Zurück   Trojaner-Board > Malware entfernen > Diskussionsforum

Diskussionsforum: Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!

Windows 7 Hier sind ausschließlich fachspezifische Diskussionen erwünscht. Bitte keine Log-Files, Hilferufe oder ähnliches posten. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Bereinigungen von nicht ausgebildeten Usern sind hier untersagt. Wenn du dir einen Virus doer Trojaner eingefangen hast, eröffne ein Thema in den Bereinigungsforen oben.

Antwort
Alt 15.01.2022, 18:10   #1
gandatronkea
 
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Standard

Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!



Hi Zusammen,

ich bekomme seit 3 Monaten ca 1x pro Monat einen Sicherheitsalarm von der Telekom per Email & Brief. Mit "Die folgende IP-Adresse war Ihrem Anschluss an dem genannten Zeitpunkt zugeordnet:"
IP-Adresse: 91.20.xx.xx
Zeitpunkt: 09.01.2022 11:07:17 MEZ

Ich habe dort angerufen und eine Telekom Frau meinte ich hätte drei Schädlinge mit dem Namen "Bamital; Matsnu & Nymaim" . Diese versenden von meiner IP Emails oder greifen wo drauf zu. ?!?!?!

Zu wissen: An den Zeitpunkten (wie oben) war mein PC aus und es könnten nur Saugroboter und 3 Smarte Steckdosen sein ?!

Das aller erste mal das diese Sicherheitswarnung kam war im September an einem Wochenende wo ich noch nicht mal zu-hause war ! 100%
Das macht mir große Angst.

Meine Unternehmungen:
FRST64.exe scan
Bitdefener scan
Smarte Steckdosen rausgezogen (am 09.01. waren sie nicht am Strom...)
Logfile vom Router

Könnt ihr weiterhelfen?
VIELEN DANK

Logfile vom Router vom letzten Zeitpunkt : 09.01.2022 11:07:17
Code:
ATTFilter
09.01.2022 14:50:53 (NT101)	Das Gerät mit der Firmware Version 010137.4.9.002.0 hat die IPv6 Systemzeit erfolgreich aktualisiert.
09.01.2022 14:32:33 (H001)	DHCP ist aktiv: WLAN ESP11BAF2 50:02:91:11:ba:f2 191.168.2.153 255.255.255.0 191.168.2.1 191.168.2.1 1814400
09.01.2022 13:30:21 (W001)	WLAN-Station vom <5.0> Ghz Frequenzband abgemeldet: Rechnername: <Galaxy-S9>, Mac-Adresse: <5E:F6:F4:F1:40:97>
09.01.2022 13:26:23 (H001)	DHCP ist aktiv: WLAN Galaxy-S9-polzovatela-Olga 5e:f6:f4:f1:40:97 191.168.2.110 255.255.255.0 191.168.2.1 191.168.2.1 1814400
09.01.2022 13:26:21 (W019)	WLAN-Anmeldung via <5.0> Ghz Frequenzband erfolgreich: Rechnername: <Galaxy-S9>, Mac-Adresse: <5E:F6:F4:F1:40:97> verbunden mit SSID <WLANimir P.> mit <5.0> Ghz Frequenzband
09.01.2022 12:22:27 (FW001)	Firewall-Ereignis: Es wurde ein Ereignis [TCP SYN FLOOD IP] :  erkannt. Als Absender wurde die Adresse 41.231.108.25 : 62022 identifiziert. Als Empfänger wurde die 91.20.70.45 : 8008 identifiziert.
09.01.2022 12:22:27 (FW001)	Firewall-Ereignis: Es wurde ein Ereignis [TCP SYN FLOOD] :  erkannt. Als Absender wurde die Adresse 41.231.108.25 : 1796 identifiziert. Als Empfänger wurde die 91.20.70.45 : 9 identifiziert.
09.01.2022 11:55:49 (GW004)	WLAN-Anmeldung am Gastzugang wlan2.0 war erfolgreich: Rechnername:ESP02C440, Mac-Adresse: 50:02:91:02:C4:40.
09.01.2022 11:55:49 (GW005)	WLAN-Abmeldung am Gastzugang wlan2.0 war erfolgreich: Rechnername:ESP02C440, Mac-Adresse: 50:02:91:02:C4:40, IPv4-address 191.168.2.154.
09.01.2022 10:59:14 (H001)	DHCP ist aktiv: WLAN ESP02C440 50:02:91:02:c4:40 191.168.2.154 255.255.255.0 191.168.2.1 191.168.2.1 1814400
09.01.2022 09:17:16 (W001)	WLAN-Station vom <5.0> Ghz Frequenzband abgemeldet: Rechnername: <10eNEW>, Mac-Adresse: <CE:35:6A:1A:6B:1D>
09.01.2022 09:14:27 (H001)	DHCP ist aktiv: WLAN Galaxy-S10e ce:35:6a:1a:6b:1d 191.168.2.139 255.255.255.0 191.168.2.1 191.168.2.1 1814400
09.01.2022 09:14:26 (W019)	WLAN-Anmeldung via <5.0> Ghz Frequenzband erfolgreich: Rechnername: <10eNEW>, Mac-Adresse: <CE:35:6A:1A:6B:1D> verbunden mit SSID <WLANimir P.> mit <5.0> Ghz Frequenzband
09.01.2022 08:50:53 (NT101)	Das Gerät mit der Firmware Version 010137.4.9.002.0 hat die IPv6 Systemzeit erfolgreich aktualisiert.
09.01.2022 08:24:44 (GW004)	WLAN-Anmeldung am Gastzugang wlan2.0 war erfolgreich: Rechnername:ESPC87408, Mac-Adresse: 10:52:1C:C8:74:08.
09.01.2022 08:24:43 (GW005)	WLAN-Abmeldung am Gastzugang wlan2.0 war erfolgreich: Rechnername:ESPC87408, Mac-Adresse: 10:52:1C:C8:74:08, IPv4-address 191.168.2.152.
09.01.2022 08:21:15 (GW004)	WLAN-Anmeldung am Gastzugang wlan2.0 war erfolgreich
         
