Trojanerbefürchtung nach Download Hallo,
kurz zum Sachverhalt. Ich habe - naiverweise - eine Datei heruntergeladen, die mir auf einer gefälschten Webseite für Midjourney angeboten wurde, nach einer Facebook Anzeige. Die Datei hat nicht funktioniert - lediglich Discord hat sich kurz geschlossen und neu hochgefahren, was mir nach dem zweiten Versuch sehr seltsam vorkam.
Ich habe danach mehrere Schritte unternommen. Zum einen Malewarebytes laufen lassen, dass dann auch zwei Dateien (d.h. den gleichen Trojaner zwei mal in einer Temp-Datei versteckt) gefunden und quarantäniert hat. Eine AVG Rettungs-USB-Disk hat dann nach überprüfung nichts mehr gezeigt.
Seltsamerweise bekam ich aber nach dem Hochfahren eine Meldung, dass eine dll datei fehlen würde - ein Blick in den Autostart Ordner hat dann gezeigt, dass diese Verknüpfung auf die heruntergeladene Datei (gleicher Name, bzw. fast gleich) verwiesen hat. Nach der Entfernung aus dem Autostart war dann Ruhe. Passwörter etc. wurden mittlerweile alle geändert, vorsorglicherweise.
Adwcleaner hat bis auf einige cookies etc. nichts mehr gefunden.
Code:
Alles auswählen Aufklappen ATTFilter
Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 02.07.23
Scan-Zeit: 13:28
Protokolldatei: 84c907cc-18cb-11ee-8d00-d8bbc18a7926.json
-Softwaredaten-
Version: 4.5.30.269
Komponentenversion: 1.0.2037
Version des Aktualisierungspakets: 1.0.71853
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10 (Build 19044.3086)
CPU: x64
Dateisystem: NTFS
Benutzer: Yggdrasil\Lyrao
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 280517
Erkannte Bedrohungen: 0
In die Quarantäne verschobene Bedrohungen: 0
Abgelaufene Zeit: 0 Min., 54 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Adwcleaner sagt das folgende, das "Honey" ist offenbar die Browsererweiterung, die ich installiert habe zum Gutscheine aufzeigen.
Code:
Alles auswählen Aufklappen ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-02-2023
# Duration: 00:00:05
# OS: Windows 10 (Build 19044.3086)
# Scanned: 32102
# Detected: 1
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
PUP.Optional.Legacy Honey - jid1-93CWPmRbVPjRQA@jetpack
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [2340 octets] - [02/07/2023 13:07:12]
AdwCleaner[C00].txt - [2378 octets] - [02/07/2023 13:08:17]
AdwCleaner[S01].txt - [1574 octets] - [02/07/2023 13:08:30]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-06-2023
durchgeführt von Lyrao (Administrator) auf YGGDRASIL (Micro-Star International Co., Ltd. MS-7C91) (02-07-2023 13:48:38)
Gestartet von C:\Users\Christian\Downloads\FRST64.exe
Geladene Profile: Lyrao
Plattform: Microsoft Windows 10 Pro Version 21H2 19044.3086 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.8320\Agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Users\Christian\AppData\Local\Discord\app-1.0.9013\Discord.exe ->) (Discord Inc. -> Discord Inc.) C:\Users\Christian\AppData\Local\Discord\app-1.0.9013\Discord.exe <6>
(D:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(DriverStore\FileRepository\u0391252.inf_amd64_b298c070ddf486e2\B391109\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0391252.inf_amd64_b298c070ddf486e2\B391109\atieclxx.exe
(explorer.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <3>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Steam\steam.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <18>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0391252.inf_amd64_b298c070ddf486e2\B391109\atiesrxx.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [357944 2022-02-08] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ss_global] => C:\Program Files (x86)\FunPlus\State of Survival\Launcher.exe (Keine Datei)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5204968 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2023-06-16] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2023-06-19] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3149608 2022-11-25] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Run: [To-Do DeskList] => C:\Users\Christian\AppData\Local\To-Do DeskList\To-Do DeskList.exe [2442128 2013-04-17] (Jiri Novotny -> Dextronet)
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37103568 2023-04-19] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13668840 2022-10-11] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Run: [MicrosoftEdgeAutoLaunch_95CC94696E51321C781F017EB5F81AC0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113872 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Run: [Discord] => C:\Users\Christian\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Run: [Steam] => D:\Steam\steam.exe [4371816 2023-06-22] (Valve Corp. -> Valve Corporation)
HKLM\...\Print\Monitors\HP C211 Status Monitor: hpinkstsC211LM.dll (Keine Datei)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\114.0.5735.199\Installer\chrmstp.exe [2023-06-29] (Google LLC -> Google LLC)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Discord.lnk [2022-12-10]
ShortcutTarget: Discord.lnk -> C:\Users\Christian\AppData\Local\Discord\Update.exe (Discord Inc. -> GitHub)
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2288B5D0-3393-43D9-8125-B81616737808} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2441D544-C9C5-430C-8D69-7681BE979E2F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5629064 2021-11-23] (Safer-Networking Limited -> Safer-Networking Ltd.)
Task: {36A58A12-E7E7-47F7-AB4B-3C5A87B2979D} - System32\Tasks\Opera scheduled Autoupdate 1660562839 => C:\Users\Christian\AppData\Local\Programs\Opera\launcher.exe [2708376 2023-06-27] (Opera Norway AS -> Opera Software)
Task: {3AFA814C-BEA8-4253-8316-95F36803D2C9} - System32\Tasks\GoogleUpdateTaskMachineUA{8C9C04E7-3EDB-425E-802F-A717EF6D2EDF} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-07-10] (Google LLC -> Google LLC)
Task: {4295C8EA-894A-4779-9F92-147ECC109CB3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6093928 2021-12-20] (Safer-Networking Limited -> Safer-Networking Ltd.)
