| thx4help | 15.03.2025 23:54 |
Win 10: Manche Webseiten werden nur teilweise oder nicht geladen - unabhängig vom benuzten Browser
(Teil 1 von 6)
Hallo lieber Helfer!
Problem
Seit ca. 3 Tagen werden manche Webseiten nicht mehr oder nur unzureichend geladen.
Funktioniert: stern.de, spiegel.de
Funktioniert nicht: web.de, focus.de
Mein Standard-Browser ist der Firefox. Die Probleme treten aber identisch mit Chrome und Edge auf.
Bisher durchgeführt (ohne Erfolg): fast.com, Cache leeren, DNS ändern, letztes Win-Update deinstallieren, Reboot, adwcleaner.exe, full scan mit Win Defender (siehe FRST.txt) Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-15-2025
# Duration: 00:00:11
# OS: Windows 10 (Build 19045.5608)
# Scanned: 32104
# Detected: 20
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Legacy C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
PUP.Optional.VLCPlusPlayer.DE C:\Program Files\VLC Plus Player
PUP.Optional.VLCPlusPlayer.DE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
***** [ Files ] *****
PUP.Optional.VLCPlusPlayer.DE C:\Users\hadmin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VLC Plus Player.lnk
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.AMUpdaterDE HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|Updater
PUP.Optional.AMUpdaterDE HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater
PUP.Optional.Conduit HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
PUP.Optional.Conduit HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
PUP.Optional.Fake.OpenOfficeUpdater HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|OpenOffice Updater
PUP.Optional.VLCPlusPlayer.DE HKLM\Software\VLCPP
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.SamsungSmartSwitch File C:\Users\hadmin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk
Preinstalled.SamsungSmartSwitch Folder C:\Program Files (x86)\SAMSUNG\SMART SWITCH PC
Preinstalled.SamsungSmartSwitch Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC
Preinstalled.SamsungSmartSwitch Folder C:\Users\hadmin\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-15-2025
# Duration: 00:00:02
# OS: Windows 10 (Build 19045.5608)
# Cleaned: 20
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files\VLC Plus Player
Deleted C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player
***** [ Files ] *****
Deleted C:\Users\hadmin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VLC Plus Player.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|OpenOffice Updater
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\VLCPP
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|Updater
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.SamsungSmartSwitch File C:\Users\hadmin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Program Files (x86)\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\hadmin\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
Deleted Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3457 octets] - [15/03/2025 19:50:28]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-15-2025
# Duration: 00:00:16
# OS: Windows 10 (Build 19045.5608)
# Scanned: 32105
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [3457 octets] - [15/03/2025 19:50:28]
AdwCleaner[C00].txt - [3461 octets] - [15/03/2025 19:54:33]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2025 01
durchgeführt von hadmin (Administrator) auf DESKTOP-UKC9QVK (15-03-2025 22:55:54)
Gestartet von C:\Users\hadmin\Desktop\FRST64.exe
Geladene Profile: hadmin
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.5608 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(C:\Program Files\Logitech\LogiTune\backend\LogiTuneUpdater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiTune\backend\LogiTuneAgent.exe
(C:\Program Files\Tablet\Wacom\WacomHost.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(PrintCtrl.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe <2>
(PrintDisp.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe <2>
(services.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiTune\backend\LogiTuneUpdater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(services.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2501.1.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116904 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [176472 2019-07-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [369488 2024-10-12] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [PrintDisp] => C:\WINDOWS\system32\PrintDisp.exe [586888 2018-09-20] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [Logi Tune] => C:\Program Files\Logitech\LogiTune\LogiTune.exe [186063768 2025-01-12] (Logitech Inc -> Logitech)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Datei ist nicht signiert]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2021-01-23] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779504 2024-03-21] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-1416906505-2819363707-2454556934-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680712 2021-01-23] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1416906505-2819363707-2454556934-1001\...\Run: [VLC Plus Player Updater] => C:\Users\hadmin\AppData\Local\VLC Plus Player Updater\Updater.exe [202056 2022-01-21] (Aller Media e.K. -> ) <==== ACHTUNG
HKU\S-1-5-21-1416906505-2819363707-2454556934-1001\...\Run: [MicrosoftEdgeAutoLaunch_098077363EF75DC29771F898618CF2E3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291152 2025-03-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1416906505-2819363707-2454556934-1001\...\Run: [electron.app.Loom] => C:\Users\hadmin\AppData\Local\Programs\Loom\Loom.exe [186505232 2025-03-14] (Loom, Inc. -> Loom, Inc.)