FRST LOG
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2022
Ran by Micha (administrator) on MICHA (Micro-Star International Co., Ltd. MS-7C52) (15-01-2022 17:15:37)
Running from F:\DownloadFF
Loaded Profiles: Micha
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1415 (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373547.inf_amd64_5f3ab38efc92cf9f\B373550\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373547.inf_amd64_5f3ab38efc92cf9f\B373550\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\25.0.1.194\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\odscanui.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe
(Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
(Discord Inc. -> Discord Inc.) C:\Users\Micha\AppData\Local\Discord\app-1.0.9003\Discord.exe <6>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\139.4.4896\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) F:\tmp\Games_nebenOrdner\Origin\OriginWebHelperService.exe
(GNE) [File not signed] C:\Program Files (x86)\Dual Monitor Tools\DMT.exe
(Károly Pados -> Károly Pados) C:\Program Files (x86)\TinyWall\TinyWall.exe <2>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <24>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe <2>
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3dd75df32535321a\RtkAudUService64.exe [1361000 2021-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8806688 2022-01-02] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Run: [Steam] => E:\Games\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Run: [GNE_DualMonitorTools] => C:\Program Files (x86)\Dual Monitor Tools\DMT.exe [705536 2016-02-01] (GNE) [File not signed]
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Run: [Spotify] => C:\Users\Micha\AppData\Roaming\Spotify\Spotify.exe [24731784 2021-11-26] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443968 2022-01-13] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Windows x64\Print Processors\us015PC: C:\Windows\System32\spool\prtprocs\x64\us015pc.dll [52088 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65488 2020-03-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\us015 Langmon: C:\WINDOWS\system32\us015lm.dll [31096 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-07] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03F121F6-7E76-4110-97D9-92E1E44F6290} - System32\Tasks\TinyWall Controller => C:\Program Files (x86)\TinyWall\TinyWall.exe [867080 2021-10-26] (Károly Pados -> Károly Pados)
Task: {0625CAC7-3A3A-459C-A6E1-07EC944912B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22840688 2021-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1037E8D6-3271-462F-A9CB-D1E0B8EA1AD1} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2021-11-10] (Advanced Micro Devices, Inc.) [File not signed]
Task: {283DC856-FBBE-45F8-9162-A46D560DBA91} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\25.0.1.194\WatchDog.exe [937064 2021-08-10] (Bitdefender SRL -> Bitdefender)
Task: {2CABB814-06F0-48DB-9205-1A242A47CDC8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {439C6CB5-5FDE-4A6D-960D-5F33C2AC04E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-14] (Google LLC -> Google LLC)
Task: {57577966-B261-4A82-9439-906F88176976} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (No File)
Task: {59162E6D-5F72-4338-AC33-D5CDA1D2144A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-11-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {5946F92B-A408-4C97-888F-16452112FBCA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6D147DFD-DCB6-4A0D-BF4B-D8D5424A7FD7} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-11-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {75356371-DFE8-4680-BACD-FD9A91A9A291} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F40635C-FAF2-4406-9E37-A6F8B9737977} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22840688 2021-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {81474BB0-0EDE-4B68-A2AC-ABA1D0978EE9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1620888 2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {85F253FE-C2C7-48D4-AA68-13B823427244} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {8CF4B3A5-4722-4695-9954-7E7BA705E6C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-14] (Google LLC -> Google LLC)
Task: {9D3AA858-539B-481A-ACA9-A6EB2835ADBF} - System32\Tasks\Opera scheduled assistant Autoupdate 1595762747 => C:\Users\Micha\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Micha\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A3FE6C0B-2F32-4894-B503-04854167112D} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-11-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {BA858A27-EC6A-4EF5-A814-3E8A48B266E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE4F282F-DF94-45C3-A578-48C41D3ACA87} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {C02B86F6-37BC-4AD3-ADEE-DC7501926B70} - System32\Tasks\Opera scheduled Autoupdate 1595762743 => C:\Users\Micha\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {D3FA36B6-FE75-4B44-8846-D9D18788B5AE} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-11-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {DE0C9987-099B-40F7-BC21-E32BBA359C03} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1175342-2B4B-4673-93A5-7EB80A7C6235} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {EA008909-2DB0-4228-9F3F-FA131D06B890} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [580696 2021-12-21] (Bitdefender SRL -> Bitdefender)
Task: {F7813658-A2BC-4C2D-BA40-B894000A6D98} - System32\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A} => C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe -> /i "C:\Users\Micha\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi" AI_SETUPEXEPATH="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe" SETUPEXEDIR="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\" ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS="1" PRIMARYFOLDER="APPDIR" ROOTDRIVE="E:\" AI_PREREQFILES="C:\Users\Micha\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites\Visual C++ Redistributable for Visual Studio 2015-2019\VC_redist.x64.exe" AI_PREREQDIRS="C:\Users\Micha\AppData\Roaming" AI_MISSING_PREREQS="Visual C++ Redistributable for Visual Studio 2017 x64" AI_SETUPEXEPATH="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe" SETUPEXEDIR="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\" AI_INSTALL="1" BIPROCESSTIME="2020-07-20T11:22:01.1731459Z" TARGETLOCKED="TRUE" TARGETDIR="E:\" APPDIR="C:\Program Files (x86)\Wizards of the Coast\MTGA\" AI_SETUPEXEPATH_ORIGINAL="C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job => C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exeѤ/i C:\Users\Micha\AppData\Local\Temp\MTGAinstall\MTGAInstaller.msi AI_SETUPEXEPATH=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe SETUPEXEDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\ ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS=1 PRIMARYFOLDER=APPDIR ROOTDRIVE=E:\ AI_PREREQFILES=C:\Users\Micha\AppData\Roaming\Wizards of the Coast\MTGA Launcher\prerequisites\Visual C++ Redistributable for Visual Studio 2015-2019\VC_redist.x64.exe AI_PREREQDIRS=C:\Users\Micha\AppData\Roaming AI_MISSING_PREREQS=Visual C++ Redistributable for Visual Studio 2017 x64 AI_SETUPEXEPATH=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe SETUPEXEDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\ AI_INSTALL=1 BIPROCESSTIME=2020-07-20T11:22:01.1731459Z TARGETLOCKED=TRUE TARGETDIR=E:\ APPDIR=C:\Program Files (x86)\Wizards of the Coast\MTGA\ AI_SETUPEXEPATH_ORIGINAL=C:\Program Files (x86)\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.93.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{aee9ba6a-ea49-42ba-bfef-0bc92c3370eb}: [NameServer] 1.1.1.1

Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Micha\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-01]

FireFox:
========
FF DefaultProfile: 30kp1i8c.default
FF ProfilePath: C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\30kp1i8c.default [2021-02-02]
FF ProfilePath: C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release [2022-01-15]
FF DownloadDir: F:\DownloadFF
FF Notifications: Mozilla\Firefox\Profiles\kwlm1iu3.default-release -> hxxps://www.lieferando.de; hxxps://untap.in
FF Extension: (English United States Dictionary) - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release\Extensions\@unitedstatesenglishdictionary.xpi [2022-01-14]
FF Extension: (German Dictionary) - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release\Extensions\de-DE@dictionaries.addons.mozilla.org.xpi [2020-04-21]
FF Extension: (Privacy Badger) - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-11-29]
FF Extension: (uBlock Origin) - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-01-03]
FF Extension: (MetaMask) - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release\Extensions\webextension@metamask.io.xpi [2021-12-28]
FF Extension: (Nano Defender for Firefox) - C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\kwlm1iu3.default-release\Extensions\{fcf60470-b210-4c17-969e-9ae01491071e}.xpi [2020-10-13]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2021-08-09] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-Tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-09-17] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2021-08-16] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2020-05-04] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-02-02] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-02-02] <==== ATTENTION

