| |
| |||||||
Mülltonne: Windows 10_HKCU TrojanerWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
07.02.2022, 15:59
| #1 |
 |  Windows 10_HKCU Trojaner Hallo, mein Laptop ging vor ein paar Tagen ohne Grund aus. Seitdem fiel mir auf, dass er zeitweise sehr hoch fuhr und die Auslastung des Arbeitsspeichers auf fast 100% war. Habe CCleaner rüberlaufen lassen, dabei wurden HKCU Dateien sichtbar. Meine Recherche im Netz ergab, dass das kein gutes Zeichen ist. ;-) Bitte und freue mich über Hilfe! Vielen Dank im Voraus! Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
durchgeführt von ilate (Administrator) auf LAPTOP-MOCLSV2N (ASUSTeK COMPUTER INC. UX410UAR) (07-02-2022 15:32:55)
Gestartet von C:\Users\ilate\Downloads
Geladene Profile: ilate
Plattform: Microsoft Windows 11 Home Version 21H2 22000.434 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe
(ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBox.Agent.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBoxService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\141.4.3299\QtWebEngineProcess.exe <2>
(geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\x40plmwa.inf_amd64_0fe274d0aafd5420\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHeciSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_8dcb9e12bf961616\Intel_PIE_Service.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.76\msedgewebview2.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\msedgewebview2.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\ilate\AppData\Local\Microsoft\OneDrive\22.017.0123.0001\FileCoAuth.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20050.505.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <17>
(Nextcloud GmbH -> Nextcloud GmbH) C:\Program Files\Nextcloud\nextcloud.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\ilate\AppData\Local\slack\app-4.23.0\slack.exe <5>
(Wireless Media Tech Co., Limited -> WirelessMedia) C:\Users\ilate\AppData\Local\WirelessMedia\WirelessMediaAutoServiceC3.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\ilate\AppData\Roaming\Zoom\bin\Zoom.exe <2>
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10585376 2022-02-02] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1223168 2016-12-09] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\Installer\setup.exe [3195784 2022-02-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83524968 2019-11-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\Run: [Lifesize App Service] => C:\Users\ilate\AppData\Local\lifesize_app\Lifesize.exe [579720 2022-01-14] (Lifesize, Inc -> Lifesize)
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [669112 2020-04-16] (OpenVPN Inc. -> )
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\Run: [Auto_Agent_WirelessMediaC3] => C:\Users\ilate\AppData\Local\WirelessMedia\WirelessMediaAutoServiceC3.exe [184824 2020-08-31] (Wireless Media Tech Co., Limited -> WirelessMedia)
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\ilate\AppData\Local\Microsoft\Teams\Update.exe [2490016 2022-02-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [3767064 2021-12-21] (Nextcloud GmbH -> Nextcloud GmbH)
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\ilate\AppData\Local\slack\slack.exe [309568 2021-12-18] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\ilate\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\ilate\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\RunOnce: [Uninstall 22.012.0116.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ilate\AppData\Local\Microsoft\OneDrive\22.012.0116.0001"
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Beschränkung ? <==== ACHTUNG
GroupPolicy\User: Beschränkung ? <==== ACHTUNG
Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00AD3070-E817-4011-96BA-90085C117AEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0D89B80E-2FB6-46D5-976B-10B4060E707B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {10030099-BE19-4F2B-A962-800486D6ADFC} - System32\Tasks\G2MUploadTask-S-1-5-21-1016104836-2763658867-4053310932-1001 => C:\Users\ilate\AppData\Local\GoToMeeting\19932\g2mupload.exe [31176 2021-11-13] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {1953C351-9E42-4EE6-8B3A-FEB3F192EE5F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1FD8FB8B-9778-4A5C-A7B2-577DBDD1D0B9} - System32\Tasks\CCleanerSkipUAC - ilate => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {20A91194-BBA5-4A0E-9A2E-DDA924F88F07} - System32\Tasks\G2MUpdateTask-S-1-5-21-1016104836-2763658867-4053310932-1001 => C:\Users\ilate\AppData\Local\GoToMeeting\19932\g2mupdate.exe [31176 2021-11-13] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {3B958507-BFD2-4034-86D0-BE5D65B3B6DF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2022-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {741690D9-5F2F-42CB-B453-0F2A2FD19043} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880112 2022-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {758BBE7E-693D-42E8-9AAE-DB2AB46DD52F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2022-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {86539839-437D-4557-920C-EF12189FCE18} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [Datei ist nicht signiert]
Task: {893AF6DF-F4E7-4C6B-AEFB-08C7C55A54DC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89FF202E-8102-4ACE-A3EC-326C550506AA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {9A9199B6-3E1E-40B5-B7E1-EC4F0A7B1499} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C23F8DC-1AF9-45FA-BD89-BE2656436BCE} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {A267466C-AE33-4070-BB08-2609D53B1AFF} - System32\Tasks\ASUS Hello => C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe [642448 2018-05-31] (ASUSTeK Computer Inc. -> )
Task: {A9817AE0-FC14-4C56-97E3-D006E000CE42} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A9DF3536-CC88-49AC-818E-2E6704B7A76B} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {B27E3EB5-A104-4879-8C77-C164FDEBDA29} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-06-08] (Google Inc -> Google LLC)
Task: {BE4F4BCC-04DD-4472-8A46-201519352A04} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF104834-052E-42DF-B565-37FFD1BA9E22} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {C302CF75-EE8B-4B06-9477-936DB1DF621D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-06-08] (Google Inc -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Keine Datei)
