| |
| |||||||
Alles rund um Windows: Windows 10: ungewöhnliches Verhalten des ComputersWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
20.08.2021, 08:01
| #1 |
 |  Problem: Windows 10: ungewöhnliches Verhalten des Computers Hallo liebe Experten, kurz vorweg: Bei dem zu untersuchenden Computer handelt es sich um einen gewerblich genutzen Rechner. Meine Mutter führt einen 1-Frau-Betrieb ohne IT-Unterstützung. Seit dem 19.08.2021 verhält sich der Rechner während des Betriebs laut ihren Angaben ungewöhnlich - er startet entweder ohne (Fehler-)Meldung neu, produziert einen BSOD und startet dann neu oder "friert" während der Arbeit sporadisch kurz ein. Hinzu kommen bei der Nutzung des Browsers ungewünschte Pop-ups. Insgesamt sei der PC deutlich langsamer im Betrieb. Leider kann ich an dieser Stelle keine Screenshots oder ähnliches liefern, da mir von diesen Fehlern lediglich berichtet wurde und ich mich "mal darum kümmern soll"...  Die gewünschten Logs füge ich bei, ebenso das Logfile von Emsisoft Anti-Malware. Mein Beitrag soll keine Panikmache vor Schadsoftware darstellen, ich würde den Rechner aber gerne auf solche prüfen lassen, bevor der nächste Schritt die professionelle Prüfung der Hardware wäre. Vielen Dank für eure Unterstützung! Gruß Tim Code:
ATTFilter Emsisoft Anti-Malware Home 2021.8.0.11131 stable [en-us] OS: Windows 10 (Version 10.0, Build 19042, 64-bit Edition) Forensics log Date Component Action Details 20.08.2021 08:35:02 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 20.08.2021 08:35:01 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 20.08.2021 08:34:20 Scheduler Update Downloaded and installed 31 files (4066 kb) (12 sec.). 20.08.2021 08:32:26 Core Protection started Version 2021.8.0.11131. 19.08.2021 20:46:17 Operating System Shutdown received System initiated shutdown. 19.08.2021 20:37:43 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 20:37:16 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 20:37:11 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 20:37:06 Core Protection started Version 2021.8.0.11131. 19.08.2021 20:28:46 Scheduler Update Finished successfully, all files are up-to-date (0 sec.). 19.08.2021 19:31:39 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 19:31:39 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 19:29:01 Scheduler Update Downloaded and installed 28 files (3938 kb) (15 sec.). 19.08.2021 16:49:41 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 16:45:46 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 16:23:42 Scheduler Update Downloaded and installed 28 files (2517 kb) (6 sec.). 19.08.2021 16:10:51 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 15:42:14 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 15:23:36 Scheduler Update Downloaded and installed 1 file (0,2 kb) (1 sec.). 19.08.2021 14:23:40 Scheduler Update Downloaded and installed 27 files (2395 kb) (6 sec.). 19.08.2021 14:09:00 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 13:23:34 Scheduler Update Downloaded and installed 3 files (4 kb) (1 sec.). 19.08.2021 12:37:27 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 12:25:02 Scheduler Update Downloaded and installed 130 files (22312 kb) (37 sec.). 19.08.2021 12:21:49 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 12:21:13 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 12:21:09 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 19.08.2021 12:21:03 Core Protection started Version 2021.8.0.11131. 16.08.2021 17:26:51 Operating System Shutdown received System initiated shutdown. 16.08.2021 17:25:39 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 17:25:32 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 17:25:28 Core Protection started Version 2021.8.0.11131. 16.08.2021 17:24:32 Operating System Shutdown received System initiated shutdown. 16.08.2021 17:23:59 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 16:50:25 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 16:31:52 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 16:26:11 Scheduler Update Downloaded and installed 22 files (2578 kb) (4 sec.). 16.08.2021 16:14:09 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 15:52:42 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 15:44:01 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 15:26:06 Scheduler Update Downloaded and installed 1 file (0,8 kb) (1 sec.). 16.08.2021 15:08:17 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 14:49:57 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 14:26:09 Scheduler Update Downloaded and installed 18 files (1779 kb) (5 sec.). 16.08.2021 13:26:05 Scheduler Update Downloaded and installed 1 file (0,4 kb) (1 sec.). 16.08.2021 12:26:03 Scheduler Update Downloaded and installed 3 files (13 kb) (0 sec.). 16.08.2021 11:26:43 Scheduler Update Downloaded and installed 195 files (29212 kb) (56 sec.). 16.08.2021 11:24:50 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 11:24:16 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 11:24:16 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 16.08.2021 11:24:04 Core Protection started Version 2021.8.0.11131. 10.08.2021 21:19:10 Operating System Shutdown received System initiated shutdown. 10.08.2021 20:58:08 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.08.2021 20:56:12 Scheduler Update Finished successfully, all files are up-to-date (0 sec.). 10.08.2021 20:48:54 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.08.2021 20:06:35 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.08.2021 20:00:01 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.08.2021 19:56:11 Scheduler Update Finished successfully, all files are up-to-date (0 sec.). 