Task: {45F5A9E8-E95D-4396-9DBF-58CAEC6A0D97} - System32\Tasks\GoogleUpdateTaskMachineCore{B5DDCB1C-3286-43B5-AAF3-112057F5B921} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-07-10] (Google LLC -> Google LLC)
Task: {5F79C02A-4E5D-4C0A-AE03-6210D6C2A6D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {73012905-55E3-40FB-8684-6133CFC2081B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {80C711F3-B6E3-42AE-83A4-7264E746455B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [680352 2023-06-21] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {82ACC6EF-1281-4A60-8034-A68A164FB789} - System32\Tasks\Temperaturmessung => C:\Core Temp\Core Temp.exe [1035096 2021-04-11] (ALCPU -> ALCPU)
Task: {A6593A2E-17C7-4DA2-9CB4-5A0617A890F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A74B1696-EBC5-4C26-BA5C-0361B205E354} - System32\Tasks\Core Temp Autostart Lyrao => C:\Program Files\Core Temp\Core Temp.exe [1040648 2022-12-05] (ALCPU -> ALCPU)
Task: {CADF53B3-ED8C-42F3-8D6B-EB2EE7C47C8D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [5363552 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
Task: {DB726B13-38DF-4833-AAA5-F967C03FB3B9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-06-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {E3801CB7-5A73-4944-920B-B1FD24FD5513} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [29464 2023-02-01] (Garmin International, Inc. -> )
Task: {EB43C107-AE2E-481C-A5FB-3B85EA40B7B8} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2640904 2023-06-19] (Overwolf Ltd -> Overwolf LTD)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8822ee6a-f18c-4dce-9db7-d89dae5ee779}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9cec5280-2ec2-4d31-8a39-1bd50052ff73}: [DhcpNameServer] 192.168.178.1
Edge:
=======
Edge Profile: C:\Users\Christian\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-30]
Edge Extension: (Edge relevant text changes) - C:\Users\Christian\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-19]
FireFox:
========
FF DefaultProfile: jybsvj12.default
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\jybsvj12.default [2022-05-06]
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ln3hfhlv.default-release [2023-07-02]
FF Extension: (Honey) - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ln3hfhlv.default-release\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2022-10-29]
FF Extension: (Return YouTube Dislike) - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ln3hfhlv.default-release\Extensions\{762f9885-5a13-4abd-9c77-433dcd38b8fd}.xpi [2023-05-12]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ln3hfhlv.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2023-05-06]
FF Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ln3hfhlv.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-20]
FF Extension: (Add-ons Restricted Domains) - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ln3hfhlv.default-release\features\{aec2d88e-4c9d-4e95-8bd0-4cbc17e6506c}\addons-restricted-domains@mozilla.com.xpi [2023-06-22]
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2023-01-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2023-01-01] (Oracle America, Inc. -> Oracle Corporation)
Chrome:
=======
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default [2023-06-30]
CHR Extension: (Google Docs Offline) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-29]
CHR Extension: (Amazon Order History Reporter) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgkilgclilajckgnedgjgnfdokkgnibi [2022-07-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-10]
Opera:
=======
OPR Profile: C:\Users\Christian\AppData\Roaming\Opera Software\Opera Stable [2023-07-02]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\Christian\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-10]
OPR Extension: (Opera Wallet) - C:\Users\Christian\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-05-09]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Christian\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-08-15]
OPR Extension: (Opera AI Prompts) - C:\Users\Christian\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-05-09]
StartMenuInternet: (HKU\S-1-5-21-1054113169-1935661044-3860660887-1001) OperaStable - "C:\Users\Christian\AppData\Local\Programs\Opera\Launcher.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-11-07] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-11-04] (EasyAntiCheat Oy -> Epic Games, Inc)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2131432 2022-10-11] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-10-11] (GOG Sp. z o.o. -> GOG.com)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [224320 2022-08-25] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9258016 2023-06-12] (Malwarebytes Inc. -> Malwarebytes)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579264 2022-11-25] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497800 2022-11-25] (Electronic Arts, Inc. -> Electronic Arts)
S4 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2640904 2023-06-19] (Overwolf Ltd -> Overwolf LTD)
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2782080 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4605312 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336208 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACE-BASE; C:\Windows\system32\drivers\ACE-BASE.sys [1868848 2023-05-06] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
R3 ALSysIO; C:\Users\Christian\AppData\Local\Temp\ALSysIO64.sys [43528 2023-07-02] (Microsoft Windows Hardware Compatibility Publisher -> Arthur Liberman) <==== ACHTUNG
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-06-03] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0391252.inf_amd64_b298c070ddf486e2\B391109\amdkmdag.sys [100259712 2023-04-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AppleIPod; C:\Windows\System32\drivers\AppleIPod.sys [30096 2021-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 GPU-Z-v2; C:\Users\Christian\AppData\Local\Temp\GPU-Z-v2.sys [52008 2023-04-17] (TechPowerUp LLC -> ) <==== ACHTUNG
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-07-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-08-15] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 Spybot3ELAM; C:\Windows\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-Malware Publisher -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49560 2023-06-14] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498944 2023-06-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-14] (Microsoft Windows -> Microsoft Corporation)
S2 AMDRyzenMasterDriverV19; \??\C:\Windows\system32\AMDRyzenMasterDriver.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-07-02 13:48 - 2023-07-02 13:49 - 000023493 _____ C:\Users\Christian\Downloads\FRST.txt
2023-07-02 13:48 - 2023-07-02 13:48 - 002383360 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2023-07-02 13:48 - 2023-07-02 13:48 - 000000000 ____D C:\FRST
2023-07-02 13:29 - 2023-07-02 13:29 - 000001418 _____ C:\Users\Christian\Desktop\malewarebytes.txt
2023-07-02 13:06 - 2023-07-02 13:08 - 000000000 ____D C:\AdwCleaner
2023-07-02 13:06 - 2023-07-02 13:06 - 008791352 _____ (Malwarebytes) C:\Users\Christian\Downloads\adwcleaner.exe
2023-07-01 14:28 - 2023-07-01 14:28 - 000075483 _____ C:\Users\Christian\Downloads\81288305_2023_Mitteilung_vom_2023.06.30_20230701142800.pdf
2023-06-30 22:36 - 2023-06-30 22:35 - 000454708 ____R C:\Windows\system32\Drivers\etc\hosts.20230630-223619.backup
2023-06-30 22:35 - 2023-06-30 17:42 - 000454574 ____R C:\Windows\system32\Drivers\etc\hosts.20230630-223559.backup
2023-06-30 21:00 - 2023-06-30 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2023-06-30 18:30 - 2023-06-30 18:30 - 000000000 ___HD C:\$AV_ASW
2023-06-30 18:25 - 2023-07-02 13:36 - 094896128 _____ C:\Windows\system32\config\SOFTWARE
2023-06-30 18:22 - 2023-06-30 18:25 - 000000000 ____D C:\Windows\Microsoft Antimalware
2023-06-30 17:41 - 2023-06-30 18:51 - 000000000 ____D C:\ProgramData\Avast Software
2023-06-30 17:41 - 2023-06-30 17:41 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2023-06-30 16:54 - 2023-06-30 16:54 - 000000000 ____D C:\Users\Christian\AppData\Roaming\borhcbhsjusiliye
2023-06-29 13:18 - 2023-07-02 11:17 - 000015331 _____ C:\Users\Christian\Desktop\Klappentext SST11.odt
2023-06-26 15:19 - 2023-06-26 15:19 - 000032077 _____ C:\Users\Christian\Documents\Zusammenfassung.odt
2023-06-24 11:06 - 2023-06-24 11:06 - 001011772 _____ C:\Users\Christian\Downloads\FDownloader.Net.mp4
2023-06-24 10:56 - 2023-06-24 10:56 - 002245270 _____ C:\Users\Christian\Downloads\FDownloader.Net.mp4
2023-06-21 23:20 - 2023-06-23 11:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-06-17 12:32 - 2023-06-17 12:32 - 000000000 ____D C:\Users\Christian\Desktop\LanguageTool-6.1
2023-06-16 18:15 - 2023-06-17 10:51 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-06-16 16:03 - 2023-06-16 16:03 - 000000000 ____D C:\Program Files (x86)\7-Zip
2023-06-16 12:26 - 2023-06-16 12:26 - 000086536 _____ C:\Users\Christian\Downloads\korr.odt
2023-06-16 12:26 - 2023-06-16 12:26 - 000078231 _____ C:\Users\Christian\Downloads\korr2.odt
2023-06-16 12:26 - 2023-06-16 12:26 - 000063544 _____ C:\Users\Christian\Downloads\korr3.odt
2023-06-14 12:37 - 2023-06-14 12:37 - 000011583 _____ C:\Users\Christian\Documents\Beyer.odt
2023-06-14 12:23 - 2023-06-14 12:23 - 000000000 ___HD C:\$WinREAgent
2023-06-10 21:01 - 2023-06-10 21:02 - 006522178 _____ C:\Users\Christian\Desktop\Valhalla Calling Cover.mp4
2023-06-06 11:21 - 2023-06-06 11:21 - 000000000 ____D C:\Users\Christian\AppData\Roaming\GSDK