Task: {E5FCDE6B-5F20-456A-8130-E3FC9D73F63F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880112 2022-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {E768049E-1F5D-411A-A07B-9AD6ECB0F775} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {EEC70E01-39A0-4ABB-B408-A16BC2F7E15E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {F862F95B-7576-4C3C-93F2-B11A619F8CCA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1016104836-2763658867-4053310932-1001.job => C:\Users\ilate\AppData\Local\GoToMeeting\19932\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1016104836-2763658867-4053310932-1001.job => C:\Users\ilate\AppData\Local\GoToMeeting\19932\g2mupload.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{30fe3b0c-90b1-42a3-8141-d23693e20f12}: [DhcpNameServer] 10.66.24.1
Tcpip\..\Interfaces\{9ac9b97e-5908-493b-9c53-a49e6a90f6da}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ddfab250-64cf-40c1-9537-f5ed6980b124}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge Profile: C:\Users\ilate\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-03]
FireFox:
========
FF DefaultProfile: ruq8eb6a.default
FF ProfilePath: C:\Users\ilate\AppData\Roaming\Mozilla\Firefox\Profiles\ruq8eb6a.default [2019-07-28]
FF ProfilePath: C:\Users\ilate\AppData\Roaming\Mozilla\Firefox\Profiles\kxtnvbxs.default-release-1644243598348 [2022-02-07]
FF Homepage: Mozilla\Firefox\Profiles\kxtnvbxs.default-release-1644243598348 -> hxxps://www.ecosia.org/?ref=icon-search&addon=firefox&addonversion=4.0.4
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-08-23]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1016104836-2763658867-4053310932-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\ilate\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1016104836-2763658867-4053310932-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\ilate\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\ilate\AppData\Local\Google\Chrome\User Data\Default [2022-02-03]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Präsentationen) - C:\Users\ilate\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-08]
CHR Extension: (Docs) - C:\Users\ilate\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-08]
CHR Extension: (Google Drive) - C:\Users\ilate\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-11]
CHR Extension: (YouTube) - C:\Users\ilate\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-08]
CHR Extension: (Tabellen) - C:\Users\ilate\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-08]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ilate\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-04-20]
CHR Extension: (Google Docs Offline) - C:\Users\ilate\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ilate\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-11]
CHR Extension: (Google Mail) - C:\Users\ilate\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-11]
CHR Extension: (Chrome Media Router) - C:\Users\ilate\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-20]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-01-13] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-02-02] (Dropbox, Inc -> Dropbox, Inc.)
S2 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [325456 2018-06-12] (ASUSTek Computer Inc. -> )
R2 GiftBox.Service; C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBoxService.exe [285144 2018-04-04] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [905472 2019-08-23] (McAfee, LLC -> McAfee, Inc.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [67000 2020-04-16] (OpenVPN Inc. -> The OpenVPN Project)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ZenAnywhere; C:\Program Files\Orbweb Inc\ASUS ZenAnywhere\ZenAnywhere.exe [156056 2018-05-17] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S3 ZenAnywhere Updater; C:\Program Files\Orbweb Inc\ASUS ZenAnywhere\updater.exe [156056 2018-05-17] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S3 ZenAnywhereNetworkService; C:\Program Files\Orbweb Inc\ASUS ZenAnywhere\bin\ZenAnywhereNetworkService.exe [69016 2017-04-07] (Orbweb Taiwan Inc. -> Orbweb Inc.)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 AX88179; C:\WINDOWS\System32\DriverStore\FileRepository\netax88179_178a.inf_amd64_a8bb8a6e92764769\ax88179_178a.sys [79872 2021-06-05] (Microsoft Windows -> ASIX Electronics Corp.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2021-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 UcmCxRtk; C:\WINDOWS\System32\drivers\UcmCxRtk.sys [101344 2017-08-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2016-12-09] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-02-07 15:32 - 2022-02-07 15:33 - 000027633 _____ C:\Users\ilate\Downloads\FRST.txt
2022-02-07 15:32 - 2022-02-07 15:33 - 000000000 ____D C:\FRST
2022-02-07 15:26 - 2022-02-07 15:26 - 002311680 _____ (Farbar) C:\Users\ilate\Downloads\FRST64.exe
2022-02-04 09:17 - 2022-02-04 09:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-02-03 09:21 - 2022-02-03 09:21 - 009217553 _____ C:\Users\ilate\Downloads\CoP_IntegralesModell_Konzept (1).pptx
2022-02-03 09:20 - 2022-02-03 09:20 - 009217553 _____ C:\Users\ilate\Downloads\CoP_IntegralesModell_Konzept.pptx
2022-02-02 03:36 - 2022-02-02 03:36 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-02-02 03:36 - 2022-02-02 03:36 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-02-02 03:36 - 2022-02-02 03:36 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-02-02 03:36 - 2022-02-02 03:36 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-01-31 19:05 - 2022-02-03 13:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-01-29 08:01 - 2022-02-03 13:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-20 18:19 - 2022-02-03 13:08 - 000002404 _____ C:\Users\ilate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams (work or school).lnk
2022-01-19 17:53 - 2022-01-28 09:09 - 000003604 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7f3ef497d08f
2022-01-14 16:00 - 2022-01-14 16:00 - 099278472 _____ (Lifesize) C:\Users\ilate\Downloads\Lifesize Setup 2.216.2893.exe
2022-01-13 16:17 - 2022-01-13 16:17 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 16:17 - 2022-01-13 16:17 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 16:17 - 2022-01-13 16:17 - 000339968 _____ C:\WINDOWS\system32\pku2u.dll
2022-01-13 16:17 - 2022-01-13 16:17 - 000247808 _____ C:\WINDOWS\SysWOW64\pku2u.dll
2022-01-13 16:17 - 2022-01-13 16:17 - 000015050 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 16:14 - 2022-01-13 16:14 - 000000000 ___HD C:\$WinREAgent