10.08.2021 19:47:58 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.08.2021 18:56:18 Scheduler Update Downloaded and installed 26 files (3135 kb) (8 sec.). 10.08.2021 17:57:55 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.08.2021 17:57:55 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.08.2021 17:56:20 Scheduler Update Downloaded and installed 26 files (1389 kb) (8 sec.). 10.08.2021 13:51:41 Scheduler Update Downloaded and installed 1 file (0,6 kb) (1 sec.). 10.08.2021 13:35:24 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.08.2021 12:51:48 Scheduler Update Downloaded and installed 27 files (2492 kb) (9 sec.). 10.08.2021 11:51:47 Scheduler Update Downloaded and installed 24 files (3437 kb) (8 sec.). 10.08.2021 11:45:12 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.08.2021 10:52:14 Scheduler Update Downloaded and installed 113 files (11076 kb) (36 sec.). 10.08.2021 10:51:56 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.08.2021 10:51:55 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 09.08.2021 11:45:35 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 09.08.2021 11:28:14 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 09.08.2021 11:25:33 Scheduler Update Downloaded and installed 2 files (0,8 kb) (1 sec.). 09.08.2021 10:26:33 Scheduler Update Downloaded and installed 152 files (27541 kb) (1 min. 14 sec.). 09.08.2021 10:24:14 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 09.08.2021 10:23:45 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 09.08.2021 10:23:42 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 09.08.2021 10:23:35 Core Protection started Version 2021.8.0.11131. 06.08.2021 22:32:01 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 06.08.2021 22:23:58 Scheduler Update Downloaded and installed 24 files (1664 kb) (5 sec.). 06.08.2021 21:54:13 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 06.08.2021 21:23:53 Scheduler Update Downloaded and installed 1 file (0,4 kb) (1 sec.). 06.08.2021 20:48:51 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 06.08.2021 20:23:52 Scheduler Update Downloaded and installed 1 file (0,3 kb) (1 sec.). 06.08.2021 19:24:03 Scheduler Update Downloaded and installed 20 files (3996 kb) (13 sec.). 06.08.2021 18:23:50 Scheduler Update Downloaded and installed 1 file (0,2 kb) (1 sec.). 06.08.2021 17:24:12 Scheduler Update Downloaded and installed 94 files (10274 kb) (24 sec.). 06.08.2021 17:18:55 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 06.08.2021 17:18:46 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 19:33:02 Scheduler Update Finished successfully, all files are up-to-date (1 sec.). 05.08.2021 18:33:08 Scheduler Update Downloaded and installed 27 files (2100 kb) (7 sec.). 05.08.2021 17:33:00 Scheduler Update Downloaded and installed 2 files (5 kb) (0 sec.). 05.08.2021 17:29:56 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 17:02:07 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 16:38:32 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 16:27:29 Scheduler Update Downloaded and installed 2 files (0,5 kb) (1 sec.). 05.08.2021 16:22:43 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 16:13:22 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 16:07:11 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 15:51:59 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 15:46:28 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 15:42:41 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 15:22:04 Scheduler Update Downloaded and installed 36 files (1017 kb) (7 sec.). 05.08.2021 14:58:53 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 14:56:41 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 14:48:57 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 14:42:46 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 14:35:58 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 14:21:57 Scheduler Update Downloaded and installed 2 files (10 kb) (1 sec.). 05.08.2021 13:57:10 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 13:54:47 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 13:49:09 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 13:21:59 Scheduler Update Downloaded and installed 20 files (928 kb) (4 sec.). 05.08.2021 13:00:52 Core Mode changed Auto-Silent mode disabled. 05.08.2021 13:00:14 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 12:59:52 Core Mode changed Auto-Silent mode enabled. 05.08.2021 12:21:55 Scheduler Update Downloaded and installed 3 files (3 kb) (0 sec.). 05.08.2021 11:55:33 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 11:21:55 Scheduler Update Downloaded and installed 1 file (0,3 kb) (1 sec.). 05.08.2021 11:13:40 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 10:22:20 Scheduler Update Downloaded and installed 51 files (2508 kb) (15 sec.). 05.08.2021 10:21:02 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 10:20:33 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 10:20:24 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 05.08.2021 10:20:21 Core Protection started Version 2021.8.0.11131. 04.08.2021 18:48:40 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 18:30:15 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 18:18:19 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 17:55:55 Scheduler Update Downloaded and installed 20 files (681 kb) (4 sec.). 04.08.2021 17:29:53 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 16:55:54 Scheduler Update Downloaded and installed 2 files (4 kb) (3 sec.). 