HKLM\...\Windows x64\Print Processors\ActMaskR: C:\Windows\System32\spool\prtprocs\x64\ActPrint.dll [51848 2018-09-14] (ActMask Group Co., Ltd -> ActMask Co.,Ltd)
HKLM\...\Print\Monitors\EPSON Stylus Photo R2880 64MonitorBE: C:\Windows\system32\E_ILMCXE.DLL [108032 2007-12-07] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\134.0.6998.89\Installer\chrmstp.exe [2025-03-12] (Google LLC -> Google LLC)
Startup: C:\Users\hadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ColorNavigator 7.lnk [2024-12-20]
ShortcutTarget: ColorNavigator 7.lnk -> C:\Program Files\EIZO\ColorNavigator 7\ColorNavigator 7.exe (EIZO Corporation -> EIZO Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {E10DD359-2CB6-4ED6-9A35-5FABD959B384} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116904 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9B1DB7C2-9A68-4FB0-BC96-AD76EDE0B36F} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4455336 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7646D4BE-2393-4C90-8957-01B9EB88E5BC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {78B8CF67-2382-4CA7-AC3A-5A5034AABEA1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FAEEF15F-5555-428F-86CC-39C1E3EB0C0D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "edc3ec6d-46b7-42d4-b954-0882f5983d6a" --version "6.23.11010" --silent
Task: {93804258-3B0A-4CB4-995F-91C60874A7AF} - System32\Tasks\CCleanerSkipUAC - hadmin => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {2588562D-42C9-43EF-9FBF-BDEB4EE2E645} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem135.0.7023.0{CF2E934F-90C9-4285-B1BC-1353C677C737} => C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.0\updater.exe [5745760 2025-02-19] (Google LLC -> Google LLC)
Task: {314830C5-66C1-48E6-ADCF-781084BD8365} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28606192 2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C48758D2-7AB0-45F3-8F97-D78426681992} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28606192 2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {4ED08A72-4AA4-4F61-B5F7-D24389860220} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5E8ADFA-4CFC-4125-9ECC-0FDCE5AB76D5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5B436E2-AAC3-472E-81BD-691736F3CF8C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [187024 2024-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC80C84E-E2EB-4DBC-9B73-31FD963CA1D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {76B72887-F6A4-4ED9-951F-C6F7722ED836} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {48647146-99B9-49A7-B9E4-4F313F2A7924} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EDA71465-6574-4E03-B995-585FD451F86E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CD883466-12BB-4B08-9FFA-830A96099D33} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-03-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {B96C2F32-E88A-4795-AE8E-4A999A7A6A6A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3047944 2020-08-31] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\/AUTOHIDE
Task: {CD068503-0C26-49CA-857F-DFA550D0EDC0} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-1416906505-2819363707-2454556934-1001 => C:\Users\hadmin\AppData\Roaming\Zoom\bin\Zoom.exe [434488 2025-03-07] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{bd59dfc2-2dd6-4019-adae-0a440aab054c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{bd59dfc2-2dd6-4019-adae-0a440aab054c}: [DhcpDomain] fritz.box
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\hadmin\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-15]
Edge Extension: (Google Docs Offline) - C:\Users\hadmin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-05]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\hadmin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
FireFox:
========
FF DefaultProfile: 9vn8sqb0.default
FF ProfilePath: C:\Users\hadmin\AppData\Roaming\Mozilla\Firefox\Profiles\9vn8sqb0.default [2020-03-08]
FF NewTab: Mozilla\Firefox\Profiles\9vn8sqb0.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=IC150206&iDate=2020-03-08 01:13:44&bName=&bitmask=0600
FF ProfilePath: C:\Users\hadmin\AppData\Roaming\Mozilla\Firefox\Profiles\0mjvgayo.default-release [2025-03-15]
FF DownloadDir: C:\Users\hadmin\Desktop
FF Homepage: Mozilla\Firefox\Profiles\0mjvgayo.default-release -> www.google.de