2022-01-12 10:42 - 2022-01-13 09:32 - 000010839 _____ C:\Users\ilate\OneDrive\Dokumente\Mappe1.xlsx
2022-01-12 08:47 - 2022-01-12 08:47 - 002617720 _____ (Opera Software) C:\Users\ilate\Downloads\OperaSetup.exe
2022-01-10 14:31 - 2022-01-10 14:31 - 000000000 ____D C:\Users\ilate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2022-02-07 15:29 - 2020-06-08 17:03 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-07 15:25 - 2019-07-28 14:00 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-07 15:24 - 2019-07-28 14:00 - 000000000 ____D C:\Users\ilate\AppData\LocalLow\Mozilla
2022-02-07 15:20 - 2021-12-18 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-02-07 15:20 - 2020-06-08 17:04 - 000000000 ____D C:\Program Files\CCleaner
2022-02-07 15:16 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-07 15:16 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-07 15:16 - 2019-07-28 13:47 - 000000000 ____D C:\Users\ilate\AppData\Local\Packages
2022-02-07 15:13 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-07 14:48 - 2019-11-22 14:51 - 000000000 ____D C:\Users\ilate\AppData\Local\D3DSCache
2022-02-07 14:45 - 2021-09-29 16:44 - 000000000 ____D C:\Users\ilate\AppData\Roaming\Slack
2022-02-07 10:53 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-02-07 10:05 - 2019-07-28 13:54 - 000000000 ___RD C:\Users\ilate\OneDrive
2022-02-06 18:40 - 2021-12-18 10:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-04 16:19 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2022-02-04 09:18 - 2019-07-28 14:37 - 000000000 ____D C:\Users\ilate\AppData\Local\Dropbox
2022-02-04 09:17 - 2019-07-28 14:37 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-02-04 08:46 - 2020-08-24 07:59 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-04 08:46 - 2020-08-24 07:59 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-04 08:46 - 2019-08-03 16:46 - 000000000 ____D C:\ProgramData\Packages
2022-02-04 08:45 - 2021-12-18 10:14 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1016104836-2763658867-4053310932-1001
2022-02-04 08:45 - 2021-12-18 10:14 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1016104836-2763658867-4053310932-1001
2022-02-04 08:45 - 2021-03-10 18:07 - 000002401 _____ C:\Users\ilate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-03 15:48 - 2021-12-18 10:08 - 001659148 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-03 15:48 - 2021-06-05 18:53 - 000722046 _____ C:\WINDOWS\system32\perfh007.dat
2022-02-03 15:48 - 2021-06-05 18:53 - 000149110 _____ C:\WINDOWS\system32\perfc007.dat
2022-02-03 15:41 - 2021-12-18 10:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-03 15:41 - 2021-07-16 21:07 - 000000000 ____D C:\Users\ilate\AppData\Roaming\Nextcloud
2022-02-03 15:41 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-03 15:41 - 2021-06-05 13:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-02-03 15:41 - 2021-03-10 19:07 - 000012288 ___SH C:\DumpStack.log.tmp
2022-02-03 15:41 - 2019-07-28 13:47 - 000000000 __SHD C:\Users\ilate\IntelGraphicsProfiles
2022-02-03 15:41 - 2018-10-27 02:43 - 000000000 ___HD C:\Intel
2022-02-03 14:40 - 2021-12-18 09:08 - 000000000 ____D C:\Users\ilate
2022-02-03 13:13 - 2019-07-28 14:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-01 17:37 - 2021-12-28 17:46 - 000000177 ____R C:\Users\ilate\OneDrive\Dokumente\Notizbuch von Iris.url
2022-01-30 19:05 - 2019-07-28 14:00 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-28 09:09 - 2021-12-18 10:14 - 000003700 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-26 10:18 - 2021-12-18 10:14 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-25 11:20 - 2020-12-28 20:14 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-22 01:49 - 2021-12-18 10:14 - 000003632 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-22 01:49 - 2021-12-18 10:14 - 000003508 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-21 15:38 - 2020-06-08 17:04 - 000002295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-21 15:38 - 2020-06-08 17:04 - 000002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-20 08:45 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-15 11:23 - 2021-12-18 10:06 - 000472400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-15 11:22 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-15 11:22 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-01-15 11:22 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-15 11:22 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-15 11:22 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-15 11:22 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-15 11:22 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-15 11:22 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-15 11:22 - 2019-09-23 06:07 - 000000000 ____D C:\Users\ilate\AppData\Roaming\Lifesize
2022-01-14 16:01 - 2020-04-07 18:37 - 000000000 ____D C:\Users\ilate\AppData\Local\lifesize_app
2022-01-14 04:33 - 2019-08-02 21:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-14 04:32 - 2019-08-02 21:21 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-13 16:19 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-12 12:11 - 2019-10-18 23:21 - 000000000 ____D C:\Users\ilate\AppData\Local\Adobe
2022-01-12 09:18 - 2021-12-18 10:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-12 09:18 - 2021-10-30 20:35 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-12 09:18 - 2021-10-30 20:35 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-10 14:31 - 2020-01-29 13:27 - 000000000 ____D C:\Users\ilate\AppData\Roaming\Zoom
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-02-2022
durchgeführt von ilate (07-02-2022 15:36:43)
Gestartet von C:\Users\ilate\Downloads
Microsoft Windows 11 Home Version 21H2 22000.434 (X64) (2021-12-18 09:14:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1016104836-2763658867-4053310932-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1016104836-2763658867-4053310932-503 - Limited - Disabled)
Gast (S-1-5-21-1016104836-2763658867-4053310932-501 - Limited - Disabled)
ilate (S-1-5-21-1016104836-2763658867-4053310932-1001 - Administrator - Enabled) => C:\Users\ilate
WDAGUtilityAccount (S-1-5-21-1016104836-2763658867-4053310932-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{AEEF33DD-E3B9-4049-B709-0E546C2B1AAB}) (Version: 20.25.401.14526 - Alcor Micro Corp.)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.5.0 - ASUSTeK COMPUTER INC.)
