| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 10 System muss überprüft werden, weil mein Twitter-Account gehackt wurde.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
01.08.2023, 18:04
| #1 |
| |  Windows 10 System muss überprüft werden, weil mein Twitter-Account gehackt wurde. Nachdem mein Twitter-Account gehackt wurde, hatte ich auch Probleme mit meinem Mail-Account. Der Mail-Account ist inzwischen gesichtert. Das Twitter-Konto ist bis heute nicht verfügbar. Ich weiß nicht, ob der Hacker es dabei auch geschafft hat, Schadsoftware auf meinem Windowsrechner zu platzieren. Anbei die Log-Files von FRST Danke für die Mühen. Stefan Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-08-2023
durchgeführt von stefa (Administrator) auf LAPTOP-CUVSB2ND (Acer Aspire E5-774G) (01-08-2023 18:17:56)
Gestartet von C:\Users\stefa\Downloads\FRST64.exe
Geladene Profile: defaultuser0 & stefa
Plattform: Microsoft Windows 10 Home Version 22H2 19045.3208 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: FF
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(C:\Program Files\Norton Security\Engine\22.23.6.5\NortonSecurity.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <2>
(C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP ENVY 5000 series\Bin\ScanToPCActivationApp.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <15>
(NortonLifeLock Inc. -> NortonLifeLock Inc) C:\Program Files\Norton Utilities\NUP.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.23.6.5\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.23.6.5\nsWscSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(svchost.exe ->) (HP Inc -> HP Inc.) C:\Program Files\HP\HP ENVY 5000 series\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\stefa\AppData\Local\Microsoft\OneDrive\23.147.0716.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\stefa\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (NortonLifeLock Inc. -> Symantec Corporation) C:\Program Files\Norton Utilities\ToolKit.exe
(svchost.exe ->) (NortonLifeLock Inc. -> Symantec Corporation) C:\Program Files\Norton Utilities\x64\LBGovernor.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Datei ist nicht signiert]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-06-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\Run: [Dashlane] => "C:\Users\stefa\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup (Keine Datei)
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\Run: [HP ENVY 5000 (NET)] => C:\Program Files\HP\HP ENVY 5000 series\Bin\ScanToPCActivationApp.exe [4064160 2019-03-18] (HP Inc -> HP Inc.)
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\Run: [MicrosoftEdgeAutoLaunch_C20C439905A8A614B916288AD7473F4F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-27] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2019-01-29]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {ECF9AA24-1512-4238-BD92-E739B8A9C362} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {419BD584-A6A9-4644-BF24-46A2F768DD53} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {5333D700-DD17-4969-BE0D-069C8EA27572} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-24] (Acer Incorporated -> )
Task: {68FF97D8-C5E5-48B6-AEEA-1A5191A30AD7} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {FCFB2CCE-529D-40C6-8912-714E259E53A6} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {594516C6-3079-4BA6-8503-C3A22E0D8BEC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {5915A3A0-A33D-4529-BB7B-7B3F7611BFDD} - System32\Tasks\App Explorer => C:\Users\stefa\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7574560 2023-03-29] (SweetLabs Inc -> SweetLabs, Inc) <==== ACHTUNG
Task: {CC2FDE4A-A261-461F-B354-AFB6572B8CAB} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)
Task: {59A7EA86-343C-4DD8-A345-D43F984E70C7} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {14C1345B-E4CF-4ABE-B6D1-5F152F6B02B4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {BEC07985-A6D2-4E33-B2A8-22036CA3A4C8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26659216 2023-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C727ABA2-D225-43C4-A5E8-DAF1C262ECD3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26659216 2023-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7412B00C-E5A3-48A0-AC83-D800F8B109F3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124296 2023-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C526E1AA-B9C3-4330-AF71-93E0C499305B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124296 2023-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {78FF4CE9-C234-4D87-B35F-812A484D21C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [834552 2023-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED71961F-C583-41DD-982A-344BFF4C5C2D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-11] (Mozilla Corporation -> Mozilla Foundation)
Task: {29D43364-3D98-42D6-9405-1474E27A3E51} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.23.6.5\SymErr.exe [379024 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {0D23FDC8-A7D9-44BA-B5FB-A9BE611C0923} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.23.6.5\SymErr.exe [379024 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {3E88945D-4C18-4F10-8E03-3684E1468075} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.23.6.5\SymErr.exe [379024 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {F3AD71DE-9A0C-4AB4-A3C4-B16EA34C7C80} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe /ui (Keine Datei)
Task: {8213DDB7-261F-4BBA-B4E8-AA42BDA558B6} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe /analyze (Keine Datei)