FF NewTab: Mozilla\Firefox\Profiles\0mjvgayo.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=IC150206&iDate=2020-03-08 01:13:44&bName=&bitmask=0600
FF Extension: (Dreamer – Balanced) - C:\Users\hadmin\AppData\Roaming\Mozilla\Firefox\Profiles\0mjvgayo.default-release\Extensions\dreamer-balanced-colorway@mozilla.org.xpi [2023-03-15]
FF Extension: (Grammatik- und Rechtschreibprüfung - LanguageTool) - C:\Users\hadmin\AppData\Roaming\Mozilla\Firefox\Profiles\0mjvgayo.default-release\Extensions\languagetool-webextension@languagetool.org.xpi [2025-01-16]
FF Extension: (uBlock Origin) - C:\Users\hadmin\AppData\Roaming\Mozilla\Firefox\Profiles\0mjvgayo.default-release\Extensions\uBlock0@raymondhill.net.xpi [2025-01-18]
FF Extension: (ColorZilla) - C:\Users\hadmin\AppData\Roaming\Mozilla\Firefox\Profiles\0mjvgayo.default-release\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2025-01-16]
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @vlc.de/vlc,version=3.0.16 -> C:\Program Files\VLC Plus Player\npvlc.dll [Keine Datei]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-03-21] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-03-21] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\hadmin\AppData\Local\Google\Chrome\User Data\Default [2025-03-15]
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}&language={language}&PC=U316
CHR Extension: (MaxFocus: Link Preview & AI Assistant) - C:\Users\hadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnacincmbaknlbegecpioobkfgejlojp [2025-02-13]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Merlin - Ask AI to Research, Write & Review) - C:\Users\hadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\camppjleccjaphfdbohjdohecfnoikec [2024-09-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Page Edit) - C:\Users\hadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\clfiicjcpkcccglblehapeiipibnaenl [2025-02-28]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Video Downloader für Vimeo) - C:\Users\hadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkiipfbcepndfilijijlacffnlbchigb [2024-11-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Meta Pixel Helper) - C:\Users\hadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2024-03-09]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\hadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2025-03-01]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs Offline) - C:\Users\hadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-28]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hadmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-18]hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Profile: C:\Users\hadmin\AppData\Roaming\Opera Software\Opera Stable [2024-10-07]
OPR Extension: (Rich Hints Agent) - C:\Users\hadmin\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-21]hxxps://extension-updates.opera.com/api/omaha/update/
OPR Extension: (Opera Wallet) - C:\Users\hadmin\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-03-21]hxxps://extension-updates.opera.com/api/omaha/update/
OPR Extension: (Amazon Assistant Promotion) - C:\Users\hadmin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-03-21]hxxps://extension-updates.opera.com/api/omaha/update/
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842480 2024-03-21] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4580776 2024-10-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2024-08-27] (Apple Inc. -> Apple Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14044856 2025-02-03] (Microsoft Corporation -> Microsoft Corporation)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-10-25] (Logitech Inc -> Logitech)
R2 LogiTuneUpdaterService; C:\Program Files\Logitech\LogiTune\backend\LogiTuneUpdater.exe [3431832 2025-01-12] (Logitech Inc -> Logitech, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [30224 2019-07-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559328 2025-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Datei ist nicht signiert]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262312 2021-03-12] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 camodriver; C:\WINDOWS\System32\DriverStore\FileRepository\camodriver.inf_amd64_99bad0a66e30f6f3\x64\camodriver.sys [36912 2024-06-07] (Microsoft Windows Hardware Compatibility Publisher -> Reincubate Ltd.)