04.08.2021 16:51:12 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 16:07:43 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 15:55:53 Scheduler Update Downloaded and installed 23 files (767 kb) (5 sec.). 04.08.2021 15:51:54 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 15:28:52 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 14:55:47 Scheduler Update Downloaded and installed 2 files (0,8 kb) (0 sec.). 04.08.2021 14:31:59 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 14:23:52 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 13:55:48 Scheduler Update Downloaded and installed 18 files (622 kb) (2 sec.). 04.08.2021 13:51:36 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 13:01:54 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 12:50:15 Scheduler Update Downloaded and installed 2 files (4 kb) (0 sec.). 04.08.2021 12:25:22 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 11:50:20 Scheduler Update Downloaded and installed 1 file (0,5 kb) (4 sec.). 04.08.2021 11:46:22 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 10:53:25 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 10:53:15 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 10:53:15 Core Notification "Emsisoft Anti-Malware Home just updated to a newer software version. Check out what has changed in our change blog.". 04.08.2021 10:53:13 Core Protection started Version 2021.8.0.11131. 04.08.2021 10:53:00 Core Protection stopped Version 2021.7.0.11059. 04.08.2021 10:52:59 Scheduler Update Downloaded and installed 149 files (29022 kb) (49 sec.) Application restart notification. 04.08.2021 10:52:11 Core Notification "Recommended Reading:The ransomware recovery process takes longer than you think". 04.08.2021 10:48:50 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 10:48:20 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 10:48:17 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 04.08.2021 10:48:09 Core Protection started Version 2021.7.0.11059. 02.08.2021 12:34:28 Operating System Shutdown received System initiated shutdown. 02.08.2021 12:12:06 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 02.08.2021 12:03:58 Scheduler Update Downloaded and installed 14 files (251 kb) (4 sec.). 02.08.2021 11:59:53 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 02.08.2021 11:10:56 Scheduler Update Downloaded and installed 148 files (29845 kb) (6 min. 30 sec.). 02.08.2021 11:02:21 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 02.08.2021 11:01:49 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 02.08.2021 11:01:49 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 02.08.2021 11:01:39 Core Protection started Version 2021.7.0.11059. 30.07.2021 16:01:51 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 30.07.2021 15:57:40 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 30.07.2021 15:19:25 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 30.07.2021 15:19:24 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 30.07.2021 15:19:04 Scheduler Update Downloaded and installed 149 files (19723 kb) (1 min. 47 sec.). 28.07.2021 14:34:43 Scheduler Update Downloaded and installed 157 files (19259 kb) (58 sec.). 28.07.2021 14:32:44 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 28.07.2021 14:32:16 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 28.07.2021 14:32:12 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 28.07.2021 14:32:06 Core Protection started Version 2021.7.0.11059. 25.07.2021 19:57:10 Operating System Shutdown received System initiated shutdown. 25.07.2021 19:42:16 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 25.07.2021 19:39:08 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 25.07.2021 19:33:08 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 25.07.2021 19:27:13 Scheduler Update Downloaded and installed 1 file (0,3 kb) (2 sec.). 25.07.2021 19:26:30 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 25.07.2021 18:27:56 Scheduler Update Downloaded and installed 8 files (205 kb) (11 sec.). 25.07.2021 18:26:18 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 25.07.2021 18:25:51 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 25.07.2021 18:25:44 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 25.07.2021 18:25:41 Core Protection started Version 2021.7.0.11059. 25.07.2021 18:24:52 Operating System Shutdown received System initiated shutdown. 25.07.2021 18:18:24 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 25.07.2021 18:18:14 User SONJA\Sonja Setting modified "Removable device connections" has been changed to "Disabled". 25.07.2021 18:18:02 Core Notification "Emsisoft Anti-Malware Home protects external storage devices automatically. It isn't necessary to initiate a manual scan of this device. Scan anyway". 25.07.2021 18:17:40 Core Notification "Emsisoft Anti-Malware Home protects external storage devices automatically. It isn't necessary to initiate a manual scan of this device. Scan anyway". 25.07.2021 18:16:36 Core Notification "Emsisoft Anti-Malware Home protects external storage devices automatically. It isn't necessary to initiate a manual scan of this device. Scan anyway". 25.07.2021 17:32:36 Scheduler Update Downloaded and installed 205 files (38520 kb) (1 min. 24 sec.). 25.07.2021 17:32:14 Web Protection Detection Suspicious host "T23.INTELLIAD.DE" invoked by firefox.exe -> Blocked by rule 25.07.2021 17:24:48 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 25.07.2021 17:24:20 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 25.07.2021 17:24:16 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 25.07.2021 17:24:10 Core Protection started Version 2021.7.0.11059. 