Mein Fehler, tut mir leid. Anbei die Logs von FRST und dem adwcleaner.
FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-03-2023
durchgeführt von tibor (Administrator) auf DESKTOP-IMO4PF8 (Gigabyte Technology Co., Ltd. Z390 AORUS MASTER) (02-04-2023 22:52:23)
Gestartet von C:\Users\tibor\Desktop
Geladene Profile: tibor
Plattform: Microsoft Windows 11 Pro Version 22H2 22621.1413 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Brave
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.135\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.135\BraveCrashHandler64.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\sonar\SteelSeriesSonar.exe
(D:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(D:\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe ->) (Skutta, Kristjan -> ) D:\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <18>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\tibor\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\steam.exe
(services.exe ->) () [Datei ist nicht signiert] C:\Program Files (x86)\No-IP\ducservice.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_abf7e4e84f20581c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (Skutta, Kristjan -> ) D:\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
(services.exe ->) (SplitmediaLabs Limited -> SplitmediaLabs Limited) C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3400.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3088752 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13129600 2023-03-27] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6957520 2023-03-17] (Adobe Inc. -> Adobe Systems Inc.) [Datei ist nicht signiert]
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [CL-26-01E23384-EB44-43AB-B322-A3C2EEC20F2B] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-26-01E23384-EB44-43AB-B322-A3C2EEC20F2B\setuplauncher.exe" /run:Installer.exe /args:"/setup-folder:"CL-26-01E23384-EB44-43AB-B322-A3C2EEC (Der Dateneintrag hat 7 mehr Zeichen). (Keine Datei)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\Run: [XSplitVCam] => C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe [4297016 2022-11-25] (SplitmediaLabs Limited -> SplitmediaLabs)
HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2023-03-01] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\Run: [Steam] => D:\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-11-14] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\111.1.49.132\Installer\chrmstp.exe [2023-03-29] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2023-03-12]
ShortcutTarget: MEGAsync.lnk -> C:\Users\tibor\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01155BEF-AE36-4D9A-824D-31704873265D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {2165245D-8EF4-4CB4-AC6D-A81C4CA9FE23} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{20D8DFB6-23AE-4C61-B23F-4C93B2FF6F3C} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {23C7318E-63FB-4087-B1C2-2BB9B354E37D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Keine Datei)
Task: {3368AFFC-C43C-4716-BAB3-6A492EA4F3A4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3028042727-1601340073-3460995305-1001 => C:\Users\tibor\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2023-03-27] (Mega Limited -> )
Task: {52C1D6C0-A330-46AE-8331-6EDBB28014D8} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{29450763-DDF0-4D1C-A076-202101DE02B9} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-26] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {560A6824-E2CE-4C69-AB36-520059E8AF9C} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804312 2022-11-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {6386FB30-0654-4BEC-9943-C75917CEB97E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C15B309-8426-4C97-9E5C-FC815835435A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {77C9A4B8-38E9-4BB8-A01F-08FC0910918A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B54EAD9-D015-40AC-9366-AE251686350A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {94B37D32-4552-4937-A964-AE909ECE0042} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Keine Datei)
Task: {A19F327F-E82C-49E6-85EA-A2F58EE2D85B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Keine Datei)
Task: {AFBEA63C-DA6C-484D-A3F7-D284D0F6FA10} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B8D58D7F-059C-4759-B251-A76D1FFC52BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB8DA247-3553-4EC5-A332-017A5A496ABC} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [133905984 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Keine Datei)
Task: {D70608A8-21AA-44BE-92BE-993CA3557991} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (Keine Datei)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.98.1
Tcpip\..\Interfaces\{2ad81d18-4f33-4a09-9b59-dcb94483b5ae}: [DhcpNameServer] 192.168.98.1
Tcpip\..\Interfaces\{88d30982-66f7-4038-965d-a4593a95de16}: [DhcpNameServer] 192.168.98.1
Edge:
=======
Edge Profile: C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-01]
Edge StartupUrls: Default -> "hxxp://google.com/"
Edge Extension: (7TV) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-03-27]
Edge Extension: (Ban Checker for Steam) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2023-02-26]
Edge Extension: (uBlock Origin) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-03-27]
Edge Extension: (Steam Inventory Helper) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2023-03-22]
Edge Extension: (AHA Music - Song Finder für Browser) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejfccgmelcclnoadalcepdmnpgcnglfc [2023-02-26]
Edge Extension: (FrankerFaceZ) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2023-02-26]
Edge Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2023-02-26]
Edge Extension: (Cookie AutoDelete) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhcgjolkccmbidfldomjliifgaodjagh [2023-02-26]
Edge Extension: (Return YouTube Dislike) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-02-26]
Edge Extension: (BetterTTV) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icllegkipkooaicfmdfaloehobmglglb [2023-03-02]
Edge Extension: (MyJDownloader Browser Erweiterung) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ieapabanbplofifeaapjocpaogdhncdd [2023-02-26]
Edge Extension: (Bitwarden - Kostenloser Passwortmanager) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbkfoedolllekgbhcbcoahefnbanhhlh [2023-03-23]
Edge Extension: (Twitch Channel Points Auto Clicker) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jdpblpklojajpopllbckephjndibljbc [2023-02-26]
Edge Extension: (SponsorBlock für YouTube - Überspringe gesponserte Videosegmente) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mnjggcdmjocbbbhaepdhchncahnbgone [2023-03-14]
Edge Extension: (MetaMask) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-03-29]
Edge Extension: (I don't care about cookies) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oholpbloipjbbhlhohaebmieiiieioal [2023-02-26]
Edge Extension: (SMG music display) - C:\Users\tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\onebnnoonaadbbdoanmpehnfmhdolmgh [2023-02-26]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Brave:
=======
BRA Profile: C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-04-02]
BRA Extension: (7TV) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-03-31]
BRA Extension: (Ban Checker for Steam) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\canbadmphamemnmdfngmcabnjmjgaiki [2023-02-26]
BRA Extension: (Steam Inventory Helper) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2023-03-21]
BRA Extension: (AHA Music - Song Finder für Browser) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2023-02-27]
BRA Extension: (FrankerFaceZ) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2023-02-26]
BRA Extension: (MyJDownloader Browser Erweiterung) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2023-03-23]
BRA Extension: (Return YouTube Dislike) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-02-26]
BRA Extension: (SponsorBlock für YouTube - Überspringe gesponserte Videosegmente) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mnjggcdmjocbbbhaepdhchncahnbgone [2023-03-14]
BRA Extension: (MetaMask) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-03-29]
BRA Extension: (Bitwarden - Kostenloser Passwortmanager) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2023-02-26]
BRA Extension: (SMG music display) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\onebnnoonaadbbdoanmpehnfmhdolmgh [2023-02-26]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-04-02]
BRA Extension: (Brave NTP background images) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-02-26]
BRA Extension: (Brave Ads Resources) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\bbefpembgddgdihpkcidgdgiojjlchji [2023-03-22]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications List (plaintext))) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-04-02]
BRA Extension: (Wallet Data Files Updater) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-03-27]
BRA Extension: (Brave Ad Block Updater (Easylist-Cookie List - Filter Obtrusive Cookie Notices (plaintext))) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-04-02]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-03-31]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-04-02]
BRA Extension: (Brave Ads Resources) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\jcncoheihebhhiemmbmpfhkceomfipbj [2023-03-22]
BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2023-04-02]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-03-16]
BRA Extension: (Brave NTP sponsored images) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2023-04-02]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\tibor\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-03-29]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-26] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-26] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761408 2023-03-10] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [935344 2023-03-10] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.)