S3 e2esoft_ivcamaudio_simple; C:\WINDOWS\system32\drivers\iVCamAud.sys [261176 2023-05-22] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
S3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1198664 2022-12-05] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [278944 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [309752 2019-06-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [120280 2019-06-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Spyder5; C:\WINDOWS\System32\drivers\dccmtr.sys [15360 2018-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Datacolor)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2020-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WacHidRouterPro; C:\WINDOWS\System32\drivers\wachidrouter.sys [127512 2020-09-18] (WDKTestCert dant,132134237881206156 -> Wacom Technology, Corp.)
S3 wacomrouterfilter; C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [28680 2020-09-18] (WDKTestCert dant,132134237881206156 -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601520 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus2.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-03-15 22:55 - 2025-03-15 22:56 - 000027145 _____ C:\Users\hadmin\Desktop\FRST.txt
2025-03-15 22:55 - 2025-03-15 22:56 - 000000000 ____D C:\FRST
2025-03-15 22:08 - 2025-03-15 22:08 - 002404352 _____ (Farbar) C:\Users\hadmin\Desktop\FRST64.exe
2025-03-15 20:13 - 2025-03-15 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2025-03-15 19:50 - 2025-03-15 19:54 - 000000000 ____D C:\AdwCleaner
2025-03-15 19:49 - 2025-03-15 19:49 - 009566696 _____ (Malwarebytes) C:\Users\hadmin\Desktop\adwcleaner.exe
2025-03-15 19:12 - 2025-03-15 19:12 - 000000000 ___HD C:\$WinREAgent
2025-03-13 10:15 - 2025-03-13 10:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-03-12 21:31 - 2025-03-14 10:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-03-10 11:58 - 2025-03-10 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2025-03-10 11:57 - 2025-03-10 11:58 - 000000000 ____D C:\ProgramData\EPSON
2025-03-10 11:57 - 2007-12-07 02:08 - 000108032 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMCXE.DLL
2025-03-10 11:57 - 2007-12-07 02:01 - 000081408 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_IBCBCXE.DLL
2025-03-10 11:57 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2025-03-07 20:06 - 2025-03-07 20:06 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2025-03-06 12:10 - 2025-03-06 12:10 - 000000000 ____D C:\Users\hadmin\Desktop\2025-03-06 12.10.25 Adrian x Markus
2025-02-28 22:06 - 2025-02-28 22:06 - 000000000 ____D C:\Users\hadmin\Desktop\ECP 17.02.25
2025-02-20 15:02 - 2025-02-20 15:02 - 000000000 ____D C:\Users\hadmin\dwhelper
2025-02-20 15:02 - 2025-02-20 15:02 - 000000000 ____D C:\Program Files\DownloadHelper CoApp
2025-02-19 10:59 - 2025-02-19 10:59 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\Microsoft\Access
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2025-03-15 22:54 - 2022-02-11 11:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-15 22:53 - 2020-06-18 12:57 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\WTablet
2025-03-15 22:52 - 2020-12-07 19:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-15 22:52 - 2020-12-07 19:39 - 000008192 ___SH C:\DumpStack.log.tmp
2025-03-15 22:52 - 2020-03-05 22:51 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-15 22:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-03-15 22:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-15 22:52 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-03-15 20:16 - 2020-03-06 10:42 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\vlc
2025-03-15 20:14 - 2023-03-16 21:59 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\XnConvert
2025-03-15 20:13 - 2020-03-06 10:42 - 000000000 ____D C:\Program Files\VideoLAN
2025-03-15 20:11 - 2020-03-04 17:47 - 000000000 ____D C:\Program Files\CCleaner
2025-03-15 20:02 - 2020-12-07 19:47 - 001723792 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-15 20:02 - 2019-12-07 15:51 - 000743952 _____ C:\WINDOWS\system32\perfh007.dat