Task: {BC2DBE89-77E1-438C-8134-BDB1F51272EE} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.2.57\SymErr.exe /submit (Keine Datei)
Task: {CE8D32CA-47DA-4C80-8C53-C54F31459E81} - System32\Tasks\Norton Utility\ActiveSync-NortonUtility => C:\Program Files\Norton Utilities\ActiveBridge.exe -> -appexecutable NUP.exe -ammode
Task: {0B0EB16F-01DE-4DAB-976A-30E65F2DD26A} - System32\Tasks\Norton Utility\AutomaticCare => C:\Program Files\Norton Utilities\NUP.exe [3636680 2022-07-19] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {02073673-D31F-4920-B0EB-7D8186575CD4} - System32\Tasks\Norton Utility\Live Boost Process Governor => C:\Program Files\Norton Utilities\x64\LBGovernor.exe [1055168 2022-07-19] (NortonLifeLock Inc. -> Symantec Corporation)
Task: {B14410E7-DB2E-4A1D-8307-21B0E78D45C5} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.23.6.5\WSCStub.exe [646520 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {B05285D8-2E72-4F6F-9ADB-07EBA25373BC} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4845A274-ECAC-471D-8F13-FBC615CE1A54} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2767152 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {BE58D903-7E61-4B43-AF23-69B85F656060} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [422704 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {13199936-3DFC-451F-BEF5-D78BB7F99C67} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {31B5D15B-9299-46FE-8E1B-60BEC8C4C231} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-24] (Acer Incorporated -> Acer Incorporated)
Task: {31FA1695-459A-4FF3-A00E-AE0D49FEA9F6} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-12] (Acer Incorporated -> TODO: <Company name>)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0818810d-a1d2-4eef-821c-9cc81def503c}: [DhcpNameServer] 40.33.1.66
Tcpip\..\Interfaces\{c6f99899-d2f8-4e7c-a702-c08ca03632bc}: [DhcpNameServer] 192.168.178.1
Edge:
=======
DownloadDir:
Edge Extension: (Kein Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [nicht gefunden]
Edge Extension: (Kein Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [nicht gefunden]
Edge Extension: (Kein Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [nicht gefunden]
Edge Extension: (Kein Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [nicht gefunden]
Edge DefaultProfile: Default
Edge Profile: C:\Users\stefa\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-23]
Edge DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?omnisearch=yes&q={searchTerms}
Edge DefaultSearchKeyword: Default -> nortonsafe
Edge DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=de&q={searchTerms}
Edge Extension: (Norton Safe Web) - C:\Users\stefa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2023-05-17]
Edge Extension: (Norton Safe Search) - C:\Users\stefa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ikkagnliefbhcdgnnhfidhhbocdhkdeb [2023-07-08]
Edge Extension: (Edge relevant text changes) - C:\Users\stefa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-06-01]
FireFox:
========
FF DefaultProfile: s4k2jal5.default
FF ProfilePath: C:\Users\stefa\AppData\Roaming\Mozilla\Firefox\Profiles\s4k2jal5.default [2023-08-01]
FF Homepage: Mozilla\Firefox\Profiles\s4k2jal5.default -> www.google.de
FF HomepageOverride: Mozilla\Firefox\Profiles\s4k2jal5.default -> Enabled: nortonthree-in-one@symantec.com
FF HomepageOverride: Mozilla\Firefox\Profiles\s4k2jal5.default -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\s4k2jal5.default -> Enabled: nortonthree-in-one@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\s4k2jal5.default -> Enabled: nortonhomepage@symantec.com
FF Extension: (Amazon Assistant for Firefox) - C:\Users\stefa\AppData\Roaming\Mozilla\Firefox\Profiles\s4k2jal5.default\Extensions\abb-acer@amazon.com [2017-04-28] []
FF Extension: (Bing-Suche) - C:\Users\stefa\AppData\Roaming\Mozilla\Firefox\Profiles\s4k2jal5.default\Extensions\bing@sl-ext-a.xpi [2020-04-02] [UpdateUrl:hxxps://sl-ext.appspot.com/updates.json]
FF Extension: (Norton Password Manager) - C:\Users\stefa\AppData\Roaming\Mozilla\Firefox\Profiles\s4k2jal5.default\Extensions\idsafe@norton.com.xpi [2023-07-06]
FF Extension: (Dashlane) - C:\Users\stefa\AppData\Roaming\Mozilla\Firefox\Profiles\s4k2jal5.default\Extensions\jetpack-extension@dashlane.com.xpi [2023-08-01]
FF Extension: (Language: Deutsch (German)) - C:\Users\stefa\AppData\Roaming\Mozilla\Firefox\Profiles\s4k2jal5.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2023-08-01]
FF Extension: (Norton Home Page) - C:\Users\stefa\AppData\Roaming\Mozilla\Firefox\Profiles\s4k2jal5.default\Extensions\nortonhomepage@symantec.com.xpi [2023-07-05] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\stefa\AppData\Roaming\Mozilla\Firefox\Profiles\s4k2jal5.default\Extensions\nortonsafesearch_ul@symantec.com.xpi [2023-07-05] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\stefa\AppData\Roaming\Mozilla\Firefox\Profiles\s4k2jal5.default\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2023-07-05] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\stefa\AppData\Roaming\Mozilla\Firefox\Profiles\s4k2jal5.default\Extensions\nortonsafeweb@symantec.com.xpi [2023-05-16]
FF Extension: (Norton Safe Search Enhanced) - C:\Users\stefa\AppData\Roaming\Mozilla\Firefox\Profiles\s4k2jal5.default\Extensions\nortonthree-in-one@symantec.com.xpi [2023-08-01] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/three-in-one/updates.json]
FF Extension: (Mozilla Partner Defaults) - C:\Users\stefa\AppData\Roaming\Mozilla\Firefox\Profiles\s4k2jal5.default\Extensions\partnerdefaults@mozilla.com [2017-04-28] []