2023-06-06 11:21 - 2023-06-06 11:21 - 000000000 ____D C:\Users\Christian\AppData\LocalLow\sgra
2023-06-06 10:47 - 2023-06-06 23:49 - 000000000 ____D C:\Users\Christian\AppData\Roaming\DragonheirSilentGods
2023-06-06 10:47 - 2023-06-06 10:47 - 000000000 ____D C:\Users\Christian\AppData\Local\app_shell_cache_6584
2023-06-06 10:47 - 2023-06-06 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DragonheirSilentGods
2023-06-04 21:47 - 2023-06-04 21:47 - 000047881 _____ C:\Users\Christian\Downloads\island-robella.schem
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-07-02 13:47 - 2022-05-07 01:25 - 000000000 ____D C:\Users\Christian\AppData\Local\Battle.net
2023-07-02 13:44 - 2022-05-06 18:27 - 000000000 ____D C:\Users\Christian\AppData\LocalLow\Mozilla
2023-07-02 13:44 - 2022-05-06 18:27 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-02 13:40 - 2020-01-03 12:47 - 001723308 _____ C:\Windows\system32\PerfStringBackup.INI
2023-07-02 13:40 - 2019-12-07 16:51 - 000743838 _____ C:\Windows\system32\perfh007.dat
2023-07-02 13:40 - 2019-12-07 16:51 - 000150260 _____ C:\Windows\system32\perfc007.dat
2023-07-02 13:40 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-07-02 13:38 - 2022-07-10 12:41 - 000000000 ____D C:\Program Files (x86)\Google
2023-07-02 13:38 - 2022-05-06 19:22 - 000000000 ____D C:\Windows\SystemTemp
2023-07-02 13:37 - 2023-05-12 19:12 - 000000000 ____D C:\Users\Christian\AppData\Local\Malwarebytes
2023-07-02 13:37 - 2022-09-09 16:23 - 000000000 ____D C:\Users\Christian\AppData\Roaming\discord
2023-07-02 13:37 - 2022-05-06 19:48 - 000000000 ____D C:\Users\Christian\AppData\Local\Discord
2023-07-02 13:36 - 2020-01-03 12:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-07-02 13:36 - 2020-01-03 12:41 - 000008192 ___SH C:\DumpStack.log.tmp
2023-07-02 13:36 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-02 13:36 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-07-02 11:25 - 2022-11-28 16:32 - 000000000 ____D C:\Users\Christian\AppData\Roaming\Papyrus Autor 11
2023-07-01 21:44 - 2022-05-07 02:02 - 000000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2023-07-01 19:04 - 2022-05-07 01:56 - 000000000 ____D C:\Users\Christian\AppData\Local\Steam
2023-07-01 12:50 - 2022-06-13 09:54 - 000000000 ____D C:\Program Files\Breitbandmessung
2023-07-01 12:49 - 2023-01-27 12:39 - 000000000 ____D C:\AMD
2023-07-01 11:32 - 2020-01-03 12:42 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-01 11:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-01 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-07-01 03:52 - 2022-05-06 18:11 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1054113169-1935661044-3860660887-1001
2023-07-01 03:52 - 2020-01-03 12:47 - 000003368 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1054113169-1935661044-3860660887-1001
2023-07-01 03:52 - 2020-01-03 12:45 - 000002411 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-30 23:48 - 2022-05-07 11:57 - 000000000 ____D C:\Users\Christian\AppData\Local\Overwolf
2023-06-30 22:20 - 2022-05-07 11:28 - 000000000 ____D C:\Users\Christian\AppData\Roaming\paradox-launcher-v2
2023-06-30 20:59 - 2022-05-07 10:46 - 000000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-06-30 20:28 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-06-30 17:42 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-06-30 16:58 - 2022-08-15 13:27 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2023-06-30 16:56 - 2022-05-06 18:19 - 000000000 ____D C:\Users\Christian\AppData\Local\D3DSCache
2023-06-30 11:15 - 2022-08-15 13:27 - 000004204 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1660562839
2023-06-30 11:15 - 2022-08-15 13:27 - 000001487 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2023-06-29 11:15 - 2022-07-10 12:41 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-23 19:16 - 2022-05-08 15:30 - 000000000 ___RD C:\Users\Christian\Documents\Scanned Documents
2023-06-23 11:01 - 2022-05-06 18:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-06-22 19:57 - 2022-05-07 11:57 - 000000000 ____D C:\Program Files (x86)\Overwolf
2023-06-22 11:21 - 2022-05-06 18:27 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-06-21 13:02 - 2023-05-15 10:29 - 000000000 ____D C:\Users\Christian\Desktop\Textarbeit
2023-06-20 15:28 - 2023-01-10 23:30 - 000000000 ____D C:\Users\Christian\AppData\Local\CrashDumps
2023-06-18 22:14 - 2022-05-28 16:43 - 000000278 _____ C:\Users\Christian\.languagetool.cfg
2023-06-18 09:55 - 2022-10-22 11:45 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-06-18 09:55 - 2022-10-22 11:45 - 000062968 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-06-18 09:55 - 2022-05-07 11:50 - 002807296 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-06-18 09:55 - 2022-05-07 11:50 - 000493048 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-06-18 09:55 - 2022-05-07 11:50 - 000247288 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2023-06-18 09:55 - 2022-05-07 11:50 - 000202232 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-06-18 09:55 - 2022-05-07 11:50 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-06-18 09:55 - 2022-05-07 11:50 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-06-17 10:51 - 2022-05-08 17:52 - 000000000 ____D C:\Program Files\7-Zip
2023-06-17 10:51 - 2022-05-07 01:24 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-06-16 19:54 - 2022-05-06 23:28 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-06-15 22:10 - 2022-07-10 12:41 - 000004002 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{8C9C04E7-3EDB-425E-802F-A717EF6D2EDF}
2023-06-15 22:10 - 2022-07-10 12:41 - 000003878 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{B5DDCB1C-3286-43B5-AAF3-112057F5B921}
2023-06-15 13:24 - 2020-01-03 12:41 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-06-14 23:59 - 2020-01-03 12:41 - 000300624 _____ C:\Windows\system32\FNTCACHE.DAT
2023-06-14 23:59 - 2019-12-07 16:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-06-14 23:59 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-06-14 23:59 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-06-14 23:59 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-06-14 23:59 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-06-14 23:59 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-06-14 23:59 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-06-14 23:59 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-06-14 23:59 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-06-14 12:26 - 2020-01-03 12:45 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-06-14 12:19 - 2022-05-06 19:13 - 000000000 ____D C:\Windows\system32\MRT
2023-06-14 12:17 - 2022-05-06 19:13 - 170078616 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-06-14 10:53 - 2020-01-03 12:42 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-06-13 16:16 - 2022-07-24 14:59 - 000013896 _____ C:\Users\Christian\Documents\Karlheinz Zahnprothese.odt
2023-06-12 21:26 - 2020-01-03 12:42 - 000003756 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-12 21:26 - 2020-01-03 12:42 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-09 18:24 - 2022-05-07 12:05 - 000000000 ____D C:\Users\Christian\AppData\Roaming\.minecraft
2023-06-09 16:26 - 2020-01-03 12:45 - 000000000 ____D C:\Users\Christian\AppData\Local\Packages
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2022-07-27 14:10 - 2022-07-27 14:10 - 000000068 _____ () C:\Users\Christian\AppData\Roaming\changzhi_leidian.data
2022-07-27 14:10 - 2022-07-27 14:10 - 000000102 _____ () C:\Users\Christian\AppData\Roaming\changzhi_leidianmac.data
2023-05-09 18:37 - 2023-05-09 18:37 - 000000286 _____ () C:\Users\Christian\AppData\Roaming\Safer-Networking.log
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Und:
Code:
Alles auswählen Aufklappen ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-06-2023
durchgeführt von Lyrao (02-07-2023 13:49:21)
Gestartet von C:\Users\Christian\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.3086 (X64) (2020-01-03 10:43:09)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1054113169-1935661044-3860660887-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1054113169-1935661044-3860660887-503 - Limited - Disabled)
Gast (S-1-5-21-1054113169-1935661044-3860660887-501 - Limited - Disabled)
Lyrao (S-1-5-21-1054113169-1935661044-3860660887-1001 - Administrator - Enabled) => C:\Users\Christian
WDAGUtilityAccount (S-1-5-21-1054113169-1935661044-3860660887-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Spybot - Search and Destroy (Disabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 22.01 (HKLM-x32\...\7-Zip) (Version: 22.01 - Igor Pavlov)
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Amazon Games (HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.3.8425.2 - Amazon.com Services, Inc.)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.07.13.2243 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.89 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.19.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.4.3 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{2b787d65-59ec-46d5-9e6b-8b4761e7903c}) (Version: 4.07.13.2243 - Advanced Micro Devices, Inc.) Hidden
Anno 1800 (HKLM-x32\...\Uplay Install 4553) (Version: - Ubisoft)
ANT Drivers Installer x64 (HKLM\...\{FFDE93F1-4C9B-41B5-973D-015467E0B59F}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AOMEI Partition Assistant 9.10.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: 9.10.0 - AOMEI International Network Limited.)