2025-03-15 20:02 - 2019-12-07 15:51 - 000150374 _____ C:\WINDOWS\system32\perfc007.dat
2025-03-15 20:02 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-03-15 19:54 - 2021-04-27 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2025-03-15 19:54 - 2021-04-27 12:23 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\Samsung
2025-03-15 19:45 - 2024-12-09 12:37 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\Loom
2025-03-15 19:44 - 2024-12-16 22:20 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\logitune
2025-03-15 19:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-15 19:33 - 2020-12-07 19:39 - 005169304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-15 19:32 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-03-15 19:32 - 2019-12-07 15:52 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-03-15 19:32 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-03-15 19:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-15 19:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-15 19:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-03-15 19:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-15 19:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-15 19:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-15 19:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2025-03-15 19:31 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-15 19:29 - 2020-12-07 19:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-15 19:28 - 2020-12-07 19:43 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-03-15 19:21 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-15 14:48 - 2020-03-04 16:05 - 000000000 ____D C:\Users\hadmin\AppData\Local\ConnectedDevicesPlatform
2025-03-15 13:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-03-15 11:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-03-14 20:44 - 2020-03-04 17:25 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\PersBackup6
2025-03-14 19:28 - 2021-07-09 09:49 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\Microsoft\Word
2025-03-14 18:23 - 2024-12-09 12:37 - 000000000 ____D C:\Users\hadmin\AppData\Local\loom-updater
2025-03-14 10:02 - 2020-03-04 16:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-13 12:31 - 2020-03-04 23:17 - 000000000 ____D C:\Users\hadmin\AppData\Local\D3DSCache
2025-03-13 10:15 - 2020-03-04 16:33 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-12 22:17 - 2021-12-17 20:35 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-12 21:07 - 2023-12-18 11:25 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-03-12 19:25 - 2020-06-20 22:08 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-12 09:46 - 2020-03-04 16:05 - 000000000 ____D C:\Users\hadmin\AppData\Local\Packages
2025-03-12 09:46 - 2020-03-04 16:01 - 000000000 ____D C:\ProgramData\Packages
2025-03-10 11:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-03-08 11:11 - 2020-12-07 19:43 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-08 11:11 - 2020-12-07 19:43 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-08 11:06 - 2020-03-23 19:11 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\Zoom
2025-03-07 20:06 - 2024-09-19 08:51 - 000004258 _____ C:\WINDOWS\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-1416906505-2819363707-2454556934-1001
2025-03-06 08:07 - 2020-03-04 15:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-03-04 12:59 - 2020-03-06 19:32 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2025-02-27 20:28 - 2025-02-12 14:18 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\VideoEditor
2025-02-20 23:04 - 2024-04-21 11:30 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\obs-studio
2025-02-20 15:04 - 2024-06-09 14:46 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\avidemux
2025-02-20 15:02 - 2020-12-07 18:52 - 000000000 ____D C:\Users\hadmin
2025-02-13 23:03 - 2024-08-06 12:47 - 000000000 ____D C:\Program Files\Microsoft Office
2025-02-13 09:47 - 2021-07-18 00:21 - 000000000 ____D C:\Users\hadmin\AppData\Roaming\Microsoft\Excel
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2019-09-04 01:14 - 2019-09-04 01:14 - 000000279 _____ () C:\Program Files (x86)\setup.ini
