| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 10: UpdatePush.com auf dem Desktop gefundenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
23.07.2021, 12:02
| #1 |
 |  Windows 10: UpdatePush.com auf dem Desktop gefunden Moin, Wie im Titel schon beschrieben, habe ich heute nach dem Starten des Rechners die Datei "updatepush.com" auf dem Desktop entdeckt. Nach kurzer Google-Suche bin ich auf euer Forum gestoßen. Dort waren bereits 2 Einträge zu diesem Trojaner vorhanden. Nun habe ich mich hilfesuchend bei euch angemeldet. Ich werde jetzt die Logs der versch. Programme posten. FRST Logfiles FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01
durchgeführt von Tafkadasoh (Administrator) auf DESKTOP-LQ52EEN (XMG P65xHP) (23-07-2021 12:50:52)
Gestartet von D:\ChromeDownloads
Geladene Profile: Tafkadasoh & Loki
Platform: Windows 10 Pro Version 21H1 19043.1110 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\Drakonia Configurator\hid.exe
() [Datei ist nicht signiert] C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\25.0.1.192\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdtrackersnmh.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnapp.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <23>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_538e668538abf17f\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sharkoon Technologies) [Datei ist nicht signiert] C:\Program Files (x86)\Skiller PRO\Monitor.EXE
(Siber Systems -> Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\rf-chrome-nm-host.exe
(Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
0 C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
0 C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [224376 2020-12-07] (Bitdefender SRL -> Bitdefender)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18382304 2017-11-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942744 2018-12-17] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies) [Datei ist nicht signiert]
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-09] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5296864 2021-06-27] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1020190676-1809315362-3830918980-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [148800 2021-06-18] (Siber Systems -> Siber Systems)
HKU\S-1-5-21-1020190676-1809315362-3830918980-1001\...\Run: [Steam] => C:\Gamelauncher\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-1020190676-1809315362-3830918980-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8520168 2021-07-14] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\Run: [Update Plus Player] => C:\Program Files\VLC Plus Player\vlc.exe [157808 2021-05-12] (Aller Media e.K. -> VideoLAN) <==== ACHTUNG
HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5550304 2021-06-27] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [148800 2021-06-18] (Siber Systems -> Siber Systems)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65160 2021-05-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.164\Installer\chrmstp.exe [2021-07-20] (Google LLC -> Google LLC)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {072EAF8C-4F08-4B88-9016-DFCB875EB6EA} - System32\Tasks\Netzwerkspeicher-Schnittstellendienst Dienst Broker => C:\Program Files (x86)\nodejs\node.exe [15017624 2017-05-02] (Node.js Foundation -> Node.js) -> "C:\ProgramData\Package Cache\{F326E772-81C4-465D-97A8-55DDCDEC9835}\{56870CA6-89F9-4666-8620-DE1ECE943B10}" <==== ACHTUNG
Task: {124B0BD5-1775-4D14-BADC-9DD91D3431AC} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {15DCACCF-C2DD-45CC-AF8B-5BF32F69B88D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-16] (Google LLC -> Google LLC)
Task: {1B935721-1FED-4588-B4E4-BDEDF041D20D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1C6CE731-1DD7-412F-A3BD-B527C93533FC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C5719AD-3818-4D1A-B483-B000BBDFF2AF} - System32\Tasks\Run RoboForm Process => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [3278208 2021-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {36905905-33F5-487A-BF68-33C7A0985287} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\25.0.1.192\WatchDog.exe [937064 2021-06-08] (Bitdefender SRL -> Bitdefender)
Task: {3B24DB2A-E065-4C55-88F8-26CEFC17DADF} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [148800 2021-06-18] (Siber Systems -> Siber Systems)
Task: {41ED8001-A23A-4D4F-A9CC-AAE1369F970D} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1020190676-1809315362-3830918980-500 => C:\Users\wittw\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {4227FF46-B04E-4A86-9F7A-242114F2DDEA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {42863B92-E9A9-4AEA-8951-EBBD02B7A81E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {52AFD117-1E4E-4235-B5CD-0483431A54F1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5540D337-77B4-4074-B0BC-70623BF33647} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {6896EAE2-681A-408E-BDDD-578E7FE55F97} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23182224 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {68D9FDD3-B925-4410-B09B-E8736D3FAF20} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {6C4C85E1-A1DB-4844-B8BF-A45F2E6C13A5} - System32\Tasks\Open URL by RoboForm => C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "https://www.roboform.com/test-pass.html?aaa=KICMPMNJMMPMMJPMGMJMCNPMKJOJNJCNLMNJJMMMCNHMKJLMOMCNNMGMPMHMNJKJNJMJHMKMNJOMJNIICMGMCNOMCNPMCNPMJNHJCMNMCNOMPMCNPMCNOMGMPMLMNMJNHICMEKMICNJJCKJNAJCMIKGJLILIIIKJNICNLJOJBJGJKJDJPLIIKJNJBNLJKJJNEJCMJNFJCMJNBJCMLKOJJJEJOJLJOJMIAJHJJNKJCMIIGJLILIIIKJNIBNLJOJBJGJKJDJLMNMPLIJCJOJGJDJBNMJAJCJJNDJCMLJKJJNMJCMMMFMOMPMIMFMOMKMJNFICMJNJJCMPMJNIJCMOMJNOICMPMJNCJCMJNOMCMJNNMCMJNMMCMJNLMCMJNKMCMOMJNJMCMPM"
Task: {979F0624-D2C9-4E65-894C-D1E0BD1659C3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAEF8194-380D-4D92-8A22-B0E9F5C7D1BB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147304 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6730C55-8A2A-47C1-B4ED-73681DE58AD3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1537408 2021-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9B21F38-EB1C-457B-BC96-5D19B80B5B35} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C5FB9A10-6444-4CB0-8A71-E2451C946E8A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23182224 2021-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {D41D7EF6-531F-454C-B35E-B81EF5579366} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE9000C4-2114-41AA-9C40-0A6791F2A369} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [957016 2021-07-05] (Bitdefender SRL -> Bitdefender)
Task: {DEFC53B3-E424-4B35-B06A-087F6232BE5F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F212C431-242E-40B2-91D9-A6BD52EAC4A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-16] (Google LLC -> Google LLC)
Task: {F44618D6-0DDC-4E12-87C4-534251C0A0F7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF900A9A-06DB-496C-B9BF-009B22B5A25C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1020190676-1809315362-3830918980-1002 => C:\Users\wittw\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{9f67b45e-5e4b-48e5-bda3-4a78732c7d74}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{ebe7866b-f256-43a8-800e-9ccac9561cf5}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\wittw\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-14]