21.07.2021 11:28:20 Scheduler Update Downloaded and installed 73 files (7850 kb) (18 sec.). 21.07.2021 11:26:59 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 21.07.2021 11:26:31 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 21.07.2021 11:26:24 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 21.07.2021 11:26:21 Core Protection started Version 2021.7.0.11059. 20.07.2021 20:27:39 Scheduler Update Downloaded and installed 58 files (7643 kb) (19 sec.). 20.07.2021 20:23:47 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 20.07.2021 20:23:12 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 20.07.2021 20:23:07 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 20.07.2021 20:23:02 Core Protection started Version 2021.7.0.11059. 20.07.2021 12:41:36 Operating System Shutdown received System initiated shutdown. 20.07.2021 12:41:27 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 20.07.2021 12:41:24 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 20.07.2021 12:41:17 Core Protection started Version 2021.7.0.11059. 20.07.2021 12:40:42 Operating System Shutdown received System initiated shutdown. 20.07.2021 12:33:53 Scheduler Update Downloaded and installed 3 files (7 kb) (0 sec.). 20.07.2021 11:33:56 Scheduler Update Downloaded and installed 33 files (1754 kb) (4 sec.). 20.07.2021 10:35:17 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 20.07.2021 10:35:17 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 20.07.2021 10:34:47 Scheduler Update Downloaded and installed 205 files (33454 kb) (56 sec.). 15.07.2021 11:48:44 Scheduler Update Downloaded and installed 22 files (1429 kb) (3 sec.). 15.07.2021 10:49:10 Scheduler Update Downloaded and installed 121 files (10861 kb) (30 sec.). 15.07.2021 10:43:58 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 15.07.2021 10:43:58 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 13.07.2021 14:01:09 Scheduler Update Downloaded and installed 10 files (572 kb) (2 sec.). 13.07.2021 13:26:54 Core Notification "Emsisoft Anti-Malware Home protects external storage devices automatically. It isn't necessary to initiate a manual scan of this device. Scan anyway". 13.07.2021 13:23:41 Core Notification "Emsisoft Anti-Malware Home protects external storage devices automatically. It isn't necessary to initiate a manual scan of this device. Scan anyway". 13.07.2021 13:17:16 Core Notification "Emsisoft Anti-Malware Home protects external storage devices automatically. It isn't necessary to initiate a manual scan of this device. Scan anyway". 13.07.2021 13:02:35 Scheduler Update Downloaded and installed 11 files (248 kb) (2 sec.). 13.07.2021 12:17:13 Core Notification "Emsisoft Anti-Malware Home protects external storage devices automatically. It isn't necessary to initiate a manual scan of this device. Scan anyway". 13.07.2021 12:01:11 Scheduler Update Downloaded and installed 19 files (2591 kb) (4 sec.). 13.07.2021 11:15:12 Core Mode changed Auto-Silent mode disabled. 13.07.2021 11:14:12 Core Mode changed Auto-Silent mode enabled. 13.07.2021 11:01:29 Scheduler Update Downloaded and installed 142 files (18243 kb) (36 sec.). 13.07.2021 10:59:24 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 13.07.2021 10:58:57 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 13.07.2021 10:58:55 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 13.07.2021 10:58:55 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 13.07.2021 10:58:47 Core Protection started Version 2021.7.0.11059. 11.07.2021 13:11:40 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 11.07.2021 13:11:40 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 11.07.2021 13:09:44 Scheduler Update Downloaded and installed 82 files (4026 kb) (17 sec.). 10.07.2021 17:06:31 Scheduler Update Downloaded and installed 58 files (4621 kb) (24 sec.). 10.07.2021 17:05:43 Core Notification "Emsisoft Anti-Malware Home protects external storage devices automatically. It isn't necessary to initiate a manual scan of this device. Scan anyway". 10.07.2021 17:04:41 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.07.2021 17:04:13 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.07.2021 17:04:05 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.07.2021 17:04:03 Core Protection started Version 2021.7.0.11059. 10.07.2021 11:06:28 Scheduler Update Downloaded and installed 110 files (14179 kb) (28 sec.). 10.07.2021 11:05:11 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.07.2021 11:04:37 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.07.2021 11:04:33 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 10.07.2021 11:04:27 Core Protection started Version 2021.7.0.11059. 08.07.2021 23:11:06 Scheduler Update Finished successfully, all files are up-to-date (1 sec.). 08.07.2021 22:32:42 Core Notification "Emsisoft Anti-Malware Home protects external storage devices automatically. It isn't necessary to initiate a manual scan of this device. Scan anyway". 08.07.2021 22:11:08 Scheduler Update Downloaded and installed 22 files (988 kb) (3 sec.). 08.07.2021 21:54:31 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 21:11:04 Scheduler Update Downloaded and installed 1 file (0,3 kb) (0 sec.). 08.07.2021 20:11:07 Scheduler Update Downloaded and installed 28 files (2610 kb) (4 sec.). 08.07.2021 20:08:00 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 19:11:02 Scheduler Update Finished successfully, all files are up-to-date (0 sec.). 