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-05] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-08-31] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11867648 2023-07-16] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-07-16] (HP Inc. -> HP Inc.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.23.6.5\NortonSecurity.exe [344888 2023-07-11] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.23.6.5\nsWscSvc.exe [1059176 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-07-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-07-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\stefa\AppData\Roaming\Zoom"
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.2.57\Definitions\BASHDefs\20230727.001\BHDrvx64.sys [1696736 2023-07-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\ccSetx64.sys [198280 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.2.57\Definitions\IPSDefs\20230731.061\IDSvia64.sys [1527816 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-16] (Acer Incorporated -> Acer Incorporated)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\nsvst.sys [57120 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-16] (Acer Incorporated -> Acer Incorporated)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\SRTSP64.SYS [956048 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\SRTSPX64.SYS [52872 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\SYMEFASI64.SYS [2180248 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\SymELAM.sys [36016 2023-07-11] (Microsoft Windows Early Launch Anti-Malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.2.57\SymPlatform\SymEvnt.sys [722400 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\Ironx64.SYS [306824 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\symnets.sys [492728 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [78216 2020-07-30] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [430320 2020-07-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-07-30] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1617060.005\wpCtrlDrv.sys [1016792 2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-08-01 18:17 - 2023-08-01 18:23 - 000028650 _____ C:\Users\stefa\Downloads\FRST.txt
2023-08-01 18:10 - 2023-08-01 18:21 - 000000000 ____D C:\FRST
2023-08-01 18:06 - 2023-08-01 18:07 - 002700800 _____ (Farbar) C:\Users\stefa\Downloads\FRST64.exe
2023-07-26 03:19 - 2023-07-26 03:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2023-07-26 02:20 - 2023-08-01 17:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2023-07-26 02:20 - 2023-07-26 02:20 - 000003374 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2023-07-26 02:19 - 2023-07-26 02:53 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2023-07-23 18:46 - 2023-07-23 18:46 - 000037461 _____ C:\Users\stefa\Downloads\2023-241021485-183404751.pdf
2023-07-23 16:48 - 2023-07-23 16:48 - 000657043 _____ C:\Users\stefa\Downloads\Komunikaty_Mazursko_Warminskie-r1973-t-n1_2-s176-178.pdf
2023-07-23 16:44 - 2023-07-23 16:44 - 000985299 _____ C:\Users\stefa\Downloads\Komunikaty_Mazursko_Warminskie-r1984-t-n3-s251-263.pdf
2023-07-23 14:58 - 2023-07-23 14:58 - 000000000 ____D C:\Users\stefa\AppData\Roaming\Sun
2023-07-23 14:58 - 2023-07-23 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-07-23 14:58 - 2023-06-14 14:22 - 000170624 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2023-07-23 14:57 - 2023-07-23 14:57 - 000000000 ____D C:\Program Files (x86)\Java
2023-07-23 14:34 - 2023-07-23 14:34 - 002928212 _____ C:\Users\stefa\Downloads\WA303_269253_e-book-cz2_Prusy-kom-1.pdf
2023-07-20 17:19 - 2023-07-20 17:19 - 000000000 ____D C:\Users\stefa\Documents\Benutzerdefinierte Office-Vorlagen
2023-07-11 23:28 - 2023-07-11 23:28 - 018318673 _____ C:\Users\stefa\Downloads\Komunikaty_Mazursko_Warminskie-r1967-t-n1_2-s85-120.pdf
2023-07-11 23:02 - 2023-07-11 23:02 - 000000000 ___HD C:\$WinREAgent
2023-07-11 22:18 - 2023-08-01 18:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-07-08 23:29 - 2023-07-08 23:30 - 044398633 _____ C:\Users\stefa\Downloads\AltpreussischeMonatsschrift1887_11058148.pdf
2023-07-06 22:07 - 2023-07-06 22:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-07-05 23:03 - 2023-07-05 23:03 - 021728301 _____ C:\Users\stefa\Downloads\Stefan Bikowski Ethnizitätsvideo.mp4
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-08-01 18:20 - 2021-03-15 18:48 - 000000000 ____D C:\Users\stefa\AppData\LocalLow\Norton
2023-08-01 18:11 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-01 18:05 - 2017-04-28 19:08 - 000000000 ____D C:\Users\stefa\AppData\Local\CrashDumps
2023-08-01 18:01 - 2022-02-09 22:07 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-01 18:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-01 17:59 - 2020-07-30 03:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-01 17:53 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-01 17:45 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-01 17:32 - 2020-06-27 01:00 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-01 17:32 - 2020-06-27 01:00 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-01 17:17 - 2021-12-13 18:13 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4230192846-4267691915-647799034-1001
2023-08-01 17:17 - 2020-07-30 04:38 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4230192846-4267691915-647799034-1001
2023-08-01 17:17 - 2020-07-30 03:49 - 000002399 _____ C:\Users\stefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-01 17:17 - 2017-04-28 19:08 - 000000000 ___RD C:\Users\stefa\OneDrive