Edge Extension: (Outlook) - C:\Users\wittw\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-01-16]
Edge Extension: (Word) - C:\Users\wittw\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-01-16]
Edge Extension: (Excel) - C:\Users\wittw\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-01-16]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2020-07-16] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-Tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-09-17] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-12-07]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2020-12-08] [] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @vlc.de/vlc,version=3.0.11 -> C:\Program Files\VLC Plus Player\npvlc.dll [2021-05-12] (Aller Media e.K. -> VideoLAN)
FF Plugin: @vlc.de/vlc,version=3.0.14 -> C:\Program Files\VLC Plus Player\npvlc.dll [2021-05-12] (Aller Media e.K. -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-09] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-09] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default [2021-07-14]
CHR Extension: (Präsentationen) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-16]
CHR Extension: (Docs) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-16]
CHR Extension: (Google Drive) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-16]
CHR Extension: (YouTube) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-16]
CHR Extension: (Adobe Acrobat) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-07-14]
CHR Extension: (Tabellen) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-16]
CHR Extension: (Bitdefender Wallet) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2021-01-17]
CHR Extension: (Google Docs Offline) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-14]
CHR Extension: (Bitdefender Anti-Tracker) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2021-01-17]
CHR Extension: (Web Safety) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2021-01-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-14]
CHR Extension: (Google Mail) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-16]
CHR Extension: (Chrome Media Router) - C:\Users\wittw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-09] (Adobe Inc. -> Adobe Inc.)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [197624 2020-11-02] (Pango Inc. -> AnchorFree Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [798640 2021-07-05] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [798640 2021-07-05] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [250392 2020-12-07] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8808480 2021-06-08] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9056672 2021-07-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2547344 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3487384 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [774760 2021-06-08] (Bitdefender SRL -> Bitdefender)
S3 Rockstar Service; E:\EpicGames\RockstarLauncher\RockstarService.exe [1676696 2021-03-16] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395384 2021-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [306776 2021-07-05] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [798640 2021-07-05] (Bitdefender SRL -> Bitdefender)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-07-14] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_538e668538abf17f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_538e668538abf17f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AirplaneModeHid; C:\Windows\system32\DRIVERS\AirplaneModeHid.sys [37832 2017-07-03] (Insyde Software Corp. -> Insyde Corporation)
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [2718744 2021-03-29] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [802976 2021-04-26] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [22976 2021-04-26] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender)
R0 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [46056 2021-04-28] (Bitdefender SRL -> © Bitdefender SRL)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [488592 2021-04-26] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [195232 2020-09-03] (Bitdefender SRL -> BitDefender LLC)
R2 Ignis; C:\Windows\system32\DRIVERS\ignis.sys [185312 2020-10-07] (Bitdefender SRL -> Bitdefender)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [641728 2021-03-29] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-01-16] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429296 2021-01-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [70896 2021-01-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-07-23 12:45 - 2021-07-23 12:51 - 000000000 ____D C:\FRST
2021-07-16 15:12 - 2021-07-16 15:12 - 000000000 ____D C:\Users\Loki\AppData\LocalLow\Bethesda
2021-07-16 15:01 - 2021-07-18 00:13 - 000000000 ____D C:\Users\Loki\AppData\Local\FalloutShelter
2021-07-14 13:22 - 2017-11-23 00:23 - 000532368 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2021-07-14 13:22 - 2017-11-23 00:23 - 000221960 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2021-07-14 13:22 - 2017-11-23 00:23 - 000166192 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2021-07-14 13:22 - 2017-11-23 00:22 - 000209528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2021-07-14 13:22 - 2017-11-23 00:21 - 003509192 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2021-07-14 13:22 - 2017-11-23 00:21 - 001351232 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2021-07-14 13:22 - 2017-11-23 00:21 - 000387304 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2021-07-14 13:22 - 2017-11-23 00:21 - 000343696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2021-07-14 13:22 - 2017-11-23 00:21 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2021-07-14 13:22 - 2017-11-23 00:21 - 000321704 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2021-07-14 13:22 - 2017-11-23 00:21 - 000214824 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2021-07-14 13:22 - 2017-11-23 00:21 - 000110976 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2021-07-14 13:22 - 2017-11-23 00:21 - 000088336 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2021-07-14 13:22 - 2017-11-23 00:20 - 003677152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2021-07-14 13:22 - 2017-11-23 00:20 - 003205600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2021-07-14 13:22 - 2017-11-23 00:20 - 002922976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2021-07-14 13:22 - 2017-11-23 00:20 - 001921776 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2021-07-14 13:22 - 2017-11-23 00:19 - 000122312 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2021-07-14 13:22 - 2017-11-22 23:44 - 015089989 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2021-07-14 13:20 - 2021-07-14 13:20 - 001328376 _____ C:\Windows\system32\FaceTrackerInternal.dll
2021-07-14 13:20 - 2021-07-14 13:20 - 001324032 _____ C:\Windows\system32\FaceProcessor.dll
2021-07-14 13:20 - 2021-07-14 13:20 - 000512864 _____ C:\Windows\system32\FaceProcessorCore.dll
2021-07-14 13:20 - 2021-07-14 13:20 - 000011357 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-07-14 13:20 - 2021-07-14 13:20 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2021-07-14 13:20 - 2021-07-14 13:20 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2021-07-14 13:20 - 2021-07-14 13:20 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rendezvousSession.tlb