Chrome: 
=======
CHR Profile: C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default [2022-01-15]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.reddit.com
CHR Extension: (Präsentationen) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-14]
CHR Extension: (Docs) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-14]
CHR Extension: (Google Drive) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (YouTube) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-16]
CHR Extension: (Tabellen) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-14]
CHR Extension: (Binance Wallet) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbohimaelbohpjbbldcngcnapndodjp [2022-01-08]
CHR Extension: (Better Cardmarket (MTG) unofficial) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplghokcfgbdedalpmbmjlafpagclbef [2020-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-28]
CHR Extension: (Bitdefender Anti-Tracker) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2021-02-02]
CHR Extension: (polkadot{.js} extension) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-01-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (Nash Extension) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\onofpnbbkehpmmoabgpcpmigafmmnjhl [2021-04-06]
CHR Extension: (Google Mail) - C:\Users\Micha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\hydra.sdk.windows.service.exe [198256 2021-01-25] (Pango Inc. -> AnchorFree Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2021-12-21] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2021-12-21] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [1899112 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [256616 2021-10-04] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12121040 2021-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-01-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-03-17] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11174464 2022-01-13] (Logitech Inc -> Logitech, Inc.)
R2 MicronCacheMonitor; C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe [689152 2016-07-26] (Micron Technology, Inc.) [File not signed]
S3 Origin Client Service; F:\tmp\Games_nebenOrdner\Origin\OriginClientService.exe [2533952 2021-01-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; F:\tmp\Games_nebenOrdner\Origin\OriginWebHelperService.exe [3479112 2021-01-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [785512 2021-08-10] (Bitdefender SRL -> Bitdefender)
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2021-03-18] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TinyWall; C:\Program Files (x86)\TinyWall\TinyWall.exe [867080 2021-10-26] (Károly Pados -> Károly Pados)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [284760 2021-12-21] (Bitdefender SRL -> Bitdefender)
S3 VBoxSDS; I:\Programme_SSD\VirtualBox\VBoxSDS.exe [694016 2020-04-09] (Oracle Corporation -> Oracle Corporation)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821896 2021-12-21] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-02-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [43336 2021-07-07] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_50fee1227e96ec14\amdsafd.sys [100792 2021-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0373547.inf_amd64_5f3ab38efc92cf9f\B373550\amdkmdag.sys [80536104 2021-11-11] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [3864480 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [800672 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-20] (Microsoft Windows Early Launch Anti-Malware Publisher -> Bitdefender)
S3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [32152 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> © Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [55864 2021-11-30] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1188744 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [185312 2020-10-07] (Bitdefender SRL -> Bitdefender)
S3 ksaud; C:\WINDOWS\system32\drivers\ksaud.sys [2116824 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-06-28] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-06-28] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-06-28] (Logitech Inc -> Logitech)
R1 mtihint; C:\Windows\system32\Drivers\mtihint.sys [18504 2015-07-13] (Micron Technology, Inc. -> Micron Technology, Inc.) [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [623008 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [237384 2020-04-09] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [248264 2020-04-09] (Oracle Corporation -> Oracle Corporation)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [483728 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-02-02] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-02-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-02-02] (Microsoft Windows -> Microsoft Corporation)
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-15 17:15 - 2022-01-15 17:16 - 000000000 ____D C:\FRST
2022-01-15 12:34 - 2022-01-15 12:34 - 000000000 ___HD C:\$WinREAgent
2022-01-13 18:44 - 2022-01-13 18:44 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2022-01-13 18:44 - 2022-01-13 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-01-13 18:44 - 2022-01-13 18:44 - 000000000 ____D C:\Program Files\LGHUB
2022-01-06 12:09 - 2022-01-06 12:13 - 000000000 ____D C:\Program Files\Sublime Text 3
2022-01-06 11:51 - 2022-01-06 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-01-02 00:57 - 2022-01-02 00:57 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-01-02 00:57 - 2022-01-02 00:57 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-01-02 00:57 - 2022-01-02 00:57 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-01-02 00:57 - 2022-01-02 00:57 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-12-28 09:44 - 2021-12-28 09:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-18 11:17 - 2021-12-18 11:17 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-18 09:00 - 2021-12-18 09:00 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-18 09:00 - 2021-12-18 09:00 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-18 08:59 - 2021-12-18 08:59 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-18 08:59 - 2021-12-18 08:59 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-15 17:15 - 2020-04-21 16:34 - 000000000 ____D C:\Users\Micha\AppData\Roaming\discord
2022-01-15 17:11 - 2020-04-08 19:31 - 000000000 ____D C:\Users\Micha\Documents\Outlook-Dateien
2022-01-15 17:06 - 2020-04-09 06:47 - 000000000 ____D C:\ProgramData\TinyWall
2022-01-15 17:02 - 2020-04-21 16:34 - 000000000 ____D C:\Users\Micha\AppData\Local\Discord
2022-01-15 16:57 - 2020-07-14 09:46 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-15 16:38 - 2021-11-22 13:28 - 000000000 ____D C:\Users\Micha\AppData\Local\LGHUB
2022-01-15 16:38 - 2020-07-12 04:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-15 15:15 - 2021-12-01 19:19 - 000000000 ____D C:\Users\Micha\Documents\Acrobat Pro DC 2020.006.20042
2022-01-15 14:05 - 2020-05-02 13:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-01-15 14:02 - 2020-07-12 04:09 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-15 14:02 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-15 12:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-15 11:19 - 2019-03-19 06:07 - 000000000 ____D C:\Users\Micha\AppData\Local\Packages
2022-01-15 10:58 - 2021-04-11 14:54 - 000003098 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2022-01-15 10:58 - 2020-04-14 12:48 - 000000000 ____D C:\Users\Micha\AppData\Roaming\WTablet
2022-01-14 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-14 17:52 - 2020-07-14 09:46 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-14 17:52 - 2020-07-14 09:46 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-14 17:48 - 2020-04-08 09:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-14 17:46 - 2020-04-08 09:42 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-13 19:35 - 2021-05-09 19:30 - 000000000 ____D C:\Users\Micha\AppData\Roaming\station-electron
2022-01-13 18:45 - 2021-11-22 13:29 - 000000000 ____D C:\Users\Micha\AppData\Roaming\LGHUB
2022-01-13 18:44 - 2020-04-08 19:37 - 000000000 ____D C:\Users\Micha\AppData\Local\Dropbox
2022-01-13 18:43 - 2020-07-12 04:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-13 18:43 - 2020-07-12 04:03 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-13 18:43 - 2020-04-08 14:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-13 18:43 - 2020-04-08 13:58 - 000000000 ____D C:\Users\Micha\AppData\LocalLow\Mozilla
2022-01-13 18:43 - 2020-04-08 13:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-13 18:43 - 2019-12-07 10:03 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2022-01-10 22:10 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-08 18:58 - 2020-11-20 11:10 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-08 18:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-08 18:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-07 21:16 - 2020-04-08 16:56 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-07 20:07 - 2020-07-14 09:48 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-07 20:07 - 2020-07-14 09:48 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-06 12:13 - 2020-04-23 15:59 - 000000000 ____D C:\Users\Micha\AppData\Local\Sublime Text 3
2022-01-06 11:51 - 2020-04-08 19:37 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-01-03 12:13 - 2021-11-20 17:16 - 000000000 ____D C:\Users\Micha\AppData\Roaming\Firefly
2022-01-03 12:07 - 2021-11-20 17:16 - 000002423 _____ C:\Users\Micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefly.lnk
2022-01-03 12:07 - 2021-11-20 17:16 - 000002415 _____ C:\Users\Micha\Desktop\Firefly.lnk
2022-01-03 11:38 - 2020-12-01 19:47 - 000000000 ____D C:\Users\Micha\AppData\Local\AMD_Common
2021-12-28 09:44 - 2020-04-08 13:58 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-18 11:18 - 2020-07-12 04:03 - 000482504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-18 11:17 - 2019-12-07 15:49 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-12-18 11:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-18 09:22 - 2020-07-12 04:07 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-12-18 09:03 - 2020-04-08 09:02 - 000000000 ____D C:\Users\Micha\AppData\Local\PlaceholderTileLogoFolder
2021-12-18 08:49 - 2021-11-23 12:23 - 000116200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2021-12-18 08:49 - 2020-05-17 12:53 - 002225640 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-12-18 08:49 - 2020-05-17 12:53 - 000333288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-12-18 08:49 - 2020-05-17 12:53 - 000217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-12-18 08:49 - 2020-05-17 12:53 - 000197048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-12-18 08:49 - 2020-05-17 12:53 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-12-18 08:49 - 2020-05-17 12:53 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-12-16 18:32 - 2020-05-08 07:31 - 000000117 ___RH C:\WINDOWS\ctfile.rfc
2021-12-16 18:10 - 2021-11-28 17:14 - 000000000 ____D C:\Users\Micha\AppData\Roaming\ASGARDEX

==================== Files in the root of some directories ========

2021-01-13 23:26 - 2021-01-13 23:26 - 000000048 ____H () C:\Program Files (x86)\idik7cmdwx.dat
2020-05-01 20:07 - 2020-05-01 20:07 - 000000410 _____ () C:\Users\Micha\AppData\Local\oobelibMkey.log
2021-11-18 11:32 - 2021-11-18 11:32 - 000004882 _____ () C:\Users\Micha\AppData\Local\recently-used.xbel
2020-08-11 17:39 - 2020-08-11 17:39 - 000000017 _____ () C:\Users\Micha\AppData\Local\resmon.resmoncfg

