Windows 11: OpenOffice Update Trojaner-Befall Guten Abend zusammen,
wie ich sehe sind wohl leider einige aktuell auf den OO Update-Trojaner reingefallen. Unter anderem auch ich und benötige bitte Hilfe das System wieder zu bereinigen.
Ich habe bereits via. Malewarebytes und adcleaner den Rechner versucht zu bereinigen.
Anbei zuerst FRST: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
durchgeführt von danij (Administrator) auf DC-MSI (Micro-Star International Co., Ltd. Stealth 15M B12UE) (27-09-2023 21:21:17)
Gestartet von C:\Users\danij\Downloads\FRST64.exe
Geladene Profile: danij
Plattform: Microsoft Windows 11 Home Version 22H2 22621.2283 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.21.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe ->) (Micro-Star International CO., LTD. -> ) C:\Program Files (x86)\MSI\MSI Center\Base Module\Start_HDR.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.0.1.259\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_e6050705c26c770f\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_e6050705c26c770f\ipf_helper.exe
(explorer.exe ->) () [Datei ist nicht signiert] C:\Program Files\SKILLER SGH30\CPL\SharkoonAudioCenter_x64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_4a0efaf978352e5b\ipfsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_f94b71985382657d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_be7776eaee40550a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_e6050705c26c770f\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_06dd582276d3f601\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Micro-Star International CO., LTD. -> ) C:\Program Files (x86)\MSI\MSI NBFoundation Service\Sendevsvc.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_78515247753844c2\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3020235693730747\RtkAudUService64.exe <2>
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.2061_none_e9764a2042bb8e95\TiWorker.exe
(svchost.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Sound Tune\SoundTune.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3020235693730747\RtkAudUService64.exe [1907448 2023-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [619192 2023-01-20] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1062424 2023-09-26] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [Cm108BSound] => C:\Program Files\SKILLER SGH30\CPL\SharkoonAudioCenter_x64.exe [2545152 2019-02-13] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [SKILLER SGK5] => C:\Program Files (x86)\SKILLER SGK5\Monitor.exe [2254848 2019-06-10] (Sharkoon Technologies) [Datei ist nicht signiert]
HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\Run: [MicrosoftEdgeAutoLaunch_96DF211D38B4DD2308BD55E41A22586A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210112 2023-09-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70910864 2023-09-20] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\Run: [GalaxyClient] => [X]
HKLM\...\Windows x64\Print Processors\shm4mPC: C:\Windows\System32\spool\prtprocs\x64\shm4mpc.dll [91000 2022-01-24] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\shm4m Langmon: C:\Windows\system32\shm4mlm.dll [70000 2022-01-24] (联想图像(天津)科技有限公司 -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\chrmstp.exe [2023-09-27] (Google LLC -> Google LLC)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {FF4945E0-6AFA-4AC9-B9E8-0DFAF4646CB2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {F14206D7-53C5-48DC-A945-683F17C53E9F} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.0.1.259\WatchDog.exe [937000 2023-07-27] (Bitdefender SRL -> Bitdefender)
Task: {11A16FA1-B159-40AD-A221-D6BDF4E8A3B9} - System32\Tasks\GoogleUpdateTaskMachineCore{E88F1CCB-9C3A-4C0C-A417-FD282342B4F2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-02] (Google LLC -> Google LLC)
Task: {618DD816-65A6-459B-9D4A-1B8929A34592} - System32\Tasks\GoogleUpdateTaskMachineUA{48ED408E-2D5D-4358-9E21-B73B59A7875E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-02] (Google LLC -> Google LLC)
Task: {E9AADA0E-FAEF-4C0E-B413-FD6F8520780B} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\UCPD velocity => C:\Windows\system32\UCPDMgr.exe [58880 2023-08-26] (Microsoft Windows -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei)
Task: {888C7A2B-11CF-4E02-A1C2-9A791E62AEA8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-09-26] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {4A47C2B0-5796-457F-A9EC-9C5B449540F6} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [717728 2023-09-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {9E1973B0-F96C-4C89-BA5E-85DF79F8AA0E} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804312 2023-04-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {95E881EE-43E9-4149-8E34-3A7E371E1F6D} - System32\Tasks\OmApSvcBroker => C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe [844944 2023-05-26] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {480C7505-4578-41DC-8409-65641CCB273E} - System32\Tasks\OneDC_Updater => C:\Users\danij\Documents\temp\OneDC_Updater\OneDC_Updater.exe [658160 2023-05-11] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) <==== ACHTUNG
Task: {5EA17B6F-4190-413A-9F47-82D13349900D} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-833939261-3277912834-1012389114-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\Windows\System32\wpninprc.dll [65536 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {51F20139-A93E-4800-AB06-71CF3BCC0D37} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [436544 2023-03-30] (Alexey Nicolaychuk -> )
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3882fc08-7bf1-43f5-a0dd-51ee939d2b9d}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{d9be49e4-a950-462f-ac09-951c8e300509}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Profile: C:\Users\danij\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-26]
Edge Extension: (Google Docs Offline) - C:\Users\danij\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-09]
Edge Extension: (Edge relevant text changes) - C:\Users\danij\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-26]
FireFox:
========
FF DefaultProfile: huqm46ti.default
FF ProfilePath: C:\Users\danij\AppData\Roaming\Mozilla\Firefox\Profiles\huqm46ti.default [2023-05-28]
FF ProfilePath: C:\Users\danij\AppData\Roaming\Mozilla\Firefox\Profiles\php90ive.default-release [2023-09-27]