R3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2023-03-08] (Microsoft Windows -> Microsoft Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10209536 2023-03-01] (Logitech Inc -> Logitech, Inc.)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert]
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [381504 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [252176 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\GG\SteelSeriesUpdateService.exe [35200 2023-03-27] (SteelSeries ApS -> )
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11060856 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
R2 Wallpaper Engine Service; D:\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [134752 2022-10-24] (Skutta, Kristjan -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [140376 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
S3 XSplit_VCam_Updater; C:\Program Files\XSplit\VCam\XSplit_VCam_Updater.exe [3210040 2022-11-25] (SplitmediaLabs Limited -> XSplit)
R2 XSpltVidSvc; C:\Program Files\XSplit\VCam\service\XSpltVidSvc.exe [266040 2022-11-25] (SplitmediaLabs Limited -> SplitmediaLabs Limited)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\111.1.49.132\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_abf7e4e84f20581c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_abf7e4e84f20581c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 atvi-randgrid_sr; D:\Steam\steamapps\common\Call of Duty HQ\randgrid.sys [3311416 2023-02-13] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2023-03-08] (Microsoft Windows -> Microsoft Corporation)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2023-03-01] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-03-01] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2023-03-01] (Logitech Inc -> Logitech)
R3 MpKsl67ec4e47; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{091FF18B-CAE3-4151-8C1D-3637036B4E46}\MpKslDrv.sys [211208 2023-04-02] (Microsoft Windows -> Microsoft Corporation)
R3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [42912 2023-01-17] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteelSeries_Sonar_VAD; C:\WINDOWS\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22292248 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49608 2023-03-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [495896 2023-03-27] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-27] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
R3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [244272 2022-10-14] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-04-02 22:52 - 2023-04-02 22:52 - 000030396 _____ C:\Users\tibor\Desktop\FRST.txt
2023-04-02 22:52 - 2023-04-02 22:52 - 000000000 ____D C:\FRST
2023-04-02 22:51 - 2023-04-02 22:51 - 002379264 _____ (Farbar) C:\Users\tibor\Desktop\FRST64.exe
2023-04-02 22:49 - 2023-04-02 22:49 - 000000000 ____D C:\Users\tibor\Downloads\Neuer Ordner
2023-04-02 22:09 - 2023-04-02 22:09 - 000720948 _____ C:\WINDOWS\system32\perfh007.dat
2023-04-02 22:09 - 2023-04-02 22:09 - 000149040 _____ C:\WINDOWS\system32\perfc007.dat
2023-04-02 22:00 - 2023-04-02 22:03 - 000000008 __RSH C:\ProgramData\ntuser.pol
2023-04-02 21:57 - 2023-04-02 21:57 - 000000000 ____D C:\ProgramData\Adobe
2023-04-01 23:29 - 2023-04-01 23:29 - 000083952 _____ C:\ProgramData\agent.uninstall.1680384541.bdinstall.v2.bin
2023-04-01 23:27 - 2023-04-01 23:27 - 000435048 _____ C:\ProgramData\cl.uninstall.1680384420.bdinstall.v2.bin
2023-04-01 22:07 - 2023-04-01 22:07 - 000000318 _____ C:\WINDOWS\system32\httpproxy.json
2023-04-01 22:07 - 2023-04-01 22:07 - 000000027 _____ C:\WINDOWS\system32\ctc.json
2023-04-01 21:45 - 2023-04-01 21:45 - 000628544 _____ C:\ProgramData\cl.1680378251.bdinstall.v2.bin
2023-04-01 21:45 - 2023-04-01 21:45 - 000113788 _____ C:\ProgramData\cl.kit.1680378249.bdinstall.v2.bin
2023-04-01 21:45 - 2023-04-01 21:45 - 000000000 ____D C:\WINDOWS\system32\elambkup
2023-04-01 21:45 - 2023-04-01 21:45 - 000000000 ____D C:\ProgramData\Gemma
2023-04-01 21:45 - 2023-04-01 21:45 - 000000000 ____D C:\ProgramData\BDLogging
2023-04-01 21:45 - 2023-04-01 21:45 - 000000000 ____D C:\ProgramData\Atc
2023-04-01 21:43 - 2023-04-01 21:43 - 000159056 _____ C:\ProgramData\agent.1680378196.bdinstall.v2.bin
2023-04-01 21:43 - 2023-04-01 21:43 - 000000000 ____D C:\Users\tibor\AppData\Local\Bitdefender
2023-04-01 21:43 - 2023-04-01 21:43 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2023-03-29 23:37 - 2023-03-29 23:37 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-03-29 22:34 - 2023-03-29 22:34 - 008791352 _____ (Malwarebytes) C:\Users\tibor\Desktop\adwcleaner.exe
2023-03-29 22:34 - 2023-03-29 22:34 - 000000000 ____D C:\AdwCleaner
2023-03-27 22:29 - 2023-03-27 22:29 - 000000890 _____ C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2023-03-27 22:29 - 2023-03-27 22:29 - 000000842 _____ C:\Users\tibor\Desktop\Start Tor Browser.lnk
2023-03-27 22:28 - 2023-03-27 22:29 - 000000000 ____D C:\Users\tibor\Desktop\Tor Browser
2023-03-27 22:18 - 2023-03-27 22:43 - 000000000 ____D C:\Users\tibor\AppData\Roaming\calibre
2023-03-27 22:18 - 2023-03-27 22:25 - 000000000 ____D C:\Users\tibor\AppData\Local\calibre-cache
2023-03-27 22:18 - 2023-03-27 22:18 - 000001053 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2023-03-27 22:18 - 2023-03-27 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2023-03-27 22:18 - 2023-03-27 22:18 - 000000000 ____D C:\Program Files\Calibre2
2023-03-27 21:12 - 2023-03-27 21:12 - 000001297 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2023-03-27 21:12 - 2023-03-27 21:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2023-03-27 16:01 - 2023-03-27 16:00 - 201679931 _____ C:\Users\tibor\Downloads\vzdump-lxc-101-2023_03_27-16_00_17.tar.zst
2023-03-27 16:01 - 2023-03-27 15:59 - 861066542 _____ C:\Users\tibor\Downloads\vzdump-lxc-100-2023_03_27-15_59_19.tar.zst
2023-03-26 17:57 - 2023-03-26 17:57 - 000000000 ____D C:\Users\tibor\AppData\Local\VS Revo Group
2023-03-26 17:57 - 2023-03-26 17:57 - 000000000 ____D C:\ProgramData\VS Revo Group
2023-03-22 19:53 - 2023-03-22 19:53 - 000000000 ___HD C:\$WinREAgent
2023-03-22 19:41 - 2023-03-27 21:12 - 000002594 _____ C:\WINDOWS\system32\Tasks\SamsungMagician
2023-03-22 19:41 - 2023-03-27 21:06 - 000000000 ____D C:\Program Files (x86)\Samsung
2023-03-22 19:41 - 2023-03-27 21:04 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Samsung Magician
2023-03-22 19:41 - 2023-03-22 19:41 - 000000000 ____D C:\ProgramData\Samsung
2023-03-22 19:33 - 2023-03-22 19:33 - 000001841 _____ C:\Users\tibor\Desktop\CrystalDiskMark 8.lnk
2023-03-22 19:33 - 2023-03-22 19:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark8
2023-03-22 19:33 - 2023-03-22 19:33 - 000000000 ____D C:\Program Files\CrystalDiskMark8
2023-03-22 19:21 - 2023-03-22 19:21 - 000000000 ___HD C:\$SysReset
2023-03-22 19:12 - 2023-03-22 19:12 - 000000000 ___HD C:\Users\tibor\OneDrive\Dokumente\Rubbish
2023-03-22 19:12 - 2023-03-22 19:12 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\Visual Studio 2022
2023-03-22 19:12 - 2023-03-22 19:12 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\Klausur Beschaffungsmarketing
2023-03-22 19:12 - 2023-03-22 19:12 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\Dyson Sphere Program
2023-03-22 19:12 - 2023-03-22 19:12 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\Arduino
2023-03-22 19:12 - 2022-12-05 11:46 - 000051218 _____ C:\Users\tibor\OneDrive\Dokumente\yeet.pkt
2023-03-22 19:12 - 2022-12-01 13:44 - 000578457 _____ C:\Users\tibor\OneDrive\Dokumente\letter + CV.pdf
2023-03-22 19:12 - 2022-11-22 13:32 - 000001190 _____ C:\Users\tibor\OneDrive\Dokumente\SQL Aufgaben.sql
2023-03-22 19:12 - 2022-11-21 11:57 - 000000000 _____ C:\Users\tibor\OneDrive\Dokumente\Default.rdp
2023-03-22 19:12 - 2022-11-21 10:28 - 000041296 _____ C:\Users\tibor\OneDrive\Dokumente\test.pkt
2023-03-22 19:12 - 2022-08-30 12:18 - 000629420 _____ C:\Users\tibor\OneDrive\Dokumente\UmL - Kommunikationsdiagramm.pptx
2023-03-22 19:12 - 2022-08-23 10:50 - 000000800 _____ C:\Users\tibor\OneDrive\Dokumente\Mitarbeiterverwaltung.txt