Apple Mobile Device Support (HKLM\...\{82C2A7D9-6BFC-4BED-9EF9-C49780F02C3E}) (Version: 15.5.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre 64bit (HKLM\...\{046879EF-51A3-40F5-9D27-539286BEBBCE}) (Version: 6.3.0 - Kovid Goyal)
ChatGPT (HKLM\...\{79311651-4623-40F8-A0E1-59FBE36000D2}) (Version: 1.0.0 - lencx)
Core Temp 1.18 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.18 - ALCPU)
CurseForge (HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.227.1.1 - Overwolf app)
Diablo Immortal (HKLM-x32\...\Diablo Immortal) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.)
DragonheirSilentGods (HKLM-x32\...\DragonheirSilentGods) (Version: 1.3.4 - EisenCloudGameInc)
Elevated Installer (HKLM-x32\...\{F5AC76EB-5DB5-4A6D-B673-6D75B84948AC}) (Version: 7.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{5F15891E-8342-47CD-AFFF-89211CFC04D0}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.0.1.12430 - Foxit Software Inc.)
Garmin Express (HKLM-x32\...\{4143C81A-0FC9-430B-A58E-C9BF7D4915FA}) (Version: 7.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{c4a623d3-1300-440d-8664-b0105eab60d5}) (Version: 7.16.1.0 - Garmin Ltd or its subsidiaries)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.199 - Google LLC)
Honkai Impact 3rd (HKLM\...\Honkai Impact 3rd) (Version: 2.23.1.0 - miHoYo Co.,Ltd)
HWiNFO64 Version 7.26 (HKLM\...\HWiNFO64_is1) (Version: 7.26 - Martin Malik - REALiX)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000130-0220-1031-84C8-B8D95FA3C8C3}) (Version: 22.130.0.2 - Intel Corporation)
iPod-Unterstützung (HKLM\...\{5530CCC4-99F6-4198-BB1B-F1F78D6BCA76}) (Version: 12.11.3.7 - Apple Inc.)
iTunes (HKLM\...\{B71B64F9-B245-4E4B-802E-DB6AB834EA13}) (Version: 12.12.3.5 - Apple Inc.)
Java 8 Update 351 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Java(TM) SE Development Kit 18.0.2 (64-bit) (HKLM\...\{EA16FB93-3AC2-538A-A3AD-03372A6682EA}) (Version: 18.0.2.0 - Oracle Corporation)
Kindle Create (HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Kindle Create) (Version: 1.72.1.0 - Amazon)
LanguageTool 1.0.9 (HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\dd8063c1-671a-5080-9379-6cf83970e9c2) (Version: 1.0.9 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.30.269 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.30.269 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.67 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.67 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\OneDriveSetup.exe) (Version: 23.122.0611.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 114.0.2 (x64 de)) (Version: 114.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.9.0 - Mozilla)
Mozilla Thunderbird (x64 de) (HKLM\...\Mozilla Thunderbird 102.12.0 (x64 de)) (Version: 102.12.0 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.5 - Notepad++ Team)
OpenOffice 4.1.13 (HKLM-x32\...\{8BF457BB-5693-497F-B2D3-305905993C08}) (Version: 4.113.9810 - Apache Software Foundation)
Opera Stable 99.0.4788.88 (HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\Opera 99.0.4788.88) (Version: 99.0.4788.88 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.116.52126 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.226.0.38 - Overwolf Ltd.)
Papyrus Autor -- from R.O.M. logicware GmbH (HKLM-x32\...\Papyrus Autor) (Version: - R.O.M. logicware GmbH)
Papyrus Autor 11 -- from R.O.M. logicware GmbH, Berlin (HKLM-x32\...\Papyrus Autor 11) (Version: - R.O.M. logicware GmbH, Berlin)
Paradox Launcher v2 (HKLM\...\{E68BBC18-9E69-436B-B20F-E294DE62ECAB}) (Version: 2.3.0 - Paradox Interactive)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.9.82.0 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
To-Do DeskList 2.0 (HKLM-x32\...\To-Do DeskList_is1) (Version: 2.0 - Ondrej Zabojnik, Dextronet)
TreeSize Free V4.6.1 (64 bit) (HKLM\...\TreeSize Free_is1) (Version: 4.6.1 - JAM Software)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 133.0.10702 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
WhoCrashed 7.01 (HKLM\...\WhoCrashed_is1) (Version: 7.01 - Resplendence Software Projects Sp.)