08.07.2021 18:58:42 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 18:38:00 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 18:35:04 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 18:19:27 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 18:11:28 Scheduler Update Downloaded and installed 44 files (2387 kb) (15 sec.). 08.07.2021 18:10:17 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 18:09:51 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 18:09:44 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 18:09:41 Core Protection started Version 2021.7.0.11059. 08.07.2021 14:12:14 Operating System Shutdown received System initiated shutdown. 08.07.2021 13:55:00 Scheduler Update Downloaded and installed 2 files (5 kb) (1 sec.). 08.07.2021 13:33:47 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 13:13:34 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 12:55:40 Core Notification "Emsisoft Anti-Malware Home protects external storage devices automatically. It isn't necessary to initiate a manual scan of this device. Scan anyway". 08.07.2021 12:54:59 Scheduler Update Downloaded and installed 2 files (5 kb) (0 sec.). 08.07.2021 11:55:17 Scheduler Update Downloaded and installed 26 files (18401 kb) (20 sec.). 08.07.2021 11:51:40 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 11:47:26 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 11:00:37 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 10:55:38 Scheduler Update Downloaded and installed 68 files (5660 kb) (20 sec.). 08.07.2021 10:54:03 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 10:53:28 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 10:53:24 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 08.07.2021 10:53:18 Core Protection started Version 2021.7.0.11059. 07.07.2021 22:15:55 Operating System Shutdown received System initiated shutdown. 07.07.2021 22:15:34 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 07.07.2021 22:15:26 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 07.07.2021 22:15:24 Core Protection started Version 2021.7.0.11059. 07.07.2021 22:14:49 Operating System Shutdown received System initiated shutdown. 07.07.2021 22:00:30 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 07.07.2021 21:46:30 Scheduler Update Finished successfully, all files are up-to-date (1 sec.). 07.07.2021 21:45:25 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 07.07.2021 21:20:22 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 07.07.2021 20:56:16 Core Notification "Emsisoft Anti-Malware Home protects external storage devices automatically. It isn't necessary to initiate a manual scan of this device. Scan anyway". 07.07.2021 20:46:30 Scheduler Update Downloaded and installed 27 files (1987 kb) (4 sec.). 07.07.2021 20:00:42 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 07.07.2021 19:47:59 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. 07.07.2021 19:46:25 Scheduler Update Downloaded and installed 1 file (0,4 kb) (0 sec.). 07.07.2021 19:10:36 Cloud Host Rule modified "Block silently" for host "T23.INTELLIAD.DE" by workspace "Sonja Schröter Büro-Service's WS" policy. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021
durchgeführt von Sonja (Administrator) auf SONJA (Acer Aspire E5-575G) (20-08-2021 08:53:58)
Gestartet von E:\Desktop
Geladene Profile: Sonja & SQLTELEMETRY$SQLEXPRESS & DefaultAppPool
Platform: Windows 10 Pro Version 20H2 19042.1165 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Sage\Sage New Classic\MySQL 560\bin\mysqld.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\aakore.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\grpm-mini.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\monitoring-mini.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe
(Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\adp-agent.exe
(Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\updater.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\CommService.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\eppwsc.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel(R) CN -> Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\MSSQL\Instance\MSSQL12.SAGEOL2014\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20090.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20090.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <9>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sage GmbH -> ) C:\Program Files (x86)\Sage\Sage 100\8.1\Shared\Sagede.OfficeLine.Preload.exe
(Sage GmbH -> Sage GmbH) C:\Program Files (x86)\Common Files\Sage Software Shared\MultiUserServiceServer.exe
(Sage GmbH -> Sage GmbH) C:\Program Files (x86)\Common Files\Sage Software Shared\Sagede.Shared.Logging.Service.exe
(Sage GmbH -> Sage GmbH) C:\Program Files (x86)\Sage\Application Server\8.1\Sagede.ApplicationServer.Administration.Service.exe
(Sage GmbH -> Sage GmbH) C:\Program Files (x86)\Sage\Application Server\8.1\Sagede.ApplicationServer.IsolationProcess.exe <15>
(Sage GmbH -> Sage Gmbh) C:\Program Files (x86)\Sage\Application Server\8.1\Sagede.ApplicationServer.WindowsService.exe
(Sage GmbH -> Sage GmbH) C:\Program Files (x86)\Sage\BlobStorage Server\8.1\Sagede.BlobStorageServer.exe
(Sage GmbH -> Sage GmbH) C:\Program Files (x86)\Sage\Sage 100\8.1\Shared\Sagede.Shared.ControlCenter.IsolationProcess.exe
(Sage GmbH -> Sage Software) C:\Program Files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe
(Sage GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Sage\HR Services\HR Admin Service\HRAdminService.exe
(Sage GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Sage\HR Services\HR Application Service Console Host\HRApplicationService.exe
