000065536 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\RC System\EAXCADI.DLL
2020-05-08 18:27 - 2009-04-03 13:50 - 000036963 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\RC System\EAXMod.dll
2020-05-08 18:27 - 2009-09-16 16:59 - 000009728 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\RC System\RCSystem.CRL
2020-05-08 18:27 - 2009-12-16 09:24 - 000323584 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\RC System\RCSystem.dll
2020-05-08 18:27 - 2005-11-23 09:28 - 000040960 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\CtrlSrcU.dll
2020-04-08 13:56 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-04-08 09:15 - 2018-03-05 21:27 - 005529600 _____ (Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\mticm.dll
2017-09-04 23:15 - 2017-09-04 23:15 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\AMD\CNext\CNext\D3DCompiler_47.dll
2020-04-19 22:59 - 2020-04-19 22:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-19 22:59 - 2020-04-19 22:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2020-11-30 17:54 - 2020-11-30 17:54 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] F:\tmp\Games_nebenOrdner\Origin\LIBEAY32.dll
2020-11-30 17:55 - 2020-11-30 17:54 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] F:\tmp\Games_nebenOrdner\Origin\ssleay32.dll
2020-11-30 17:54 - 2020-11-30 17:54 - 001611264 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\platforms\qwindows.dll
2021-01-26 19:54 - 2020-11-30 17:54 - 005487104 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\Qt5Core.dll
2021-01-26 19:54 - 2020-11-30 17:54 - 005841920 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\Qt5Gui.dll
2021-01-26 19:54 - 2020-11-30 17:54 - 001179136 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\Qt5Network.dll
2021-01-26 19:54 - 2020-11-30 17:54 - 000146432 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\Qt5WebSockets.dll
2021-01-26 19:54 - 2020-11-30 17:54 - 005089792 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\Qt5Widgets.dll
2021-01-26 19:54 - 2020-11-30 17:54 - 000184832 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\Qt5Xml.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2021-12-21] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-12-21] (Bitdefender SRL -> Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2021-12-21] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-12-21] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-12-21] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-12-21] (Bitdefender SRL -> Bitdefender)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\sharepoint.com -> hxxps://studuniduisburgessende-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Micha\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
Network Binding:
=============
Ethernet 4: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Local Area Connection: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\StartupApproved\Run: => "GIMP Updater"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2B00AD7E-E05D-4279-85F2-5052E80C993F}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Nephise Begins\NephiseBegins.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D413AA39-EBF4-432A-AF43-FFF790BDC857}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Nephise Begins\NephiseBegins.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{959AFA95-7AAD-41AC-B2A5-B076DE600E7C}] => (Allow) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AB1F5B57-A4EC-4E59-AD31-ED8819728F37}] => (Allow) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{38E6A967-28FE-41CB-AA1F-F4D6B9E0FEA1}] => (Allow) E:\Games\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{E0FDEDAD-F0DB-40A2-B4C9-D0FF9FF267E1}] => (Allow) E:\Games\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C37246C7-9999-49F1-B178-9446BCF2E55F}] => (Allow) E:\Games\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{DCADD24C-4E04-4504-B29A-FF3D01E0324B}] => (Allow) E:\Games\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{F1D2A35C-519D-42FE-8888-B61B1E3768D0}] => (Allow) E:\Games\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{71AAE5A9-0388-4E1C-A8A6-B502485E63F3}] => (Allow) E:\Games\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{DD7E1954-2A34-424C-85D6-27F958608E9E}] => (Allow) E:\Games\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{54B23D6C-B3F3-4DF7-873E-652B2F9A854D}] => (Allow) E:\Games\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{6EE70BFB-4F96-4B1F-9F07-5423523A096B}] => (Allow) E:\Games\Steam\steamapps\common\Talisman\Talisman.exe () [File not signed]
FirewallRules: [{740EEFAE-D693-4416-8860-FFC37FFD50B7}] => (Allow) E:\Games\Steam\steamapps\common\Talisman\Talisman.exe () [File not signed]
FirewallRules: [{4A8A4450-84F2-4C1B-81AD-97D54C3E16DA}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{620E33CE-856D-4586-929E-01DD29FB19B8}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{A002BC16-E38F-47F3-9D41-792B93E0A3EC}] => (Allow) E:\Games\Steam\steamapps\common\Hunt Showdown\hunt.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{9BF531EA-CAEF-409F-AF9B-F2B0971EF59A}] => (Allow) E:\Games\Steam\steamapps\common\Hunt Showdown\hunt.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{AEFE7AB9-2EFB-4392-8941-14AC102CCB2C}] => (Allow) E:\Games\Steam\steamapps\common\Pummel Party\PummelParty.exe () [File not signed]
FirewallRules: [{EA246BA4-FFF7-4273-8B61-5383B41D62D8}] => (Allow) E:\Games\Steam\steamapps\common\Pummel Party\PummelParty.exe () [File not signed]