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_146.3.1087.0_x64__v10z8vjag6ke6 [2023-06-22] (HP Inc.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-03-20] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation) [MS Ad]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.2.16.0_x64__8wekyb3d8bbwe [2023-06-09] (Microsoft Studios)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-24] (Microsoft Studios) [MS Ad]
WinDbg Preview -> C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2306.14001.0_x64__8wekyb3d8bbwe [2023-06-17] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-06-29] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-06-29] (Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-09-03] (Notepad++ -> )
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-25] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers3: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Datei ist nicht signiert]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-25] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2023-06-16 11:15 - 2023-06-16 11:15 - 104871424 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\libcef.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000112128 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\libegl.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 006227456 _____ () [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\libglesv2.dll
2023-06-16 16:06 - 2022-07-15 16:00 - 000094720 _____ (Igor Pavlov) [Datei ist nicht signiert] C:\Program Files\7-Zip\7-zip.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000810496 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\chrome_elf.dll
2022-05-07 12:54 - 2022-11-25 22:30 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-05-07 12:54 - 2022-11-25 22:30 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\ssleay32.dll
2022-05-07 12:54 - 2022-11-25 22:30 - 001611264 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-11-25 22:31 - 2022-11-25 22:30 - 005487104 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-11-25 22:31 - 2022-11-25 22:30 - 005841920 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-11-25 22:31 - 2022-11-25 22:30 - 001179136 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-11-25 22:31 - 2022-11-25 22:30 - 000146432 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-11-25 22:31 - 2022-11-25 22:30 - 005089792 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-11-25 22:31 - 2022-11-25 22:30 - 000184832 _____ (The Qt Company Ltd) [Datei ist nicht signiert] C:\Program Files (x86)\Origin\Qt5Xml.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000048640 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\audio\qtaudio_windows.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000035328 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\iconengines\qsvgicon.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000026112 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\imageformats\qgif.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000026112 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\imageformats\qico.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000351232 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\imageformats\qjpeg.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000021504 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\imageformats\qsvg.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000343552 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\imageformats\qtiff.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000438784 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\imageformats\qwebp.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 001241088 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\platforms\qwindows.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 005518336 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\Qt5Core.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 005799936 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\Qt5Gui.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000643584 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\Qt5Multimedia.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000968704 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\Qt5Network.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 003301888 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\Qt5Qml.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000370688 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\Qt5QmlModels.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 003730944 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\Qt5Quick.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000265216 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\Qt5Svg.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 004737536 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\Qt5Widgets.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000439296 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\Qt5WinExtras.dll
2023-06-16 11:15 - 2023-06-16 11:15 - 000172544 _____ (The Qt Company Ltd.) [Datei ist nicht signiert] C:\Program Files (x86)\Battle.net\Battle.net.14235\Qt5Xml.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Christian\AppData\Local\Microsoft:ISBD1 [33]
AlternateDataStreams: C:\Users\Christian\AppData\Local\Microsoft:ISBD2 [68]
AlternateDataStreams: C:\Users\Christian\Documents\Inbetriebsetzungsprotokoll für Erzeugungsanlagen.jpeg:�3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Christian\Documents\Inbetriebsetzungsprotokoll für Erzeugungsanlagen.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Christian\Documents\Inbetriebsetzungsprotokoll für Stromspeicher.jpeg:�3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Christian\Documents\Inbetriebsetzungsprotokoll für Stromspeicher.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\ssv.dll [2023-01-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\jp2ssv.dll [2023-01-01] (Oracle America, Inc. -> Oracle Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7940 mehr Seiten.
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7940 mehr Seiten.
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 11:14 - 2023-06-30 22:36 - 000454708 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15607 zusätzliche Einträge.
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Calibre2\
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Christian\Desktop\102570914_p0_master1200.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
MSCONFIG\Services: AMD Crash Defender Service => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: EpicOnlineServices => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPPrintScanDoctorService => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: OverwolfUpdater => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ss_global"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\StartupApproved\StartupFolder: => "Discord.lnk"
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\StartupApproved\Run: => "To-Do DeskList"
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_95CC94696E51321C781F017EB5F81AC0"
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1054113169-1935661044-3860660887-1001\...\StartupApproved\Run: => "GogGalaxy"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{ABB5BA74-3D16-4A83-8748-8434DCFB67A2}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{9392E46D-7E27-4950-B734-DC1BCBADA8B8}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C00AE4DB-2279-4162-8090-5A7E0581DDC8}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{74B2B9E1-5E4F-4CE5-A2E5-29D770D0D1E7}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{553400EA-A0E9-4656-8941-8EFB6D459D35}] => (Allow) D:\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{48428102-CBC5-41AD-81E0-C825149A0DE3}] => (Allow) D:\Steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [TCP Query User{1C69D098-E6A5-48C0-BCB7-72F1F0A21FDF}D:\starcraft ii\versions\base87702\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base87702\sc2_x64.exe => Keine Datei