2024-04-21 08:45 - 2024-04-21 08:45 - 000000054 _____ () C:\Users\hadmin\AppData\Roaming\Camdata.ini
2024-04-21 08:45 - 2024-04-21 08:45 - 000000408 _____ () C:\Users\hadmin\AppData\Roaming\CamLayout.ini
2024-04-21 08:45 - 2024-04-21 08:45 - 000000408 _____ () C:\Users\hadmin\AppData\Roaming\CamShapes.ini
2024-04-21 08:45 - 2024-04-21 08:45 - 000004536 _____ () C:\Users\hadmin\AppData\Roaming\CamStudio.cfg
2024-04-21 11:56 - 2025-01-22 19:02 - 000000016 _____ () C:\Users\hadmin\AppData\Roaming\obs-virtualcam.txt
2021-04-29 09:00 - 2021-04-29 09:08 - 000001158 _____ () C:\Users\hadmin\AppData\Roaming\ShiftN.ini
2020-03-06 19:41 - 2020-03-06 19:41 - 000000000 _____ () C:\Users\hadmin\AppData\Local\oobelibMkey.log
2021-07-22 19:14 - 2021-07-22 21:47 - 000000128 _____ () C:\Users\hadmin\AppData\Local\PUTTY.RND
2024-06-14 09:52 - 2024-06-14 09:52 - 000000218 _____ () C:\Users\hadmin\AppData\Local\recently-used.xbel
2023-05-24 22:51 - 2023-05-24 22:51 - 000007610 _____ () C:\Users\hadmin\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2025 01
durchgeführt von hadmin (15-03-2025 22:57:20)
Gestartet von C:\Users\hadmin\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5608 (X64) (2020-12-07 18:43:20)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1416906505-2819363707-2454556934-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1416906505-2819363707-2454556934-503 - Limited - Disabled)
Gast (S-1-5-21-1416906505-2819363707-2454556934-501 - Limited - Disabled)
hadmin (S-1-5-21-1416906505-2819363707-2454556934-1001 - Administrator - Enabled) => C:\Users\hadmin
plusc (S-1-5-21-1416906505-2819363707-2454556934-1003 - Administrator - Enabled)
Uta (S-1-5-21-1416906505-2819363707-2454556934-1002 - Limited - Enabled) => C:\Users\Uta
WDAGUtilityAccount (S-1-5-21-1416906505-2819363707-2454556934-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader (HKLM\...\{2C3AAB92-8764-42BE-8937-D83A2ADAFFDB}) (Version: 4.32.5.0116 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{1b21aeef-6c1c-4c82-9ffb-99cd75479321}) (Version: 4.23.3.5250 - Open Media LLC)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.5.0.617 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.5.1.48 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.14 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1416906505-2819363707-2454556934-1001\...\Amazon Kindle) (Version: 2.6.1.70964 - Amazon)
Apple Mobile Device Support (HKLM\...\{AF0C3D84-6909-4B48-A335-2EC35087BAB0}) (Version: 18.0.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Avidemux VC++ 64bits (HKU\S-1-5-21-1416906505-2819363707-2454556934-1001\...\{b2f6a868-9c34-4539-a2f8-78b096b8ccc2}) (Version: 2.8.1 - Mean)
Belarc Advisor 9.0 (HKLM-x32\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
Blackmagic RAW Common Components (HKLM\...\{F4268583-A17F-43C8-AAAE-57CCA111273C}) (Version: 3.6.1 - Blackmagic Design)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
CanoScan 5600F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4808) (Version: - )
Capture NX-D (HKLM\...\{2D088846-B670-47AF-91C3-76E0B3E887C3}) (Version: 1.6.5 - Nikon Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 6.23 - Piriform)
ColorNavigator 7 (HKLM\...\{c59674d3-1415-482b-9141-a444ff1653f7}_is1) (Version: 7.1.11 - EIZO Corporation)
DownloadHelper CoApp (HKLM-x32\...\DownloadHelper CoApp) (Version: 2.0.19.0 - ACLAP)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
FastStone Image Viewer 7.8 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.8 - FastStone Corporation)
FileZilla Client 3.55.0 (HKU\S-1-5-21-1416906505-2819363707-2454556934-1001\...\FileZilla Client) (Version: 3.55.0 - Tim Kosse)
FlexiPDF 2022 Version 2022.311 (HKLM-x32\...\B9F23F17-3ACE-4DF7-9456-940C6473AED2_is1) (Version: 2022.311 - SoftMaker Software GmbH)
Freeplane (HKLM\...\{D3941722-C4DD-4509-88C4-0E87F675A859}_is1) (Version: 1.11.11 - Open source)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 134.0.6998.89 - Google LLC)
iTunes (HKLM\...\{B9140EF0-978E-412F-8D19-E715275EAC33}) (Version: 12.13.4.4 - Apple Inc.)
|