2023-08-01 17:07 - 2017-04-28 19:02 - 000000000 __SHD C:\Users\stefa\IntelGraphicsProfiles
2023-07-26 03:41 - 2017-06-07 18:00 - 000000000 ____D C:\ProgramData\NVIDIA
2023-07-26 02:53 - 2020-05-21 06:19 - 000002401 _____ C:\Users\Public\Desktop\Norton Security.lnk
2023-07-26 02:31 - 2017-04-28 19:41 - 000000000 ____D C:\Program Files\Common Files\AV
2023-07-26 02:20 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-07-26 02:20 - 2018-02-18 13:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2023-07-25 18:37 - 2018-07-01 14:39 - 000000000 ____D C:\Users\stefa\AppData\Local\NPE
2023-07-25 18:37 - 2017-02-16 12:29 - 000000000 ____D C:\ProgramData\Norton
2023-07-23 21:03 - 2017-04-28 20:03 - 000000000 ____D C:\Users\stefa\AppData\Roaming\Microsoft\Excel
2023-07-23 18:42 - 2017-04-28 19:57 - 000000000 ____D C:\Users\stefa\AppData\Roaming\Microsoft\Word
2023-07-23 17:05 - 2023-03-04 00:16 - 000000000 ____D C:\Program Files\Zoom
2023-07-22 01:17 - 2020-01-04 00:18 - 000000000 ____D C:\Users\stefa\.freemind
2023-07-20 16:41 - 2020-07-30 03:49 - 000000000 ____D C:\Users\stefa
2023-07-19 00:11 - 2017-04-28 19:57 - 000000000 ____D C:\Users\stefa\AppData\Roaming\Microsoft\Office
2023-07-18 20:30 - 2017-02-16 11:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-07-16 19:11 - 2021-05-12 20:22 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-07-16 19:11 - 2021-04-03 20:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-07-13 21:34 - 2020-07-30 04:38 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-07-13 21:33 - 2022-10-21 23:05 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-07-13 21:33 - 2022-10-21 23:05 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-07-12 22:01 - 2017-02-16 12:26 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-07-12 22:01 - 2017-02-16 12:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-12 21:07 - 2020-07-30 04:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-07-12 21:07 - 2020-07-30 03:43 - 000008192 ___SH C:\DumpStack.log.tmp
2023-07-12 00:50 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-07-12 00:31 - 2020-07-30 04:03 - 002082598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-12 00:31 - 2019-12-07 16:50 - 000895670 _____ C:\WINDOWS\system32\perfh007.dat
2023-07-12 00:31 - 2019-12-07 16:50 - 000196260 _____ C:\WINDOWS\system32\perfc007.dat
2023-07-12 00:26 - 2020-07-30 03:43 - 000443504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-12 00:21 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-12 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-12 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-07-12 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-12 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-12 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-12 00:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-07-12 00:19 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-12 00:05 - 2020-07-30 03:49 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-07-11 22:38 - 2017-04-30 10:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-11 22:30 - 2017-04-30 10:24 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-11 22:06 - 2020-07-30 04:38 - 000003756 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-11 22:06 - 2020-07-30 04:38 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-07 19:16 - 2018-03-05 00:14 - 000000000 ____D C:\Users\stefa\AppData\Local\Packages
2023-07-06 01:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-07-06 01:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-07-06 01:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-07-06 01:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2022-06-21 21:26 - 2022-06-21 21:26 - 000007605 _____ () C:\Users\stefa\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-08-2023
durchgeführt von stefa (01-08-2023 18:25:42)
Gestartet von C:\Users\stefa\Downloads
Microsoft Windows 10 Home Version 22H2 19045.3208 (X64) (2020-07-30 02:40:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-4230192846-4267691915-647799034-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4230192846-4267691915-647799034-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4230192846-4267691915-647799034-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-4230192846-4267691915-647799034-501 - Limited - Disabled)
stefa (S-1-5-21-4230192846-4267691915-647799034-1001 - Administrator - Enabled) => C:\Users\stefa
WDAGUtilityAccount (S-1-5-21-4230192846-4267691915-647799034-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton 360 (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3008 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1031-1033-7760-BC15014EA700}) (Version: 23.003.20244 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-4230192846-4267691915-647799034-1000\...\Host App Service) (Version: 0.272.1.295 - SweetLabs)
App Explorer (HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\Host App Service) (Version: 0.273.4.677 - SweetLabs)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 7.1.2 - CEWE Stiftung u Co. KGaA)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3019 - Acer Incorporated)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
HP Dropbox Plugin (HKLM-x32\...\{FAC779E7-54CA-44BB-98BD-581EECBDC586}) (Version: 36.0.102.68541 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{F481B93C-521A-4507-B1FF-61FD9543CF87}) (Version: 43.0.0.0 - HP)
HP ENVY 5000 series - Grundlegende Software für das Gerät (HKLM\...\{972DFD08-5B47-4010-B315-7AE061AB19AB}) (Version: 44.4.2678.1977 - HP Inc.)