FirewallRules: [{D122D123-1C5C-45F5-A02F-4D08F1D63EA8}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{421F638B-7A90-4160-B5AF-A01842A24039}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{4B8149F6-1973-4AF7-9508-4EC438DE12BC}] => (Allow) E:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{359B36AD-3BF2-4DEA-81F4-1F4766ED23BF}] => (Allow) E:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6D800EAC-E4E5-430E-90FC-C9EF8B052076}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DF75F7AA-C295-42E4-AEDC-25F6E624F12A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F7525EEF-9D48-47A4-9FCD-ACF485D5B557}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{DA287255-30FC-4EF0-992E-31C29CADEC33}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{E2506033-B42A-471B-8EBF-3970EDDF45EE}] => (Allow) C:\Users\Micha\AppData\Local\Programs\Opera\69.0.3686.77\opera.exe => No File
FirewallRules: [{FFEC9F6E-C769-47B2-804E-D59961C7CA0D}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Goat of Duty\GoatOfDuty.exe () [File not signed]
FirewallRules: [{95C8641F-9EB7-46DB-8ADA-1CF32472988D}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Goat of Duty\GoatOfDuty.exe () [File not signed]
FirewallRules: [{A6EE7161-096B-40B8-8B59-B50746FE3FB1}] => (Allow) E:\Games\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{EFDEBB3D-0097-41AF-BFCB-40214AAC8E6F}] => (Allow) E:\Games\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{FD3F6C22-EEAA-4605-82CC-99F13CFD22EA}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{0D900EBE-1970-44C8-9D92-5234D27E06FB}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{F390346B-664E-4CF6-BFED-4E6A22E0E65B}] => (Allow) E:\Games\Steam\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{75768A16-CD35-4117-B42F-9695DF1CBF52}] => (Allow) E:\Games\Steam\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{E741D90B-B2E9-4803-83B8-DAC36E661CE3}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7B6DCB6-90B0-41D0-A4AF-379348B8D1CF}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27CBF0D4-6167-45DA-ADB4-378E648FD7EB}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{A5FEA61D-A4DE-4434-B234-75BCDC0F45D5}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{96139129-D959-4EDC-A284-0DD1FFF252BD}] => (Allow) E:\Games\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{2013F7A2-D9E2-4F1D-9F53-E252C6346C9C}] => (Allow) E:\Games\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{93D6541A-9D2A-424D-BE3B-AB4DFDF0E440}] => (Allow) E:\Games\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{AC073516-C270-409C-BBC2-E8089385A89A}] => (Allow) E:\Games\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{050B3C71-B430-4596-823B-7EBD4C824290}] => (Allow) E:\Games\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B7A29C43-7BC9-47AF-8595-1D5FDF6DB7D4}] => (Allow) E:\Games\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{13C5E206-0209-4EAF-B175-C5D1640F85CE}] => (Allow) E:\Games\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe () [File not signed]
FirewallRules: [{B95BAEAD-4E26-4065-9591-6357C766D4DD}] => (Allow) E:\Games\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe () [File not signed]
FirewallRules: [{F73C14AA-FA9A-4E92-8869-A766215D08EF}] => (Allow) I:\Games\Origin_ssd\Command and Conquer Generals Zero Hour\Generals.exe () [File not signed]
FirewallRules: [{AB8F2D0A-ABFD-469B-8AF0-B5B293BA7FBF}] => (Allow) I:\Games\Origin_ssd\Command and Conquer Generals Zero Hour\Generals.exe () [File not signed]
FirewallRules: [{C2DEADD5-6926-4B7E-B469-B8032ED59DB9}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\World of Warships\WorldOfWarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{4F06B62E-4CB3-439B-B05F-11CA8D6D473F}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\World of Warships\WorldOfWarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{0592D5B9-AF88-4397-B58C-85302CFD8834}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{79A35F1F-E464-4B4C-A735-D8DAE6ABBDDD}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{24B2A7BA-1152-4A01-B2B1-EFC6B5555B16}] => (Allow) I:\Games\Steam_SSD\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B495F6CC-C686-4D0A-B435-A71249D3C2D2}] => (Allow) I:\Games\Steam_SSD\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38CADE31-6C75-44C3-860A-F3BE82496335}] => (Allow) C:\Program Files (x86)\PingPlotter 5\PingPlotter.exe (Pingman Tools -> )
FirewallRules: [{9095C526-083D-4B93-AC1A-8E7804CEF927}] => (Allow) C:\Program Files (x86)\PingPlotter 5\PingPlotter.exe (Pingman Tools -> )
FirewallRules: [{9C992AD8-AD83-4E3D-B67C-F2093AA3737D}] => (Allow) E:\Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{EE988DF1-4576-4F31-825D-9B8F3E186436}] => (Allow) E:\Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{48427A14-DE1B-42B7-81BA-51D6961F5B6F}] => (Allow) E:\Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{101CB37D-C607-41E0-ABF8-0791DC3141E8}] => (Allow) E:\Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{624E5C2B-BB04-4165-9DE2-E38EAE2F2BD7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{D7B03B52-A52F-4187-BB17-87E8D04464DA}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{71255A76-DC1E-4703-8EB6-22B673FDEA0A}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{5933AF26-0307-416D-98A0-DF71916E05F3}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{1743CC5A-61D4-40D9-934C-92CCE67C6162}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{B0705AE8-0AC6-450E-AE41-A564A30073E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{866D6F63-08C4-4C8F-8AF0-7B3A12C916CD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43097B0E-C3CB-4C1D-A7B4-606BA211A6A8}] => (Allow) I:\Games\Steam_SSD\steamapps\common\Dread Hunger\DreadHunger.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{76DFC26F-B68F-47BC-A6B2-836926A97ECB}] => (Allow) I:\Games\Steam_SSD\steamapps\common\Dread Hunger\DreadHunger.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E3F9FB1C-5090-4AFE-8C1A-31BB85F27BCB}] => (Allow) E:\Games\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{B75ECCB7-A973-43E6-8FD7-247A68B92F53}] => (Allow) E:\Games\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{D3EBBBAB-5EE0-4923-A984-AA4E916A2353}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2FB4E345-0412-48AF-BE00-59EA25079A8E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D9537EB0-D8BB-43AE-99B9-880A4925D044}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{65C55B37-3E34-4EE6-8170-992B2011FB82}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52821764-7BE4-468C-9FCB-A0237907C414}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{90E3D79A-5F0A-4D7F-A887-1F409A8496D8}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.55\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