(Sage GmbH) [Datei ist nicht signiert] C:\Program Files (x86)\Sage\HR Services\HR Worker Service\HRWorkerService.exe
(Sage Software) [Datei ist nicht signiert] C:\Sage\Sage New Classic\Windows Dienst\CLDBS40.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [644000 2021-03-10] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [emsisoft anti-malware] => C:\Program Files\Emsisoft Anti-Malware\a2guard.exe [9279944 2021-08-04] (Emsisoft Ltd -> Emsisoft Ltd)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6206360 2021-03-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [Sagede.OfficeLine.Preload] => C:\Program Files (x86)\Sage\Sage 100\8.1\Shared\Sagede.OfficeLine.Preload.exe [92280 2020-02-07] (Sage GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [446392 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
HKU\S-1-5-21-3019209387-3580376990-4160707215-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Datei ist nicht signiert]
HKLM\...\Print\Monitors\PDF-XChange4: C:\Windows\system32\pxc40pm.dll [56960 2012-06-18] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
Startup: C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook 2016.lnk [2016-12-23]
ShortcutTarget: Outlook 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Fax and Scan.lnk [2016-12-23]
ShortcutTarget: Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Windows -> Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1B46F436-D342-4F4F-8940-09F998D78833} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {518BF753-498B-473B-950A-1B345A121A96} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {79B1D49D-80BB-482E-BFD8-DEF6B09B2B33} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {824A4E57-FED1-4D05-B3DB-4A2867A5322E} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [53800 2016-11-01] (Oracle America, Inc. -> Oracle Corporation)
Task: {927FB430-C689-4592-BB77-9E71CE01128B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282280 2021-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9AD1450C-DD6F-4C1C-883F-C4302E1C0C77} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8C02296-A976-4AC5-A8A6-A8723B302500} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4282280 2021-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA9CAAC4-19A0-44D7-9104-6B7E011FF3E7} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4630208 2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
Task: {F07B1EDE-336A-4F7F-82E2-022DDDEFFA36} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-19] (Mozilla Corporation -> Mozilla Foundation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5f8b09fa-c5e6-4b61-8b1f-c6eb30fab4fe}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{7a9e967f-af9c-44ff-a864-d32b992ceab8}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Emsisoft Browser Security) -> EdgeExtension_24598EmsisoftEmsisoftBrowserSecurity_qx27tcjycwb5c => C:\Program Files\WindowsApps\24598Emsisoft.EmsisoftBrowserSecurity_2018.12.10.0_neutral__qx27tcjycwb5c [2019-08-14]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Sonja\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-05]
Edge Extension: (Emsisoft Browser Security) - C:\Users\Sonja\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlpdpddffjddlfdbllimedpemaodbjgn [2021-08-05]
FireFox:
========
FF DefaultProfile: ye5q5pbd.default
FF ProfilePath: C:\Users\Sonja\AppData\Roaming\Mozilla\Firefox\Profiles\ye5q5pbd.default [2021-08-20]
FF DownloadDir: E:\Downloads
FF Extension: (Emsisoft Browser Security) - C:\Users\Sonja\AppData\Roaming\Mozilla\Firefox\Profiles\ye5q5pbd.default\Extensions\{b21882eb-3211-44dc-964b-e6f35b33061f}.xpi [2021-06-06]
FF Extension: (Add-ons Search Detection) - C:\Users\Sonja\AppData\Roaming\Mozilla\Firefox\Profiles\ye5q5pbd.default\features\{e6ad6ac8-7cac-4430-b1d5-e6c655bd7832}\addons-search-detection@mozilla.com.xpi [2021-08-16]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3019209387-3580376990-4160707215-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-11-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3019209387-3580376990-4160707215-1001: www.wansview.com/HYPlayer -> C:\Program Files (x86)\HYPlayer\npHYPlayer.dll [2016-09-22] (IPC) [Datei ist nicht signiert]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [11115616 2021-08-04] (Emsisoft Ltd -> Emsisoft Ltd)
R2 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [9022120 2021-03-10] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12952232 2021-03-10] (Acronis International GmbH -> )
R2 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1425256 2021-03-10] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1052280 2021-03-10] (Acronis International GmbH -> Acronis International GmbH)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6391536 2021-04-01] (Acronis International GmbH -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142128 2021-08-05] (Microsoft Corporation -> Microsoft Corporation)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1284360 2019-03-28] (Bayerisches Landesamt fuer Steuern -> )
R2 EmsiCommService; C:\Program Files\Emsisoft Anti-Malware\CommService.exe [14230080 2021-08-04] (Emsisoft Ltd -> Emsisoft Ltd)
R2 EppWsc; C:\Program Files\Emsisoft Anti-Malware\EppWsc.exe [1545368 2021-04-01] (Emsisoft Ltd -> Emsisoft Ltd)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-25] (HP) [Datei ist nicht signiert]
R2 HRAdminService; C:\Program Files (x86)\Sage\HR Services\HR Admin Service\HRAdminService.exe [17920 2021-06-29] (Sage GmbH) [Datei ist nicht signiert]