2023-03-22 19:12 - 2022-08-23 10:43 - 000000788 _____ C:\Users\tibor\OneDrive\Dokumente\Mitarbeiterverwaltung.sql
2023-03-20 17:23 - 2023-03-21 16:27 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-03-20 17:21 - 2023-03-31 17:06 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Blitz
2023-03-20 17:21 - 2023-03-31 16:45 - 000002217 _____ C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk
2023-03-20 17:21 - 2023-03-31 16:45 - 000002209 _____ C:\Users\tibor\Desktop\Blitz.lnk
2023-03-20 17:21 - 2023-03-31 16:45 - 000000032 _____ C:\Users\tibor\AppData\Roaming\.machineId
2023-03-20 17:21 - 2023-03-31 16:45 - 000000000 ____D C:\Users\tibor\AppData\Local\blitz-updater
2023-03-17 22:03 - 2023-03-31 13:26 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-03-17 22:03 - 2023-03-25 13:43 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2023-03-17 22:03 - 2023-03-17 22:03 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-03-17 22:00 - 2023-03-17 22:00 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2023-03-17 22:00 - 2023-03-17 22:00 - 000000000 ____D C:\Program Files\Adobe
2023-03-17 21:58 - 2023-03-17 21:58 - 000000000 ____D C:\Users\tibor\AppData\Roaming\com.adobe.dunamis
2023-03-17 21:58 - 2023-03-17 21:58 - 000000000 ____D C:\Users\tibor\AppData\Local\SolidDocuments
2023-03-17 21:58 - 2023-03-17 21:58 - 000000000 ____D C:\Users\tibor\.ms-ad
2023-03-17 21:47 - 2023-03-17 21:48 - 000492311 _____ C:\Users\tibor\OneDrive\Dokumente\Aufhebungsvertrag_geschwärzt.pdf
2023-03-17 21:44 - 2023-03-17 21:44 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2023-03-17 21:44 - 2023-03-17 21:44 - 000000000 ____D C:\Users\tibor\AppData\LocalLow\NVIDIA
2023-03-17 21:40 - 2023-03-18 14:41 - 000000000 ____D C:\Users\tibor\AppData\Local\Adobe
2023-03-17 21:40 - 2023-03-17 22:01 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-03-17 21:40 - 2023-03-17 22:00 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-03-17 21:40 - 2023-03-17 21:44 - 000000000 ____D C:\Users\tibor\AppData\LocalLow\Adobe
2023-03-17 21:36 - 2023-03-17 21:36 - 000000000 ____D C:\Users\tibor\AppData\Roaming\WinRAR
2023-03-17 21:36 - 2023-03-17 21:36 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-03-17 21:36 - 2023-03-17 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-03-17 21:36 - 2023-03-17 21:36 - 000000000 ____D C:\Program Files\WinRAR
2023-03-17 21:32 - 2023-04-02 20:53 - 000000000 ____D C:\Users\tibor\AppData\Local\JDownloader 2.0
2023-03-17 21:32 - 2023-03-17 21:32 - 000002132 _____ C:\Users\tibor\Desktop\JDownloader 2.lnk
2023-03-17 21:32 - 2023-03-17 21:32 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2023-03-17 21:31 - 2023-03-17 21:31 - 000000000 ____D C:\Users\tibor\AppData\Local\Adaware
2023-03-17 21:29 - 2023-03-17 21:29 - 000435879 _____ C:\Users\tibor\OneDrive\Dokumente\Aufhebungsvertrag.pdf
2023-03-17 21:15 - 2023-03-17 21:15 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-03-17 21:15 - 2023-03-17 21:15 - 000000028 ____H C:\.GamingRoot
2023-03-17 21:15 - 2023-03-17 21:15 - 000000000 ____D C:\XboxGames
2023-03-17 21:15 - 2023-03-17 21:15 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2023-03-17 21:15 - 2023-03-17 21:15 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2023-03-17 21:05 - 2023-03-17 21:05 - 000000000 ____D C:\Users\tibor\AppData\Local\INetHistory
2023-03-16 22:17 - 2023-04-02 18:41 - 000000000 ____D C:\WINDOWS\Minidump
2023-03-12 14:46 - 2023-03-12 14:46 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\MEGAsync
2023-03-12 14:45 - 2023-03-27 21:14 - 000000000 ____D C:\Users\tibor\AppData\Local\MEGAsync
2023-03-12 14:45 - 2023-03-12 14:45 - 000001129 _____ C:\Users\tibor\Desktop\MEGAsync.lnk
2023-03-12 14:45 - 2023-03-12 14:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\MEGA
2023-03-12 14:45 - 2023-03-12 14:45 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2023-03-12 14:45 - 2023-03-12 14:45 - 000000000 ____D C:\Users\tibor\AppData\Local\Mega Limited
2023-03-11 21:04 - 2023-03-29 22:30 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2023-03-11 00:26 - 2023-03-11 00:26 - 000000000 ____D C:\Users\tibor\AppData\Local\Embark
2023-03-11 00:17 - 2023-03-11 00:17 - 000000000 ____D C:\Users\tibor\AppData\Roaming\EasyAntiCheat
2023-03-11 00:17 - 2023-03-11 00:17 - 000000000 ____D C:\Users\tibor\AppData\Local\Discovery
2023-03-11 00:17 - 2023-03-11 00:17 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS
2023-03-10 23:47 - 2023-03-10 23:47 - 000000203 _____ C:\Users\tibor\Desktop\THE FINALS PLAYTEST.url
2023-03-10 21:21 - 2023-03-27 16:02 - 000000128 _____ C:\Users\tibor\AppData\Roaming\winscp.rnd
2023-03-10 21:21 - 2023-03-10 21:21 - 000001168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2023-03-10 21:21 - 2023-03-10 21:21 - 000001156 _____ C:\Users\Public\Desktop\WinSCP.lnk
2023-03-10 21:21 - 2023-03-10 21:21 - 000000000 ____D C:\Program Files (x86)\WinSCP
2023-03-10 21:13 - 2023-03-10 21:13 - 000002668 _____ C:\Users\tibor\Desktop\Word 2016.lnk
2023-03-10 21:13 - 2023-03-10 21:13 - 000002654 _____ C:\Users\tibor\Desktop\PowerPoint 2016.lnk
2023-03-10 21:04 - 2023-03-31 13:26 - 000002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2023-03-10 21:04 - 2023-03-31 13:26 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2023-03-10 21:04 - 2023-03-31 13:26 - 000002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2023-03-10 21:04 - 2023-03-25 13:43 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2023-03-10 21:04 - 2023-03-16 22:18 - 000002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2023-03-10 21:04 - 2023-03-10 21:04 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2023-03-10 21:04 - 2023-03-10 21:04 - 000002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2023-03-10 21:04 - 2023-03-10 21:04 - 000002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2023-03-10 21:04 - 2023-03-10 21:04 - 000002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ____D C:\WINDOWS\SHELLNEW
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ____D C:\WINDOWS\PCHEALTH
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ____D C:\Users\tibor\AppData\Local\Microsoft Help
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2023-03-10 21:04 - 2023-03-10 21:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2023-03-10 21:03 - 2023-03-10 21:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-03-10 21:03 - 2023-03-10 21:03 - 000000000 __RHD C:\MSOCache
2023-03-10 21:03 - 2023-03-10 21:03 - 000000000 ____D C:\Program Files\Microsoft Office
2023-03-09 23:41 - 2023-04-02 22:17 - 000003142 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2023-03-09 23:40 - 2023-03-09 23:40 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2023-03-09 23:40 - 2023-03-09 23:40 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2023-03-09 23:40 - 2023-03-09 23:40 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2023-03-09 23:39 - 2023-03-11 23:37 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2023-03-09 23:39 - 2023-03-09 23:39 - 000001159 _____ C:\Users\tibor\Desktop\MSI Afterburner.lnk
2023-03-09 23:39 - 2023-03-09 23:39 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2023-03-09 22:21 - 2023-03-09 22:21 - 000000000 ____D C:\Users\tibor\AppData\Roaming\NVIDIA
2023-03-09 17:29 - 2023-03-09 17:29 - 000000000 ____D C:\Users\tibor\Desktop\Valorant Agent Yoinker
2023-03-09 17:24 - 2023-03-31 13:26 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2023-03-09 17:24 - 2023-03-09 23:11 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Notepad++
2023-03-09 17:24 - 2023-03-09 17:25 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.11
2023-03-09 17:24 - 2023-03-09 17:24 - 000000865 _____ C:\Users\Public\Desktop\Notepad++.lnk
2023-03-09 17:24 - 2023-03-09 17:24 - 000000000 ____D C:\Users\tibor\AppData\Local\Package Cache
2023-03-09 17:24 - 2023-03-09 17:24 - 000000000 ____D C:\Program Files\Notepad++