2021-07-14 13:20 - 2021-07-14 13:20 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\rendezvousSession.tlb
2021-07-14 13:19 - 2021-07-14 13:19 - 001823280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-07-14 13:13 - 2021-06-03 15:56 - 000043408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\NvModuleTracker.sys
2021-07-14 13:08 - 2021-07-14 13:09 - 000000000 ____D C:\Users\wittw\AppData\Local\Steam
2021-07-14 13:07 - 2021-07-14 13:13 - 000000000 ____D C:\Users\wittw\AppData\Local\NVIDIA
2021-07-14 13:07 - 2021-07-14 13:07 - 000000000 ____D C:\Users\wittw\ansel
2021-07-13 12:33 - 2021-07-13 12:33 - 000000000 ____D C:\Users\Loki\Documents\Darkest
2021-07-12 15:54 - 2021-07-23 00:34 - 000000000 ____D C:\Users\Loki\Documents\Euro Truck Simulator 2
2021-07-12 02:12 - 2021-07-12 02:12 - 000004452 _____ C:\Windows\system32\Tasks\Netzwerkspeicher-Schnittstellendienst Dienst Broker
2021-07-12 02:12 - 2021-07-12 02:12 - 000000408 _____ C:\Users\Public\Desktop\updatepush.com.lnk
2021-07-12 02:11 - 2021-07-12 02:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2021-07-12 02:11 - 2021-07-12 02:12 - 000000000 ____D C:\Program Files (x86)\nodejs
2021-07-12 02:11 - 2021-07-12 02:11 - 000000000 ____D C:\Users\wittw\AppData\Roaming\npm
2021-07-08 11:04 - 2021-07-08 11:04 - 000000000 ____D C:\Users\Loki\AppData\Roaming\Blizzard Entertainment
2021-07-08 09:57 - 2021-07-08 09:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2021-07-08 09:52 - 2021-07-08 11:12 - 000000000 ____D C:\Users\Loki\Documents\StarCraft II
2021-07-07 13:01 - 2021-07-07 13:01 - 002371072 _____ C:\Windows\system32\rdpnano.dll
2021-07-07 13:01 - 2021-07-07 13:01 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-07-07 13:01 - 2021-07-07 13:01 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-07-07 13:01 - 2021-07-07 13:01 - 001314128 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-07-07 13:01 - 2021-07-07 13:01 - 000570880 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-07-07 13:01 - 2021-07-07 13:01 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-07-07 13:01 - 2021-07-07 13:01 - 000097792 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-07-07 13:01 - 2021-07-07 13:01 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2021-07-07 13:01 - 2021-07-07 13:01 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2021-07-07 13:01 - 2021-07-07 13:01 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-07-01 09:21 - 2021-07-01 09:21 - 000000000 ____D C:\Users\Loki\AppData\LocalLow\Redbeet Interactive
2021-06-30 20:12 - 2021-06-30 20:12 - 000153348 _____ C:\ProgramData\agent.update.1625076726.bdinstall.v2.bin
2021-06-24 14:14 - 2021-06-24 14:14 - 000000000 ____D C:\Users\Loki\AppData\LocalLow\Alt Shift
2021-06-24 05:23 - 2021-06-24 05:23 - 000000000 ____D C:\Users\Loki\AppData\LocalLow\Beam Team Games
2021-06-23 17:39 - 2021-06-23 17:39 - 000000000 ____D C:\Users\Loki\AppData\Local\Frontier Developments
2021-06-23 17:39 - 2021-06-23 17:39 - 000000000 ____D C:\ProgramData\Frontier Developments
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-07-23 12:31 - 2021-01-16 21:35 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-23 12:31 - 2021-01-16 21:20 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-23 12:28 - 2021-01-17 14:28 - 000000000 ____D C:\Users\Loki\AppData\Roaming\vlc
2021-07-23 02:09 - 2021-01-16 22:57 - 000000000 ____D C:\Users\Loki\AppData\Roaming\discord
2021-07-23 02:09 - 2020-11-19 00:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-07-23 02:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-23 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-07-23 02:04 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-23 01:58 - 2021-01-16 22:57 - 000000000 ____D C:\Users\Loki\AppData\Local\Discord
2021-07-22 16:51 - 2021-02-01 12:51 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-07-21 17:20 - 2020-11-19 01:53 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-20 22:20 - 2021-01-16 21:35 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-17 21:17 - 2021-01-16 23:09 - 000000000 ____D C:\Users\Loki\AppData\Local\D3DSCache
2021-07-17 20:12 - 2021-01-21 11:14 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-17 20:12 - 2021-01-16 19:31 - 001723276 _____ C:\Windows\system32\PerfStringBackup.INI
2021-07-17 20:12 - 2019-12-07 16:51 - 000745084 _____ C:\Windows\system32\perfh007.dat
2021-07-17 20:12 - 2019-12-07 16:51 - 000150470 _____ C:\Windows\system32\perfc007.dat
2021-07-17 20:12 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-07-17 20:09 - 2019-12-07 11:03 - 000131072 _____ C:\Windows\system32\config\ELAM
2021-07-17 20:04 - 2021-01-16 19:24 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-17 20:04 - 2020-11-19 01:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-07-17 20:04 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2021-07-16 11:14 - 2021-01-16 21:35 - 000003630 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-16 11:14 - 2021-01-16 21:35 - 000003506 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-15 11:23 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-07-14 13:51 - 2021-02-13 22:44 - 000000000 ____D C:\Users\Loki\AppData\Local\CrashDumps
2021-07-14 13:25 - 2020-11-19 00:50 - 000454328 _____ C:\Windows\system32\FNTCACHE.DAT
2021-07-14 13:24 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-07-14 13:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-07-14 13:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-07-14 13:24 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-14 13:24 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-07-14 13:22 - 2021-02-01 12:58 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-07-14 13:22 - 2021-02-01 12:58 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-07-14 13:22 - 2021-01-16 21:02 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2021-07-14 13:22 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-07-14 13:18 - 2021-02-01 12:49 - 000000000 ____D C:\Users\wittw\AppData\Local\Adobe
2021-07-14 13:18 - 2021-01-16 20:46 - 000000000 ____D C:\Users\wittw\AppData\Roaming\Adobe
2021-07-14 13:14 - 2021-01-16 21:00 - 000000000 ____D C:\Windows\system32\MRT
2021-07-14 13:13 - 2021-01-16 21:54 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 13:13 - 2021-01-16 21:54 - 000004106 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 13:13 - 2021-01-16 21:54 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 13:13 - 2021-01-16 21:54 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 13:13 - 2021-01-16 21:54 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 13:13 - 2021-01-16 21:54 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 13:13 - 2021-01-16 21:54 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 13:13 - 2021-01-16 21:54 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 13:13 - 2021-01-16 21:54 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 13:13 - 2021-01-16 21:54 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-14 13:13 - 2021-01-16 21:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-07-14 13:13 - 2021-01-16 20:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-07-14 13:13 - 2021-01-16 20:09 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-07-14 13:12 - 2021-01-16 21:58 - 000000000 ____D C:\Users\wittw\AppData\Local\NVIDIA Corporation