FF Homepage: Mozilla\Firefox\Profiles\php90ive.default-release -> hxxps://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\php90ive.default-release -> hxxps://web.airdroid.com
FF Extension: (Dark Reader) - C:\Users\danij\AppData\Roaming\Mozilla\Firefox\Profiles\php90ive.default-release\Extensions\addon@darkreader.org.xpi [2023-08-21]
FF Extension: (TrafficLight) - C:\Users\danij\AppData\Roaming\Mozilla\Firefox\Profiles\php90ive.default-release\Extensions\trafficlight@bitdefender.com.xpi [2023-06-02]
FF Extension: (uBlock Origin) - C:\Users\danij\AppData\Roaming\Mozilla\Firefox\Profiles\php90ive.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-09-26]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext [2023-07-11] [] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security App\bdtbext
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2023-06-02] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2023-06-02] <==== ACHTUNG
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default [2023-09-27]
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Extension: (Präsentationen) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2023-02-02]
CHR Extension: (Docs) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2023-02-02]
CHR Extension: (Google Drive) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2023-02-02]
CHR Extension: (uBlock Origin) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-09-25]
CHR Extension: (Verbindungsdiagnose für Chrome) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc [2023-02-02]
CHR Extension: (Dark Reader) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-08-22]
CHR Extension: (Tabellen) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2023-02-02]
CHR Extension: (In Google Drive speichern) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2023-03-08]
CHR Extension: (Citrix Workspace) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\haiffjcadagjlijoggckpgfnoeiflnem [2023-09-21]
CHR Extension: (Google Zeichnungen) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2023-02-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-02]
CHR Extension: (Passwort-Warnung) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\noondiphcddnnabmjcihcjfbhfklnnep [2023-02-02]
CHR Extension: (Google Mail) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2023-02-02]
CHR Profile: C:\Users\danij\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-27]
CHR Profile: C:\Users\danij\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-09-27]
CHR Extension: (TrafficLight) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfnpidifppmenkapgihekkeednfoenal [2023-07-14]
CHR Extension: (uBlock Origin) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-09-22]
CHR Extension: (Dark Reader) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-08-21]
CHR Extension: (Google Docs Offline) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-23]
CHR Extension: (PocketTube: Youtube Subscription Manager) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kdmnjgijlmjgmimahnillepgcgeemffb [2023-09-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\danij\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-02]
CHR Profile: C:\Users\danij\AppData\Local\Google\Chrome\User Data\System Profile [2023-09-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [842264 2023-09-26] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-26] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-26] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-09-01] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2560552 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [842264 2023-09-26] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9884424 2023-04-11] (BattlEye Innovations e.K. -> )
R2 dptftcs; C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_4a0efaf978352e5b\ipfsvc.exe [545432 2022-10-27] (Intel Corporation -> Intel Corporation)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11030632 2023-09-19] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-02-25] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-04-03] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348000 2023-08-24] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-08-24] (GOG sp. z o.o -> GOG.com)
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_06dd582276d3f601\AS\IAS\IntelAudioService.exe [532008 2022-08-11] (Intel Corporation -> Intel)
R2 ipfsvc; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_e6050705c26c770f\ipf_uf.exe [2733712 2021-12-16] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287968 2023-09-27] (Malwarebytes Inc. -> Malwarebytes)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [171248 2023-05-11] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe [95472 2023-05-11] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Sendevsvc; C:\Program Files (x86)\MSI\MSI NBFoundation Service\Sendevsvc.exe [311536 2023-05-11] (Micro-Star International CO., LTD. -> )
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [150176 2022-08-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe [140528 2022-05-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1913472 2022-09-29] (A-Volute SAS -> Nahimic)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [619192 2023-01-20] (geek software GmbH -> geek software GmbH)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [659496 2023-07-27] (Bitdefender SRL -> Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [288792 2023-09-26] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [842264 2023-09-26] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_78515247753844c2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_78515247753844c2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 108B; C:\Windows\System32\drivers\108B.sys [3822496 2019-01-16] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA Inc.)
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [6205488 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
S3 AX88772; C:\Windows\System32\DriverStore\FileRepository\netax88772.inf_amd64_f1efe88b4f90c639\ax88772.sys [116736 2022-05-07] (Microsoft Windows -> ASIX Electronics Corp.)