10-01-2022 19:35:22 Scheduled Checkpoint
15-01-2022 12:33:44 Windows Modules Installer
15-01-2022 12:34:13 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/15/2022 10:54:14 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/13/2022 06:48:32 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (01/10/2022 07:24:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on Data (F:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (01/10/2022 07:21:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on Games (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (01/06/2022 11:57:27 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on Data (F:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (01/06/2022 11:55:02 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on Games (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (01/06/2022 11:51:28 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (01/06/2022 11:51:28 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
System errors:
=============
Error: (01/13/2022 06:43:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error:
The system cannot find the file specified.
Error: (01/13/2022 06:43:22 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.
Error: (01/10/2022 10:09:58 PM) (Source: DCOM) (EventID: 10010) (User: MICHA)
Description: The server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} did not register with DCOM within the required timeout.
Error: (01/10/2022 06:40:11 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/09/2022 04:50:02 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (01/06/2022 11:44:39 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
Error: (12/28/2021 10:46:00 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (12/28/2021 09:43:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error:
The system cannot find the file specified.
Windows Defender:
================
Date: 2020-10-05 16:01:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-10-05 10:05:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-10-04 16:04:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2020-07-12 16:16:28
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.319.1323.0
Previous security intelligence Version: 1.313.1050.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 1.1.17200.2
Previous Engine Version: 1.1.17200.2
Error code: 0x80004004
Error description: Operation aborted
Date: 2020-07-12 16:16:28
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.319.1323.0
Previous security intelligence Version: 1.313.1050.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 1.1.17200.2
Previous Engine Version: 1.1.17200.2
Error code: 0x80004004
Error description: Operation aborted
CodeIntegrity:
===============
Date: 2021-12-22 12:29:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\PingPlotter 5\System.Reflection.Extensions.dll that did not meet the Microsoft signing level requirements.
Date: 2021-12-22 12:29:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\PingPlotter 5\System.Threading.dll that did not meet the Microsoft signing level requirements.
Date: 2021-12-22 12:29:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\PingPlotter 5\System.ObjectModel.dll that did not meet the Microsoft signing level requirements.
Date: 2021-12-22 12:29:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\PingPlotter 5\System.Xml.XDocument.dll that did not meet the Microsoft signing level requirements.
Date: 2021-12-22 12:29:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\PingPlotter 5\System.Diagnostics.Debug.dll that did not meet the Microsoft signing level requirements.
Date: 2021-12-22 12:29:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\PingPlotter 5\System.Threading.Tasks.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 3.51 02/13/2020
Motherboard: Micro-Star International Co., Ltd. B450M-A PRO MAX (MS-7C52)
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 68%
Total physical RAM: 16337.86 MB
Available physical RAM: 5214.43 MB
Total Virtual: 18769.86 MB
Available Virtual: 3732.4 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146.7 GB) (Free:45.81 GB) NTFS
Drive d: (Games) (Fixed) (Total:105.08 GB) (Free:14.54 GB) NTFS
Drive e: (m2) (Fixed) (Total:784.18 GB) (Free:82.89 GB) NTFS
Drive f: (Data) (Fixed) (Total:1757.81 GB) (Free:167.86 GB) NTFS
Drive i: (SSD) (Fixed) (Total:367.19 GB) (Free:69.76 GB) NTFS
Drive p: (SSD2) (Fixed) (Total:98.57 GB) (Free:0.11 GB) NTFS
\\?\Volume{62e1f3cd-d61a-4528-b7af-55d034a0e8d8}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{38e219bc-e5bc-4015-b153-628288d389c2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 534C4394)
Partition 1: (Not Active) - (Size=98.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=367.2 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 669D3B0C)
Partition: GPT.
==================== End of Addition.txt =======================
|
Firefox-Neuinstallation