2021-07-14 13:10 - 2021-01-16 21:00 - 133422552 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-07-14 13:09 - 2021-01-16 20:46 - 000000000 ____D C:\Users\wittw\AppData\Local\Packages
2021-07-14 13:08 - 2021-01-17 14:46 - 000000000 ____D C:\Users\wittw\AppData\Local\Lavasoft
2021-07-14 13:08 - 2021-01-16 20:48 - 000000000 ____D C:\Users\wittw\AppData\Local\PlaceholderTileLogoFolder
2021-07-14 13:07 - 2021-01-16 20:09 - 000000000 ____D C:\Users\wittw
2021-07-14 13:07 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-07-13 12:33 - 2021-02-20 00:58 - 000000000 ____D C:\Users\Loki\AppData\Local\NVIDIA
2021-07-13 01:23 - 2021-01-16 22:00 - 000000000 ____D C:\Users\Loki\AppData\Local\PlaceholderTileLogoFolder
2021-07-13 01:23 - 2021-01-16 21:58 - 000000000 ____D C:\Users\Loki\AppData\Local\Packages
2021-07-13 00:26 - 2021-01-16 21:58 - 000000000 ____D C:\Users\Loki\AppData\Local\ConnectedDevicesPlatform
2021-07-12 02:22 - 2021-01-16 21:54 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-12 02:12 - 2021-01-17 14:47 - 000000000 ____D C:\Users\wittw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2021-07-12 02:12 - 2021-01-17 14:46 - 000000000 ____D C:\Users\wittw\AppData\Local\JDownloader 2.0
2021-07-11 22:20 - 2021-01-16 21:59 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1020190676-1809315362-3830918980-1002
2021-07-11 22:20 - 2021-01-16 21:59 - 000000000 ___RD C:\Users\Loki\OneDrive
2021-07-11 22:20 - 2021-01-16 21:58 - 000002396 _____ C:\Users\Loki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-08 20:53 - 2021-03-15 22:20 - 000000000 ____D C:\Users\Loki\AppData\Local\Battle.net
2021-07-08 11:07 - 2021-03-16 20:43 - 000000000 ____D C:\Users\Loki\AppData\Local\Blizzard Entertainment
2021-07-08 11:04 - 2021-03-15 22:21 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2021-07-07 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-07-07 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-07-07 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-07-07 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2021-07-07 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-07-07 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-07-07 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-07-07 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-07-06 00:45 - 2021-01-17 14:31 - 000000000 ____D C:\Users\Loki\AppData\Roaming\slobs-client
2021-07-05 17:12 - 2021-01-17 14:30 - 000000000 ____D C:\Program Files\Streamlabs OBS
2021-07-04 16:56 - 2021-01-16 23:06 - 000000000 ____D C:\ProgramData\Epic
2021-07-02 07:15 - 2020-11-19 01:53 - 000003700 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-02 07:15 - 2020-11-19 01:53 - 000003576 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-30 20:12 - 2021-01-17 13:24 - 000003846 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2021-06-30 20:12 - 2021-01-17 13:22 - 000000000 ____D C:\Program Files\Bitdefender Agent
2021-06-26 22:28 - 2021-01-17 15:50 - 000000000 ____D C:\Users\Loki\.junique
2021-06-26 22:28 - 2021-01-17 14:36 - 000000000 ____D C:\Users\Loki\AppData\Local\Bethesda.net Launcher
2021-06-25 06:15 - 2021-04-26 15:10 - 000000000 ____D C:\Users\Loki\AppData\Local\MW5Mercs
2021-06-25 05:57 - 2021-01-16 23:06 - 000000000 ____D C:\Users\Loki\AppData\Local\UnrealEngine
2021-06-24 17:10 - 2021-01-17 17:23 - 000000000 ____D C:\Users\Loki\AppData\Roaming\Origin
2021-06-24 16:59 - 2021-01-17 15:50 - 000000726 _____ C:\Users\Loki\Documents\Minion.lnk
2021-06-24 16:59 - 2021-01-17 15:50 - 000000000 ____D C:\Users\Loki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Good Game Mods LLC
2021-06-24 16:49 - 2021-01-17 15:50 - 000000000 ____D C:\Users\Loki\.oracle_jre_usage
2021-06-24 13:57 - 2021-02-13 22:35 - 000000000 ____D C:\Users\Loki\AppData\Roaming\Tropico 5
2021-06-24 13:26 - 2021-01-16 22:57 - 000000000 ____D C:\Users\Loki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-06-23 18:16 - 2021-01-17 17:23 - 000000000 ____D C:\Users\Loki\AppData\Local\Origin
2021-06-23 18:16 - 2021-01-17 17:23 - 000000000 ____D C:\ProgramData\Origin
2021-06-23 13:58 - 2021-01-17 17:25 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-06-23 13:57 - 2021-01-17 17:24 - 000000000 ____D C:\Program Files (x86)\Origin
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
durchgeführt von Tafkadasoh (23-07-2021 12:52:59)
Gestartet von D:\ChromeDownloads
Windows 10 Pro Version 21H1 19043.1110 (X64) (2021-01-16 17:27:18)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1020190676-1809315362-3830918980-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1020190676-1809315362-3830918980-503 - Limited - Disabled)
Gast (S-1-5-21-1020190676-1809315362-3830918980-501 - Limited - Disabled)
Loki (S-1-5-21-1020190676-1809315362-3830918980-1002 - Limited - Enabled) => C:\Users\Loki
Tafkadasoh (S-1-5-21-1020190676-1809315362-3830918980-1001 - Administrator - Enabled) => C:\Users\wittw
WDAGUtilityAccount (S-1-5-21-1020190676-1809315362-3830918980-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Bitdefender Virenschutz (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {82E9F5D1-B06F-8438-3781-C5B6FA91F981}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 19.00 (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.005.20058 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlestate Games Launcher 10.4.6.1305 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 10.4.6.1305 - Battlestate Games)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.68.0 - Bethesda Softworks)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 25.0.1.192 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 25.0.10.52 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.0.1.25 - Bitdefender)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Discord (HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\Discord) (Version: 0.0.310 - Discord Inc.)
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
ELSE V2.01.00.0 (HKLM-x32\...\{599A4645-ACBC-4B46-9BA2-B2581359C139}) (Version: 2.01.00.0 - Bundesrepublik Deutschland, BMVg)
Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.9.10532 - Battlestate Games)
Excel (HKU\S-1-5-21-1020190676-1809315362-3830918980-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.164 - Google LLC)
Insyde Airplane Mode HID Mini-Driver (HKLM\...\AirplaneModeHid) (Version: 1.4.0.7 - Insyde Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Capture (HKLM\...\Capture) (Version: 1.0.553 - Logitech)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.14131.20320 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.71 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.71 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\OneDriveSetup.exe) (Version: 21.119.0613.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Minion (HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\{Minion}}_is1) (Version: 3.0 - Good Game Mods LLC)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 462.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.100.48178 - Electronic Arts, Inc.)
Outlook (HKU\S-1-5-21-1020190676-1809315362-3830918980-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Paradox Launcher v2 (HKLM\...\{A92DB5D9-A24D-4678-9F91-B4FA6D895718}) (Version: 2.0.4.0 - Paradox Interactive)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8308 - Realtek Semiconductor Corp.)