R2 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [798128 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [22976 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [49200 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\Windows\system32\DRIVERS\bduefiscan.sys [39840 2022-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1347496 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-18] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-18] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_SPI_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_adl.inf_amd64_2d1a1b06fd89c8d4\iaLPSS2_SPI_ADL.sys [160912 2021-10-25] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_uart2_adl.inf_amd64_9f84cae4176aa5ed\iaLPSS2_UART2_ADL.sys [318624 2021-10-25] (Intel Corporation -> Intel Corporation)
S3 Ignisv2; C:\Windows\system32\DRIVERS\ignisv2.sys [165312 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 IGO_VSD; C:\Windows\system32\drivers\igovsd.sys [43368 2022-07-22] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelli-go)
R3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_d97909364d9908a5\IntcUSB.sys [892960 2022-08-11] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_19ceb7ce67a7cf8b\gna.sys [87208 2021-09-17] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\Windows\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_de6ec16890c1b449\ipf_acpi.sys [85648 2021-12-16] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_e6050705c26c770f\ipf_cpu.sys [79496 2021-12-16] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_e6050705c26c770f\ipf_lf.sys [431256 2021-12-16] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222272 2023-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-09-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [233704 2023-09-27] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2023-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181984 2023-09-27] (Malwarebytes Inc. -> Malwarebytes)
R3 NahimicBTLink; C:\Windows\System32\drivers\NahimicBTLink.sys [86200 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [86224 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [238704 2023-09-13] (NVIDIA Corporation -> NVIDIA Corporation)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [633248 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S4 UCPD; C:\Windows\System32\drivers\UCPD.sys [29184 2023-08-26] (Microsoft Windows -> Microsoft Corporation)
R0 vlflt; C:\Windows\System32\DRIVERS\vlflt.sys [522136 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55872 2023-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [574872 2023-08-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-31] (Microsoft Windows -> Microsoft Corporation)
S3 WINIO; C:\Program Files (x86)\MSI\MSI NBFoundation Service\KernCoreLib64.sys [25656 2018-11-15] (Micro-Star International CO., LTD. -> )
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-09-27 21:21 - 2023-09-27 21:21 - 000031580 _____ C:\Users\danij\Downloads\FRST.txt
2023-09-27 21:21 - 2023-09-27 21:21 - 000000000 ____D C:\FRST
2023-09-27 21:20 - 2023-09-27 21:20 - 002382848 _____ (Farbar) C:\Users\danij\Downloads\FRST64.exe
2023-09-27 18:24 - 2023-09-27 18:24 - 000233704 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2023-09-27 18:24 - 2023-09-27 18:24 - 000181984 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-09-27 17:45 - 2023-09-27 21:17 - 000000000 ____D C:\Users\danij\AppData\Local\Malwarebytes
2023-09-27 17:45 - 2023-09-27 17:48 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-09-27 17:45 - 2023-09-27 17:45 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-27 17:45 - 2023-09-27 17:45 - 000000000 ____D C:\Users\danij\AppData\Local\mbam
2023-09-27 17:44 - 2023-09-27 17:44 - 002606880 _____ (Malwarebytes) C:\Users\danij\Downloads\MBSetup.exe
2023-09-27 17:44 - 2023-09-27 17:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-27 17:44 - 2023-09-27 17:44 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-27 06:39 - 2023-09-27 06:40 - 000000000 ____D C:\AdwCleaner
2023-09-27 06:39 - 2023-09-27 06:39 - 008791352 _____ (Malwarebytes) C:\Users\danij\Downloads\adwcleaner.exe
2023-09-26 19:57 - 2023-09-27 06:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-23 10:44 - 2023-09-23 10:44 - 000000000 ____D C:\Users\danij\AppData\Roaming\NVIDIA
2023-09-23 09:27 - 2023-09-23 09:27 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2023-09-23 09:25 - 2023-09-14 00:17 - 001487376 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-09-23 09:25 - 2023-09-14 00:17 - 001227296 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-09-23 09:25 - 2023-09-14 00:17 - 000848984 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-09-23 09:25 - 2023-09-14 00:17 - 000848984 _____ C:\Windows\system32\vulkaninfo.exe
2023-09-23 09:25 - 2023-09-14 00:17 - 000713808 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-09-23 09:25 - 2023-09-14 00:17 - 000713808 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-09-23 09:25 - 2023-09-14 00:17 - 000653392 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-09-23 09:25 - 2023-09-14 00:17 - 000653392 _____ C:\Windows\system32\vulkan-1.dll
2023-09-23 09:25 - 2023-09-14 00:17 - 000637008 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-09-23 09:25 - 2023-09-14 00:17 - 000637008 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-09-23 09:25 - 2023-09-14 00:13 - 001537648 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2023-09-23 09:25 - 2023-09-14 00:13 - 001195656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2023-09-23 09:25 - 2023-09-14 00:13 - 000939144 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2023-09-23 09:25 - 2023-09-14 00:13 - 000778376 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2023-09-23 09:25 - 2023-09-14 00:13 - 000669320 _____ C:\Windows\system32\nvofapi64.dll
2023-09-23 09:25 - 2023-09-14 00:13 - 000504456 _____ C:\Windows\SysWOW64\nvofapi.dll
2023-09-23 09:25 - 2023-09-14 00:12 - 002168352 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2023-09-23 09:25 - 2023-09-14 00:12 - 001621624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2023-09-23 09:25 - 2023-09-14 00:12 - 000992904 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2023-09-23 09:25 - 2023-09-14 00:12 - 000768648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2023-09-23 09:25 - 2023-09-14 00:11 - 014520432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2023-09-23 09:25 - 2023-09-14 00:11 - 012066312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2023-09-23 09:25 - 2023-09-14 00:11 - 003482640 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2023-09-23 09:25 - 2023-09-14 00:11 - 000459912 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2023-09-23 09:25 - 2023-09-14 00:10 - 006190624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2023-09-23 09:25 - 2023-09-14 00:10 - 005845128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2023-09-23 09:25 - 2023-09-14 00:10 - 005550096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2023-09-23 09:25 - 2023-09-14 00:10 - 000853104 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2023-09-23 09:25 - 2023-09-14 00:09 - 007858776 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2023-09-23 09:25 - 2023-09-14 00:09 - 006738544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2023-09-23 09:25 - 2023-09-13 02:12 - 000108122 _____ C:\Windows\system32\nvinfo.pb