HP ENVY 5000 series Hilfe (HKLM-x32\...\{44F11FA4-8FC2-4029-9BCF-F816F88D9F7D}) (Version: 44.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{72A62952-25F3-4554-A5DF-E360B8F53316}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{8124AF4B-3A5E-4659-B992-30BAABECFE16}) (Version: 36.0.102.68541 - HP)
HP OneDrive Plugin (HKLM-x32\...\{4957E048-6A3C-498F-BA88-87060A6AF7CF}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP SharePoint Plugin (HKLM-x32\...\{AA3F32A4-4E25-4BAD-82B5-BEBE474A1346}) (Version: 43.0.0.0 - HP)
iCloud (HKLM-x32\...\{6D234FFA-256A-4E78-8F97-C76A54D74CD9}) (Version: 7.21.0.23 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{4EB05024-F740-48CF-B9B0-62A041E22D5C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{DD04783C-E206-46DB-97A7-1155B1C76038}) (Version: 11.6.0.1025 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{31E11FD7-9921-48E4-AAFC-FD25A0051994}) (Version: 17.5.1.1021 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.1.1021 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{EC883E72-01ED-4DED-AA46-9162C34A7D4F}) (Version: 30.100.1633.03 - Intel Corporation) Hidden
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{1AC25CEA-DED2-4D31-AE36-A9CBD5B85B67}) (Version: 17.5.1.1021 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{75FE588B-F158-4BB3-A283-A8D18E522A52}) (Version: 1.43.301.1 - Intel Corporation) Hidden
Java 8 Update 381 (HKLM-x32\...\{77924AE4-039E-4CA4-87B4-2F32180381F0}) (Version: 8.0.3810.9 - Oracle Corporation)
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.16626.20068 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\OneDriveSetup.exe) (Version: 23.147.0716.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B409944C-1493-4B0D-A92C-2CE3C5F5F289}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{0E8D087B-5654-4010-AF4D-DE1250B8C1EB}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30139 (HKLM-x32\...\{8d5fdf81-7022-423f-bd8b-b513a1050ae1}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30139 (HKLM-x32\...\{1AEA8854-7597-4CD3-948F-8DE364D94E07}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30139 (HKLM-x32\...\{1679EF65-55F3-4248-B91E-6B3BE1A69CDF}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 115.0.2 (x64 de)) (Version: 115.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.0 - Mozilla)
Norton 360 (HKLM-x32\...\NGC) (Version: 22.23.6.5 - Symantec Corporation)
Norton Utilities (HKLM\...\{36896A40-D958-486B-8A43-31A41E129FE2}) (Version: 21.4.7.637 - NortonLifeLock Inc)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16626.20068 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20068 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20068 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16626.20068 - Microsoft Corporation) Hidden
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10388 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.278 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8569 - Realtek Semiconductor Corp.)
Rossmann Fotowelt Software (HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\{9780bae0-0b36-4f29-aaf2-a01d0739d7de}) (Version: 5.5.0-3056 - ORWO Net GmbH Bitterfeld-Wolfen)
Signal 5.28.0 (HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.28.0 - Open Whisper Systems)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\WhatsApp) (Version: 2.2310.5 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Windows-PC-Integritätsprüfung (HKLM\...\{B3956CF3-F6C5-4567-AC38-1FD4432B319C}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (64-bit) (HKLM\...\{EA6A9E3A-2675-495B-A98C-A175656DF6B0}) (Version: 5.15.18551 - Zoom)
Packages:
=========
Fotos-Add-On -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_147.1.1079.0_x64__v10z8vjag6ke6 [2023-07-16] (HP Inc.)
Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-16] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2305.14002.0_x64__8wekyb3d8bbwe [2023-07-07] (Microsoft Corporation) [Startup Task]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-06-20] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.6.5\NavShExt.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.6.5\NavShExt.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-06-20] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxDTCM.dll [2017-02-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.23.6.5\buShell.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.23.6.5\NavShExt.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-04-26 20:49 - 2020-04-26 20:49 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-26 20:49 - 2020-04-26 20:49 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2017-02-16 12:03 - 2016-06-14 22:01 - 001298640 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Datei ist nicht signiert] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-4230192846-4267691915-647799034-1001 -> DefaultScope {B4234351-934B-4262-A686-43710DF4EA6D} URL =
SearchScopes: HKU\S-1-5-21-4230192846-4267691915-647799034-1001 -> {B4234351-934B-4262-A686-43710DF4EA6D} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-07-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.23.6.5\coIEPlg.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.23.6.5\coIEPlg.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.23.6.5\coIEPlg.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.23.6.5\coIEPlg.dll [2023-07-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-16] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4230192846-4267691915-647799034-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
MSCONFIG\Services: AJRouter => 2
MSCONFIG\Services: ALG => 2
MSCONFIG\Services: Appinfo => 2
MSCONFIG\Services: AppReadiness => 2
MSCONFIG\Services: autotimesvc => 2
MSCONFIG\Services: AxInstSV => 2
MSCONFIG\Services: BDESVC => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: BTAGService => 2
MSCONFIG\Services: BthAvctpSvc => 2
MSCONFIG\Services: bthserv => 2
MSCONFIG\Services: camsvc => 2
MSCONFIG\Services: CertPropSvc => 2
MSCONFIG\Services: COMSysApp => 2
MSCONFIG\Services: cphs => 2
MSCONFIG\Services: defragsvc => 2
MSCONFIG\Services: DeviceInstall => 2
MSCONFIG\Services: DevQueryBroker => 2
MSCONFIG\Services: diagnosticshub.standardcollector.service => 2
MSCONFIG\Services: diagsvc => 2
MSCONFIG\Services: DisplayEnhancementService => 2
MSCONFIG\Services: DmEnrollmentSvc => 2
MSCONFIG\Services: dmwappushservice => 2
MSCONFIG\Services: dot3svc => 2
MSCONFIG\Services: DsmSvc => 2
MSCONFIG\Services: DsSvc => 2
MSCONFIG\Services: Eaphost => 2
MSCONFIG\Services: edgeupdatem => 2
MSCONFIG\Services: EFS => 2
MSCONFIG\Services: embeddedmode => 2
MSCONFIG\Services: EntAppSvc => 2
MSCONFIG\Services: Fax => 2
MSCONFIG\Services: fdPHost => 2
MSCONFIG\Services: FDResPub => 2
MSCONFIG\Services: fhsvc => 2
MSCONFIG\Services: FontCache3.0.0.0 => 2
MSCONFIG\Services: FrameServer => 2
MSCONFIG\Services: GraphicsPerfSvc => 2
MSCONFIG\Services: hidserv => 2
MSCONFIG\Services: HvHost => 2
MSCONFIG\Services: icssvc => 2
MSCONFIG\Services: InstallService => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 2
MSCONFIG\Services: iPod Service => 2
MSCONFIG\Services: IpxlatCfgSvc => 2
MSCONFIG\Services: KeyIso => 2
MSCONFIG\Services: KtmRm => 2
MSCONFIG\Services: lfsvc => 2
MSCONFIG\Services: LicenseManager => 2
MSCONFIG\Services: lltdsvc => 2
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: LxpSvc => 2
MSCONFIG\Services: MicrosoftEdgeElevationService => 2
MSCONFIG\Services: MixedRealityOpenXRSvc => 2
MSCONFIG\Services: MozillaMaintenance => 2
MSCONFIG\Services: MSDTC => 2
MSCONFIG\Services: MSiSCSI => 2
MSCONFIG\Services: msiserver => 2
MSCONFIG\Services: NaturalAuthentication => 2
MSCONFIG\Services: NcaSvc => 2
MSCONFIG\Services: NcbService => 2
MSCONFIG\Services: NcdAutoSetup => 2
MSCONFIG\Services: Netlogon => 2
MSCONFIG\Services: Netman => 2
MSCONFIG\Services: netprofm => 2
MSCONFIG\Services: NetSetupSvc => 2
MSCONFIG\Services: NetTcpPortSharing => 2
MSCONFIG\Services: ose => 2
MSCONFIG\Services: p2pimsvc => 2
MSCONFIG\Services: p2psvc => 2
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: perceptionsimulation => 2
MSCONFIG\Services: PerfHost => 2
MSCONFIG\Services: PhoneSvc => 2
MSCONFIG\Services: pla => 2
MSCONFIG\Services: PlugPlay => 2
MSCONFIG\Services: PNRPAutoReg => 2
MSCONFIG\Services: PNRPsvc => 2
MSCONFIG\Services: PolicyAgent => 2
MSCONFIG\Services: PrintNotify => 2
MSCONFIG\Services: PushToInstall => 2
MSCONFIG\Services: QALSvc => 2
MSCONFIG\Services: QASvc => 2
MSCONFIG\Services: QWAVE => 2
MSCONFIG\Services: RasAuto => 2
MSCONFIG\Services: RemoteAccess => 2
MSCONFIG\Services: RemoteRegistry => 2
MSCONFIG\Services: RetailDemo => 2
MSCONFIG\Services: RmSvc => 2
MSCONFIG\Services: RpcLocator => 2
MSCONFIG\Services: SCardSvr => 2
MSCONFIG\Services: ScDeviceEnum => 2
MSCONFIG\Services: SCPolicySvc => 2