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\WINDOWS\system32\xactengine2_8.dll [2007-06-20] <==== ATTENTION (zero byte File/Folder)

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
         
ADDITION LOG

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2022
Ran by Micha (15-01-2022 17:17:50)
Running from F:\DownloadFF
Microsoft Windows 10 Pro Version 21H1 19043.1415 (X64) (2020-07-12 03:07:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4047565373-3235933586-3377775174-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4047565373-3235933586-3377775174-503 - Limited - Disabled)
Guest (S-1-5-21-4047565373-3235933586-3377775174-501 - Limited - Disabled)
Micha (S-1-5-21-4047565373-3235933586-3377775174-1001 - Administrator - Enabled) => C:\Users\Micha
WDAGUtilityAccount (S-1-5-21-4047565373-3235933586-3377775174-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.11.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{aebb22c8-1fcb-4e7d-92ae-98f1012da7a2}) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.) Hidden
ASGARDEX 0.5.0 (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\5bcaf717-02bc-561e-bd5c-5ecf0e404bb5) (Version: 0.5.0 - ASGARDEX Maintainers)
Assassin's Creed Odyssey Gold Edition ReRelease MULTi2 1.5.3 (HKLM-x32\...\Assassin's Creed Odyssey Gold Edition ReRelease MULTi2 1.5.3) (Version: 1.5.3 - x.X.RIDDICK.X.x)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 25.0.1.194 - Bitdefender)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 25.0.10.52 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 25.4.4.44 - Bitdefender)
Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
Creative ASIO (USB) (HKLM-x32\...\Creative_ASIO(USB)) (Version: 1.00 - Creative Technology Limited)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Crucial Storage Executive (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Crucial Storage Executive 5.05.082019.02) (Version: 5.05.082019.02 - Crucial)
Crusader Kings III Royal Edition Incl. Update 1 MULTi7 5482039 (HKLM-x32\...\Crusader Kings III Royal Edition Incl. Update 1 MULTi7 5482039) (Version: 5482039 - x.X.RIDDICK.X.x)
CrystalDiskMark 7.0.0h (HKLM\...\CrystalDiskMark7_is1) (Version: 7.0.0h - Crystal Dew World)
Cyberpunk 2077 MULTi18 - ElAmigos version 1.03 (HKLM-x32\...\{8A985B76-8BB5-4325-92DB-E3B9F8A62D1F}_is1) (Version: 1.03 - CD PROJEKT RED)
Discord (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.05 - Creative Technology Limited)
DOOM Eternal Deluxe Edition (HKLM-x32\...\DOOM Eternal Deluxe Edition_is1) (Version: 1.0.0.0 - Bethesda Softworks)
DOOM Eternal Deluxe Edition Convert Steam to Bethesda MULTi2 1.0 (HKLM-x32\...\DOOM Eternal Deluxe Edition Convert Steam to Bethesda MULTi2 1.0) (Version: 1.0 - x.X.RIDDICK.X.x)
Dropbox (HKLM-x32\...\Dropbox) (Version: 139.4.4896 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden
Dual Monitor Tools (HKLM-x32\...\{14DF3258-CA2F-4166-9713-EB7BB9D55307}) (Version: 2.3.0.0 - GNE)
Epic Games Launcher (HKLM-x32\...\{07D9F8F3-EC99-4133-919D-DA341C62937C}) (Version: 1.1.298.0 - Epic Games, Inc.)
Exodus (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\exodus) (Version: 21.7.17 - Exodus Movement Inc)
Firefly 1.3.2 (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\5892dd0c-8983-51d7-b337-6e1d1da9ad4b) (Version: 1.3.2 - IOTA Foundation)
GameInput Redistributable (HKLM-x32\...\{AD78C5EF-EAAF-12E7-83A3-B335A79A3DB1}) (Version: 10.1.19041.1870 - Microsoft Corporation)
GIMP 2.10.20 (HKLM\...\GIMP-2_is1) (Version: 2.10.20 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.71 - Google LLC)
Hellblade: Senua's Sacrifice (HKLM-x32\...\1573355755_is1) (Version: 1.03 - GOG.com)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
IOTA DevNet Wallet 0.7.0 (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\99438aeb-e8ef-5e38-b45f-8f3a84170f98) (Version: 0.7.0 - Martyn Janes)
Iron Harvest Deluxe Edition MULTi13 5487982 (HKLM-x32\...\Iron Harvest Deluxe Edition MULTi13 5487982) (Version: 5487982 - x.X.RIDDICK.X.x)
K-Lite Mega Codec Pack 15.4.7 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.4.7 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.1.3492 - Logitech)
Microsoft 365 Apps for Enterprise - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.14729.20194 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.55 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.55 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Teams) (Version: 1.3.00.4461 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.67 - mIRC Co. Ltd.)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 95.0.2 (x64 de)) (Version: 95.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0.1 - Mozilla)
MTG Arena (HKLM\...\{5D99BC14-3C73-4413-8434-4C2E8704884F}) (Version: 0.1.3892 - Wizards of the Coast)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14729.20108 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.0.20 (HKLM\...\{A083A77B-5541-4C84-B420-B37C312BFFCC}) (Version: 6.0.20 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.90.46284 - Electronic Arts, Inc.)
PingPlotter 5 (HKLM-x32\...\{36813793-6997-4A21-A284-D80DA10F80F9}) (Version: 5.18.3.8189 - Pingman Tools, LLC) Hidden
PingPlotter 5 (HKLM-x32\...\PingPlotter 5 5.18.3.8189) (Version: 5.18.3.8189 - Pingman Tools, LLC)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8858.1 - Realtek Semiconductor Corp.)
RyzenMasterSDK (HKLM\...\{EFA9CC7C-F230-42A8-888B-5E7B6AE2DB12}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.21075.3 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.21075.3 - Samsung Electronics Co., Ltd.)
Sound Blaster X-Fi Surround 5.1 Pro (HKLM-x32\...\{05627579-2BA6-4DA2-8243-0EEF752EF14B}) (Version: 1.0 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\Spotify) (Version: 1.1.66.578.gc54d0f69 - Spotify AB)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.4461 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.2 - TeamSpeak Systems GmbH)
Terra Station 1.1.0 (HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\544bd55a-4210-5d1d-8eb2-7ec231919777) (Version: 1.1.0 - Terra)
TinyWall (HKLM-x32\...\{6A366BCB-2A38-4D2A-80FD-A5E0C32C97C8}) (Version: 3.2.3.0 - Károly Pados)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.93 - Samsung Electronics CO., LTD.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.38-2 - Wacom Technology Corp.)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)

Packages:
=========
Age of Empires II: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSPhoenix_101.101.43210.0_x64__8wekyb3d8bbwe [2020-12-03] (0)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-12-16] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_20.10420.5102.0_x64__8wekyb3d8bbwe [2020-05-12] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-09] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2021-12-15] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4047565373-3235933586-3377775174-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Micha\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4047565373-3235933586-3377775174-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Micha\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4047565373-3235933586-3377775174-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => F:\z_txt\!!_OnlineOrdner\Dropbox [2020-04-09 15:27]
CustomCLSID: HKU\S-1-5-21-4047565373-3235933586-3377775174-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [Test Dropbox] => F:\z_txt\!!_OnlineOrdner\Test Dropbox
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-11-11] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.51.0.dll [2021-10-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Micha\Desktop\DOOM Eternal.lnk -> E:\Games\DOOM Eternal Deluxe Edition\Run in English.bat ()