FirewallRules: [UDP Query User{7C2961E7-464F-4313-BE14-E248D2089237}D:\starcraft ii\versions\base87702\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base87702\sc2_x64.exe => Keine Datei
FirewallRules: [{5F22CD83-0057-4F3C-93FD-F517C26BA981}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Keine Datei
FirewallRules: [{228B8E6E-15D1-4C71-8E41-EEA23ADA3842}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Keine Datei
FirewallRules: [TCP Query User{F91718F4-691D-4A6F-ACF3-8F51D93D6260}D:\starcraft ii\versions\base87702\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base87702\sc2_x64.exe => Keine Datei
FirewallRules: [UDP Query User{7DEFC78D-3831-49BE-90B5-7867E929A90D}D:\starcraft ii\versions\base87702\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base87702\sc2_x64.exe => Keine Datei
FirewallRules: [{1BCAF77E-547B-4695-AF9A-74A915B6CC80}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Keine Datei
FirewallRules: [{EFFD172F-FBA9-4713-9649-7226C707EE27}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Keine Datei
FirewallRules: [{D3D504A3-6C21-49D9-A814-588F0FDD3631}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Keine Datei
FirewallRules: [{F3D2771E-169C-4BE8-8CBF-6695F43B2B5B}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Keine Datei
FirewallRules: [{094C4FAF-64FD-4AF0-9FC3-E35BAE108896}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Keine Datei
FirewallRules: [{A259AAEF-B14E-4AC6-9232-9CB2DE8113BA}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Keine Datei
FirewallRules: [{5DC4FC6B-67A0-4CDE-8457-BE6867F58E4A}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Keine Datei
FirewallRules: [{E90EC28B-99D3-4620-A258-8D2483270AA4}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Keine Datei
FirewallRules: [{16AA3E9D-2EB2-4D79-ADDB-CA6A3862041B}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Keine Datei
FirewallRules: [{619F5947-366D-4B03-9861-D417A5536B4B}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Keine Datei
FirewallRules: [{BBFFAA5E-298C-41CB-BBED-EDE0E1D371CD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FF5CD350-0DC8-4977-A2F1-14F612528ADF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{BED4047A-3CBA-4FA8-81A5-6B6F1C0DF87F}D:\steam\steamapps\common\stellaris\stellaris.exe] => (Allow) D:\steam\steamapps\common\stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [UDP Query User{F2589B25-04DE-48D3-BD1D-9C39F9698178}D:\steam\steamapps\common\stellaris\stellaris.exe] => (Allow) D:\steam\steamapps\common\stellaris\stellaris.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [TCP Query User{EADC6905-CB15-4B18-84D4-AC81FDAB173F}C:\users\christian\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\christian\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{E0060C85-3FC1-4104-9406-809D06929A20}C:\users\christian\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\christian\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{361F20F3-C7F3-4A40-A4FD-AEEAFC2C87CF}C:\program files\windowsapps\microsoft.skypeapp_15.83.408.0_x86__kzf8qxf38zg5c\skype\skype.exe] => (Allow) C:\program files\windowsapps\microsoft.skypeapp_15.83.408.0_x86__kzf8qxf38zg5c\skype\skype.exe => Keine Datei
FirewallRules: [UDP Query User{B4230DF4-2544-41A2-AC7F-CF9376FF1F59}C:\program files\windowsapps\microsoft.skypeapp_15.83.408.0_x86__kzf8qxf38zg5c\skype\skype.exe] => (Allow) C:\program files\windowsapps\microsoft.skypeapp_15.83.408.0_x86__kzf8qxf38zg5c\skype\skype.exe => Keine Datei
FirewallRules: [TCP Query User{D3E49E56-1C62-43AE-9F70-F1B875409A6B}D:\origin\battlefield 1\bf1.exe] => (Allow) D:\origin\battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{67B5DEFF-596C-4955-8B65-91EAE4D37BB0}D:\origin\battlefield 1\bf1.exe] => (Allow) D:\origin\battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{D96DE236-3B0D-4364-AAA4-A84E29171942}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{60662ABF-5881-460E-B265-61CD7B6561B5}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0CB51007-BD93-4B72-8972-6E6294E5B1D1}C:\users\christian\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\christian\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{E065BE34-C478-410B-8965-F456BB1B57FE}C:\users\christian\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\christian\curseforge\minecraft\install\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{850218AB-A094-4195-9201-ECD785238F80}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => Keine Datei
FirewallRules: [{28399D63-FFAA-49C9-8891-6C2128DA7852}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => Keine Datei
FirewallRules: [TCP Query User{B1321870-5A22-4B48-AF49-C29C14EBE474}D:\epicgames\killingfloor2\binaries\win64\kfgame.exe] => (Allow) D:\epicgames\killingfloor2\binaries\win64\kfgame.exe (Tripwire Interactive, LLC.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{3A1C0AAD-5A49-4B49-BA51-7EF0ED2076B6}D:\epicgames\killingfloor2\binaries\win64\kfgame.exe] => (Allow) D:\epicgames\killingfloor2\binaries\win64\kfgame.exe (Tripwire Interactive, LLC.) [Datei ist nicht signiert]
FirewallRules: [{EF56009E-0D83-4091-824C-6F83F3A2B240}] => (Allow) D:\Steam\steamapps\common\Age2HD\Launcher.exe => Keine Datei
FirewallRules: [{6E8DA610-1506-48A6-8BD9-49BF1FE35273}] => (Allow) D:\Steam\steamapps\common\Age2HD\Launcher.exe => Keine Datei
FirewallRules: [TCP Query User{01A7A5E5-AF9C-41DD-948C-58AD96DFC264}D:\starcraft ii\versions\base88500\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base88500\sc2_x64.exe => Keine Datei
FirewallRules: [UDP Query User{69E10877-E9AF-4687-9EB3-DF5EF672FD6F}D:\starcraft ii\versions\base88500\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base88500\sc2_x64.exe => Keine Datei
FirewallRules: [TCP Query User{01DEC867-3929-4421-9621-1A89F0C13508}D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{46DD24D2-D5D4-4E35-A941-E2C6E8D9938A}D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) D:\steam\steamapps\common\left 4 dead 2\left4dead2.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{D55AFE4B-FF1B-410B-BEFF-19C384D69ECA}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => Keine Datei
FirewallRules: [UDP Query User{CA456891-93CF-40DC-BBB4-C46554BA06AA}C:\program files\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files\wizards of the coast\mtga\mtga.exe => Keine Datei
FirewallRules: [TCP Query User{85480BE7-D6A9-40B0-978A-EE9D0F30978C}D:\wizards of the coast\mtga\mtga.exe] => (Allow) D:\wizards of the coast\mtga\mtga.exe (Wizards of the Coast LLC -> )
FirewallRules: [UDP Query User{C060F206-5982-4052-B20A-8725F97D1148}D:\wizards of the coast\mtga\mtga.exe] => (Allow) D:\wizards of the coast\mtga\mtga.exe (Wizards of the Coast LLC -> )
FirewallRules: [TCP Query User{0E7117F3-FE0F-49C0-A856-9D5EAC66F5D8}C:\program files\java\jdk-18.0.2\bin\java.exe] => (Allow) C:\program files\java\jdk-18.0.2\bin\java.exe
FirewallRules: [UDP Query User{DF1D37A7-3E1C-46A0-B552-AE0131E4A504}C:\program files\java\jdk-18.0.2\bin\java.exe] => (Allow) C:\program files\java\jdk-18.0.2\bin\java.exe
FirewallRules: [TCP Query User{9F1F9F2D-23B1-4E29-87B0-F5104E8C97F6}C:\program files\java\jdk-18.0.2\bin\javaw.exe] => (Allow) C:\program files\java\jdk-18.0.2\bin\javaw.exe
FirewallRules: [UDP Query User{FA51327C-0F58-4CBE-B6A9-A3B4252E4F97}C:\program files\java\jdk-18.0.2\bin\javaw.exe] => (Allow) C:\program files\java\jdk-18.0.2\bin\javaw.exe
FirewallRules: [TCP Query User{231B769B-20AC-4013-8218-331D573ADDC3}C:\users\christian\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\christian\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{63BBE3F8-C211-4759-9EB4-58CEB91F2C5C}C:\users\christian\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\christian\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{2347D28B-08D0-44CE-B224-E6CB0FC9EF13}] => (Allow) D:\Anno 1800\Bin\Win64\Anno1800.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) [Datei ist nicht signiert]