2023-09-23 09:24 - 2023-09-13 02:12 - 000238704 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpcf.sys
2023-09-23 09:24 - 2023-09-13 02:12 - 000121880 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2023-09-23 09:23 - 2023-09-23 09:23 - 000000000 ____D C:\Windows\LastGood
2023-09-18 10:53 - 2023-09-18 10:53 - 000001207 _____ C:\Users\Public\Desktop\GOG GALAXY.lnk
2023-09-18 10:53 - 2023-09-18 10:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2023-09-15 18:12 - 2023-09-15 18:13 - 000000000 ____D C:\Windows\LastGood.Tmp
2023-09-15 07:26 - 2023-09-15 07:26 - 000000000 ____D C:\Users\danij\AppData\Local\OneDrive
2023-09-13 09:30 - 2023-09-13 09:31 - 000000000 ___HD C:\$WinREAgent
2023-09-07 20:12 - 2023-09-24 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quake IV [GOG.com]
2023-09-07 10:57 - 2023-09-07 10:57 - 000761564 _____ C:\Windows\system32\perfh007.dat
2023-09-07 10:57 - 2023-09-07 10:57 - 000157732 _____ C:\Windows\system32\perfc007.dat
2023-08-28 08:34 - 2023-09-04 14:42 - 000000000 ____D C:\Users\danij\Documents\NQi Sport
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-09-27 21:21 - 2023-01-31 10:36 - 000000000 ____D C:\Users\danij\AppData\Local\D3DSCache
2023-09-27 21:21 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2023-09-27 21:17 - 2023-06-04 01:24 - 000003124 _____ C:\Windows\system32\Tasks\MSIAfterburner
2023-09-27 21:17 - 2023-06-02 15:30 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2023-09-27 21:17 - 2023-04-30 12:20 - 000003108 _____ C:\Windows\system32\Tasks\RTSS
2023-09-27 21:17 - 2023-04-29 10:29 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2023-09-27 21:17 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2023-09-27 21:16 - 2023-02-02 22:45 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-27 19:32 - 2023-01-31 10:47 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-27 19:32 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-27 19:28 - 2023-01-31 12:33 - 000000000 ____D C:\ProgramData\Common
2023-09-27 18:24 - 2023-01-31 10:53 - 000000000 ____D C:\MSI
2023-09-27 18:24 - 2023-01-31 10:30 - 000012288 ___SH C:\DumpStack.log.tmp
2023-09-27 18:24 - 2023-01-31 10:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-27 18:24 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2023-09-27 18:23 - 2022-05-07 07:17 - 000786432 _____ C:\Windows\system32\config\BBI
2023-09-27 18:22 - 2023-02-02 22:48 - 000000000 ____D C:\Users\danij\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2023-09-27 18:19 - 2023-01-31 11:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-27 18:10 - 2023-01-31 10:30 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-09-27 18:03 - 2023-04-11 09:42 - 000000000 ___RD C:\Users\danij\Desktop\Desktop-Docs
2023-09-27 17:59 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-27 17:59 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2023-09-27 17:49 - 2023-02-02 22:43 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2023-09-27 17:44 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-09-27 17:44 - 2022-05-07 07:17 - 000065536 _____ C:\Windows\system32\config\ELAM
2023-09-27 17:35 - 2023-01-31 10:30 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-27 06:56 - 2023-02-02 22:46 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-27 06:55 - 2023-01-31 11:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-27 06:55 - 2023-01-31 10:30 - 000305064 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-27 06:48 - 2023-06-02 16:31 - 000000012 _____ C:\Users\danij\Documents\TW.txt
2023-09-27 06:43 - 2023-01-31 12:32 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2023-09-27 06:35 - 2023-01-31 11:56 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-27 06:29 - 2023-07-10 17:42 - 000000000 ____D C:\ProgramData\OmApSvcBroker
2023-09-26 22:03 - 2023-01-31 12:47 - 000000000 ____D C:\Program Files (x86)\Steam
2023-09-26 22:03 - 2023-01-31 12:45 - 000000000 ____D C:\Users\danij\AppData\Roaming\discord
2023-09-26 21:49 - 2023-01-31 12:45 - 000000000 ____D C:\Users\danij\AppData\Local\Discord
2023-09-26 19:57 - 2023-01-31 13:17 - 000000000 ____D C:\ProgramData\Riot Games
2023-09-26 19:43 - 2023-01-31 10:36 - 000000000 ____D C:\Users\danij\AppData\Local\Packages
2023-09-26 11:54 - 2023-01-31 10:32 - 000000000 ____D C:\ProgramData\Packages
2023-09-26 07:39 - 2023-01-31 10:37 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-833939261-3277912834-1012389114-1001
2023-09-26 07:39 - 2023-01-31 10:37 - 000003360 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-833939261-3277912834-1012389114-1001
2023-09-26 07:39 - 2023-01-31 10:37 - 000002395 _____ C:\Users\danij\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-25 20:43 - 2023-04-25 21:45 - 000000000 ____D C:\Users\danij\AppData\Local\DayZ Launcher
2023-09-25 20:31 - 2023-04-25 21:47 - 000000000 ____D C:\Users\danij\AppData\Local\DayZ
2023-09-25 09:57 - 2023-06-02 16:09 - 000000000 ___HD C:\Users\danij\Downloads\Hide
2023-09-25 07:36 - 2023-06-02 16:31 - 000009442 ____H C:\Users\danij\Documents\1a.txt
2023-09-24 11:59 - 2023-01-31 13:08 - 000000000 ____D C:\Users\danij\AppData\Local\Ubisoft Game Launcher
2023-09-24 11:55 - 2023-01-31 12:58 - 000000000 ____D C:\Users\danij\AppData\Local\Battle.net
2023-09-24 10:36 - 2023-01-31 11:50 - 000000000 ____D C:\Users\danij\AppData\Local\NVIDIA
2023-09-24 10:35 - 2023-01-31 12:57 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-09-23 14:52 - 2023-02-18 12:00 - 000000000 ____D C:\Users\danij\AppData\Local\CrashDumps
2023-09-23 09:27 - 2023-01-31 10:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-09-23 09:21 - 2023-08-11 12:13 - 000000000 ____D C:\Users\danij\AppData\Roaming\Kodi
2023-09-20 17:39 - 2023-01-31 12:45 - 000002227 _____ C:\Users\danij\Desktop\Discord.lnk