==================== Loaded Modules (Whitelisted) =============

2022-01-13 18:44 - 2022-01-13 18:43 - 000635904 _____ () [File not signed] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2021-04-21 03:39 - 2021-04-21 03:39 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-07-07 05:37 - 2021-07-07 05:37 - 000562688 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Device.dll
2021-07-07 05:37 - 2021-07-07 05:37 - 000058880 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Platform.dll
2021-11-10 14:51 - 2021-11-10 14:51 - 001711616 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2020-05-08 18:27 - 2004-11-16 16:06 - 000065536 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\CTAudSeu.dll
2020-05-08 18:27 - 2006-06-07 15:23 - 000126976 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\RC System\RCRx\RcHidUsb.dll
2020-05-08 18:26 - 2009-10-21 16:36 - 000163840 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\ShareDLL\CADI\ctcadi.dll
2020-05-08 18:26 - 2009-03-18 15:00 - 000151552 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\ShareDLL\CADI\CTCadiEP.dll
2020-05-08 18:27 - 2009-02-23 10:41 - 000413696 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\CTAudEp.dll
2020-05-08 18:27 - 2008-01-11 09:10 - 000065536 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\CTAudSeu.dll
2020-05-08 18:27 - 2005-01-06 16:26 - 000053248 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\CTIniFu.dll
2020-05-08 18:27 - 2007-03-07 13:07 - 000176128 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\CTThemeU.dll
2020-05-08 18:27 - 2006-03-31 16:26 - 000335872 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\GDICtrl.sku
2020-05-08 18:27 - 2007-03-07 13:56 - 000151552 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\GDICtrl2.sku
2020-05-08 18:27 - 2006-05-04 16:11 - 000110592 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\GDICtrl3.sku
2020-05-08 18:27 - 2006-03-28 15:21 - 000114757 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\RtxCtrl.sku
2020-05-08 18:27 - 2008-12-29 10:25 - 000077824 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanel.crl
2020-05-08 18:27 - 2007-12-13 16:36 - 000077824 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll
2020-05-08 18:27 - 2007-05-04 14:27 - 000233472 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\OSD\PanelSvc.dll
2020-05-08 18:27 - 2009-03-16 13:55 - 000020480 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\RC System\AudSet.crl
2020-05-08 18:27 - 2009-12-21 14:14 - 000065536 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\RC System\EAXCADI.DLL
2020-05-08 18:27 - 2009-04-03 13:50 - 000036963 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\RC System\EAXMod.dll
2020-05-08 18:27 - 2009-09-16 16:59 - 000009728 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\RC System\RCSystem.CRL
2020-05-08 18:27 - 2009-12-16 09:24 - 000323584 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Shared Files\Module Loader\RC System\RCSystem.dll
2020-05-08 18:27 - 2005-11-23 09:28 - 000040960 ____N (Creative Technology Ltd.) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\CtrlSrcU.dll
2020-04-08 13:56 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-04-08 09:15 - 2018-03-05 21:27 - 005529600 _____ (Micron Technology, Inc.) [File not signed] C:\Program Files\Crucial\Crucial Storage Executive\mticm.dll
2017-09-04 23:15 - 2017-09-04 23:15 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\AMD\CNext\CNext\D3DCompiler_47.dll
2020-04-19 22:59 - 2020-04-19 22:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-19 22:59 - 2020-04-19 22:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2020-11-30 17:54 - 2020-11-30 17:54 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] F:\tmp\Games_nebenOrdner\Origin\LIBEAY32.dll
2020-11-30 17:55 - 2020-11-30 17:54 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] F:\tmp\Games_nebenOrdner\Origin\ssleay32.dll
2020-11-30 17:54 - 2020-11-30 17:54 - 001611264 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\platforms\qwindows.dll
2021-01-26 19:54 - 2020-11-30 17:54 - 005487104 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\Qt5Core.dll
2021-01-26 19:54 - 2020-11-30 17:54 - 005841920 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\Qt5Gui.dll
2021-01-26 19:54 - 2020-11-30 17:54 - 001179136 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\Qt5Network.dll
2021-01-26 19:54 - 2020-11-30 17:54 - 000146432 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\Qt5WebSockets.dll
2021-01-26 19:54 - 2020-11-30 17:54 - 005089792 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\Qt5Widgets.dll
2021-01-26 19:54 - 2020-11-30 17:54 - 000184832 _____ (The Qt Company Ltd) [File not signed] F:\tmp\Games_nebenOrdner\Origin\Qt5Xml.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 03:39 - 2021-04-21 03:39 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2021-12-21] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-12-21] (Bitdefender SRL -> Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2021-12-21] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-12-21] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2021-12-21] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2021-12-21] (Bitdefender SRL -> Bitdefender)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-07] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\sharepoint.com -> hxxps://studuniduisburgessende-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Micha\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