2023-03-09 09:40 - 2023-04-02 22:09 - 001662892 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-09 09:40 - 2023-03-09 09:40 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-03-09 09:39 - 2023-03-09 09:39 - 000000020 ___SH C:\Users\tibor\ntuser.ini
2023-03-08 23:47 - 2023-04-02 22:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-08 23:47 - 2023-03-21 16:24 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-08 23:47 - 2023-03-21 16:24 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-08 23:47 - 2023-03-08 23:47 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2023-03-08 23:47 - 2023-03-08 23:47 - 000011433 _____ C:\WINDOWS\diagerr.xml
2023-03-08 23:47 - 2023-03-08 23:47 - 000003658 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA{20D8DFB6-23AE-4C61-B23F-4C93B2FF6F3C}
2023-03-08 23:47 - 2023-03-08 23:47 - 000003434 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore{29450763-DDF0-4D1C-A076-202101DE02B9}
2023-03-08 23:45 - 2023-04-02 19:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-08 23:45 - 2023-03-23 08:23 - 000472296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-08 23:45 - 2023-03-08 23:45 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2023-03-08 23:21 - 2023-04-02 19:17 - 000000000 ____D C:\Users\tibor
2023-03-08 23:21 - 2023-03-08 23:44 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Vorlagen
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Startmenü
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Netzwerkumgebung
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Lokale Einstellungen
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Eigene Dateien
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Druckumgebung
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\AppData\Local\Verlauf
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\AppData\Local\Anwendungsdaten
2023-03-08 23:21 - 2023-03-08 23:21 - 000000000 _SHDL C:\Users\tibor\Anwendungsdaten
2023-03-08 23:20 - 2023-03-08 23:21 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-03-08 23:20 - 2023-03-08 23:20 - 000000000 ____D C:\WINDOWS\system32\SteelSeries
2023-03-08 23:20 - 2023-03-08 23:20 - 000000000 ____D C:\WINDOWS\system32\DTS
2023-03-08 23:12 - 2023-03-08 23:12 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-03-08 23:12 - 2023-03-08 23:12 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-03-08 23:12 - 2023-03-08 23:12 - 000000000 ____D C:\WINDOWS\addins
2023-03-08 23:06 - 2023-03-08 23:06 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-03-08 22:54 - 2023-03-20 14:51 - 000000000 ___DC C:\WINDOWS\Panther
2023-03-08 22:51 - 2023-03-08 23:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2023-03-08 22:49 - 2023-02-25 12:20 - 002172472 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-03-08 22:49 - 2023-02-25 12:20 - 002172472 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-03-08 22:49 - 2023-02-25 12:20 - 001607736 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-03-08 22:49 - 2023-02-25 12:20 - 001607736 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-03-08 22:49 - 2023-02-25 12:20 - 001487872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-03-08 22:49 - 2023-02-25 12:20 - 001479216 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-03-08 22:49 - 2023-02-25 12:20 - 001479216 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-03-08 22:49 - 2023-02-25 12:20 - 001227264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-03-08 22:49 - 2023-02-25 12:20 - 001211488 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-03-08 22:49 - 2023-02-25 12:20 - 001211488 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-03-08 22:49 - 2023-02-25 12:15 - 000671784 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-03-08 22:49 - 2023-02-25 12:15 - 000506392 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-03-08 22:49 - 2023-02-25 12:14 - 001534440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-03-08 22:49 - 2023-02-25 12:14 - 001193000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-03-08 22:49 - 2023-02-25 12:14 - 000851432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-03-08 22:49 - 2023-02-25 12:13 - 002163688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-03-08 22:49 - 2023-02-25 12:13 - 001619968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-03-08 22:49 - 2023-02-25 12:13 - 000978432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-03-08 22:49 - 2023-02-25 12:13 - 000758272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-03-08 22:49 - 2023-02-25 12:13 - 000741352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-03-08 22:49 - 2023-02-25 12:12 - 013765632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-03-08 22:49 - 2023-02-25 12:12 - 011645992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-03-08 22:49 - 2023-02-25 12:12 - 006083568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-03-08 22:49 - 2023-02-25 12:12 - 005911552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-03-08 22:49 - 2023-02-25 12:12 - 005835304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-03-08 22:49 - 2023-02-25 12:12 - 003429872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-03-08 22:49 - 2023-02-25 12:12 - 000458280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-03-08 22:49 - 2023-02-25 12:11 - 000853544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-03-08 22:49 - 2023-02-25 12:05 - 007924736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-03-08 22:49 - 2023-02-25 12:05 - 006788480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-03-08 22:49 - 2023-02-25 04:00 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2023-03-08 22:49 - 2023-02-25 04:00 - 000104256 _____ C:\WINDOWS\system32\nvinfo.pb
2023-03-06 17:23 - 2023-03-06 14:44 - 000501067 _____ C:\Users\tibor\OneDrive\Dokumente\handreichung-it-berufe-data.pdf
2023-03-05 19:01 - 2023-03-05 19:01 - 000000000 ____D C:\Users\tibor\AppData\Local\GolfIt
2023-03-05 18:58 - 2023-03-10 23:47 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-03-05 18:58 - 2023-03-05 18:58 - 000000202 _____ C:\Users\tibor\Desktop\Golf It!.url
2023-03-05 16:54 - 2023-03-26 18:17 - 000012288 _____ C:\Users\tibor\AppData\Roaming\emp.bin
2023-03-05 12:44 - 2023-03-08 23:44 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2023-03-05 12:44 - 2023-03-05 12:44 - 000000000 ____D C:\Users\tibor\AppData\Local\Vitalwerks
2023-03-05 12:44 - 2023-03-05 12:44 - 000000000 ____D C:\ProgramData\Vitalwerks
2023-03-05 12:44 - 2023-03-05 12:44 - 000000000 ____D C:\Program Files (x86)\No-IP
2023-03-04 17:38 - 2023-03-04 19:28 - 000000128 _____ C:\Users\tibor\AppData\Local\PUTTY.RND
2023-03-04 17:37 - 2023-03-08 23:44 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
2023-03-04 17:37 - 2023-03-04 17:37 - 000001113 _____ C:\Users\tibor\Desktop\PuTTY.lnk
2023-03-04 17:37 - 2023-03-04 17:37 - 000000000 ____D C:\Program Files\PuTTY
2023-03-04 17:36 - 2023-03-04 17:36 - 000000000 ____D C:\Users\tibor\.ssh
2023-03-04 13:55 - 2023-03-04 13:55 - 000000000 ____D C:\Users\tibor\AppData\Local\Rocket League
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-04-02 22:52 - 2023-02-26 21:21 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2023-04-02 22:49 - 2023-03-01 18:22 - 000000000 ____D C:\Users\tibor\AppData\Roaming\lghub
2023-04-02 22:49 - 2023-03-01 18:22 - 000000000 ____D C:\Users\tibor\AppData\Local\LGHUB
2023-04-02 22:49 - 2023-02-26 15:27 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-02 22:49 - 2023-02-26 15:16 - 000012288 ___SH C:\DumpStack.log.tmp
2023-04-02 22:49 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-04-02 22:49 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-02 22:17 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-04-02 22:09 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-04-02 21:59 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-04-02 21:58 - 2023-02-26 15:22 - 000000000 ____D C:\Users\tibor\AppData\Local\D3DSCache
2023-04-02 20:35 - 2023-02-26 15:36 - 000000000 ____D C:\Users\tibor\AppData\LocalLow\Mozilla