ASUS GiftBox Service (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 3.2.1.0 - ASUSTeK COMPUTER INC.)
ASUS Hello (HKLM-x32\...\{D8CE1923-92A9-4036-817E-9E0D8AA2169B}) (Version: 1.1.4.0 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.20 - ASUS)
ASUS ZenAnywhere (HKLM\...\{8596252F-FCA3-4333-8574-BF0C6A8F2A7B}) (Version: 4.6.1 - Orbweb Inc.) Hidden
ASUS ZenAnywhere (HKLM-x32\...\ASUS ZenAnywhere 4.6.1) (Version: 4.6.1 - Orbweb Inc.)
ATK Package (ASUS Keyboard Hotkeys) (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0060 - ASUSTeK COMPUTER INC.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.5.64 - ICEpower a/s)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Hidden
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4809) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CEWE Fotowelt (HKLM-x32\...\CEWE Fotowelt) (Version: 7.1.3 - CEWE Stiftung u Co. KGaA)
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{F038D9EC-E763-43D0-834A-0C4CA328C0F4}) (Version: 4.4.00243 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.4.00243 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{CA610707-85CB-443A-9D11-573B0E85BFCF}) (Version: 4.4.00243 - Cisco Systems, Inc.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.95.69 - Conexant)
Cyberduck (HKLM\...\{2D160BD2-CE6E-49DD-9B9A-2B23330004B4}) (Version: 7.10.2.35432 - iterate GmbH) Hidden
Cyberduck (HKLM-x32\...\{3392258a-514d-432e-92c7-a3fcbafee03e}) (Version: 7.10.2.35432 - iterate GmbH)
Dropbox (HKLM-x32\...\Dropbox) (Version: 141.4.3299 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.541.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.18.0.19932 (HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\GoToMeeting) (Version: 10.18.0.19932 - LogMeIn, Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.3.1019 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{d5c53162-d8b4-4547-8a40-917a25c0172e}) (Version: 20.60.0 - Intel Corporation)
Lifesize (HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\lifesize_app) (Version: 2.216.2893 - Lifesize)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.92 - McAfee, LLC.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft Office Home and Student 2019 - de-de (HKLM\...\HomeStudent2019Retail - de-de) (Version: 16.0.14827.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\OneDriveSetup.exe) (Version: 22.017.0123.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\Teams) (Version: 1.5.00.3276 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 96.0.3 (x64 de)) (Version: 96.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.8.0 - Mozilla)
Mozilla Thunderbird (x86 de) (HKLM-x32\...\Mozilla Thunderbird 91.5.1 (x86 de)) (Version: 91.5.1 - Mozilla)
Nextcloud (HKLM\...\{27596A6F-750F-4996-A5C2-A980522ED1C4}) (Version: 3.4.1.20211221 - Nextcloud GmbH)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden
OpenVPN 2.4.9-I601-Win10 (HKLM\...\OpenVPN) (Version: 2.4.9-I601-Win10 - OpenVPN Technologies, Inc.)
PDF24 Creator 10.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.7.0 - PDF24.org)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.16.321.2017 - Realtek)
Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)
Skype Version 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
Slack (HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\slack) (Version: 4.23.0 - Slack Technologies Inc.)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.28779 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.2 - TeamSpeak Systems GmbH)
UCMcxRTK (HKLM-x32\...\{2441B0B9-F24A-4DD3-97FC-5AC3495162DD}) (Version: 10.0.15063.101 - Realtek Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (04/21/2017 11.0.0.16) (HKLM\...\7517F958DC823EE4C12050C16EFF05886960ABEF) (Version: 04/21/2017 11.0.0.16 - ASUS)
Windows-PC-Integritätsprüfung (HKLM\...\{68C9C2A4-C212-4310-AB68-12F97050A416}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.9.0 - ASUSTeK COMPUTER INC.)