2023-09-19 06:28 - 2023-02-02 22:45 - 000004002 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{48ED408E-2D5D-4358-9E21-B73B59A7875E}
2023-09-19 06:28 - 2023-02-02 22:45 - 000003878 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{E88F1CCB-9C3A-4C0C-A417-FD282342B4F2}
2023-09-18 10:53 - 2023-01-31 13:11 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2023-09-18 10:52 - 2023-01-31 13:10 - 000000000 ____D C:\ProgramData\GOG.com
2023-09-13 19:18 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-09-13 17:44 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-09-13 17:44 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2023-09-13 17:44 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2023-09-13 11:32 - 2023-01-31 10:59 - 000000000 ____D C:\Windows\system32\MRT
2023-09-13 11:30 - 2023-01-31 10:59 - 177941912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-09-13 09:34 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2023-09-13 09:33 - 2023-01-31 10:32 - 003210752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-09-12 18:05 - 2023-01-31 12:23 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-09-12 18:05 - 2023-01-31 12:23 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-09-08 14:58 - 2023-06-03 18:34 - 000000000 ____D C:\Users\danij\Documents\KODI
2023-09-07 10:57 - 2023-01-31 10:37 - 001754668 _____ C:\Windows\system32\PerfStringBackup.INI
2023-09-07 07:55 - 2023-02-04 09:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-01 09:33 - 2023-06-02 17:07 - 001347496 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\gemma.sys
2023-09-01 09:32 - 2023-06-02 17:07 - 006205488 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2023-08-31 07:04 - 2023-01-31 10:30 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-08-28 10:56 - 2023-01-31 12:28 - 000000000 ____D C:\ProgramData\boost_interprocess
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2023-06-09 07:51 - 2023-06-09 07:51 - 000002112 _____ () C:\Users\danij\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ======================== Und hier Addition: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2023
durchgeführt von danij (27-09-2023 21:21:55)
Gestartet von C:\Users\danij\Downloads
Microsoft Windows 11 Home Version 22H2 22621.2283 (X64) (2023-01-31 08:32:13)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-833939261-3277912834-1012389114-500 - Administrator - Disabled)
danij (S-1-5-21-833939261-3277912834-1012389114-1001 - Administrator - Enabled) => C:\Users\danij
DefaultAccount (S-1-5-21-833939261-3277912834-1012389114-503 - Limited - Disabled)
Gast (S-1-5-21-833939261-3277912834-1012389114-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-833939261-3277912834-1012389114-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {F4F8BE4F-D893-2EB2-F208-1A2FF1A396CA}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.006.20320 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Games (HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.3.8425.2 - Amazon.com Services, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.0.1.259 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\Bitdefender) (Version: 26.0.35.174 - Bitdefender)
CPUID CPU-Z 2.06 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.06 - CPUID, Inc.)
CPUID HWMonitor 1.50 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.50 - CPUID, Inc.)
Discord (HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\Discord) (Version: 1.0.9010 - Discord Inc.)
Dokumente (HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\a7cfc3ffab6f5ca1cc523e60717a0072) (Version: 1.0 - Google\Chrome)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.27.0.5540 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{534ec554-3d90-4ba2-ad9a-74adf0948fc9}) (Version: 13.27.0.5540 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{8ADEA716-6C06-4092-A62B-794F8BF8336A}) (Version: 1.3.51.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
Geeks3D FurMark 1.34.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.34.0.0 - Geeks3D)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Gmail (HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\b6b0ae75af3ff2adae3269cbc8ea9e47) (Version: 1.0 - Google\Chrome)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.71.2 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.92 - Google LLC)
Google Drive (HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\3875735de3527f5528b928bf94e58f2d) (Version: 1.0 - Google\Chrome)
HP Laser MFP 131 133 135-138 (HKLM-x32\...\HP Laser MFP 131 133 135-138) (Version: 1.19 (25.08.2022) - HP Inc.)
HP MFP Scan (HKLM-x32\...\HP MFP Scan) (Version: 1.06.68 (22.08.2022) - HP Inc.)
HP Scan Process Machine (HKLM-x32\...\HP Scan Process Machine) (Version: 1.03.05.30 - HP Development Company, L.P.) Hidden
Intel Software Package (HKLM-x32\...\{de91d564-0904-41fb-be2e-875c619f4781}) (Version: 1.0.10701.24404 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM\...\{B7BE54CB-2BAB-458E-99FF-46067A9D451E}) (Version: 10.1.18950.8297 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{128196ab-db0f-4c9e-b603-9c8d8b59934d}) (Version: 10.1.18950.8297 - Intel(R) Corporation)
Intel(R) Dynamic Tuning Technology (HKLM-x32\...\{DDD0E7BA-1023-44F1-B2E0-2297B9ED42B5}) (Version: 9.0.10701.24404 - Intel Corporation)
IrfanView 4.62 (64-bit) (HKLM\...\IrfanView64) (Version: 4.62 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\Kodi) (Version: 19.5.0.0 - XBMC Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Light2 200 (HKLM-x32\...\{F505D9D9-F294-460C-B434-08AF7172105C}_is1) (Version: 1.0 - Sharkoon Technologies)
Malwarebytes version 4.6.3.282 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.3.282 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.43 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.36 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\OneDriveSetup.exe) (Version: 23.184.0903.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{AF47B488-9780-4AB5-A97E-762E28013CA6}) (Version: 5.71.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 118.0 (x64 de)) (Version: 118.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 109.0 - Mozilla)
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0619.01 - MSI)
MSI NBFoundation Service (HKLM-x32\...\{640EFA76-B899-476B-B2DF-D0CCF11D6083}}_is1) (Version: 2.0.2306.1501 - MSI)
MSI Sound Tune (HKLM\...\IGO_VAC) (Version: 2.0.2.1 - Micro-Star INT'L CO., LTD.)