2023-04-02 20:35 - 2023-02-26 15:36 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-02 19:55 - 2023-02-26 21:42 - 000000000 ____D C:\Users\tibor\AppData\Roaming\TS3Client
2023-04-02 18:40 - 2023-02-26 15:16 - 001183998 ____N C:\WINDOWS\Minidump\040223-10546-01.dmp
2023-04-02 18:13 - 2023-02-26 21:27 - 000000000 ____D C:\Users\tibor\AppData\Local\Spotify
2023-04-02 18:12 - 2023-02-26 21:27 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Spotify
2023-04-02 17:56 - 2023-02-26 21:40 - 000002231 _____ C:\Users\tibor\Desktop\Discord.lnk
2023-04-02 17:56 - 2023-02-26 21:40 - 000000000 ____D C:\Users\tibor\AppData\Roaming\discord
2023-04-02 17:56 - 2023-02-26 21:40 - 000000000 ____D C:\Users\tibor\AppData\Local\Discord
2023-04-01 23:38 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-01 23:38 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-01 23:27 - 2023-02-26 15:22 - 000000000 ____D C:\Users\tibor\AppData\Local\Packages
2023-04-01 23:27 - 2023-02-26 15:22 - 000000000 ____D C:\ProgramData\Packages
2023-04-01 21:45 - 2022-05-07 07:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-04-01 21:44 - 2023-02-26 15:54 - 000000000 ____D C:\ProgramData\Riot Games
2023-04-01 21:35 - 2023-02-26 15:16 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-31 13:26 - 2023-02-26 15:42 - 000000791 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-03-31 13:26 - 2023-02-26 15:26 - 000002356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-03-31 13:22 - 2023-02-26 15:24 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\Sicherheitsschlüssel
2023-03-31 13:21 - 2023-02-26 15:16 - 001045694 ____N C:\WINDOWS\Minidump\033123-11093-01.dmp
2023-03-29 22:26 - 2023-02-26 15:24 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\Bewerbungen
2023-03-29 21:31 - 2023-02-26 15:26 - 000002315 _____ C:\Users\Public\Desktop\Brave.lnk
2023-03-29 16:33 - 2023-03-01 18:16 - 000000000 ____D C:\Users\tibor\AppData\Roaming\steelseries-gg-client
2023-03-27 21:23 - 2023-02-26 15:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-03-26 19:39 - 2023-02-26 15:54 - 000000000 ____D C:\Users\tibor\AppData\Local\CrashDumps
2023-03-23 08:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-23 08:22 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-22 21:51 - 2023-02-26 15:34 - 000000000 ____D C:\Users\tibor\AppData\Local\Battle.net
2023-03-22 19:56 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-21 16:27 - 2023-02-26 15:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-20 17:27 - 2023-02-26 15:35 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-03-18 14:39 - 2023-02-26 15:22 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Adobe
2023-03-17 21:49 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-03-17 21:47 - 2023-02-26 15:24 - 000000000 ____D C:\Users\tibor\AppData\Local\PlaceholderTileLogoFolder
2023-03-16 22:17 - 2023-02-26 15:57 - 000000000 ____D C:\Program Files\Riot Vanguard
2023-03-16 22:17 - 2023-02-26 15:16 - 002137398 ____N C:\WINDOWS\Minidump\031623-11890-01.dmp
2023-03-16 22:10 - 2023-02-28 21:47 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-03-16 21:23 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-03-15 21:57 - 2023-02-26 15:40 - 000000000 ____D C:\Users\tibor\AppData\Roaming\obs-studio
2023-03-15 20:25 - 2023-02-26 21:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-15 20:24 - 2023-02-26 21:22 - 153620824 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-03-13 23:39 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-13 20:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WebThreatDefSvc
2023-03-12 15:43 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\OCR
2023-03-12 15:29 - 2023-02-26 15:23 - 000000000 ___RD C:\Users\tibor\OneDrive
2023-03-11 21:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\appcompat
2023-03-11 21:06 - 2023-02-28 21:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-03-11 00:17 - 2023-02-26 15:42 - 000000000 ____D C:\Users\tibor\AppData\Local\UnrealEngine
2023-03-10 23:27 - 2022-05-07 12:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-03-10 23:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-03-10 21:04 - 2019-12-07 11:14 - 000000167 _____ C:\WINDOWS\win.ini
2023-03-10 21:03 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-03-10 16:29 - 2023-02-26 21:42 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2023-03-10 16:25 - 2023-02-26 15:45 - 000001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMG Music Display.lnk
2023-03-10 12:39 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-03-09 17:24 - 2023-02-26 15:27 - 000000000 ____D C:\ProgramData\Package Cache
2023-03-09 15:39 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2023-03-09 15:24 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-03-09 09:41 - 2023-02-26 15:24 - 000000000 ____D C:\Users\tibor\OneDrive\Dokumente\The Witcher 3
2023-03-09 09:39 - 2023-02-26 15:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-03-09 09:39 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows NT
2023-03-08 23:47 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows Defender
2023-03-08 23:46 - 2022-05-07 07:24 - 000000000 __RHD C:\Users\Public\Libraries
2023-03-08 23:45 - 2022-05-07 07:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-03-08 23:44 - 2023-03-01 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2023-03-08 23:44 - 2023-02-26 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2023-03-08 23:44 - 2023-02-26 21:40 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-03-08 23:44 - 2023-02-26 16:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tuna
2023-03-08 23:44 - 2023-02-26 15:55 - 000000000 ____D C:\Users\tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-03-08 23:44 - 2023-02-26 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-03-08 23:44 - 2023-02-26 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\spectralizer
2023-03-08 23:44 - 2023-02-26 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2023-03-08 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-03-08 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\spool
2023-03-08 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2023-03-08 23:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-03-08 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-03-08 23:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-03-08 23:24 - 2022-05-07 07:28 - 000000000 ____D C:\WINDOWS\Setup
2023-03-08 23:22 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-03-08 23:21 - 2023-03-01 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2023-03-08 23:19 - 2022-05-07 12:39 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemApps
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-03-08 23:19 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-03-08 23:18 - 2022-05-07 07:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-03-08 23:18 - 2022-05-07 07:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-03-08 23:12 - 2022-05-07 12:39 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-03-08 23:12 - 2022-05-07 12:39 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-03-08 23:12 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-03-08 23:12 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-03-08 23:12 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-03-08 23:12 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-03-08 23:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-03-08 23:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-03-08 23:12 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-03-08 23:11 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-03-08 23:11 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-03-08 23:11 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-03-08 23:11 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-03-08 23:11 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-03-08 23:11 - 2022-05-07 12:29 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-03-08 23:11 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-03-08 23:11 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-03-08 23:11 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-03-08 23:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\IME