Zoom (HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.88.0_x64__pwbj9vvecjh7j [2022-02-02] (Amazon Development Centre (London) Ltd)
ASUS Battery Health Charging -> C:\Program Files\WindowsApps\B9ECED6F.ASUSBatteryHealthCharging_1.0.7.0_x86__qmba6cd70vzyy [2018-10-27] (ASUSTeK COMPUTER INC.) [Startup Task]
ASUS GIFTBOX -> C:\Program Files\WindowsApps\B9ECED6F.ASUSGIFTBOX_3.2.3.0_x64__qmba6cd70vzyy [2021-11-16] (ASUSTeK COMPUTER INC.)
ASUS Product Registration Program -> C:\Program Files\WindowsApps\B9ECED6F.ASUSProductRegistrationProgram_3.0.3.0_x86__qmba6cd70vzyy [2019-07-28] (ASUSTeK COMPUTER INC.) [Startup Task]
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2022-02-04] (0)
eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2018-10-27] (ASUSTeK COMPUTER INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-07-28] (LinkedIn)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-17] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-13] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-08-19] (Netflix, Inc.)
Splendid -> C:\Program Files\WindowsApps\B9ECED6F.Splendid_1.0.15.0_x64__qmba6cd70vzyy [2019-11-22] (ASUSTeK COMPUTER INC.) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0 [2022-02-04] (Spotify AB) [Startup Task]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1016104836-2763658867-4053310932-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\ilate\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21348.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1016104836-2763658867-4053310932-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\ilate\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1016104836-2763658867-4053310932-1001_Classes\CLSID\{4674f1cd-ae59-45c1-8199-caa231909e23} -> [Nextcloud] => D: [0000-00-00 00:00]
CustomCLSID: HKU\S-1-5-21-1016104836-2763658867-4053310932-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\ilate\AppData\Local\GoToMeeting\16786\G2MOutlookAddin64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016104836-2763658867-4053310932-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\ilate\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016104836-2763658867-4053310932-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\ilate\Dropbox [2019-07-28 16:50]
ShellIconOverlayIdentifiers: [ NextcloudError] -> {E0342B74-7593-4C70-9D61-22F294AAFE05} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-12-21] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOK] -> {E1094E94-BE93-4EA2-9639-8475C68F3886} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-12-21] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudOKShared] -> {E243AD85-F71B-496B-B17E-B8091CBE93D2} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-12-21] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudSync] -> {E3D6DB20-1D83-4829-B5C9-941B31C0C35A} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-12-21] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ NextcloudWarning] -> {E4977F33-F93A-4A0A-9D3C-83DEA0EE8483} => C:\Program Files\Nextcloud\shellext\NCOverlays.dll [2021-12-21] (Nextcloud GmbH -> Nextcloud GmbH)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [NextcloudContextMenuHandler] -> {BC6988AB-ACE2-4B81-84DC-DC34F9B24401} => C:\Program Files\Nextcloud\shellext\NCContextMenu.dll [2021-12-21] (Nextcloud GmbH -> Nextcloud GmbH)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxDTCM.dll [2020-09-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2021-12-21 15:01 - 2021-12-21 15:01 - 000115712 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_cfapi.dll
2021-12-21 15:01 - 2021-12-21 15:01 - 000030208 _____ () [Datei ist nicht signiert] C:\Program Files\Nextcloud\nextcloudsync_vfs_suffix.dll
2021-12-28 16:35 - 2021-12-28 16:35 - 000372736 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\44ce21c1c56741e3ce97cf172ca30e92\Interop.CxHDAudioAPILib.ni.dll
2021-12-28 16:35 - 2021-12-28 16:35 - 000018944 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\8deafe43513ae52e19d327810a333f5c\Interop.CxUtilSvcLib.ni.dll
2018-10-27 02:48 - 2018-03-13 10:21 - 001173504 _____ (Conexant Systems, Inc.) [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2020-12-28 20:19 - 2020-12-28 20:19 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-12-28 20:19 - 2020-12-28 20:19 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-12-18 10:44 - 2021-12-18 10:44 - 000137184 _____ (Microsoft Windows -> Microsoft Corporation) [Datei ist nicht signiert] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20050.505.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-1016104836-2763658867-4053310932-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1016104836-2763658867-4053310932-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:/Program Files (x86)/Internet Explorer/Citavi Picker/x64/SwissAcademic.Citavi.IEPicker.DLL => Keine Datei
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-08-23] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-08-23] (McAfee, LLC -> McAfee, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-11] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\sharepoint.com -> hxxps://tukl-files.sharepoint.com
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\StartupApproved\Run: => "Lifesize App Service"
HKU\S-1-5-21-1016104836-2763658867-4053310932-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{64AFC243-D691-49B2-80ED-DD0159C7FD50}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D85DCDED-7FE7-48BF-94FB-0256C0E634F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C42651C0-FEC9-4B80-9F5C-4A90F6FAA956}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9A1B5A00-9A25-4A82-A889-E1B542FB71E0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{147409B1-3057-4D7F-869D-DC77C841650C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4A97311F-AE1B-4D68-9480-0E4F9A23C409}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DAA07F1D-14E6-4403-A419-41B9FBCDD7D5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{71EFCA6E-3739-4FF5-8905-A243EA7AB0BB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B7AE0D7B-BB60-44D4-9EDF-6A28F0F350AA}] => (Allow) C:\Users\ilate\AppData\Roaming\Zoom\bin_00\airhost.exe => Keine Datei