RoboForm 9-1-5-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 9-1-5-5 - Siber Systems)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.36.344 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games)
ScummVM 2.2.0 (HKLM\...\ScummVM_is1) (Version: 2.2.0 - The ScummVM Team)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Snaz Version 1.9.2.6 (HKLM-x32\...\{70A76031-FDC6-4F9B-BB5C-33776703F45A}_is1) (Version: 1.9.2.6 - JimsApps)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.27.0 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.27.0 - General Workings, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
TapinRadio 2.13.7 (x64) (HKLM-x32\...\TapinRadio_is1) (Version: - Raimersoft)
TeamSpeak 3 Client (HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft)
VLC Plus Player (HKLM\...\VLC Plus Player) (Version: 3.0.14 - Aller Media e.K.) <==== ACHTUNG
Web Companion (HKLM-x32\...\{0986e3b1-5a00-4282-872d-428c75eced71}) (Version: 7.0.2417.4248 - Lavasoft)
WhatsApp (HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\WhatsApp) (Version: 2.2119.6 - WhatsApp)
WinSCP 5.17.10 (HKLM-x32\...\winscp3_is1) (Version: 5.17.10 - Martin Prikryl)
Word (HKU\S-1-5-21-1020190676-1809315362-3830918980-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_128.1.219.0_x64__v10z8vjag6ke6 [2021-07-14] (HP Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-14] (NVIDIA Corp.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1020190676-1809315362-3830918980-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1020190676-1809315362-3830918980-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5A8F49BDD7F1} -> [Creative Cloud Files] => C:\Users\Loki\Creative Cloud Files [2021-02-01 12:54]
CustomCLSID: HKU\S-1-5-21-1020190676-1809315362-3830918980-1002_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-11] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-11] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-11] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Keine Datei
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-11] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvcvegpu.inf_amd64_538e668538abf17f\nvshext.dll [2021-04-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-11] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1_S-1-5-21-1020190676-1809315362-3830918980-1002: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Keine Datei
ContextMenuHandlers4_S-1-5-21-1020190676-1809315362-3830918980-1002: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Keine Datei
ContextMenuHandlers5_S-1-5-21-1020190676-1809315362-3830918980-1002: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Keine Datei
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\wittw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\wittw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\wittw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2015-03-17 02:34 - 2015-03-17 02:34 - 000010240 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2021-01-17 16:55 - 2013-01-15 18:06 - 000061952 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2021-01-17 16:55 - 2011-11-22 15:18 - 000249856 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Drakonia Configurator\language.dll
2021-01-16 21:46 - 2012-08-14 23:41 - 000061440 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Skiller PRO\hiddriver.dll
2021-01-16 21:46 - 2015-07-20 18:15 - 000057344 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Skiller PRO\lan.dll
2021-02-25 01:25 - 2021-02-25 01:25 - 000022016 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu
2021-01-17 16:55 - 2011-11-22 15:22 - 000143360 _____ (Holtek) [Datei ist nicht signiert] C:\Program Files (x86)\Drakonia Configurator\HIDApi.dll
2021-01-17 17:24 - 2021-01-29 21:41 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-01-17 17:24 - 2021-01-29 21:41 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2021-01-17 17:24 - 2021-01-29 21:41 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-06-23 13:57 - 2021-01-29 21:41 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-06-23 13:57 - 2021-01-29 21:41 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-06-23 13:57 - 2021-01-29 21:41 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-06-23 13:57 - 2021-01-29 21:41 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-06-23 13:57 - 2021-01-29 21:41 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-06-23 13:57 - 2021-01-29 21:41 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1020190676-1809315362-3830918980-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2021-07-05] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-07-05] (Bitdefender SRL -> Bitdefender)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2021-06-18] (Siber Systems -> Siber Systems Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-12-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-12-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2021-07-05] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-07-05] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2021-06-18] (Siber Systems -> Siber Systems Inc.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-12-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-12-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2021-06-18] (Siber Systems -> Siber Systems Inc.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-07-05] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-12-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2021-06-18] (Siber Systems -> Siber Systems Inc.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-07-05] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-12-07] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1020190676-1809315362-3830918980-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1020190676-1809315362-3830918980-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 11:14 - 2021-07-23 12:28 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1020190676-1809315362-3830918980-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\wittw\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Loki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1020190676-1809315362-3830918980-1002\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{C7ED6C55-7630-4F7D-B788-8F07BC709C32}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{56C7D17A-C35B-4CF6-B958-188785B92699}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EA05202B-E4B9-47E3-ABAC-262C055B2F37}] => (Allow) C:\Gamelauncher\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0BB1440A-3206-4E28-968D-6080E0EDC00E}] => (Allow) C:\Gamelauncher\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ABE49E78-CC28-471E-A75B-AFE62DD2BF0B}] => (Allow) C:\Gamelauncher\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{766339D9-F7AA-4674-A9C0-817B01C0097E}] => (Allow) C:\Gamelauncher\Steam\bin\cef\cef.win7\steamwebhelper.exe => Keine Datei