FirewallRules: [{8E2282E5-E829-4EC6-9A33-C241A20761EC}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe => Keine Datei
FirewallRules: [{415F8233-4F4A-45C5-99AE-0E69B15A9B65}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe => Keine Datei
FirewallRules: [{EDAB4A70-2706-47AD-9DF7-720192513C2A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9A752CDE-FD39-4397-B20F-8D6CB315224C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D7660852-4A2A-4942-84A9-CB3800E67997}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{07C200C4-D0A6-41BD-B19B-52390DAD3B3B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2E0ADDED-B5B0-4D24-B989-597C2E70C060}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D78F4B01-BFEE-4B88-94A6-7578013E61C0}D:\steam\steamapps\common\age of empires iv\reliccardinal.exe] => (Allow) D:\steam\steamapps\common\age of empires iv\reliccardinal.exe => Keine Datei
FirewallRules: [UDP Query User{F8EF856C-3345-4B0B-A4B1-3A3030AFB306}D:\steam\steamapps\common\age of empires iv\reliccardinal.exe] => (Allow) D:\steam\steamapps\common\age of empires iv\reliccardinal.exe => Keine Datei
FirewallRules: [{F8252522-60AF-4069-BA42-21DE1E8C45E5}] => (Allow) D:\Steam\steamapps\common\Crusader Kings II\CK2game.exe => Keine Datei
FirewallRules: [{4A27F9DA-666C-4FAF-84FA-FF0B31BB89A6}] => (Allow) D:\Steam\steamapps\common\Crusader Kings II\CK2game.exe => Keine Datei
FirewallRules: [{D1E2BD97-AF3A-4419-A24E-E485E09DA9DA}] => (Allow) D:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe => Keine Datei
FirewallRules: [{FEF4049C-ED4E-4BA1-AB2E-64010A016277}] => (Allow) D:\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe => Keine Datei
FirewallRules: [{0A0A1683-1FF5-403E-89B6-467D04EDDFF8}] => (Allow) D:\Steam\steamapps\common\Age of Wonders Shadow Magic\Launcher.exe => Keine Datei
FirewallRules: [{133AAAFB-A433-4FEA-97C4-E9B37AAE6A01}] => (Allow) D:\Steam\steamapps\common\Age of Wonders Shadow Magic\Launcher.exe => Keine Datei
FirewallRules: [{E529E61E-6842-4C88-909E-F5F88E2EC42E}] => (Allow) D:\Steam\steamapps\common\Age of Wonders Shadow Magic\AoWSMSetup.exe => Keine Datei
FirewallRules: [{EF0A4F07-A653-4BBC-B6F0-0F71400A96B7}] => (Allow) D:\Steam\steamapps\common\Age of Wonders Shadow Magic\AoWSMSetup.exe => Keine Datei
FirewallRules: [{B7BE62AD-F862-4F17-B9D2-7873A785A45E}] => (Allow) D:\Steam\steamapps\common\Age of Wonders Shadow Magic\AoWSMEd.exe => Keine Datei
FirewallRules: [{7858C007-FD6B-497D-A466-A1B9B81F67CF}] => (Allow) D:\Steam\steamapps\common\Age of Wonders Shadow Magic\AoWSMEd.exe => Keine Datei
FirewallRules: [{B5E9AEC0-FFC1-48A5-894A-EF495D1ED2DA}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe => Keine Datei
FirewallRules: [{8073E3B7-06EA-48DD-BFA1-B051E0E97CA1}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe => Keine Datei
FirewallRules: [{9F2D13E4-A226-4CBE-9D6A-91438E3C36E7}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe => Keine Datei
FirewallRules: [{49C36FEC-5157-444B-AE70-45768D3F4211}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe => Keine Datei
FirewallRules: [{BFEBDE65-14CE-4AC9-AE58-2470AB144712}] => (Allow) D:\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe => Keine Datei
FirewallRules: [{A76DF651-6FB6-40B0-B87D-7795B5CD7C31}] => (Allow) D:\Steam\steamapps\common\Warhammer Vermintide 2\launcher\Launcher.exe => Keine Datei
FirewallRules: [TCP Query User{312FD422-12B0-45C5-8C50-D492673DA8A1}D:\overwatch\_retail_\overwatch.exe] => (Allow) D:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{0DCDD23C-9EF6-47E2-A666-259B79F4EA6D}D:\overwatch\_retail_\overwatch.exe] => (Allow) D:\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{28F7140C-D70C-48C6-8EA8-516DD9D07E8C}D:\epicgames\twwh2\warhammer2.exe] => (Allow) D:\epicgames\twwh2\warhammer2.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{41EA7354-942B-4849-8872-2B90597BCD1D}D:\epicgames\twwh2\warhammer2.exe] => (Allow) D:\epicgames\twwh2\warhammer2.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{212AAF79-0CF8-40CC-ADC9-85E605F7DD48}D:\starcraft ii\versions\base89165\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base89165\sc2_x64.exe => Keine Datei
FirewallRules: [UDP Query User{1605C56D-2C74-435A-8AE4-9C29DF6BA960}D:\starcraft ii\versions\base89165\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base89165\sc2_x64.exe => Keine Datei
FirewallRules: [TCP Query User{66D89873-4C00-40AB-B29E-B47BB0FE396D}D:\starcraft ii\versions\base89634\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base89634\sc2_x64.exe => Keine Datei
FirewallRules: [UDP Query User{9C1B8650-D923-4F45-A32E-823024BE1CE5}D:\starcraft ii\versions\base89634\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base89634\sc2_x64.exe => Keine Datei
FirewallRules: [TCP Query User{8643594C-91CC-45D0-89FE-446BFCEA2D32}D:\starcraft ii\versions\base89720\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base89720\sc2_x64.exe => Keine Datei
FirewallRules: [UDP Query User{61F2B212-BC6F-4011-B591-31A801C0AB60}D:\starcraft ii\versions\base89720\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base89720\sc2_x64.exe => Keine Datei
FirewallRules: [{4A9CA0AB-4A66-4BB5-B1E0-3669521372CE}] => (Allow) D:\Steam\steamapps\common\Dark and Darker Demo\DungeonCrawler.exe => Keine Datei
FirewallRules: [{56D088F2-CCE1-4925-915F-F9439A2DCD6C}] => (Allow) D:\Steam\steamapps\common\Dark and Darker Demo\DungeonCrawler.exe => Keine Datei
FirewallRules: [TCP Query User{7974B197-0853-4B5C-A9E3-353E4E368F16}D:\diablo iv - beta\diablo iv.exe] => (Allow) D:\diablo iv - beta\diablo iv.exe => Keine Datei
FirewallRules: [UDP Query User{8BB59A72-1741-496C-87EA-652AE6F82BDA}D:\diablo iv - beta\diablo iv.exe] => (Allow) D:\diablo iv - beta\diablo iv.exe => Keine Datei
FirewallRules: [TCP Query User{B7D9D541-42DA-4FBB-A862-385FDEC63995}C:\users\christian\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\christian\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{B5C62393-0533-418F-91C6-1B997117BA6A}C:\users\christian\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\christian\curseforge\minecraft\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{97C2E7F9-0610-435A-93CE-781B6E0D10D6}D:\starcraft ii\versions\base90136\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base90136\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{28DA80E3-35A7-46C9-B298-2CF5A1415294}D:\starcraft ii\versions\base90136\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base90136\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{43DF0B1E-7584-4B73-9B5F-01F5656F7AB6}] => (Allow) D:\Steam\steamapps\common\Legends of Idleon\LegendsOfIdleon.exe => Keine Datei
FirewallRules: [{CBFE4F60-1ABE-430E-8F1A-08069659D15E}] => (Allow) D:\Steam\steamapps\common\Legends of Idleon\LegendsOfIdleon.exe => Keine Datei
FirewallRules: [TCP Query User{97F53FA0-A807-49F1-B622-94B46C075C07}C:\users\christian\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\christian\appdata\local\discord\app-1.0.9013\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [UDP Query User{4C2B4643-E169-48B2-8808-52A72263CBCB}C:\users\christian\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\christian\appdata\local\discord\app-1.0.9013\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{943B0963-9A66-4957-8243-D1EFBDC5C37E}] => (Allow) D:\Steam\steamapps\common\Warhammer 40000 Gladius - Relics of War\Launcher.exe => Keine Datei
FirewallRules: [{120E4674-CC85-4640-9F68-DCA0C147F0DF}] => (Allow) D:\Steam\steamapps\common\Warhammer 40000 Gladius - Relics of War\Launcher.exe => Keine Datei
FirewallRules: [{43848A31-3F46-4F96-9DF4-AFF481A5166C}] => (Allow) D:\Dragonheir\DragonheirSilentGods\DragonheirSilentGods.exe (Nuverse PTE.LTD. -> GitHub, Inc.)
FirewallRules: [{488F2D1F-E4AA-4B6D-A13A-37DD1FBDDCDC}] => (Allow) D:\Dragonheir\DragonheirSilentGods\DragonheirSilentGods.exe (Nuverse PTE.LTD. -> GitHub, Inc.)