NexiGo version 1.0 (HKLM-x32\...\{36A02147-C92C-458A-8284-E3903A0C4239}_is1) (Version: 1.0 - Nexight Inc)
NVIDIA Grafiktreiber 537.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 537.42 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
PDF24 Creator 11.10.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.10.1 - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Präsentationen (HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\90d537622a3eede7253032ece40e9d94) (Version: 1.0 - Google\Chrome)
Quake IV (HKLM-x32\...\1836059896_is1) (Version: 1.4.3 lang update - GOG.com)
RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder)
SKILLER SGH30 (HKLM-x32\...\{C5978B28-E8F6-454F-B506-5DCF7D6E1315}) (Version: 1.03 - Sharkoon Technologies GmbH )
SKILLER SGK5 (HKLM-x32\...\{01BD8B1F-A2B2-4FC9-984E-F6540ED8A7F8}_is1) (Version: 1.4.19.6 - Sharkoon Technologies)
STAR WARS Jedi - Fallen Order (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.10.0 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tabellen (HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\58f89188697ecfcfce815cfa1c5eb4a9) (Version: 1.0 - Google\Chrome)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 137.0.10799 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 6.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 6.20.0 - win.rar GmbH)
YouTube (HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\4349e599e825db28eceb65c1385b9b4f) (Version: 1.0 - Google\Chrome)
Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt [2023-09-13] (INTEL CORP) [Startup Task]
Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2023-09-27] (Bitdefender)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Corporation)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corp.)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-09-13] (Microsoft Corporation)
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.21.0_x64__kzh8wxbdkxb8p [2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
MSI Game Bar -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_2.0.14.0_x64__kzh8wxbdkxb8p [2023-05-20] (MICRO-STAR INTERNATIONAL CO., LTD)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-08-26] (NVIDIA Corp.)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.148.0_x64__pwbj9vvecjh7j [2023-08-24] (Amazon Development Centre (London) Ltd)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.44.302.0_x64__dt26b99r8h8gj [2023-08-22] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0 [2023-09-23] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-09-13] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-01-31] (win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-833939261-3277912834-1012389114-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-27] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_78515247753844c2\nvshext.dll [2023-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-27] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Datei ist nicht signiert]
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\danij\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Citrix Workspace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=haiffjcadagjlijoggckpgfnoeiflnem
ShortcutWithArgument: C:\Users\danij\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Dokumente.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\danij\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\danij\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Google Drive.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\danij\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Präsentationen.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\danij\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Tabellen.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\danij\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Verbindungsdiagnose für Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eemlkeanncmjljgehlbplemhmdmalhdc
ShortcutWithArgument: C:\Users\danij\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\danij\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Privat - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2023-06-03 18:41 - 2019-01-03 06:49 - 000264704 ____N (C-MEDIA Electronics INC.) [Datei ist nicht signiert] C:\Program Files\SKILLER SGH30\CPL\Driver\x64\vista\osConfLib.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\danij\Downloads\adwcleaner.exe:BDU [0]
AlternateDataStreams: C:\Users\danij\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\danij\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\danij\Downloads\MBSetup.exe:BDU [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-833939261-3277912834-1012389114-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-833939261-3277912834-1012389114-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\danij\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\wallpaperflare.com_wallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run32: => "SKILLER SGK5"
HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-833939261-3277912834-1012389114-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_96DF211D38B4DD2308BD55E41A22586A"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{36D61C4A-9283-4DCA-9231-AED987DC43A9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8CA3B51B-74B8-486B-8373-1A328A139F08}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DE1183B2-2FAF-4238-9F11-A8A9DC837E2A}] => (Allow) C:\Windows\twain_32\HP\HPLM13X\ScanCDLM\ScanCDLM.exe (HP Inc. -> )
FirewallRules: [{32435F4F-EB9B-4C3D-84C1-700A451BECA2}] => (Allow) C:\Windows\twain_32\HP\HPLM13X\ScanCDLM\ScanCDLM.exe (HP Inc. -> )
FirewallRules: [{6EB7ECCB-248C-42C9-B442-22EFC50BBF0D}] => (Allow) C:\Program Files (x86)\HP\MFP Scan\EDC.exe () [Datei ist nicht signiert]
FirewallRules: [{522DB65D-3F60-418E-A29B-2DCE3C2A87A0}] => (Allow) C:\Program Files (x86)\HP\MFP Scan\EDC.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{8A58B374-1394-488D-A3C9-45AD4CAB50FC}C:\program files (x86)\common files\hp scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\hp scan process machine\imageeng.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{3B94B183-5BDE-453B-BFD9-19D0988CAEAD}C:\program files (x86)\common files\hp scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\hp scan process machine\imageeng.exe () [Datei ist nicht signiert]
FirewallRules: [{4FF05CBB-7BA3-4504-9DC1-5CB0F109550F}] => (Block) C:\program files (x86)\common files\hp scan process machine\imageeng.exe () [Datei ist nicht signiert]
FirewallRules: [{7D4E1980-618C-478A-980F-305B3359A705}] => (Block) C:\program files (x86)\common files\hp scan process machine\imageeng.exe () [Datei ist nicht signiert]
FirewallRules: [{0BE98AF1-E439-43AB-9006-DD0785FE51C5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{814BC2B2-1679-4A17-9C46-F4A65A572B18}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3676EF5F-AFD9-4908-9F8C-3BD44DE82250}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0069FDE1-ECDA-4392-9C43-190865E7878F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FD69ED75-941C-4269-9A49-82A93878FD02}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{888B3363-2588-4CD6-9698-590A26CFEA80}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{334FDA99-AE58-49F5-A443-46F96EFFE030}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{1B545A38-4654-4A3E-8147-35CA62E8B849}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B7FAA515-26EE-4685-848B-69701F9668B8}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D2B977D8-FDC6-41B7-8ACA-50830DA0D6E7}] => (Allow) C:\Program Files\EA Games\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Respawn Entertainment) [Datei ist nicht signiert]
FirewallRules: [{95AB2BD8-004B-414A-BE66-511012CB08E8}] => (Allow) C:\Program Files\EA Games\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Respawn Entertainment) [Datei ist nicht signiert]
FirewallRules: [{0330199E-FC9F-4C81-8CB8-FB61E8B3D870}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{1B05E140-8151-48E0-A77A-77026CF90A75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{4A0213C1-1355-4F38-A40D-BF25CC7AD6C1}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6EE834A7-7F30-4A60-9FE6-A0BB88A385B0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{92043965-44EA-4453-8520-D0B3B195A4F9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F9EEAAB9-A67E-4109-A903-F62C304A537E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0A7BC674-130F-4F10-AB6F-C2EC55F342D9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9BED1220-E282-4210-AAF2-27198F18794B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{96603FFD-62AD-48AD-8BDE-A42071C2C033}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{520809DC-8645-4262-8E94-2D345C3C2DA8}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [{B34ACD28-4184-4153-9CC7-79DBC5384872}] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [{5ECDCBA3-9C69-48E5-87BB-7A9FB37061CC}] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [{505BB9DA-60B7-40B2-8517-EA4DC4B80FC3}] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [{B8C1784F-EA1B-48F5-B78C-774368510600}] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [{482A37D8-737B-41DA-B084-7E273F70232A}] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [{461DB516-EB13-496E-BDCB-BE9CCA09424F}] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [Datei ist nicht signiert]
FirewallRules: [{E8406531-C140-4B11-AE29-E89E8A768C83}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe () [Datei ist nicht signiert]
FirewallRules: [{10D8907C-CB37-49D2-A1CC-66F015B5794F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe () [Datei ist nicht signiert]
FirewallRules: [{632AC7A0-674A-4AF5-8306-A534671F5A8B}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender)
FirewallRules: [{D897B870-AC3C-4C5A-8C0D-E07AF690B145}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{8AB7AF16-97AF-460B-8B4C-9DC80277E185}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{D5B245F7-5109-4BFB-B518-32A34FA5DDCC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{B22B9F64-A907-40A0-B5B5-31F995F51A79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{90D406F7-AA69-438E-96EC-C637F151C0E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{721C9B6A-3336-4393-BFFD-C94167644E8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive a.s.)