R2 HRLocalApplicationService; C:\Program Files (x86)\Sage\HR Services\HR Application Service Console Host\HRApplicationService.exe [20992 2021-06-29] (Sage GmbH) [Datei ist nicht signiert]
R2 HRWorkerService; C:\Program Files (x86)\Sage\HR Services\HR Worker Service\HRWorkerService.exe [122368 2021-06-29] (Sage GmbH) [Datei ist nicht signiert]
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4878840 2021-03-10] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2018-08-20] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2136488 2021-03-23] (Acronis International GmbH -> )
R2 MSSQL$SAGEOL2014; C:\Program Files\MSSQL\Instance\MSSQL12.SAGEOL2014\MSSQL\Binn\sqlservr.exe [372408 2017-07-06] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [393008 2019-06-16] (Microsoft Corporation -> Microsoft Corporation)
R2 SageCL56_MySQL64; C:\Sage\Sage New Classic\MySQL 560\bin\mysqld.exe [14531584 2017-09-13] () [Datei ist nicht signiert]
R2 SagedeAdministrationService81; C:\Program Files (x86)\Sage\Application Server\8.1\Sagede.ApplicationServer.Administration.Service.exe [15488 2019-04-15] (Sage GmbH -> Sage GmbH)
R2 SagedeApplicationServerService81; C:\Program Files (x86)\Sage\Application Server\8.1\Sagede.ApplicationServer.WindowsService.exe [14968 2019-04-15] (Sage GmbH -> Sage Gmbh)
R2 SagedeBlobStorageServer81; C:\Program Files (x86)\Sage\Blobstorage Server\8.1\Sagede.BlobStorageServer.exe [87160 2019-04-05] (Sage GmbH -> Sage GmbH)
R2 SageDeploymentService; C:\Program Files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe [177728 2021-02-01] (Sage GmbH -> Sage Software)
R2 SageLoggingService; C:\Program Files (x86)\Common Files\Sage Software Shared\Sagede.Shared.Logging.Service.exe [56960 2019-09-09] (Sage GmbH -> Sage GmbH)
R2 SageMultiUserService40; C:\Program Files (x86)\Common Files\Sage Software Shared\MultiUserServiceServer.exe [264248 2019-07-09] (Sage GmbH -> Sage GmbH)
R2 Sage_Classic_Line_Database_40; C:\Sage\Sage New Classic\Windows Dienst\CLDBS40.exe [167936 2014-01-07] (Sage Software) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$SAGEOL2014; C:\Program Files\MSSQL\Instance\MSSQL12.SAGEOL2014\MSSQL\Binn\SQLAGENT.EXE [613056 2017-07-06] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [566056 2019-06-16] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [254552 2019-06-16] (Microsoft Corporation -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7398360 2021-03-10] (Acronis International GmbH -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13086224 2020-07-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5910328 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 GoToAssist Remote Support Customer; "C:\Program Files (x86)\GoToAssist Remote Support Customer\1702\g2ax_service.exe" "Start=service" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2020-08-25] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 epp; C:\Program Files\Emsisoft Anti-Malware\epp.sys [155112 2020-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37776 2019-06-03] (Emsisoft Ltd -> Emsisoft Ltd)
S0 EppElam; C:\WINDOWS\System32\drivers\EppElam.sys [16808 2020-06-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Emsisoft Ltd)
R1 eppwfp; C:\Program Files\Emsisoft Anti-Malware\eppwfp.sys [126968 2020-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [720392 2021-04-01] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2021-04-01] (Acronis International GmbH -> Acronis International GmbH)
S3 MODEMCSA; C:\WINDOWS\system32\drivers\MODEMCSA.sys [28160 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
S0 ngelam; C:\WINDOWS\System32\drivers\ngelam.sys [15816 2021-03-10] (Microsoft Windows Early Launch Anti-Malware Publisher -> Acronis International GmbH)
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [179104 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S4 RsFx0300; C:\WINDOWS\System32\DRIVERS\RsFx0300.sys [247488 2015-01-30] (Microsoft Corporation -> Microsoft Corporation)
R1 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S4 RsFx0411; C:\WINDOWS\System32\DRIVERS\RsFx0411.sys [261792 2018-07-26] (Microsoft Corporation -> Microsoft Corporation)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2021-04-01] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [175648 2021-04-01] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2021-04-01] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2021-04-01] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2021-04-01] (Acronis International GmbH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-08-20 08:47 - 2021-08-20 08:54 - 000000000 ____D C:\FRST
2021-08-19 20:37 - 2021-08-19 20:37 - 001627092 _____ C:\WINDOWS\Minidump\081921-12031-01.dmp
2021-08-19 20:37 - 2021-08-19 20:37 - 000000000 ____D C:\WINDOWS\Minidump
2021-08-19 20:36 - 2021-08-19 20:36 - 1442639989 _____ C:\WINDOWS\MEMORY.DMP
2021-08-19 13:47 - 2021-08-19 13:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-19 13:31 - 2021-08-19 20:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-08-16 12:06 - 2021-08-16 12:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-16 12:06 - 2021-08-16 12:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-16 12:06 - 2021-08-16 12:06 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-16 12:06 - 2021-08-16 12:06 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-16 12:06 - 2021-08-16 12:06 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-16 12:06 - 2021-08-16 12:06 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-16 12:06 - 2021-08-16 12:06 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-16 12:00 - 2021-08-16 12:00 - 000000000 ___HD C:\$WinREAgent