FirewallRules: [{E2FE79E9-79D6-4021-8E77-F12B7003FF7F}] => (Allow) E:\SteamGames\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{BF4250C1-C5E2-4D5D-8B8E-EBAF097AB83B}] => (Allow) E:\SteamGames\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{DE1B7998-C2B2-4C7B-ABE2-462A75025FF1}] => (Allow) E:\SteamGames\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{2855011C-FFC5-4A59-87BD-BFA40F7AFE9A}] => (Allow) E:\SteamGames\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [{6B67CF20-E133-4A40-B4E5-88690F315416}] => (Allow) E:\SteamGames\steamapps\common\CnCRemastered\ClientLauncherG.exe (Electronic Arts, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{B115E9CE-A176-46B7-A645-9BE9031FC266}] => (Allow) E:\SteamGames\steamapps\common\CnCRemastered\ClientLauncherG.exe (Electronic Arts, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{C4779F08-5747-4620-93D3-8217764B85B2}] => (Allow) E:\SteamGames\steamapps\common\Subnautica\Subnautica.exe () [Datei ist nicht signiert]
FirewallRules: [{CF1C8916-E552-4062-8BEA-57B911DC12EA}] => (Allow) E:\SteamGames\steamapps\common\Subnautica\Subnautica.exe () [Datei ist nicht signiert]
FirewallRules: [{A15ED364-E4BC-4432-8E6A-B17F352F3A85}] => (Allow) E:\SteamGames\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [Datei ist nicht signiert]
FirewallRules: [{B8ACF8AA-2F74-4AB1-978D-3F54B1208494}] => (Allow) E:\SteamGames\steamapps\common\SubnauticaZero\SubnauticaZero.exe () [Datei ist nicht signiert]
FirewallRules: [{CBC0078A-C1AA-4422-8EF6-07782C7A5C2C}] => (Allow) E:\SteamGames\steamapps\common\Jurassic World Evolution\JWE.exe (Frontier Developments) [Datei ist nicht signiert]
FirewallRules: [{19DD310F-D798-4A86-B4F3-B071DE8082AB}] => (Allow) E:\SteamGames\steamapps\common\Jurassic World Evolution\JWE.exe (Frontier Developments) [Datei ist nicht signiert]
FirewallRules: [{54412A94-EB4F-46AF-A6BC-0E66D5AAC246}] => (Allow) E:\SteamGames\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [Datei ist nicht signiert]
FirewallRules: [{058F23F1-7E96-4294-9025-F3DF98704D94}] => (Allow) E:\SteamGames\steamapps\common\BATTLETECH\BattleTechLauncher.exe (HarebrainedSchemes) [Datei ist nicht signiert]
FirewallRules: [{E108B68E-3BE0-4C9F-A4E4-043B1920133F}] => (Allow) E:\OriginGames\Command and Conquer 3\CNC3Launcher.exe (Kalloc Studios, Inc. -> Kalloc Studios) [Datei ist nicht signiert]
FirewallRules: [{C2B92FD1-9CB9-4E46-8783-6D595A42807E}] => (Allow) E:\OriginGames\Command and Conquer 3\CNC3Launcher.exe (Kalloc Studios, Inc. -> Kalloc Studios) [Datei ist nicht signiert]
FirewallRules: [{EE8B366F-D28E-4256-8430-EB2573C607A7}] => (Allow) E:\SteamGames\steamapps\common\Homeworld\HWLauncher\Launcher.exe (Gearbox Software) [Datei ist nicht signiert]
FirewallRules: [{72F6E581-70A3-464B-A06F-6193A207F393}] => (Allow) E:\SteamGames\steamapps\common\Homeworld\HWLauncher\Launcher.exe (Gearbox Software) [Datei ist nicht signiert]
FirewallRules: [{E63D4407-B4DF-4FE3-92FB-ADBA6D2CCA49}] => (Allow) E:\SteamGames\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{A8BD5C5A-C604-45BB-851D-E35419C766BE}] => (Allow) E:\SteamGames\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{7B0A1228-A987-46F6-95DC-E221D42CF918}] => (Allow) C:\Gamelauncher\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A2634B86-4B54-4AEE-9A27-9358180810BC}] => (Allow) C:\Gamelauncher\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7DF60899-245E-4F7A-9FEC-703E2E375E28}] => (Allow) E:\SteamGames\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{73020FDB-118C-4D09-BB29-F2FB5593BDC6}] => (Allow) E:\SteamGames\steamapps\common\Valheim\valheim.exe () [Datei ist nicht signiert]
FirewallRules: [{454E58AF-06F6-4168-9032-EAB5DDDDEA2F}] => (Allow) E:\SteamGames\steamapps\common\Frostpunk\Frostpunk.exe (Marek Ziemak -> 11 bit studios S.A.)
FirewallRules: [{68DD6E35-5664-4EA9-8C5E-776F504287FE}] => (Allow) E:\SteamGames\steamapps\common\Frostpunk\Frostpunk.exe (Marek Ziemak -> 11 bit studios S.A.)
FirewallRules: [{49581D63-508A-4660-8C7B-F710F6EC5C03}] => (Allow) E:\SteamGames\steamapps\common\EVERSPACE™ 2\Everspace2.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{A82CAD0A-44D5-4FE8-95AB-C3CF03F71523}] => (Allow) E:\SteamGames\steamapps\common\EVERSPACE™ 2\Everspace2.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{7AA72522-D525-4E85-808E-C46274202EC1}] => (Allow) E:\SteamGames\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [Datei ist nicht signiert]
FirewallRules: [{B8AC26B1-4EBB-45A3-9BD3-E4C859E104DB}] => (Allow) E:\SteamGames\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [Datei ist nicht signiert]
FirewallRules: [{84BC44E3-4E08-4299-8DDB-44AB70A236A7}] => (Allow) E:\SteamGames\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe (Bethesda Softworks -> Bethesda Softworks, Obsidian Entertainment)
FirewallRules: [{5F86C62B-D4D1-4385-ADB6-EA3084A984EC}] => (Allow) E:\SteamGames\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe (Bethesda Softworks -> Bethesda Softworks, Obsidian Entertainment)
FirewallRules: [{4BAC41A9-779A-4B12-B283-D06F4CBF0DDF}] => (Allow) E:\SteamGames\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe (Valve Corp. -> Firaxis Games) [Datei ist nicht signiert]
FirewallRules: [{8368491C-61ED-4914-A79F-5994E6CDE523}] => (Allow) E:\SteamGames\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe (Valve Corp. -> Firaxis Games) [Datei ist nicht signiert]
FirewallRules: [{0A212B42-730A-4636-9625-2D1935BBF63F}] => (Allow) E:\SteamGames\steamapps\common\Company of Heroes 2\RelicCoH2.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment Inc.)
FirewallRules: [{55BCB7B8-CDD1-4537-B84E-F89BECE1D82C}] => (Allow) E:\SteamGames\steamapps\common\Company of Heroes 2\RelicCoH2.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment Inc.)
FirewallRules: [{57B96F16-9605-4E8F-A4D1-CD2E39B43DE4}] => (Allow) E:\SteamGames\steamapps\common\Anno 1404\Addon.exe (Related Designs Software -> Related Designs)
FirewallRules: [{21069CBF-6EA8-4E72-9CBC-DFB03DC1FD03}] => (Allow) E:\SteamGames\steamapps\common\Anno 1404\Addon.exe (Related Designs Software -> Related Designs)
FirewallRules: [{21F8B6B3-9E56-4CA0-962D-5B800AB03E13}] => (Allow) E:\SteamGames\steamapps\common\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{4783A5E6-B4D1-43E5-B0DE-08360589F69B}] => (Allow) E:\SteamGames\steamapps\common\Anno 1404\Anno4.exe (Related Designs Software -> Related Designs)
FirewallRules: [{7C239298-148C-41F4-A419-BC4018330639}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{3E5958F0-86E5-4956-9EEE-3A6115D86D25}] => (Allow) C:\Battlestate Games\BsgLauncher\BsgLauncher.exe (Battlestate Games Ltd -> Battlestate Games)
FirewallRules: [{146ADA79-CFA7-446D-AF13-E43C4C5955C3}] => (Allow) E:\SteamGames\steamapps\common\CnCRemastered\ClientG.exe (Electronic Arts, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{B1A7EF61-8791-4E3C-BA20-998B5DE69492}] => (Allow) E:\SteamGames\steamapps\common\CnCRemastered\ClientG.exe (Electronic Arts, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{49C9FDEB-2C4D-41DB-B26F-E7E93BD5CD55}] => (Allow) E:\SteamGames\steamapps\common\CnCRemastered\InstanceServerG.exe (Electronic Arts, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{354BD866-B176-4E9F-9804-1A8BBD4BB912}] => (Allow) E:\SteamGames\steamapps\common\CnCRemastered\InstanceServerG.exe (Electronic Arts, Inc. -> Petroglyph Games Inc.)