FirewallRules: [{8FF2BA88-C515-4205-B398-1B23F2C82AE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Only Up!\OnlyUP.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{C2D250EA-E6B2-4D3B-8899-F6F4283B91BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Only Up!\OnlyUP.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{D0D22B0F-E70C-42ED-9202-F9DD0FF8536B}C:\users\danij\appdata\local\discord\app-1.0.9015\discord.exe] => (Allow) C:\users\danij\appdata\local\discord\app-1.0.9015\discord.exe => Keine Datei
FirewallRules: [UDP Query User{BC6488F3-5453-4C77-A179-03C8BF214853}C:\users\danij\appdata\local\discord\app-1.0.9015\discord.exe] => (Allow) C:\users\danij\appdata\local\discord\app-1.0.9015\discord.exe => Keine Datei
FirewallRules: [{8B73DFDC-41EC-4C32-91D3-A667C66CFEF0}] => (Block) C:\users\danij\appdata\local\discord\app-1.0.9015\discord.exe => Keine Datei
FirewallRules: [{BB900990-7D75-4304-8653-A0BDBBCD9488}] => (Block) C:\users\danij\appdata\local\discord\app-1.0.9015\discord.exe => Keine Datei
FirewallRules: [TCP Query User{9FC2C5E0-1C99-4962-8F99-03F02114F108}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A94468E6-7C87-4230-88BA-6C24A8D06691}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8D274498-93ED-45B4-9867-D64F36B5AF3C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DD8060DA-1686-4BF9-88C6-3C5952CB1033}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23231.411.2342.9597_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43395E82-3E99-49CA-9B6A-5CEEE7BDD945}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.36\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93149923-8DD7-449A-A5CA-8572791ED7BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{58C105EB-5818-4234-9A74-142F782F5516}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3BD8FEAB-1775-497A-9139-F835BBD36C5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EFDF254C-EBFD-49F6-9168-AF366205399E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B637CECD-D0FF-47FE-AC4E-7E61EBD8EA28}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C2C7D3E6-402B-491E-9EBD-382E4F8BF073}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4B9E6E4D-5B58-4105-84C9-AC59EDF792BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F60893B0-52F1-4B55-928A-4EAC866624EA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C0BFC3FC-D106-4776-838F-AEC62090D2FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DBBADF79-CC42-4B3B-94D7-5CF5E7E956AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3075714F-5168-4CF5-BEDA-BA462BAE7459}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A84E154E-4E7E-42D1-8497-A2F5F92E47F3}] => (Allow) LPort=32683
FirewallRules: [{3BFCC3F3-73A6-4BB5-82DF-74BC7BB10CFC}] => (Allow) LPort=26822
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:953.13 GB) (Free:620.21 GB) (65%)
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (09/27/2023 06:24:26 PM) (Source: IPF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Error: (09/27/2023 06:24:26 PM) (Source: IPF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Error: (09/27/2023 06:24:26 PM) (Source: IPF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Error: (09/27/2023 06:24:26 PM) (Source: IPF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Error: (09/27/2023 06:24:26 PM) (Source: IPF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Error: (09/27/2023 06:24:26 PM) (Source: IPF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Error: (09/27/2023 06:24:26 PM) (Source: IPF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Error: (09/27/2023 06:24:26 PM) (Source: IPF) (EventID: 17) (User: NT-AUTORITÄT)
Description: Event-ID 17
Systemfehler:
=============
Error: (09/27/2023 09:18:22 PM) (Source: DCOM) (EventID: 10010) (User: DC-MSI)
Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/27/2023 09:16:55 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {ba7e85c6-c647-4562-8e8c-9769de185011}" ist das Ereignis "74" aufgetreten.
Error: (09/27/2023 07:24:59 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Microsoft Wi-Fi Direct Virtual Adapter #2, {ba7e85c6-c647-4562-8e8c-9769de185011}" ist das Ereignis "74" aufgetreten.