2023-03-08 23:04 - 2023-02-26 15:27 - 000000000 ____D C:\Users\tibor\AppData\Local\NVIDIA
2023-03-08 22:51 - 2023-02-26 15:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-03-08 22:46 - 2023-02-26 15:27 - 000000000 ____D C:\Users\tibor\AppData\Local\NVIDIA Corporation
2023-03-08 22:46 - 2023-02-26 15:27 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-03-08 22:46 - 2023-02-26 15:26 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-03-04 13:55 - 2023-02-26 15:42 - 000000000 ____D C:\Users\tibor\AppData\Local\Epic Games
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-03-20 17:21 - 2023-03-31 16:45 - 000000032 _____ () C:\Users\tibor\AppData\Roaming\.machineId
2023-03-05 16:54 - 2023-03-26 18:17 - 000012288 _____ () C:\Users\tibor\AppData\Roaming\emp.bin
2023-03-10 21:21 - 2023-03-27 16:02 - 000000128 _____ () C:\Users\tibor\AppData\Roaming\winscp.rnd
2023-03-17 21:40 - 2023-03-17 21:40 - 000000410 _____ () C:\Users\tibor\AppData\Local\oobelibMkey.log
2023-03-04 17:38 - 2023-03-04 19:28 - 000000128 _____ () C:\Users\tibor\AppData\Local\PUTTY.RND
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== --- --- ---
FRST Additions Logfile: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-03-2023
durchgeführt von tibor (02-04-2023 22:53:34)
Gestartet von C:\Users\tibor\Desktop
Microsoft Windows 11 Pro Version 22H2 22621.1413 (X64) (2023-03-09 07:39:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-3028042727-1601340073-3460995305-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3028042727-1601340073-3460995305-503 - Limited - Disabled)
Gast (S-1-5-21-3028042727-1601340073-3460995305-501 - Limited - Disabled)
tibor (S-1-5-21-3028042727-1601340073-3460995305-1001 - Administrator - Enabled) => C:\Users\tibor
WDAGUtilityAccount (S-1-5-21-3028042727-1601340073-3460995305-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blitz (HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 2.1.9 - Blitz, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 111.1.49.132 - Die Brave-Autoren)
calibre 64bit (HKLM\...\{85C24C86-6D8A-43B1-B07B-D57A835990E4}) (Version: 6.14.1 - Kovid Goyal)
CrystalDiskMark 8.0.4c (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4c - Crystal Dew World)
Discord (HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\Discord) (Version: 1.0.9011 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{A7273EDD-4192-4A9C-9A96-8056EB2DFC76}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.2.376231 - Logitech)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Access MUI (German) 2016 (HKLM-x32\...\{90160000-0015-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2016 (HKLM-x32\...\{90160000-0090-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft Excel MUI (German) 2016 (HKLM-x32\...\{90160000-0016-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Groove MUI (German) 2016 (HKLM-x32\...\{90160000-00BA-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2016 (HKLM-x32\...\{90160000-0044-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2016 (HKLM\...\{90160000-002A-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM-x32\...\{90160000-001F-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2016 (HKLM-x32\...\{90160000-00E1-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2016 (HKLM-x32\...\{90160000-00E2-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (German) 2016 (HKLM-x32\...\{90160000-002C-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM-x32\...\{90160000-001F-0409-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2016 (HKLM\...\{90160000-002A-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2016 (HKLM-x32\...\{90160000-006E-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2016 (HKLM-x32\...\{90160000-00A1-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2016 (HKLM-x32\...\{90160000-001A-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2016 (HKLM-x32\...\{90160000-0018-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2016 (HKLM-x32\...\{90160000-0019-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (German) 2016 (HKLM-x32\...\{90160000-012B-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2016 (HKLM-x32\...\{90160000-001B-0407-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.8.0 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 102.9.0 (x64 de)) (Version: 102.9.0 - Mozilla)
MSI Afterburner 4.6.5 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.5 Beta 4 - MSI Co., LTD)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.5 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA Grafiktreiber 531.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.18 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.0.2 - OBS Project)
Outils de vérification linguistique 2016 de Microsoft Office*- Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PuTTY release 0.78 (64-bit) (HKLM\...\{4EEF2644-700F-46F8-9655-915145248986}) (Version: 0.78.0.0 - Simon Tatham)
Python 3.11.2 (64-bit) (HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\{4d5f29cf-3d3f-455f-bd47-5a52fb830b25}) (Version: 3.11.2150.0 - Python Software Foundation)
Python 3.11.2 Core Interpreter (64-bit) (HKLM\...\{0D38B9A4-4312-465D-A472-450BF75A0460}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Development Libraries (64-bit) (HKLM\...\{A15F08D3-26E4-4F0B-BA8B-ED59A52D6A02}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Documentation (64-bit) (HKLM\...\{1F5C7063-8305-4755-A643-32DE2BE966F9}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Executables (64-bit) (HKLM\...\{D6BE8071-9505-4EE4-9E42-916584C2D21C}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 pip Bootstrap (64-bit) (HKLM\...\{6E84DCAA-19DD-4560-AAE7-043EADF5C1F8}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Standard Library (64-bit) (HKLM\...\{6C19B2EE-FA34-4270-A87F-1FF008C1AC6E}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Tcl/Tk Support (64-bit) (HKLM\...\{6F13A394-E3EA-4585-9ADE-046B69F1F902}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Test Suite (64-bit) (HKLM\...\{83C32D05-F3C4-4D61-877E-0A4C6717E7DC}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python 3.11.2 Utility Scripts (64-bit) (HKLM\...\{6CE85987-8440-409D-BE75-F5128943F67B}) (Version: 3.11.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C28EE783-FA9C-4E09-910E-181A4A28C29C}) (Version: 3.11.2150.0 - Python Software Foundation)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
RivaTuner Statistics Server 7.3.4 Beta 6 (HKLM-x32\...\RTSS) (Version: 7.3.4 Beta 6 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.3.0.1100 - Samsung Electronics)
SMG Music Display version 2.26 (HKLM-x32\...\{931AA4E3-45FE-4182-B85D-A5AF229435B1}_is1) (Version: 2.26 - Streamsoft)
spectralizer version 1.3.4 (HKLM-x32\...\{e1cb7c35-233b-464c-99a9-472b8121c03e}_is1) (Version: 1.3.4 - univrsal)
Spotify (HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\Spotify) (Version: 1.2.8.923.g4f94bf0d - Spotify AB)
SteelSeries GG 35.0.0 (HKLM\...\SteelSeries GG) (Version: 35.0.0 - SteelSeries ApS)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM-x32\...\{90160000-001F-0410-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
tuna version 1.9.3 (HKLM-x32\...\{44b785ed-eef5-4b73-bef0-42ee3493c021}_is1) (Version: 1.9.3 - univrsal)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
WinSCP 5.21.7 (HKLM-x32\...\winscp3_is1) (Version: 5.21.7 - Martin Prikryl)
XSplit VCam (HKLM\...\{6BD233B7-74E3-4141-96D5-950A0BA410F9}) (Version: 4.1.2211.2501 - XSplit) Hidden
XSplit VCam (HKLM\...\XSplit VCam 4.1.2211.2501) (Version: 4.1.2211.2501 - XSplit)
Packages:
=========
Best Player -> C:\Program Files\WindowsApps\2949193320E78.BestPlayer8.1_7.6.4.0_x64__pg6a145mvhp7p [2023-03-04] (marios g.)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-03-12] (Microsoft Corp.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_143.1.1136.0_x64__v10z8vjag6ke6 [2023-03-10] (HP Inc.)
ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-03-12] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.60611.0_x64__8wekyb3d8bbwe [2023-03-29] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2023-03-09] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-12] (NVIDIA Corp.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-03-10] (Microsoft Windows)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-26] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-03-27] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x86__8wekyb3d8bbwe [2023-03-27] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-03-17] (0)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3028042727-1601340073-3460995305-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => Keine Datei
CustomCLSID: HKU\S-1-5-21-3028042727-1601340073-3460995305-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2301.22.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [Datei ist nicht signiert]
CustomCLSID: HKU\S-1-5-21-3028042727-1601340073-3460995305-1001_Classes\CLSID\{D465A476-B453-4B66-90CD-015DE7766448} -> [Dokumente] => C:\Users\tibor\OneDrive\Dokumente [2023-02-26 15:24]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2023-03-06] (Notepad++ -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\tibor\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-27] (Mega Limited -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_abf7e4e84f20581c\nvshext.dll [2023-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2022-11-17 11:16 - 2022-11-17 11:16 - 000232960 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2022-11-17 11:15 - 2022-11-17 11:15 - 000059392 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2022-11-17 11:16 - 2022-11-17 11:16 - 000699904 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2022-11-17 11:15 - 2022-11-17 11:15 - 000074240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2022-11-17 11:16 - 2022-11-17 11:16 - 000371712 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2023-03-01 18:22 - 2023-03-01 18:22 - 000164864 _____ () [Datei ist nicht signiert] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node
2023-03-09 09:41 - 2022-11-07 12:17 - 000387072 _____ () [Datei ist nicht signiert] D:\Steam\bin\cef\cef.win7x64\libegl.dll
2023-03-09 09:41 - 2022-11-07 12:17 - 008052736 _____ () [Datei ist nicht signiert] D:\Steam\bin\cef\cef.win7x64\libglesv2.dll
2022-11-14 12:16 - 2022-11-14 12:16 - 000022016 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu
2023-01-17 22:52 - 2023-01-17 22:52 - 002146304 _____ (Holtek Semiconductor Inc.) [Datei ist nicht signiert] C:\Program Files\SteelSeries\GG\apps\engine\HIDDLL.dll
2023-01-17 22:52 - 2023-01-17 22:52 - 002284032 _____ (Holtek) [Datei ist nicht signiert] C:\Program Files\SteelSeries\GG\apps\engine\ISPDLL.dll
2022-06-23 02:43 - 2022-06-23 02:43 - 005979824 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Datei ist nicht signiert] C:\Users\tibor\AppData\Local\MEGAsync\Qt5Core.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\xvc_installer.log:8A963300F2 [4298]
AlternateDataStreams: C:\ProgramData\xvc_installer.log:DD21A44D71 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk:B76C4E1157 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk:93337121EE [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk:CB61E089FA [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk:F9B57EE960 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk:159ADC9AA1 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk:99EC184B9D [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk:86E8B79B48 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk:21BFFA7D5A [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMG Music Display.lnk:00DBA3A738 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk:4D17D28237 [4298]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Incorporated)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 11:14 - 2023-03-17 22:04 - 000002448 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm-prd-da1.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate-da1.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 uds.licenses.adobe.com
127.0.0.1 licenses.adobe.com
127.0.0.1 license.adobe.com
127.0.0.1 helpexamples.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 genuine.adobe.com
127.0.0.1 prod.adobegenuine.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm-prd-da1.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 practivate.adobe.com
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tibor\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg
DNS Servers: 192.168.98.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3028042727-1601340073-3460995305-1001\...\StartupApproved\Run: => "XSplitVCam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{0B2241AE-FA37-4491-8A40-698C8A2A1E0F}D:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) D:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [TCP Query User{CB33BA7B-3A00-49F4-ABD9-2DDB05432EA4}D:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) D:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [{98025D92-D151-42AB-9202-CB3AE725F809}] => (Allow) D:\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{88460595-1F47-4C62-98A3-E35EC734DBFC}] => (Allow) D:\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{C9C1C259-C708-4FD7-9E23-CB6AAB389DAF}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{9F9EEC02-CA3E-49FC-B873-067E86E520B5}] => (Allow) D:\Steam\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{66D744FC-4665-4CED-8A6B-D2A28B02F078}] => (Allow) D:\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{3CC14C5E-9AFB-4882-A7D4-DF7B254F5DBC}] => (Allow) D:\Steam\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{C2185AD6-5F99-4D67-90A3-B8C9D800E0B2}C:\users\tibor\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tibor\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{17C29E4F-1759-44C3-B5FE-F46B3F1EDAD0}C:\users\tibor\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tibor\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11B58281-6B31-441D-8018-EF3CD2A3063C}] => (Allow) D:\Steam\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert]
FirewallRules: [{913F7EC4-77A4-47A7-B630-1C31551839F1}] => (Allow) D:\Steam\steamapps\common\Pummel Party\PummelParty.exe () [Datei ist nicht signiert]
FirewallRules: [{4DFDDECA-AD23-4491-9795-F64CB6DCBF65}] => (Allow) D:\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [{53769818-10A5-4E11-9731-953FC10952A2}] => (Allow) D:\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{53EB6176-2C23-4A62-8DEE-5A0DF6DBE248}D:\riot games\riot client\riotclientservices.exe] => (Allow) D:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{911D5D08-F471-4CFA-B519-C403FD569EB1}D:\riot games\riot client\riotclientservices.exe] => (Allow) D:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{66C1C3AA-58D6-412D-A1CD-81637F5F455E}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{047B79A4-144D-4CF1-A188-9E596D234941}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{FC7EA340-7E71-4FDD-8BC1-8B62159C0B29}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{2E0993CC-DD0E-4971-8E69-C00F641BDA44}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{68584998-EF36-40E3-8B6A-C8B9F893BB16}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [{A414EF36-12EE-4C51-8602-A1FA1A6638C8}] => (Allow) C:\Program Files\XSplit\VCam\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs)
FirewallRules: [UDP Query User{3A5CA4E4-5964-427E-AF8C-3F6D435B9E58}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{7B41C42E-8DDF-4B95-9CF5-5AD630A1824E}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [UDP Query User{C1EF3216-152B-4B2F-A353-0F897AC77C7C}C:\users\tibor\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\tibor\appdata\local\discord\app-1.0.9011\discord.exe => Keine Datei
FirewallRules: [TCP Query User{B5F6CCC2-B81B-448C-BA75-5D0EF5B7733F}C:\users\tibor\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\tibor\appdata\local\discord\app-1.0.9011\discord.exe => Keine Datei
FirewallRules: [UDP Query User{668D6D4C-7A77-4B76-954E-E403EE0BAD7A}C:\users\tibor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tibor\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{6D5E0A5B-15B8-456B-B8D1-2A6B77DF6DF1}C:\users\tibor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tibor\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{48B073BA-14BB-426B-AE3B-8DA0354FB084}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{F03CDECD-3A8F-4923-A366-1D13B1B92BF8}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\ui32.exe (Skutta, Kristjan -> )