FirewallRules: [{B064E49B-853E-4111-A4BB-3F3671F9C193}] => (Allow) E:\SteamGames\steamapps\common\Judgment\judgment.exe () [Datei ist nicht signiert]
FirewallRules: [{B943BFDD-00FA-4E24-A5B8-9E5D0CFC335B}] => (Allow) E:\SteamGames\steamapps\common\Judgment\judgment.exe () [Datei ist nicht signiert]
FirewallRules: [{D7838FD9-9FBA-4648-A7C8-9CCF260ECE31}] => (Allow) E:\SteamGames\steamapps\common\Life is Feudal Forest Village\ForestVillage.exe () [Datei ist nicht signiert]
FirewallRules: [{A96F90F2-4415-4C8F-ABC9-8156AA710E31}] => (Allow) E:\SteamGames\steamapps\common\Life is Feudal Forest Village\ForestVillage.exe () [Datei ist nicht signiert]
FirewallRules: [{69750A41-FA83-4B34-A6A9-20FB2086B113}] => (Allow) E:\SteamGames\steamapps\common\Dawn of War Gold\W40kWA.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{F9178072-5CF9-4644-87DB-7D319840F6B9}] => (Allow) E:\SteamGames\steamapps\common\Dawn of War Gold\W40kWA.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{16E3D69A-F029-4A71-A685-68B6C5E55CC0}] => (Allow) E:\SteamGames\steamapps\common\Dawn of War Gold\W40k.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{9BF6E058-DEC2-4D3A-A269-C1F2FC239640}] => (Allow) E:\SteamGames\steamapps\common\Dawn of War Gold\W40k.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{38F70502-CED5-41E2-8BFE-B6ADEE1546B4}] => (Allow) E:\SteamGames\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{0DE312B8-AB17-4789-BB22-7F2BC1A1BC94}] => (Allow) E:\SteamGames\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{6DB0906A-B176-43D6-815A-811CF3064C03}] => (Allow) E:\SteamGames\steamapps\common\Dawn of War Dark Crusade\darkcrusade.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{558F4456-58BC-4BB0-9657-1945140DFC70}] => (Allow) E:\SteamGames\steamapps\common\Dawn of War Dark Crusade\darkcrusade.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{230DC86E-CBAF-47CA-84C4-53A1DDC2F183}] => (Allow) E:\SteamGames\steamapps\common\XCOM 2\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{A4D4FB35-2DA1-4EC2-BAD3-DCEC4278318D}] => (Allow) E:\SteamGames\steamapps\common\XCOM 2\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{3B260ED1-626D-4B7F-8709-9F625005EDD5}] => (Allow) E:\SteamGames\steamapps\common\Raft\Raft.exe () [Datei ist nicht signiert]
FirewallRules: [{0ADE7A9A-6A26-411E-8BAE-5F5C7BFA6683}] => (Allow) E:\SteamGames\steamapps\common\Raft\Raft.exe () [Datei ist nicht signiert]
FirewallRules: [{D128658E-1E35-4C90-B64E-1D2E572BDB3D}] => (Allow) E:\SteamGames\steamapps\common\Eco\Eco.exe () [Datei ist nicht signiert]
FirewallRules: [{0F0B21E2-408C-45E5-BC74-90579655E2D7}] => (Allow) E:\SteamGames\steamapps\common\Eco\Eco.exe () [Datei ist nicht signiert]
FirewallRules: [{F54A263D-C67C-4032-BB99-24CD86092FA5}] => (Allow) E:\SteamGames\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe (AtomicTorch Studio Pte. Ltd. -> AtomicTorch Studio Pte. Ltd.)
FirewallRules: [{714B99EB-4EA0-4AF2-8F2E-EF7DD915F519}] => (Allow) E:\SteamGames\steamapps\common\CryoFall\Binaries\Client\CryoFall_Client.exe (AtomicTorch Studio Pte. Ltd. -> AtomicTorch Studio Pte. Ltd.)
FirewallRules: [{0BFAD363-5D6A-4AA4-BB8C-C060D4A6F021}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{60E5F0C6-370D-4EFA-B2C4-67824C18F741}] => (Allow) E:\SteamGames\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [Datei ist nicht signiert]
FirewallRules: [{DB8B482F-E21C-4DDE-9FED-7E531B57E00E}] => (Allow) E:\SteamGames\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [Datei ist nicht signiert]
FirewallRules: [{1032AFB2-CE66-478B-A216-8B17DFDBC10D}] => (Allow) E:\SteamGames\steamapps\common\Warhammer 40,000 Inquisitor - Martyr\Warhammer.exe (NeoCore Games) [Datei ist nicht signiert]
FirewallRules: [{DA37A7F3-726E-4D72-8B83-39F519B38BCA}] => (Allow) E:\SteamGames\steamapps\common\Warhammer 40,000 Inquisitor - Martyr\Warhammer.exe (NeoCore Games) [Datei ist nicht signiert]
FirewallRules: [{684A0E8A-79D7-449B-B578-49C65EFC6821}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{18D09ADB-E28B-42F3-AB17-63CFA2D6F10B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C140466-C46D-442B-84C5-4061D7E4AA56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4834EDFC-5D42-4625-A87D-97C66E8CFF48}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D5C07395-75D4-4E19-B78E-5CDEBB88D959}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3FCAD450-B1DD-44FA-B097-EA33EAC52E20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{689A5075-E681-463D-95D7-9A160898F0F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C9E4FCC2-9C3B-4AFF-BF08-B62FED451442}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{49DC766E-9B0E-4B5D-BBA9-0A0339A22057}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{09391280-C1E4-4BCC-8B32-360B4211597A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BAF3BFB3-E0D2-4E00-B54B-6781FDD61DC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F06DD1F-BFCA-4175-808D-DD41D9D111F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{60469E18-F8BD-4124-B601-08F340CFF94D}] => (Allow) E:\SteamGames\steamapps\common\Fallout Shelter\FalloutShelter.exe () [Datei ist nicht signiert]
FirewallRules: [{6ECCD30A-2CAD-48C9-A25A-637C62CA77AF}] => (Allow) E:\SteamGames\steamapps\common\Fallout Shelter\FalloutShelter.exe () [Datei ist nicht signiert]
FirewallRules: [{7D3807B1-9AAB-45DD-B883-1E7E1614A482}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AF55F299-8F8C-4DF8-9ACA-F53D20DC783F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79CCDE68-4F4E-4598-977F-104A6628BF67}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CDAE12F1-DA27-471D-AF0A-EE309C3AC0CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3C9AE036-CC34-4A3D-BAF8-A24EA24C5D09}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{65C80CB3-48C7-4C77-8607-A83DC59512BB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.71\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72AD5EA8-5019-4577-9114-6CE0FE7D1F13}] => (Allow) E:\SteamGames\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{98E16A94-3B51-4F86-B48B-B0262B6B3D49}] => (Allow) E:\SteamGames\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A2327A96-2C04-48E6-9388-C0CC9B380838}] => (Allow) E:\SteamGames\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A12F8A0C-0251-4D92-9B2D-F8A0815C523E}] => (Allow) E:\SteamGames\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
==================== Wiederherstellungspunkte =========================