FirewallRules: [TCP Query User{A9DD0432-0227-4FAD-9CF0-E8EDAA6A05B2}D:\dragonheir\dragonheirsilentgods\game\dragonheir.exe] => (Allow) D:\dragonheir\dragonheirsilentgods\game\dragonheir.exe () [Datei ist nicht signiert]
FirewallRules: [UDP Query User{47751F00-E0BF-48EA-A58B-9A0868536510}D:\dragonheir\dragonheirsilentgods\game\dragonheir.exe] => (Allow) D:\dragonheir\dragonheirsilentgods\game\dragonheir.exe () [Datei ist nicht signiert]
FirewallRules: [{B6677C75-B2C5-41E0-BFEE-EA47722369DC}] => (Allow) C:\Users\Christian\AppData\Local\Programs\Opera\99.0.4788.65\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{72E3011C-4E65-4518-A720-C3634BC49607}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2306.14001.0_x64__8wekyb3d8bbwe\x86\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A981E2F5-3076-4DEB-86BD-FCA482B4231B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2306.14001.0_x64__8wekyb3d8bbwe\x86\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AE21BA03-B56D-4DCC-8AEE-89FBA60607BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2306.14001.0_x64__8wekyb3d8bbwe\amd64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{53A01BBE-4133-422F-81E7-3BC5D126B2E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2306.14001.0_x64__8wekyb3d8bbwe\amd64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{13F85B32-12E1-4CD9-9D60-62D854494E92}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2306.14001.0_x64__8wekyb3d8bbwe\arm64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C9ACA6AD-1697-4AD3-B0A3-4673049FF230}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2306.14001.0_x64__8wekyb3d8bbwe\arm64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{BB0E40E0-0788-4D78-A67F-A45ADCF9C0E8}C:\users\christian\desktop\xampp\apache\bin\httpd.exe] => (Allow) C:\users\christian\desktop\xampp\apache\bin\httpd.exe => Keine Datei
FirewallRules: [UDP Query User{733818C8-DA25-4162-B4C2-487F09297312}C:\users\christian\desktop\xampp\apache\bin\httpd.exe] => (Allow) C:\users\christian\desktop\xampp\apache\bin\httpd.exe => Keine Datei
FirewallRules: [TCP Query User{C9FE52D0-E901-43FC-B0FC-3125A995F0DB}C:\users\christian\desktop\xampp\mysql\bin\mysqld.exe] => (Allow) C:\users\christian\desktop\xampp\mysql\bin\mysqld.exe => Keine Datei
FirewallRules: [UDP Query User{AE23F892-C871-44CE-903A-AB7A42FBE960}C:\users\christian\desktop\xampp\mysql\bin\mysqld.exe] => (Allow) C:\users\christian\desktop\xampp\mysql\bin\mysqld.exe => Keine Datei
FirewallRules: [TCP Query User{74B9EDAF-4443-4CC6-896B-95175EBD2223}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe => Keine Datei
FirewallRules: [UDP Query User{A05E0CC7-7C93-4722-8492-A0459721F9A8}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe => Keine Datei
FirewallRules: [{7242B6B8-E149-4F04-8061-869F0A4C6221}] => (Allow) C:\Program Files (x86)\Overwolf\0.224.0.25\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{8C39BE06-EE75-45B1-BE80-6677BA72BAD7}] => (Allow) C:\Program Files (x86)\Overwolf\0.224.0.25\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{029D12FA-A91D-47A6-8307-07834383B85A}] => (Block) C:\Program Files (x86)\Overwolf\0.224.0.25\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{C31448B9-CA0F-45A0-B31E-DA0A4FDA97CF}] => (Block) C:\Program Files (x86)\Overwolf\0.224.0.25\OverwolfBrowser.exe => Keine Datei
FirewallRules: [{3BDBEFD4-3C0B-41A4-A364-A6D1C694F0D2}] => (Allow) C:\Program Files (x86)\Overwolf\0.226.0.38\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{85FA1FCE-305D-4589-A1D5-55F013EDEEE8}] => (Allow) C:\Program Files (x86)\Overwolf\0.226.0.38\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{6449897E-8ACF-48E6-8EE0-2D7C218C3FD7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1DF698F8-90FF-41A2-AFC2-EC57F877C087}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{92FC39A2-7B68-4D52-9D67-BBFDABC28A00}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{05D190BF-1493-4128-80D8-EC2ACB391772}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C044118B-7EF7-4826-95EF-1981673D5518}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{33BB4E99-CFA0-45D1-9350-3A23A5CE1D91}] => (Allow) C:\Users\Christian\AppData\Local\Programs\Opera\99.0.4788.88\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{4458FA80-6986-4BC4-BD56-8954C98F328D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert (Total:99.37 GB) (Free:16.98 GB) (17%)
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (07/02/2023 01:36:59 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\YGGDRASIL$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 02 Jul 2023 11:36:57 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 58afe1d3-193a-4a82-9f4b-12ac61ef1f10
Methode: GET(297ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (07/02/2023 11:14:54 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\YGGDRASIL$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 02 Jul 2023 09:14:53 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 93765508-ad44-4a4e-8dac-5fbc28e18e0b
Methode: GET(250ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (07/01/2023 06:21:36 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (07/01/2023 11:05:03 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\YGGDRASIL$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 01 Jul 2023 09:05:01 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: e1d6951a-af74-4e74-804c-17a9ce642e94
Methode: GET(188ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (07/01/2023 03:49:03 AM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\YGGDRASIL$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 01 Jul 2023 01:49:02 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 468f37a3-ad2b-4d11-bf61-00e47b1aa3c7
Methode: GET(172ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/30/2023 11:46:08 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\YGGDRASIL$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 30 Jun 2023 21:46:07 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 18e99004-fbb2-4a5d-a0cc-6df987d1b9f9
Methode: GET(313ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/30/2023 10:23:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Christian\Desktop\Neuer Ordner\Autoruns.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.
Error: (06/30/2023 09:06:16 PM) (Source: CertEnroll) (EventID: 86) (User: NT-AUTORITÄT)
Description: Fehler bei der Initialisierung der SCEP-Zertifikatregistrierung für WORKGROUP\YGGDRASIL$ über https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 30 Jun 2023 19:06:14 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 0fa3ca8c-08dc-453f-88b9-481c4d3c76e3
Methode: GET(219ms)
Phase: GetCACaps
Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Systemfehler:
=============
Error: (07/02/2023 01:36:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMDRyzenMasterDriverV19" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (07/02/2023 01:08:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/02/2023 01:08:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Foxit PDF Reader Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/02/2023 01:08:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "GameInput Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/02/2023 01:08:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD Crash Defender Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/02/2023 01:08:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD External Events Utility" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/02/2023 11:14:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AMDRyzenMasterDriverV19" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (07/01/2023 11:35:33 PM) (Source: DCOM) (EventID: 10010) (User: YGGDRASIL)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
================
Date: 2023-06-30 17:41:22
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {58672BA1-6B73-475C-A1C5-8FEF8CB277F6}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Vollständige Überprüfung
Benutzer: YGGDRASIL\Lyrao
Date: 2023-06-14 12:18:38
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {2CC18D09-4FB5-48CB-9247-555F2C5497B4}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2023-04-24 11:30:20
Description:
Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {93BDC775-3A6A-48C7-8111-103A160C2951}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Event[0]:
Date: 2023-04-24 11:26:04
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.387.2042.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.20200.4
Fehlercode: 0x800b0109
Fehlerbeschreibung: Eine Zertifikatkette wurde zwar verarbeitet, endete jedoch mit einem Stammzertifikat, das beim Vertrauensanbieter nicht als vertrauenswürdig gilt.
CodeIntegrity:
===============
Date: 2023-07-02 13:47:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
Date: 2023-07-02 13:47:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-02 13:47:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends International, LLC. 1.91 02/24/2022
Hauptplatine: Micro-Star International Co., Ltd. MPG B550 GAMING EDGE WIFI (MS-7C91)
Prozessor: AMD Ryzen 7 5800X3D 8-Core Processor
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 32694.09 MB
Verfügbarer physikalischer RAM: 24211.24 MB
Summe virtueller Speicher: 38582.09 MB
Verfügbarer virtueller Speicher: 27317.99 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:99.37 GB) (Free:16.98 GB) (Model: KINGSTON SNVS2000G) NTFS
Drive d: (Spiele) (Fixed) (Total:1562.5 GB) (Free:921.33 GB) (Model: KINGSTON SNVS2000G) NTFS
Drive e: (Schriftstellerei) (Fixed) (Total:200.52 GB) (Free:186.44 GB) (Model: KINGSTON SNVS2000G) NTFS
\\?\Volume{da40841c-0c4c-4d95-a4ea-263424fec718}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{6040bf42-4714-4443-3701-68a1a9f7de27}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{a6652243-59f5-4443-a051-043a5d5568cf}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== Ende von Addition.txt =======================
Kann ich sonst noch was tun?
lg & Danke
Geändert von Sternennacht (02.07.2023 um 12:56 Uhr)
Linear-Darstellung