2021-08-10 17:57 - 2021-08-10 17:57 - 000002592 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-08-10 17:57 - 2021-08-10 17:57 - 000002588 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-08-10 17:57 - 2021-08-10 17:57 - 000002567 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-08-10 17:57 - 2021-08-10 17:57 - 000002545 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-08-10 17:57 - 2021-08-10 17:57 - 000002542 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-08-10 17:57 - 2021-08-10 17:57 - 000002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-08-10 17:57 - 2021-08-10 17:57 - 000002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-08-10 17:57 - 2021-08-10 17:57 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-08-10 17:57 - 2021-08-10 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2021-08-20 08:54 - 2020-07-17 17:13 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5C3C4585-FD46-400D-949B-0A9AB2090ED2}
2021-08-20 08:54 - 2016-12-24 12:46 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2021-08-20 08:33 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-20 08:33 - 2019-02-04 19:01 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-20 08:32 - 2020-07-17 17:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-20 08:32 - 2020-07-17 17:03 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-20 08:32 - 2020-06-29 16:35 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-08-20 08:32 - 2016-12-23 20:47 - 000000000 ____D C:\Users\Sonja\AppData\LocalLow\Mozilla
2021-08-20 08:32 - 2016-12-23 17:02 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-20 08:32 - 2016-12-23 16:34 - 000000000 __SHD C:\Users\Sonja\IntelGraphicsProfiles
2021-08-19 20:46 - 2020-07-17 17:04 - 000000000 ____D C:\Users\SQLTELEMETRY$SQLEXPRESS
2021-08-19 20:46 - 2020-07-17 17:04 - 000000000 ____D C:\Users\Sonja
2021-08-19 20:46 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-19 20:37 - 2020-07-17 17:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-19 20:37 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-19 20:36 - 2016-12-23 20:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-19 13:47 - 2016-12-23 20:47 - 000001241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-19 13:18 - 2017-03-25 13:53 - 000000000 ____D C:\Users\Sonja\AppData\Roaming\Sage
2021-08-19 12:45 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-19 12:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-19 12:26 - 2020-07-17 17:13 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-19 12:26 - 2020-07-17 17:13 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-16 17:25 - 2020-07-17 17:03 - 000648192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-16 17:24 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-16 17:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-16 17:24 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-16 17:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-16 17:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-16 17:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-16 17:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-16 17:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-16 17:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-16 17:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-16 17:24 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-16 12:08 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-16 11:35 - 2016-12-23 17:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-16 11:33 - 2020-06-22 10:12 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-16 11:31 - 2016-12-23 17:26 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-10 17:56 - 2016-12-23 17:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-08-10 11:20 - 2017-12-14 09:54 - 000000000 ____D C:\Users\Sonja\AppData\Local\Packages
2021-08-09 10:30 - 2020-07-17 17:13 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3019209387-3580376990-4160707215-1001
2021-08-09 10:30 - 2020-07-17 17:04 - 000002408 _____ C:\Users\Sonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-09 10:30 - 2016-12-23 16:24 - 000000000 ___RD C:\Users\Sonja\OneDrive
2021-08-05 18:16 - 2017-02-13 18:33 - 000000000 ____D C:\Users\Sonja\AppData\Local\CrashDumps
2021-08-05 15:56 - 2017-02-20 13:17 - 000000000 ____D C:\HRnextZVK
2021-08-04 13:40 - 2021-01-22 11:40 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2011-01-31 14:38 - 2011-01-31 14:38 - 000046496 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft.InteropFormTools.dll
2017-03-11 20:16 - 2017-03-11 20:24 - 517914592 _____ () C:\Users\Sonja\AppData\Local\AcronisTrueImage2017_8029.exe
2017-04-12 18:18 - 2017-04-12 18:25 - 517907000 _____ () C:\Users\Sonja\AppData\Local\AcronisTrueImage2017_8041.exe
2017-04-30 16:22 - 2017-04-30 16:35 - 513569984 _____ () C:\Users\Sonja\AppData\Local\AcronisTrueImage2017_8053.exe
2017-06-25 14:04 - 2017-06-25 14:17 - 513568528 _____ () C:\Users\Sonja\AppData\Local\AcronisTrueImage2017_8058.exe
2016-12-27 16:54 - 2016-12-28 13:26 - 000000256 _____ () C:\Users\Sonja\AppData\Local\HROnlineUpdateConfiguration.xml
2017-02-10 11:08 - 2017-02-10 13:28 - 000019057 _____ () C:\Users\Sonja\AppData\Local\HRServiceUpdateLog.log
2016-12-23 17:33 - 2016-12-23 17:33 - 000000017 _____ () C:\Users\Sonja\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
| Themen zu Windows 10: ungewöhnliches Verhalten des Computers |
| acer, administrator, bonjour, computer, dateien, defender, home, internet, logfile, microsoft, mozilla, neu, nvidia, ordner, port, prozesse, prüfen, realtek, registry, scan, security, server, treiber, updates, windows |
Baum-Darstellung