MSCONFIG\Services: SDRSVC => 2
MSCONFIG\Services: seclogon => 2
MSCONFIG\Services: SEMgrSvc => 2
MSCONFIG\Services: SensorDataService => 2
MSCONFIG\Services: SensorService => 2
MSCONFIG\Services: SensrSvc => 2
MSCONFIG\Services: SessionEnv => 2
MSCONFIG\Services: SharedAccess => 2
MSCONFIG\Services: SharedRealitySvc => 2
MSCONFIG\Services: shpamsvc => 2
MSCONFIG\Services: smphost => 2
MSCONFIG\Services: SmsRouter => 2
MSCONFIG\Services: SNMPTRAP => 2
MSCONFIG\Services: spectrum => 2
MSCONFIG\Services: SSDPSRV => 2
MSCONFIG\Services: ssh-agent => 2
MSCONFIG\Services: SstpSvc => 2
MSCONFIG\Services: StateRepository => 2
MSCONFIG\Services: svsvc => 2
MSCONFIG\Services: swprv => 2
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: TapiSrv => 2
MSCONFIG\Services: TermService => 2
MSCONFIG\Services: TieringEngineService => 2
MSCONFIG\Services: TokenBroker => 2
MSCONFIG\Services: TroubleshootingSvc => 2
MSCONFIG\Services: TrustedInstaller => 2
MSCONFIG\Services: tzautoupdate => 2
MSCONFIG\Services: UEIPSvc => 2
MSCONFIG\Services: uhssvc => 2
MSCONFIG\Services: UmRdpService => 2
MSCONFIG\Services: upnphost => 2
MSCONFIG\Services: VacSvc => 2
MSCONFIG\Services: VaultSvc => 2
MSCONFIG\Services: vds => 2
MSCONFIG\Services: vmicguestinterface => 2
MSCONFIG\Services: vmicheartbeat => 2
MSCONFIG\Services: vmickvpexchange => 2
MSCONFIG\Services: vmicrdv => 2
MSCONFIG\Services: vmicshutdown => 2
MSCONFIG\Services: vmictimesync => 2
MSCONFIG\Services: vmicvmsession => 2
MSCONFIG\Services: vmicvss => 2
MSCONFIG\Services: VSS => 2
MSCONFIG\Services: W32Time => 2
MSCONFIG\Services: WalletService => 2
MSCONFIG\Services: WarpJITSvc => 2
MSCONFIG\Services: wbengine => 2
MSCONFIG\Services: WbioSrvc => 2
MSCONFIG\Services: wcncsvc => 2
MSCONFIG\Services: WebClient => 2
MSCONFIG\Services: Wecsvc => 2
MSCONFIG\Services: WEPHOSTSVC => 2
MSCONFIG\Services: wercplsupport => 2
MSCONFIG\Services: WerSvc => 2
MSCONFIG\Services: WFDSConMgrSvc => 2
MSCONFIG\Services: WiaRpc => 2
MSCONFIG\Services: WinRM => 2
MSCONFIG\Services: wisvc => 2
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: wlpasvc => 2
MSCONFIG\Services: WManSvc => 2
MSCONFIG\Services: wmiApSrv => 2
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: workfolderssvc => 2
MSCONFIG\Services: WpcMonSvc => 2
MSCONFIG\Services: WPDBusEnum => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: WwanSvc => 2
MSCONFIG\Services: XblAuthManager => 2
MSCONFIG\Services: XblGameSave => 2
MSCONFIG\Services: XboxGipSvc => 2
MSCONFIG\Services: XboxNetApiSvc => 2
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\StartupApproved\Run: => "DashlanePlugin"
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\StartupApproved\Run: => "DeepL"
HKU\S-1-5-21-4230192846-4267691915-647799034-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C20C439905A8A614B916288AD7473F4F"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{07EB9B12-C7BB-4026-9306-42EEE81724EF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => Keine Datei
FirewallRules: [{B57ACA12-1470-4BED-8CB7-54FD77488A6C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => Keine Datei
FirewallRules: [{989DFEE6-4C3B-4251-A6F5-F9DC085C1AD1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => Keine Datei
FirewallRules: [{F91ED392-4840-420B-8FE9-61CB8B69E521}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => Keine Datei
FirewallRules: [{F2FFE860-15CC-4804-A0B5-D7D85CA3C528}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{2A6F1166-ACEE-4F19-B209-DD776B6CE0A3}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{D560C318-2458-43D9-BB90-41319C8EF3D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0CC1FFF7-434D-403B-98FA-01BA91E1AEDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4355EB3F-1FA9-4DFF-AC8D-037AB6A1B433}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7A313E5D-A512-4B68-8E17-015F03D66EC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F73F2560-798B-495F-BFB5-38ECFC695666}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95EBE9E9-4819-42C6-A39F-19362730E505}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => Keine Datei
FirewallRules: [{F3D1D1D8-3063-4E73-8C96-62F2C0513B8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => Keine Datei
FirewallRules: [{6FFA71B6-6B33-4644-B8FA-2B192D64E131}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BEF88F9E-361A-4138-8650-728B7B061988}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7892CFD4-38AC-460D-A774-B62A71BA109C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B24ED0D7-AD0F-4DEB-81A1-CDF14CA1548B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{19D9207B-A89A-4718-B755-10052555BA57}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4FAC8771-EDBF-476A-87F2-8CFD9AFFA52C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E10A9A39-5FDF-4F4D-A060-821152659E34}] => (Allow) C:\Users\stefa\AppData\Local\Temp\7zS2998\HP.EasyStart.exe => Keine Datei
FirewallRules: [{22F121AA-4E26-40C5-A383-FB4C602AEB59}] => (Allow) C:\Program Files\HP\HP ENVY 5000 series\Bin\DeviceSetup.exe (HP Inc -> HP Inc.)