Network Binding:
=============
Ethernet 4: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Local Area Connection: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4047565373-3235933586-3377775174-1001\...\StartupApproved\Run: => "GIMP Updater"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2B00AD7E-E05D-4279-85F2-5052E80C993F}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Nephise Begins\NephiseBegins.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D413AA39-EBF4-432A-AF43-FFF790BDC857}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Nephise Begins\NephiseBegins.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{959AFA95-7AAD-41AC-B2A5-B076DE600E7C}] => (Allow) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AB1F5B57-A4EC-4E59-AD31-ED8819728F37}] => (Allow) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{38E6A967-28FE-41CB-AA1F-F4D6B9E0FEA1}] => (Allow) E:\Games\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{E0FDEDAD-F0DB-40A2-B4C9-D0FF9FF267E1}] => (Allow) E:\Games\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{C37246C7-9999-49F1-B178-9446BCF2E55F}] => (Allow) E:\Games\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{DCADD24C-4E04-4504-B29A-FF3D01E0324B}] => (Allow) E:\Games\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe (Fatshark AB -> Fatshark AB)
FirewallRules: [{F1D2A35C-519D-42FE-8888-B61B1E3768D0}] => (Allow) E:\Games\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{71AAE5A9-0388-4E1C-A8A6-B502485E63F3}] => (Allow) E:\Games\Steam\steamapps\common\SMITE\Binaries\Win32\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{DD7E1954-2A34-424C-85D6-27F958608E9E}] => (Allow) E:\Games\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{54B23D6C-B3F3-4DF7-873E-652B2F9A854D}] => (Allow) E:\Games\Steam\steamapps\common\SMITE\Binaries\Win64\SmiteEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{6EE70BFB-4F96-4B1F-9F07-5423523A096B}] => (Allow) E:\Games\Steam\steamapps\common\Talisman\Talisman.exe () [File not signed]
FirewallRules: [{740EEFAE-D693-4416-8860-FFC37FFD50B7}] => (Allow) E:\Games\Steam\steamapps\common\Talisman\Talisman.exe () [File not signed]
FirewallRules: [{4A8A4450-84F2-4C1B-81AD-97D54C3E16DA}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{620E33CE-856D-4586-929E-01DD29FB19B8}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{A002BC16-E38F-47F3-9D41-792B93E0A3EC}] => (Allow) E:\Games\Steam\steamapps\common\Hunt Showdown\hunt.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{9BF531EA-CAEF-409F-AF9B-F2B0971EF59A}] => (Allow) E:\Games\Steam\steamapps\common\Hunt Showdown\hunt.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{AEFE7AB9-2EFB-4392-8941-14AC102CCB2C}] => (Allow) E:\Games\Steam\steamapps\common\Pummel Party\PummelParty.exe () [File not signed]
FirewallRules: [{EA246BA4-FFF7-4273-8B61-5383B41D62D8}] => (Allow) E:\Games\Steam\steamapps\common\Pummel Party\PummelParty.exe () [File not signed]
FirewallRules: [{D122D123-1C5C-45F5-A02F-4D08F1D63EA8}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{421F638B-7A90-4160-B5AF-A01842A24039}] => (Allow) E:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{4B8149F6-1973-4AF7-9508-4EC438DE12BC}] => (Allow) E:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{359B36AD-3BF2-4DEA-81F4-1F4766ED23BF}] => (Allow) E:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6D800EAC-E4E5-430E-90FC-C9EF8B052076}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DF75F7AA-C295-42E4-AEDC-25F6E624F12A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F7525EEF-9D48-47A4-9FCD-ACF485D5B557}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{DA287255-30FC-4EF0-992E-31C29CADEC33}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{E2506033-B42A-471B-8EBF-3970EDDF45EE}] => (Allow) C:\Users\Micha\AppData\Local\Programs\Opera\69.0.3686.77\opera.exe => No File
FirewallRules: [{FFEC9F6E-C769-47B2-804E-D59961C7CA0D}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Goat of Duty\GoatOfDuty.exe () [File not signed]
FirewallRules: [{95C8641F-9EB7-46DB-8ADA-1CF32472988D}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Goat of Duty\GoatOfDuty.exe () [File not signed]
FirewallRules: [{A6EE7161-096B-40B8-8B59-B50746FE3FB1}] => (Allow) E:\Games\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{EFDEBB3D-0097-41AF-BFCB-40214AAC8E6F}] => (Allow) E:\Games\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{FD3F6C22-EEAA-4605-82CC-99F13CFD22EA}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{0D900EBE-1970-44C8-9D92-5234D27E06FB}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{F390346B-664E-4CF6-BFED-4E6A22E0E65B}] => (Allow) E:\Games\Steam\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{75768A16-CD35-4117-B42F-9695DF1CBF52}] => (Allow) E:\Games\Steam\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{E741D90B-B2E9-4803-83B8-DAC36E661CE3}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7B6DCB6-90B0-41D0-A4AF-379348B8D1CF}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\AoE2DE\AoE2DE_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27CBF0D4-6167-45DA-ADB4-378E648FD7EB}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{A5FEA61D-A4DE-4434-B234-75BCDC0F45D5}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\AoE2DE\BattleServer\BattleServer.exe (Microsoft Corporation -> )
FirewallRules: [{96139129-D959-4EDC-A284-0DD1FFF252BD}] => (Allow) E:\Games\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{2013F7A2-D9E2-4F1D-9F53-E252C6346C9C}] => (Allow) E:\Games\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{93D6541A-9D2A-424D-BE3B-AB4DFDF0E440}] => (Allow) E:\Games\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{AC073516-C270-409C-BBC2-E8089385A89A}] => (Allow) E:\Games\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{050B3C71-B430-4596-823B-7EBD4C824290}] => (Allow) E:\Games\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B7A29C43-7BC9-47AF-8595-1D5FDF6DB7D4}] => (Allow) E:\Games\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{13C5E206-0209-4EAF-B175-C5D1640F85CE}] => (Allow) E:\Games\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe () [File not signed]
FirewallRules: [{B95BAEAD-4E26-4065-9591-6357C766D4DD}] => (Allow) E:\Games\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe () [File not signed]
FirewallRules: [{F73C14AA-FA9A-4E92-8869-A766215D08EF}] => (Allow) I:\Games\Origin_ssd\Command and Conquer Generals Zero Hour\Generals.exe () [File not signed]
FirewallRules: [{AB8F2D0A-ABFD-469B-8AF0-B5B293BA7FBF}] => (Allow) I:\Games\Origin_ssd\Command and Conquer Generals Zero Hour\Generals.exe () [File not signed]
FirewallRules: [{C2DEADD5-6926-4B7E-B469-B8032ED59DB9}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\World of Warships\WorldOfWarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{4F06B62E-4CB3-439B-B05F-11CA8D6D473F}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\World of Warships\WorldOfWarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{0592D5B9-AF88-4397-B58C-85302CFD8834}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{79A35F1F-E464-4B4C-A735-D8DAE6ABBDDD}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{24B2A7BA-1152-4A01-B2B1-EFC6B5555B16}] => (Allow) I:\Games\Steam_SSD\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B495F6CC-C686-4D0A-B435-A71249D3C2D2}] => (Allow) I:\Games\Steam_SSD\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38CADE31-6C75-44C3-860A-F3BE82496335}] => (Allow) C:\Program Files (x86)\PingPlotter 5\PingPlotter.exe (Pingman Tools -> )
FirewallRules: [{9095C526-083D-4B93-AC1A-8E7804CEF927}] => (Allow) C:\Program Files (x86)\PingPlotter 5\PingPlotter.exe (Pingman Tools -> )
FirewallRules: [{9C992AD8-AD83-4E3D-B67C-F2093AA3737D}] => (Allow) E:\Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{EE988DF1-4576-4F31-825D-9B8F3E186436}] => (Allow) E:\Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{48427A14-DE1B-42B7-81BA-51D6961F5B6F}] => (Allow) E:\Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{101CB37D-C607-41E0-ABF8-0791DC3141E8}] => (Allow) E:\Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{624E5C2B-BB04-4165-9DE2-E38EAE2F2BD7}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{D7B03B52-A52F-4187-BB17-87E8D04464DA}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{71255A76-DC1E-4703-8EB6-22B673FDEA0A}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{5933AF26-0307-416D-98A0-DF71916E05F3}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{1743CC5A-61D4-40D9-934C-92CCE67C6162}] => (Allow) F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{B0705AE8-0AC6-450E-AE41-A564A30073E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{866D6F63-08C4-4C8F-8AF0-7B3A12C916CD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43097B0E-C3CB-4C1D-A7B4-606BA211A6A8}] => (Allow) I:\Games\Steam_SSD\steamapps\common\Dread Hunger\DreadHunger.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{76DFC26F-B68F-47BC-A6B2-836926A97ECB}] => (Allow) I:\Games\Steam_SSD\steamapps\common\Dread Hunger\DreadHunger.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E3F9FB1C-5090-4AFE-8C1A-31BB85F27BCB}] => (Allow) E:\Games\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{B75ECCB7-A973-43E6-8FD7-247A68B92F53}] => (Allow) E:\Games\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{D3EBBBAB-5EE0-4923-A984-AA4E916A2353}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2FB4E345-0412-48AF-BE00-59EA25079A8E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D9537EB0-D8BB-43AE-99B9-880A4925D044}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{65C55B37-3E34-4EE6-8170-992B2011FB82}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52821764-7BE4-468C-9FCB-A0237907C414}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{90E3D79A-5F0A-4D7F-A887-1F409A8496D8}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.55\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

10-01-2022 19:35:22 Scheduled Checkpoint
15-01-2022 12:33:44 Windows Modules Installer
15-01-2022 12:34:13 Windows Modules Installer

==================== Faulty Device Manager Devices ============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/15/2022 10:54:14 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/13/2022 06:48:32 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/10/2022 07:24:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on Data (F:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (01/10/2022 07:21:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on Games (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (01/06/2022 11:57:27 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on Data (F:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (01/06/2022 11:55:02 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on Games (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (01/06/2022 11:51:28 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (01/06/2022 11:51:28 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.


System errors:
=============
Error: (01/13/2022 06:43:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error: 
The system cannot find the file specified.

Error: (01/13/2022 06:43:22 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.

Error: (01/10/2022 10:09:58 PM) (Source: DCOM) (EventID: 10010) (User: MICHA)
Description: The server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} did not register with DCOM within the required timeout.

Error: (01/10/2022 06:40:11 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (01/09/2022 04:50:02 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (01/06/2022 11:44:39 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (12/28/2021 10:46:00 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (12/28/2021 09:43:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error: 
The system cannot find the file specified.


Windows Defender:
================
Date: 2020-10-05 16:01:29
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-10-05 10:05:33
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-10-04 16:04:16
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2020-07-12 16:16:28
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.319.1323.0
Previous security intelligence Version: 1.313.1050.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 1.1.17200.2
Previous Engine Version: 1.1.17200.2
Error code: 0x80004004
Error description: Operation aborted 

Date: 2020-07-12 16:16:28
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.319.1323.0
Previous security intelligence Version: 1.313.1050.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 1.1.17200.2
Previous Engine Version: 1.1.17200.2
Error code: 0x80004004
Error description: Operation aborted 

CodeIntegrity:
===============
Date: 2021-12-22 12:29:36
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\PingPlotter 5\System.Reflection.Extensions.dll that did not meet the Microsoft signing level requirements.