22-07-2021 06:53:56 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: EgisTec_ES603
Description: EgisTec_ES603
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (07/17/2021 09:07:09 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (07/17/2021 08:05:11 PM) (Source: CertEnroll) (EventID: 87) (User: NT-AUTORITÄT)
Description: Fehler bei der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-LQ52EEN$ über https://IFX-KeyId-5c2920742179bc704db1d8c54c34ca94405617ca.microsoftaik.azure.net/templates/Aik/scep:
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Sat, 17 Jul 2021 18:05:08 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: c8553fb5-6fc4-4948-9d06-d8f94c3742d1
Methode: POST(5500ms)
Phase: SubmitDone
Ungültige Anforderung (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (07/16/2021 11:11:13 AM) (Source: CertEnroll) (EventID: 87) (User: NT-AUTORITÄT)
Description: Fehler bei der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-LQ52EEN$ über https://IFX-KeyId-5c2920742179bc704db1d8c54c34ca94405617ca.microsoftaik.azure.net/templates/Aik/scep:
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Fri, 16 Jul 2021 09:11:11 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a11d662a-b6c2-4c32-a2ff-b32572bb994a
Methode: POST(3219ms)
Phase: SubmitDone
Ungültige Anforderung (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (07/15/2021 01:25:18 PM) (Source: CertEnroll) (EventID: 87) (User: NT-AUTORITÄT)
Description: Fehler bei der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-LQ52EEN$ über https://IFX-KeyId-5c2920742179bc704db1d8c54c34ca94405617ca.microsoftaik.azure.net/templates/Aik/scep:
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Thu, 15 Jul 2021 11:25:17 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 8655be72-5d41-4c61-9d79-0f597df974d5
Methode: POST(66687ms)
Phase: SubmitDone
Ungültige Anforderung (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (07/15/2021 11:24:10 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-LQ52EEN$ über https://IFX-KeyId-5c2920742179bc704db1d8c54c34ca94405617ca.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
Methode: GET(12094ms)
Phase: GetCACaps
Der Servername oder die Serveradresse konnte nicht verarbeitet werden. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (07/14/2021 01:51:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GameBar.exe, Version: 5.721.6282.0, Zeitstempel: 0x60da0a09
Name des fehlerhaften Moduls: GameBar.exe, Version: 5.721.6282.0, Zeitstempel: 0x60da0a09
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000025b0d
ID des fehlerhaften Prozesses: 0x23f8
Startzeit der fehlerhaften Anwendung: 0x01d778a6873821af
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBar.exe
Pfad des fehlerhaften Moduls: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBar.exe
Berichtskennung: 5e472827-cd37-42a7-a0ca-846e0a8d4ff8
Vollständiger Name des fehlerhaften Pakets: Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (07/14/2021 01:25:25 PM) (Source: CertEnroll) (EventID: 87) (User: NT-AUTORITÄT)
Description: Fehler bei der SCEP-Zertifikatregistrierung für WORKGROUP\DESKTOP-LQ52EEN$ über https://IFX-KeyId-5c2920742179bc704db1d8c54c34ca94405617ca.microsoftaik.azure.net/templates/Aik/scep:
SubmitDone
Submit(Request): Bad Request
{"Message":"Attestation statement cannot be verified, rejecting request. TPM firmware needs update."}
HTTP/1.1 400 Bad Request
Date: Wed, 14 Jul 2021 11:25:25 GMT
Content-Length: 101
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 36ed9835-ed3c-46d7-8a96-fc2bbc19d523
Methode: POST(3047ms)
Phase: SubmitDone
Ungültige Anforderung (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
Error: (07/14/2021 12:53:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcrobatNotificationClient.exe, Version: 0.0.0.0, Zeitstempel: 0x5b98afbd
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.19041.1081, Zeitstempel: 0xbc34a44f
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00206341
ID des fehlerhaften Prozesses: 0x1aac
Startzeit der fehlerhaften Anwendung: 0x01d7789e7cbdd505
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\combase.dll
Berichtskennung: eb1255cf-dee9-48b6-9c12-5a5883ae953c
Vollständiger Name des fehlerhaften Pakets: AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Systemfehler:
=============
Error: (07/22/2021 01:52:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (07/22/2021 01:52:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (07/19/2021 04:32:53 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (07/19/2021 12:01:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (07/19/2021 12:01:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (07/18/2021 07:07:03 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LQ52EEN)
Description: Der Server "Microsoft.MicrosoftOfficeHub_18.2104.12721.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/17/2021 08:04:36 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12
Error: (07/17/2021 08:04:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 16.07.2021 um 21:10:50 unerwartet heruntergefahren.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 1.05.04 02/06/2017
Hauptplatine: XMG P65xHP
Prozessor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 16302.2 MB
Verfügbarer physikalischer RAM: 9833.55 MB
Summe virtueller Speicher: 20654.2 MB
Verfügbarer virtueller Speicher: 11537.45 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:254.89 GB) (Free:161.92 GB) NTFS
Drive d: (Data) (Fixed) (Total:1863.01 GB) (Free:1858.17 GB) NTFS
Drive e: (Games) (Fixed) (Total:1863.01 GB) (Free:535.01 GB) NTFS
\\?\Volume{93fa00f7-4966-45ee-b15b-12d177004688}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{8f99ccca-a91d-4565-ab7f-4c3815764d88}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 256.2 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: FF6CA4E3)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: FF6CA4E2)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
Ich hoffe, das ist alles wichtige dabei. Danke fürs reinschauen. Gruß Tafka |
| Themen zu Windows 10: UpdatePush.com auf dem Desktop gefunden |
| administrator, adobe, cpu, defender, desktop, euro, excel, explorer, firewall, internet, internet explorer, nvcontainer, nvcontainer.exe, nvidia, port, prozesse, realtek, registry, rundll, scan, schutz, security, software, starten, trojaner, windows, wmi |
Baum-Darstellung