FirewallRules: [{842B4636-6CA6-4CB1-9D7F-C8359A13D22D}] => (Allow) LPort=5357
FirewallRules: [{3979CFFA-A015-4BB0-9412-389F5F136069}] => (Allow) C:\Program Files\HP\HP ENVY 5000 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.)
FirewallRules: [{214AD3A1-A07E-48F5-815A-4D2AE8DFDBB3}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{FAA7AA68-1F32-47AC-BC3D-DBF3D1D6B4E1}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{EBA22020-FCB9-4FBF-B1E4-0B15E7D3E99B}] => (Allow) C:\Users\stefa\AppData\Roaming\Zoom\bin\Zoom.exe => Keine Datei
FirewallRules: [{CF5CED60-5D62-4561-AE63-3C9EF690F64E}] => (Allow) C:\Users\stefa\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{F5187428-4F3E-45C9-B2FF-7E008992F4C1}] => (Allow) C:\Users\stefa\AppData\Roaming\Zoom\bin\airhost.exe => Keine Datei
FirewallRules: [{A545238F-BE1B-4C10-ABD2-5AA2092E6DA8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7AE4A8B8-E4EA-4501-98B6-734012CC1705}] => (Allow) C:\Program Files\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A89FC5AE-6087-46C5-B70F-912A1CE8F0D3}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8919A92A-D9EF-49B0-B22B-9D116C0153F5}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B95200A7-7536-446F-B29B-1CE401A96584}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
11-07-2023 22:38:18 Windows Modules Installer
20-07-2023 20:05:01 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager ============
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (08/01/2023 05:39:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ACCStd.exe, Version: 2.1.8019.0, Zeitstempel: 0x59254680
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007ffd386666ae
ID des fehlerhaften Prozesses: 0x3df0
Startzeit der fehlerhaften Anwendung: 0x01d9c48a494b6054
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 111b4efd-fe46-4fad-aa23-5541dfdb30e6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/01/2023 05:35:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ACCStd.exe, Version: 2.1.8019.0, Zeitstempel: 0x59254680
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007ffd386666ae
ID des fehlerhaften Prozesses: 0x3df0
Startzeit der fehlerhaften Anwendung: 0x01d9c48a494b6054
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 127ed47a-da69-4424-b476-1f99f320d6a7
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/01/2023 05:34:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ACCStd.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.NullReferenceException
bei MonitorControlLib.IMonitorObjectData.IsDefaultRegKeyComplete()
bei MonitorControlLib.MonitorSelector.NormalLaunch()
bei MonitorControlLib.MonitorManager.LaunchManager()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (08/01/2023 05:14:38 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (08/01/2023 05:14:38 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029
Error: (08/01/2023 05:14:36 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (07/26/2023 03:42:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15625
Error: (07/26/2023 03:42:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15625
Systemfehler:
=============
Error: (08/01/2023 05:45:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NMPJ99VJBWV-Microsoft.YourPhone
Error: (08/01/2023 05:43:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9WZDNCRFJBH4-Microsoft.Windows.Photos
Error: (08/01/2023 05:11:55 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CUVSB2ND)
Description: Der Server "Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe!Windows.Networking.BackgroundTransfer.Internal.BackgroundTransferTask.ClassId.1" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/23/2023 09:03:44 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CUVSB2ND)
Description: Der Server "{47FF1E52-09F3-40BA-8067-E8BEA39E118C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/23/2023 09:03:43 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CUVSB2ND)
Description: Der Server "{C378E4CD-FF3C-4BF1-8AC9-AF5C26343330}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/23/2023 02:46:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d02 fehlgeschlagen: 9NMPJ99VJBWV-Microsoft.YourPhone
Error: (07/20/2023 04:44:33 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (07/20/2023 12:00:20 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CUVSB2ND)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===============
Date: 2023-08-01 17:28:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.23.6.5\symamsi.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
BIOS: Insyde Corp. V1.18 10/21/2016
Hauptplatine: Acer Hulk_SK
Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 8060.22 MB
Verfügbarer physikalischer RAM: 3084.47 MB
Summe virtueller Speicher: 10342.65 MB
Verfügbarer virtueller Speicher: 3234.88 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:859.8 GB) (Model: ST1000LM024 HN-M101MBB) NTFS
\\?\Volume{74738df3-fa1b-4684-abb7-ef4ee4fec311}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.49 GB) NTFS
\\?\Volume{b36a25a0-cea6-4221-a30f-3c7ed816892a}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 58C85318)
Partition: GPT.
==================== Ende von Addition.txt =======================
Geändert von cosinus (01.08.2023 um 21:55 Uhr) Grund: code tags |
| Themen zu Windows 10 System muss überprüft werden, weil mein Twitter-Account gehackt wurde. |
| bonjour, cpu, defender, desktop, error, firefox, ftp, home, homepage, installation, internet, internet explorer, monitor, mozilla, prozesse, realtek, registry, scan, security, services.exe, svchost.exe, symantec, system, windows, wma |
Baum-Darstellung