Date: 2021-12-22 12:29:36
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\PingPlotter 5\System.Threading.dll that did not meet the Microsoft signing level requirements.

Date: 2021-12-22 12:29:36
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\PingPlotter 5\System.ObjectModel.dll that did not meet the Microsoft signing level requirements.

Date: 2021-12-22 12:29:36
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\PingPlotter 5\System.Xml.XDocument.dll that did not meet the Microsoft signing level requirements.

Date: 2021-12-22 12:29:36
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\PingPlotter 5\System.Diagnostics.Debug.dll that did not meet the Microsoft signing level requirements.

Date: 2021-12-22 12:29:36
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\PingPlotter 5\System.Threading.Tasks.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 3.51 02/13/2020
Motherboard: Micro-Star International Co., Ltd. B450M-A PRO MAX (MS-7C52)
Processor: AMD Ryzen 5 3600 6-Core Processor 
Percentage of memory in use: 68%
Total physical RAM: 16337.86 MB
Available physical RAM: 5214.43 MB
Total Virtual: 18769.86 MB
Available Virtual: 3732.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.7 GB) (Free:45.81 GB) NTFS
Drive d: (Games) (Fixed) (Total:105.08 GB) (Free:14.54 GB) NTFS
Drive e: (m2) (Fixed) (Total:784.18 GB) (Free:82.89 GB) NTFS
Drive f: (Data) (Fixed) (Total:1757.81 GB) (Free:167.86 GB) NTFS
Drive i: (SSD) (Fixed) (Total:367.19 GB) (Free:69.76 GB) NTFS
Drive p: (SSD2) (Fixed) (Total:98.57 GB) (Free:0.11 GB) NTFS

\\?\Volume{62e1f3cd-d61a-4528-b7af-55d034a0e8d8}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{38e219bc-e5bc-4015-b153-628288d389c2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 534C4394)
Partition 1: (Not Active) - (Size=98.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=367.2 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 669D3B0C)

Partition: GPT.

==================== End of Addition.txt =======================
         

Alt 16.01.2022, 11:44   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Standard

Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!



Zitat:
Adobe Flash Player 11 Plugin
Was macht denn so ein Uraltschrott auf diesem aktuellen Rechner mit RyZen 3600?
Das und weiterer Krempel muss unbedingt runter (siehe unnötige Programme deinstallieren), außerdem sieht dein FF-Profil versaut aus, das solltest du auch erneuern.

Störende, veraltete oder unnötige Programme deinstallieren

Bitte über Programme und Features (appwiz.cpl) deinstallieren:
  • Adobe Flash Player 11 Plugin
  • Bitdefender Agent
  • Bitdefender Antivirus Plus
  • Bitdefender VPN
  • Google Chrome (durch Mozilla Firefox ersetzen)
  • TinyWall



Firefox-Neuinstallation

Bitte den Firefox komplett neu installieren. Sichere - falls wichtig - vorher wichtige Lesezeichen, gespeicherte Passwörter etc.

1. aktuelles Firefox-Setup (für 64-Bit-Windows) runterladen
2. Firefox deinstallieren
3. den Ordner C:\Programme\Mozilla Firefox manuell löschen falls noch vorhanden
4. Firefox neu installieren über die in (1) heruntergeladene Setupdatei
5. Anschließend nochmal ein neues Profil erstellen siehe Profilverwaltung von Firefox
__________________

__________________

Alt 16.01.2022, 14:41   #3
gandatronkea
 
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Standard

Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!



Hi Cosinus!
Danke für die Hilfe, aber ich verstehe bei besten willen nicht, das alte und störende Programme mir jetzt den Virus/ Trojana etc. vom Leibe schaffen.

Und warum Soll ich den gekauften Bitdefender löschen? Und meine TinyFirewall?

FireFuchs installiere ich jetzt neu.

@ALL: Eine Idee was das von der Telekom sein könnte???Das meine InternetIP "böse" auffällt?!
__________________

Alt 16.01.2022, 14:51   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Standard

Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!



Zitat:
Und warum Soll ich den gekauften Bitdefender löschen? Und meine TinyFirewall?
Weil das unnötige/kontraproduktive Programme sind.
Und Sicherheit erreichst du nichtm, indem du einfach nur Programme aus bunten Pappschachteln installierst.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.01.2022, 18:25   #5
gandatronkea
 
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Icon24

Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!



Okay! Ihr seid die Experten*innen,

und nun? Sind nun die drei Malewaretypen weg?
Ich habe mal einen scan von EmsisoftAntiMalwareSetup64 durchgeführt. Er findet wie immer nichts.

@ALL hat noch jemand eine IDEE? Können es echt die Steckdosen sein? Habe die von LEDVANCE Smart Sockets (alle in einem eigenen WLAN)

Viele Grüße & seid lieb !


Alt 18.01.2022, 08:54   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Standard

Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!



adwCleaner

Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags.

adwcleaner bitte wiederholen falls es Funde gab.
__________________
--> Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!

Alt 19.01.2022, 19:21   #7
gandatronkea
 
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Standard

Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!



Danke. Hab ich gemacht. Es gab keine Funde.
Besteht wohl die möglichkeit, dass es ein smartes Gerät ist? Wie kann man diese "prüfen"?
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build:    11-18-2021
# Database: 2021-11-18.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    01-19-2022
# Duration: 00:00:14
# OS:       Windows 10 Pro
# Scanned:  32013
# Detected: 6


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.SamsungSmartSwitch   File   C:\Users\Micha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk 
Preinstalled.SamsungSmartSwitch   File   C:\Users\Public\Desktop\Smart Switch.lnk 
Preinstalled.SamsungSmartSwitch   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC 
Preinstalled.SamsungSmartSwitch   Folder   C:\Users\Micha\AppData\Roaming\SAMSUNG\SMART SWITCH PC 
Preinstalled.SamsungSmartSwitch   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7} 
Preinstalled.SamsungSmartSwitch   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7} 


AdwCleaner[S00].txt - [2493 octets] - [15/01/2022 17:30:04]
AdwCleaner[C00].txt - [1857 octets] - [15/01/2022 17:31:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
         

Alt 19.01.2022, 19:52   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Standard

Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!



Garnicht. Unsere Tools sind nur für Windows.
Da hier keine Malware ersichtlich ist, verschiebe nach ich nach Diskussion. Wär auch nicht das erste Mal, dass ein Provider mit so einem bescheuerten Brief seine Kunden aufscheucht man aber nichts finden kann, was die Behauptungen untermauert.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 19.01.2022, 20:00   #9
gandatronkea
 
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Standard

Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!



Okay. Danke.

Alt 19.01.2022, 20:03   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Standard

Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!



Du kannst abe rnoch Kontrollscans machen wenn du möchtest.

Kontrollscans mit MBAM und RK
Poste nach Abschluss der beiden Scans die Logs in CODE-Tags.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 19.01.2022, 20:03   #11
schlawack
 
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Standard

Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!



Zitat:
Wär auch nicht das erste Mal, dass ein Provider mit so einem bescheuerten Brief seine Kunden aufscheucht man aber nichts finden kann, was die Behauptungen untermauert.
cosinus, der Haken dabei ist aber: wenn man den Brief vom Provider einfach ignoriert, hat der die Möglichkeit, deinen Internetzugang zu sperren. Ich erinner mich das wir vor einigen Jahren mal einen Brief vom Telekom Mabuse Team bekamen wegen AOL Konto das missbraucht wurde als Spam Verschicker und daraufhin änderten wir das Passwort und scannten die 2 PC's mit 2 oder 3 verschiedenen Scannern die zum Glück nichts fanden, meldeten das der Telekom und dann war der Fall für uns erledigt.
__________________
Windows 10 64 Pro 22H2

Alt 19.01.2022, 20:24   #12
gandatronkea
 
Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Standard

Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!