FirewallRules: [{2A8F2FC0-11D4-483B-9BBB-8A1FEEA19C4C}] => (Allow) C:\Users\ilate\AppData\Roaming\Zoom\bin_00\airhost.exe => Keine Datei
FirewallRules: [{5EE1AC7D-A779-4A1C-A9EE-DDF9EE66CA42}] => (Allow) C:\Users\ilate\AppData\Roaming\Zoom\bin_00\Zoom.exe => Keine Datei
FirewallRules: [UDP Query User{BB051455-9006-456D-8407-ACD45D42F3C9}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2872\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2872\lifesize.exe (Lifesize, Inc -> Lifesize)
FirewallRules: [TCP Query User{43662A80-54B2-4683-8B74-E40D2C0C053B}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2872\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2872\lifesize.exe (Lifesize, Inc -> Lifesize)
FirewallRules: [UDP Query User{9BB040FA-92DD-49AA-9C25-F2E22CDFFC1D}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2851\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2851\lifesize.exe => Keine Datei
FirewallRules: [TCP Query User{A88BCE66-27FC-4799-93FB-EA253CEC97D6}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2851\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2851\lifesize.exe => Keine Datei
FirewallRules: [{A94EA4F5-7EAB-4F96-BDB8-4D4FFC5185B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11901.20176.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CD8FBFE6-9935-4579-BCC9-B8F9E66D8492}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{63233111-BECE-405A-928F-0FD1F9E8B1AA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E7CAA9E4-060D-4AD5-BA79-CD8638E724FD}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe => Keine Datei
FirewallRules: [{4A1898F3-125E-44F3-A059-0B2CA7791D42}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3D41FE7-FCBF-4BFC-9A19-A0ED955BF1CB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{855FC727-F1DC-4114-8A90-0D4BD5C326DE}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\ZoomRooms.exe => Keine Datei
FirewallRules: [{ACFCE1FE-0B7E-43DB-AA59-AC050692E8A1}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\zrairhost.exe => Keine Datei
FirewallRules: [{5A0F5A5E-4984-42EC-AFDB-6AA52B2267A3}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\zaapi.exe => Keine Datei
FirewallRules: [{F3C65AB9-AC3F-4010-9D85-0E1DC8C90DFF}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\apec3.exe => Keine Datei
FirewallRules: [{092B25D5-EFF8-43B4-823C-C5B9663C58B7}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\conmon_server.exe => Keine Datei
FirewallRules: [{CFA9FCF6-488D-401C-B5FF-18A13FF3950D}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\ptp.exe => Keine Datei
FirewallRules: [{2B72E44B-95FC-4C47-B855-83C9191CA203}] => (Allow) C:\Program Files (x86)\ZoomRooms\bin\mDNSResponder.exe => Keine Datei
FirewallRules: [{C988A971-F499-4DFF-B3D0-9783D6EF8A5A}] => (Allow) C:\Users\ilate\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{388000F5-CF97-4E16-B624-49EF781F6E99}] => (Allow) C:\Users\ilate\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{1D630B4E-5BAB-4AB8-9B14-1AD8A1188DEA}C:\users\ilate\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\ilate\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F0343448-AD39-4B67-B4C2-E7A87FBAB9C2}C:\users\ilate\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\ilate\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{ABFFB5CC-B8A9-49D4-B093-9B398A77A765}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{747F0D8C-C2F4-4541-83B1-D4459D790C6E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{1CEB28E2-CB00-425D-9456-E2E1282CED93}C:\users\ilate\appdata\local\lifesize_app\app-2.210.2708\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.210.2708\lifesize.exe => Keine Datei
FirewallRules: [UDP Query User{7FE76BF0-C294-41B6-AD09-09EDC7B75881}C:\users\ilate\appdata\local\lifesize_app\app-2.210.2708\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.210.2708\lifesize.exe => Keine Datei
FirewallRules: [TCP Query User{F64109E3-7FC5-465F-810A-9625953E4617}C:\users\ilate\appdata\local\lifesize_app\app-2.215.0\lifesize.exe] => (Block) C:\users\ilate\appdata\local\lifesize_app\app-2.215.0\lifesize.exe => Keine Datei
FirewallRules: [UDP Query User{AD9F0B62-6209-47FD-A186-02B68F1C9490}C:\users\ilate\appdata\local\lifesize_app\app-2.215.0\lifesize.exe] => (Block) C:\users\ilate\appdata\local\lifesize_app\app-2.215.0\lifesize.exe => Keine Datei
FirewallRules: [TCP Query User{C7BD8C19-B8D1-4E61-9F68-D1E7F8B852B2}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2782\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2782\lifesize.exe => Keine Datei
FirewallRules: [UDP Query User{16857C69-494F-40FE-B4CC-96C687769F5F}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2782\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2782\lifesize.exe => Keine Datei
FirewallRules: [TCP Query User{4E647B4E-5D5F-4CE6-8EA9-4350653ACDF7}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2806\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2806\lifesize.exe => Keine Datei
FirewallRules: [UDP Query User{7BD2DED5-CEA2-4BDB-A213-0A8270D8B4FF}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2806\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2806\lifesize.exe => Keine Datei
FirewallRules: [TCP Query User{E5653F0C-20E6-4E69-B52D-8E1E2744A4DC}C:\users\ilate\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ilate\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{4E9F9552-7902-4E0A-87A8-3D2E93560B2C}C:\users\ilate\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ilate\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8F5A7125-F86C-4F0B-93C4-8C9440877FE3}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2831\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2831\lifesize.exe => Keine Datei