Error: (09/27/2023 06:23:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/27/2023 06:23:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Bitdefender Agent RedLine Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/27/2023 06:23:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Content Protection HDCP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/27/2023 06:23:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ProductAgentService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/27/2023 06:23:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Realtek Audio Universal Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Windows Defender:
================
Date: 2023-05-28 15:20:01
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Python/MCCrash.B!MTB&threatid=2147837515&enterprise=0
Name: Trojan:Python/MCCrash.B!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\danij\AppData\Roaming\Kodi\addons\plugin.program.KodiBalkan\try.py
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DC-MSI\danij
Prozessname: C:\Program Files\Kodi\kodi.exe
Sicherheitsversion: AV: 1.389.2566.0, AS: 1.389.2566.0, NIS: 1.389.2566.0
Modulversion: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-09 11:11:43
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Python/MCCrash.B!MTB&threatid=2147837515&enterprise=0
Name: Trojan:Python/MCCrash.B!MTB
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\danij\AppData\Roaming\Kodi\addons\plugin.program.KodiBalkan\startup.py
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DC-MSI\danij
Prozessname: C:\Program Files\Kodi\kodi.exe
Sicherheitsversion: AV: 1.389.667.0, AS: 1.389.667.0, NIS: 1.389.667.0
Modulversion: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-09 10:52:13
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Phonzy.A!ml&threatid=2147772962&enterprise=0
Name: Trojan:Win32/Phonzy.A!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\danij\AppData\Roaming\Kodi\addons\packages\plugin.program.KodiBalkan-4.4.zip
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DC-MSI\danij
Prozessname: C:\Program Files\Kodi\kodi.exe
Sicherheitsversion: AV: 1.389.667.0, AS: 1.389.667.0, NIS: 1.389.667.0
Modulversion: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-09 10:44:36
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Phonzy.A!ml&threatid=2147772962&enterprise=0
Name: Trojan:Win32/Phonzy.A!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\danij\AppData\Roaming\Kodi\addons\packages\plugin.program.KodiBalkan-4.4.zip
Erkennungsursprung: Lokaler Computer
Erkennungstype: FastPath
Erkennungsquelle: Echtzeitschutz
Benutzer: DC-MSI\danij
Prozessname: C:\Program Files\Kodi\kodi.exe
Sicherheitsversion: AV: 1.389.667.0, AS: 1.389.667.0, NIS: 1.389.667.0
Modulversion: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-09 10:40:49
Description:
Microsoft Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Phonzy.A!ml&threatid=2147772962&enterprise=0
Name: Trojan:Win32/Phonzy.A!ml
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\danij\AppData\Roaming\Kodi\addons\packages\plugin.program.KodiBalkan-4.4.zip
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DC-MSI\danij
Prozessname: C:\Program Files\Kodi\kodi.exe
Sicherheitsversion: AV: 1.389.667.0, AS: 1.389.667.0, NIS: 1.389.667.0
Modulversion: AM: 1.1.20300.3, NIS: 1.1.20300.3
Event[0]
Date: 2023-07-11 19:53:01
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.393.60.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.23060.1005
Fehlercode: 0x80240438
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
CodeIntegrity:
===============
Date: 2023-09-27 21:20:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends International, LLC. E15B1IMS.108 05/31/2022
Hauptplatine: Micro-Star International Co., Ltd. MS-15B1
Prozessor: 12th Gen Intel(R) Core(TM) i7-1280P
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 16087.63 MB
Verfügbarer physikalischer RAM: 8909.68 MB
Summe virtueller Speicher: 27863.63 MB
Verfügbarer virtueller Speicher: 18910.44 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:953.13 GB) (Free:620.21 GB) (Model: Micron_2450_MTFDKBA1T0TFK) (Protected) NTFS
\\?\Volume{006cc17a-94f6-48f1-9010-9ad48b5eb192}\ () (Fixed) (Total:0.63 GB) (Free:0.08 GB) NTFS
\\?\Volume{2200de20-fafc-4296-993b-ae031cb42d57}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 35EBB0B8)
Partition: GPT.
==================== Ende von Addition.txt ======================= Hier noch die Log Datei vom ersten Scan mit adwcleaner: Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-27-2023
# Duration: 00:00:02
# OS: Windows 11 (Build 22621.2283)
# Cleaned: 16
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Browser Files
Deleted C:\Users\danij\AppData\Roaming\OpenOffice Updater
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
Deleted C:\Users\danij\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Deleted C:\Users\danij\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk
Deleted C:\Users\danij\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|OpenOffice Updater
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|OpenOffice Updater
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\OpenOffice Updater
Deleted HKCU\Software\OpenOffice Updater
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Websuche.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\App Paths\Websuche.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Websuche
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted Web
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
Deleted www1.online/?w=RD3554
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2855 octets] - [27/09/2023 06:40:01]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Und nun ein aktueller Scan: Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-27-2023
# Duration: 00:00:06
# OS: Windows 11 (Build 22621.2283)
# Scanned: 32108
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [2855 octets] - [27/09/2023 06:40:01]
AdwCleaner[C00].txt - [2727 octets] - [27/09/2023 06:40:14]
AdwCleaner[S01].txt - [1544 octets] - [27/09/2023 06:42:02]
AdwCleaner[C01].txt - [1714 octets] - [27/09/2023 06:42:11]
AdwCleaner[S02].txt - [1664 octets] - [27/09/2023 06:42:20]
AdwCleaner[S03].txt - [1725 octets] - [27/09/2023 06:43:44]
AdwCleaner[S04].txt - [1788 octets] - [27/09/2023 06:57:45]
AdwCleaner[S05].txt - [1849 octets] - [27/09/2023 17:47:04]
AdwCleaner[C05].txt - [2019 octets] - [27/09/2023 17:47:21]
AdwCleaner[S06].txt - [1969 octets] - [27/09/2023 17:47:36]
AdwCleaner[S07].txt - [2030 octets] - [27/09/2023 17:54:05]
AdwCleaner[C07].txt - [2220 octets] - [27/09/2023 17:54:33]
AdwCleaner[S08].txt - [2152 octets] - [27/09/2023 18:23:12]
AdwCleaner[C08].txt - [2342 octets] - [27/09/2023 18:23:19]
AdwCleaner[S09].txt - [2274 octets] - [27/09/2023 19:29:35]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S10].txt ########## Danke im Voraus! |