FirewallRules: [{5CD493B5-8ABD-4523-9876-CDC5C6B2F89C}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4AEDACB1-4E03-474F-B71F-8D5925AB836E}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BA651CB9-28B0-4892-89D1-D025AB447B83}] => (Allow) D:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B4E52071-BB3E-46DC-AB4E-8411B34A6A00}] => (Allow) D:\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2368414B-BBDA-46F6-8A42-6C70ED37E633}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8B8FB8BB-B324-46C5-B7F1-1B76DA0F1208}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F72AB3ED-B021-46E2-89B0-2EAA88CB3136}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF3C4B20-DE28-4A36-A6AC-F22048222A68}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B219C73-B39B-4DEB-87EB-588EC0B712B7}] => (Allow) D:\Steam\steamapps\common\The Finals Playtest\Discovery.exe (Embark Studios AB -> Embark Studios AB)
FirewallRules: [{F4E40829-6C36-4799-906E-B8A837289210}] => (Allow) D:\Steam\steamapps\common\The Finals Playtest\Discovery.exe (Embark Studios AB -> Embark Studios AB)
FirewallRules: [TCP Query User{7B3839BD-2B4C-4A8F-A2BE-775C3D5F5A35}C:\users\tibor\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\tibor\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{1868FAD9-30F1-472A-8DFD-3C6E3D712FDF}C:\users\tibor\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\tibor\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{159C1758-D541-41EE-B5D4-8E335B81ABDE}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23062.1103.1944.2725_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1570E449-23A2-4FC2-84A0-A5931E3E0421}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23062.1103.1944.2725_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D972E174-186D-4A0B-8894-4BBC72464323}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{362D3444-E3DE-4928-85F1-2B1418002C31}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe => Keine Datei
FirewallRules: [{C0E3C661-630E-4896-9B7A-1308F6D35057}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F68843AF-7A59-4734-A0CF-F0F4C899CC08}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{293CE62F-A89C-47A3-A8B1-38C8BDB8584F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FDBDD36-F51D-47AB-B226-5006F47B840E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0AC446C0-5B68-42E9-A226-3B9CC35329C7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
02-04-2023 20:50:26 Revo Uninstaller Pro's restore point - Adobe Acrobat (64-bit)
02-04-2023 21:01:56 Revo Uninstaller Pro's restore point - Revo Uninstaller Pro 5.1.1
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (04/02/2023 09:01:56 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {9fcaa8c0-719a-493d-b877-ee7cdc8737fb}
Error: (04/02/2023 08:53:54 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Error: (04/02/2023 08:53:54 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (04/02/2023 08:50:26 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f1204cfa-2881-4a23-af72-4dd8b7bf2a4f}
Error: (04/02/2023 07:48:34 PM) (Source: Application Error) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Name der fehlerhaften Anwendung: SecurityHealthService.exe, Version: 10.0.22621.900, Zeitstempel: 0x45a7fb3f
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.22621.608, Zeitstempel: 0xf5fc15a3
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000007f61e
ID des fehlerhaften Prozesses: 0x0x33ac
Startzeit der fehlerhaften Anwendung: 0x0x1d9658720beb30c
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\SecurityHealthService.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ucrtbase.dll
Berichtskennung: de85d1f3-90a1-4579-8158-61c1763669aa
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/02/2023 01:00:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren.
]
Error: (04/01/2023 11:28:24 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung Fehler in der Wiederherstellungsphase. beendet.
Kontext: Anwendung, SystemIndex Katalog
Details:
0x%08x (0x80040d23 - Gatherer wird heruntergefahren. (HRESULT : 0x80040d23))
Error: (04/01/2023 11:28:24 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Fehler-ID 1 in der Wiederherstellungsphase von Windows Search. Bitte starten Sie den Dienst erneut. Wenn dieser Fehler weiterhin besteht, führen Sie eine Neuerstellung des Index aus.
Kontext: Anwendung, SystemIndex Katalog
Details:
0x%08x (0x80040d23 - Gatherer wird heruntergefahren. (HRESULT : 0x80040d23))
Systemfehler:
=============
Error: (04/02/2023 10:00:03 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IMO4PF8)
Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/02/2023 08:59:11 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IMO4PF8)
Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/02/2023 08:24:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (04/02/2023 07:48:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Sicherheitsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/02/2023 06:40:56 PM) (Source: Microsoft-Windows-WER-SystemErrorReporting) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x0000000a (0xffffac8be72a0690, 0x0000000000000002, 0x0000000000000000, 0xfffff80083eafce3)C:\WINDOWS\Minidump\040223-10546-01.dmpc9e725eb-2ac8-424a-9b3c-41dbc8376975
Error: (04/02/2023 06:40:50 PM) (Source: volmgr) (EventID: 162) (User: )
Description: Generierung der Dumpdatei erfolgreich.
Error: (04/02/2023 06:40:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 02.04.2023 um 18:33:08 unerwartet heruntergefahren.
Error: (04/02/2023 05:55:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IMO4PF8)
Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
================
Date: 2023-04-02 20:43:07
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {6CBB1A65-1EB6-4F24-9660-5C6DBD7C81ED}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: DESKTOP-IMO4PF8\tibor
Date: 2023-04-02 20:24:26
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {08EBE237-EF41-4021-A91A-68400CACEAAB}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Vollständige Überprüfung
Benutzer: DESKTOP-IMO4PF8\tibor
Date: 2023-04-02 20:23:40
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Sabsik.TE.B!ml&threatid=2147780205&enterprise=0
Name: Trojan:Script/Sabsik.TE.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\tibor\Downloads\TLa1stoUsPa1rtID-Update1 0 1 6-elamigos\TLa1stoUsPa1rtID-Update1.0.1.6-elamigos.rar
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-IMO4PF8\tibor
Prozessname: C:\Program Files\WinRAR\WinRAR.exe
Sicherheitsversion: AV: 1.385.1874.0, AS: 1.385.1874.0, NIS: 1.385.1874.0
Modulversion: AM: 1.1.20100.6, NIS: 1.1.20100.6
Date: 2023-04-02 20:22:14
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Sabsik.TE.B!ml&threatid=2147780205&enterprise=0
Name: Trojan:Script/Sabsik.TE.B!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\tibor\Downloads\TLa1stoUsPa1rtID-Update1 0 1 6-elamigos\TLa1stoUsPa1rtID-Update1.0.1.6-elamigos.rar.part
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-IMO4PF8\tibor
Prozessname: C:\Users\tibor\AppData\Local\JDownloader 2.0\JDownloader2.exe
Sicherheitsversion: AV: 1.385.1874.0, AS: 1.385.1874.0, NIS: 1.385.1874.0
Modulversion: AM: 1.1.20100.6, NIS: 1.1.20100.6
CodeIntegrity:
===============
Date: 2023-04-02 19:48:37
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
Date: 2023-04-01 23:40:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-03-27 16:11:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. F11 11/05/2021
Hauptplatine: Gigabyte Technology Co., Ltd. Z390 AORUS MASTER-CF
Prozessor: Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 32687.2 MB
Verfügbarer physikalischer RAM: 26601.14 MB
Summe virtueller Speicher: 34735.2 MB
Verfügbarer virtueller Speicher: 26408.76 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:208.86 GB) (Free:73.27 GB) (Model: Samsung SSD 850 EVO 250GB) NTFS
Drive d: (Spiele) (Fixed) (Total:931.39 GB) (Free:251.99 GB) (Model: CT1000MX500SSD1) NTFS
Drive e: (Daten) (Fixed) (Total:931.51 GB) (Free:573.62 GB) (Model: WDC WD10EURX-63C57Y0) NTFS
\\?\Volume{76630a2f-d97f-4d99-bbc8-a17685bd9be1}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS
\\?\Volume{d0a81815-4ad7-4ccc-9446-dd342f47650c}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: F973A29B)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 2E920281)
Partition: GPT.
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 049F993E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ======================= --- --- --- Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-02-2023
# Duration: 00:00:05
# OS: Windows 11 (Build 22621.1413)
# Scanned: 32030
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1420 octets] - [29/03/2023 22:34:36]
AdwCleaner[C00].txt - [1610 octets] - [29/03/2023 22:34:51]
AdwCleaner[S01].txt - [1542 octets] - [29/03/2023 22:35:03]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
|