FirewallRules: [UDP Query User{539A9DF7-34CD-4F7A-8C12-C51994BE92E5}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2831\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2831\lifesize.exe => Keine Datei
FirewallRules: [TCP Query User{C660058D-44E7-4784-9097-E9D8EF6E7677}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2836\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2836\lifesize.exe => Keine Datei
FirewallRules: [UDP Query User{13257F0B-E6DE-4004-8054-711B9B34DB0C}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2836\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2836\lifesize.exe => Keine Datei
FirewallRules: [{8A2C5EF6-7C83-45DF-912C-4035CBC85600}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => Keine Datei
FirewallRules: [{E09FBAC2-B9C7-4094-9BEA-A60B081B0C86}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => Keine Datei
FirewallRules: [TCP Query User{AEB8B7D2-9741-4E3E-A3FE-A1514419789D}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2840\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2840\lifesize.exe => Keine Datei
FirewallRules: [UDP Query User{A15C8793-49EA-4423-A981-2148ABF65938}C:\users\ilate\appdata\local\lifesize_app\app-2.216.2840\lifesize.exe] => (Allow) C:\users\ilate\appdata\local\lifesize_app\app-2.216.2840\lifesize.exe => Keine Datei
FirewallRules: [{8B0ABE0A-716C-468D-B750-1511C51188ED}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9FBE3E03-F662-412E-8E00-ACEF79BF47C7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22006.600.1133.7409_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30E12858-8051-4CD3-8A6A-6857BFE9FFA7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22006.600.1133.7409_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5287471-C2C3-431C-ACBC-C876652ADED2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.76\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DC39B488-F87C-4595-B45A-44553CE34FA6}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{1C0349B0-3CDF-4269-A1C1-B6F3003B82ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89F7DC23-FB71-426F-9D52-C4F58C929C3B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F4482D2C-76AB-4A2A-BA0C-5BCE9F0A5377}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E9A8865B-0345-496B-8C16-BCF1781A2F77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{34DF8292-40E5-4A50-B2A5-8FD22067C591}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D5288408-57DE-4A49-A211-DA56220034ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1FE871EE-11A2-466E-B8D8-B1C9465EDA76}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3EC70CFA-8EF1-4348-9404-950F9C0E4624}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A619F06F-4AC9-44A8-A97A-4257A8497533}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
01-02-2022 12:38:54 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (02/07/2022 12:45:01 PM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)
Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 335055374 ms
DPTF Build Version: 8.6.10401.9906
DPTF Build Date: Jun 14 2019 17:55:37
Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79
Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy
Message: Unhandled exception caught during execution of work item
Framework Event: DomainPowerControlCapabilityChanged [25]
Participant: TCPU [1]
Domain: Invalid [0]
Policy: Passive Policy 2 [1]
Exception Function: Policy::executeDomainPowerControlCapabilityChanged
Exception Text:
invalid map<K, T> key
Error: (02/07/2022 10:06:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm dllhost.exe Version 10.0.22000.1 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 528c
Startzeit: 01d81b978feb64d3
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SysWOW64\dllhost.exe
Bericht-ID: 6c04e255-5eb8-4ffa-a2fb-fdaad0bea761
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c
Relative Anwendungs-ID des fehlerhaften Pakets: App
Absturztyp: Quiesce
Error: (02/07/2022 10:05:14 AM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)
Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 325468802 ms
DPTF Build Version: 8.6.10401.9906
DPTF Build Date: Jun 14 2019 17:55:37
Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79
Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy
Message: Unhandled exception caught during execution of work item
Framework Event: DomainPowerControlCapabilityChanged [25]
Participant: TCPU [0]
Domain: Invalid [0]
Policy: Passive Policy 2 [1]
Exception Function: Policy::executeDomainPowerControlCapabilityChanged
Exception Text:
invalid map<K, T> key
Error: (02/07/2022 10:02:53 AM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)
Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 325323424 ms
DPTF Build Version: 8.6.10401.9906
DPTF Build Date: Jun 14 2019 17:55:37
Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79
Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy
Message: Unhandled exception caught during execution of work item
Framework Event: DomainPowerControlCapabilityChanged [25]
Participant: TCPU [1]
Domain: Invalid [0]
Policy: Passive Policy 2 [1]
Exception Function: Policy::executeDomainPowerControlCapabilityChanged
Exception Text:
invalid map<K, T> key
Error: (02/06/2022 08:19:43 PM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)
Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 275912148 ms
DPTF Build Version: 8.6.10401.9906
DPTF Build Date: Jun 14 2019 17:55:37
Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79
Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy
Message: Unhandled exception caught during execution of work item
Framework Event: DomainPowerControlCapabilityChanged [25]
Participant: TCPU [1]
Domain: Invalid [0]
Policy: Passive Policy 2 [1]
Exception Function: Policy::executeDomainPowerControlCapabilityChanged
Exception Text:
invalid map<K, T> key
Error: (02/06/2022 11:32:55 AM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)
Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 244304401 ms