Hi,
ja aber mehr als alles durchsuchen und mir echt mühe geben kann ich wohl nicht.
Wie gesagt habe andere Steckdosen nun im Betrieb....

Der Scan mit RougeKiller ergab :
Code:
ATTFilter
************************* Warnings *************************

************************* Updates *************************
7-Zip 19.00 (x64) (64-bit), version 19.00
  [+] Available Version        : 21.07
  [+] Size                     : 4,96 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\7-Zip\

CPUID CPU-Z 1.91 (64-bit), version 1.91
  [+] Available Version        : 1.99
  [+] Size                     : 4,52 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\CPUID\CPU-Z\

CrystalDiskMark 7.0.0h (64-bit), version 7.0.0h
  [+] Available Version        : 8.0.4
  [+] Size                     : 10,3 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\CrystalDiskMark7\

GIMP 2.10.20 (64-bit), version 2.10.20
  [+] Available Version        : 2.10.30
  [+] Size                     : 1,01 GB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\GIMP 2\

TeamSpeak 3 Client (64-bit), version 3.5.2
  [+] Available Version        : 3.5.6
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\TeamSpeak 3 Client

VLC media player (64-bit), version 3.0.11
  [+] Available Version        : 3.0.16
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\VideoLAN\VLC

Oracle VM VirtualBox 6.0.20 (64-bit), version 6.0.20
  [+] Available Version        : 6.1.32
  [+] Size                     : 1,03 GB
  [+] Wow6432                  : No
  [+] Portable                 : No

K-Lite Mega Codec Pack 15.4.7 (32-bit), version 15.4.7
  [+] Available Version        : 16.7.0
  [+] Size                     : 111 MB
  [+] Wow6432                  : Yes
  [+] Portable                 : No
  [+] update_location          : C:\Program Files (x86)\K-Lite Codec Pack\

Discord (64-bit), version 0.0.309
  [+] Available Version        : 1.0.9003
  [+] Size                     : 64,6 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Users\Micha\AppData\Local\Discord

Microsoft OneDrive (64-bit), version 19.232.1124.0010
  [+] Available Version        : 21.230.1107.0004
  [+] Size                     : 137 MB
  [+] Wow6432                  : No
  [+] Portable                 : No

Spotify (64-bit), version 1.1.66.578.gc54d0f69
  [+] Available Version        : 1.1.72.439.gc253025e
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Users\Micha\AppData\Roaming\Spotify


************************* Processes *************************

************************* Modules *************************

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************
>>>>>> O87 - Firewall
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{620E33CE-856D-4586-929E-01DD29FB19B8} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\GarrysMod\hl2.exe|Name=Garry's Mod| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4A8A4450-84F2-4C1B-81AD-97D54C3E16DA} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\GarrysMod\hl2.exe|Name=Garry's Mod| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D413AA39-EBF4-432A-AF43-FFF790BDC857} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Nephise Begins\NephiseBegins.exe|Name=Nephise Begins| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2B00AD7E-E05D-4279-85F2-5052E80C993F} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Nephise Begins\NephiseBegins.exe|Name=Nephise Begins| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FFEC9F6E-C769-47B2-804E-D59961C7CA0D} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Goat of Duty\GoatOfDuty.exe|Name=GOAT OF DUTY| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{95C8641F-9EB7-46DB-8ADA-1CF32472988D} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Goat of Duty\GoatOfDuty.exe|Name=GOAT OF DUTY| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FD3F6C22-EEAA-4605-82CC-99F13CFD22EA} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Phasmophobia\Phasmophobia.exe|Name=Phasmophobia| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0D900EBE-1970-44C8-9D92-5234D27E06FB} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Phasmophobia\Phasmophobia.exe|Name=Phasmophobia| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{79A35F1F-E464-4B4C-A735-D8DAE6ABBDDD} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\7 Days To Die\7dLauncher.exe|Name=7 Days to Die| -> Gefunden
└── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0592D5B9-AF88-4397-B58C-85302CFD8834} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\7 Days To Die\7dLauncher.exe|Name=7 Days to Die| -> Gefunden
>>>>>> XX - System Policies
└── [PUM.Policies (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Gefunden

************************* WMI *************************

************************* Hosts File *************************
is_too_big      : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts


************************* Filesystem *************************

************************* Web Browsers *************************

************************* Antirootkit *************************
         

Antwort

Themen zu Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!
100%, adware, antivirus, browser, converter, email, failed, firefox, flash player, google, internet, internet explorer, mozilla, object, port, realtek, registry, scan, security, shark, tcp, trojana; malware; telekom; dos; syn-flood, udp, usb, virtualbox, windows, wlan




Ähnliche Themen: Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!


  1. Nach infizierter Datei beim Virenscan werden es nach jedem Scan mehr Dateien auf die kein Zugriff besteht
    Plagegeister aller Art und deren Bekämpfung - 22.03.2021 (10)
  2. ESET Fund beim Scan
    Plagegeister aller Art und deren Bekämpfung - 23.02.2018 (14)
  3. Trojaner-Fund Win32/Matsnu!rfn
    Log-Analyse und Auswertung - 02.02.2018 (13)
  4. Malwarebytes-Scan mit Fund
    Log-Analyse und Auswertung - 17.06.2015 (28)
  5. Win 7 Resultate nach Rootscan Spybot, Microsoft safety scan, AVG Meldung Fund 1) MalSign.generic.712 Fund 2) MalSign.OpenCandy. 7AF
    Log-Analyse und Auswertung - 23.01.2015 (21)
  6. Trojaner-, Virus-Fund: TR/Crypt.ZPACK, TR/Matsnu.A, BDS/Androm.FRMN
    Plagegeister aller Art und deren Bekämpfung - 23.12.2014 (9)
  7. Malwarebytes-Scan mit Fund
    Log-Analyse und Auswertung - 12.09.2014 (19)
  8. Windows Vista: MBAM-Scan findet Schädlinge nach Identitätsdiebstahl
    Log-Analyse und Auswertung - 03.02.2014 (17)
  9. Avira Scan mit Fund
    Plagegeister aller Art und deren Bekämpfung - 17.09.2013 (11)
  10. Windows 7:Werde Viren nicht los TR/Matsnu.A.59,TR/Matsnu.A.56 und TR/BankZone.A.8
    Log-Analyse und Auswertung - 06.09.2013 (9)
  11. Zirkumflex ^ direkt doppelte Ausgabe, kein Trojaner Fund mit MBAM, trotzdem präventiver Scan + Logauswertung
    Log-Analyse und Auswertung - 20.01.2013 (11)
  12. ZeuS/Sbot - Telekom-mail - kein Fund
    Plagegeister aller Art und deren Bekämpfung - 29.11.2012 (24)
  13. Verschlüsselungstrojaner - kein Ergebnis beim Scan
    Plagegeister aller Art und deren Bekämpfung - 21.06.2012 (9)
  14. Kein zugrif auf Host file beim scan C:7windows/system327driver/etc/host
    Log-Analyse und Auswertung - 09.11.2010 (1)
  15. Hijacker Log Gdata Antivirus 2010 macht kein Update kein Scan ! (Dringend)
    Log-Analyse und Auswertung - 27.07.2010 (1)
  16. dnschanger, fakealert, kein Fund mit G data, Fund mit antimalwarebytes
    Log-Analyse und Auswertung - 07.06.2010 (11)

Zum Thema Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! - Hi Zusammen, ich bekomme seit 3 Monaten ca 1x pro Monat einen Sicherheitsalarm von der Telekom per Email & Brief. Mit "Die folgende IP-Adresse war Ihrem Anschluss an dem genannten - Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!...
Archiv
Du betrachtest: Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.