DPTF Build Version: 8.6.10401.9906
DPTF Build Date: Jun 14 2019 17:55:37
Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79
Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy
Message: Unhandled exception caught during execution of work item
Framework Event: DomainPowerControlCapabilityChanged [25]
Participant: TCPU [1]
Domain: Invalid [0]
Policy: Passive Policy 2 [1]
Exception Function: Policy::executeDomainPowerControlCapabilityChanged
Exception Text:
invalid map<K, T> key
Error: (02/05/2022 02:22:17 PM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)
Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 168060877 ms
DPTF Build Version: 8.6.10401.9906
DPTF Build Date: Jun 14 2019 17:55:37
Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79
Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy
Message: Unhandled exception caught during execution of work item
Framework Event: DomainPowerControlCapabilityChanged [25]
Participant: TCPU [1]
Domain: Invalid [0]
Policy: Passive Policy 2 [1]
Exception Function: Policy::executeDomainPowerControlCapabilityChanged
Exception Text:
invalid map<K, T> key
Error: (02/05/2022 01:37:06 PM) (Source: DPTF) (EventID: 17) (User: NT-AUTORITÄT)
Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 165344477 ms
DPTF Build Version: 8.6.10401.9906
DPTF Build Date: Jun 14 2019 17:55:37
Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79
Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy
Message: Unhandled exception caught during execution of work item
Framework Event: DomainPowerControlCapabilityChanged [25]
Participant: TCPU [1]
Domain: Invalid [0]
Policy: Passive Policy 2 [1]
Exception Function: Policy::executeDomainPowerControlCapabilityChanged
Exception Text:
invalid map<K, T> key
Systemfehler:
=============
Error: (02/07/2022 02:03:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NMPJ99VJBWV-Microsoft.YourPhone
Error: (02/07/2022 12:45:16 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{9AC9B97E-5908-493B-9C53-A49E6A90F6DA} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (02/07/2022 12:44:52 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{9AC9B97E-5908-493B-9C53-A49E6A90F6DA} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (02/07/2022 10:05:32 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{9AC9B97E-5908-493B-9C53-A49E6A90F6DA} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (02/07/2022 10:03:10 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{9AC9B97E-5908-493B-9C53-A49E6A90F6DA} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (02/06/2022 08:35:01 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{9AC9B97E-5908-493B-9C53-A49E6A90F6DA} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (02/06/2022 08:34:42 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{9AC9B97E-5908-493B-9C53-A49E6A90F6DA} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (02/06/2022 08:19:44 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{DDFAB250-64CF-40C1-9537-F5ED6980B124} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Windows Defender:
================
Date: 2022-02-07 10:53:49
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {70918CF9-0A2A-4C34-A3DF-7C5B95963BCC}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2022-02-06 17:11:41
Description:
N/A
Date: 2022-02-04 16:17:56
Description:
N/A
Date: 2022-02-03 10:38:36
Description:
N/A
Date: 2022-02-02 16:50:35
Description:
N/A
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. UX410UAR.309 04/16/2019
Hauptplatine: ASUSTeK COMPUTER INC. UX410UAR
Prozessor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 89%
Installierter physikalischer RAM: 8074.86 MB
Verfügbarer physikalischer RAM: 855.17 MB
Summe virtueller Speicher: 30177.99 MB
Verfügbarer virtueller Speicher: 3755.82 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:237.42 GB) (Free:134.99 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:909.15 GB) NTFS
\\?\Volume{1a44e3f1-6171-4dcf-b8fc-2e3433618ee7}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.29 GB) NTFS
\\?\Volume{0db3b0f9-e2b5-4e25-96b5-6d71f2074d6e}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0C033FF9)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: EA26F29D)
Partition: GPT.
==================== Ende von Addition.txt =======================
|
|
07.02.2022, 16:06
| #2 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 10_HKCU TrojanerZitat:
Zitat:
Bei einer richtigen Recherche hätte dir auffallen müssen wofür "HKCU" steht. Das ist ein bestimmter Zweig in der Registry und das hat überhaupt nichts mit Schädlingen zu tun.
__________________ |
|
07.02.2022, 17:33
| #3 |
| | Windows 10_HKCU Trojaner Hallo Cosinus,
__________________vielen Dank für Deine Antwort und sorry, dass ich hier anscheinend ohne Grund gepostet habe. Ich hätte mir die Antwort etwas netter gewünscht! Nicht alle hier sind Experten und trotzdem nicht blöd. VG |
|
07.02.2022, 19:13
| #4 | |||
| /// TB-Ausbilder | Windows 10_HKCU TrojanerZitat:
Das Missverständnis konnte doch geklärt werden.  Zitat:
cosinus ist oftmals direkt, meint es aber keineswegs böse oder abwertend.  Zitat:
Was du nun genau recherchiert hast, hast du nicht erwähnt... daher kann man bei diesem Punkt nur raten...  und das hilft niemanden.Leider hast du viel zu wenig Informationen bereitgestellt. Lediglich mit der Info "HKCU" kann man jedoch nicht auf "Malware" schließen. Die FRST-Logdateien geben auch keinen Anlass zur Sorge. Lediglich ein paar verwaiste Einträge. Schritt 1
Zum Schluss bitte unbedingt die Sicherheitsmaßnahmen lesen und umsetzen: Wir sind froh, dass wir helfen konnten  Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
| Themen zu Windows 10_HKCU Trojaner |
| 100%, auslastung, bonjour, computer, defender, desktop, firefox, google, home, homepage, internet, internet explorer, microsoft defender, monitor, mozilla, netzwerk, prozesse, realtek, registry, scan, software, trojaner, udp, updates, usb, webadvisor, windows |
Lesestoff:
Linear-Darstellung
