|
Log-Analyse und Auswertung: Kein Windows update nach HackerangriffWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.11.2023, 06:03 | #1 |
| Kein Windows update nach Hackerangriff Hallo zusammen, vor 3 Wochen hat es mich erwischt, habe mir ein tool runtergeladen für ein Spiel, in der selben Nacht ging es dann los. Steam acc, gehackt, Paypal, email adressen usw. Habe danach sämtliche Passwörter von der Arbeit geändert und vieles Geld zurückgebucht. Ich instalierte mir am nächsten Abend Avira und Malware bytes. Danach schien ruhe zu sein vor ein paar Tagen bekam ich dann eine böse erpressermail er ist immer noch in meinen Systemen und hat mir einen Screenshot und meine Passwörter geschickt mit meiner Device ID, das ganze ist allerdings der Stand am Tag des Hacks. Seitdem kann ich keine Windoes Updates mehr durchführen und mir scheint der PC immer ncoch etwas langsam. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02 durchgeführt von Sir (Administrator) auf MABPAVILLON (HP HP Pavilion Gaming Laptop 17-cd1xxx) (21-11-2023 05:12:26) Gestartet von C:\Users\sirto\Downloads\FRST64.exe Geladene Profile: Sir Plattform: Microsoft Windows 11 Pro Version 23H2 22635.2483 (X64) Sprache: Deutsch (Deutschland) Standard-Browser: FF Start-Modus: Normal ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe (DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\BridgeCommunication.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe (HP Inc. -> ) C:\Program Files\HP\Overlay\OMENOverlay.exe (Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe (services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe (services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_43e3600968234e87\x64\TouchpointAnalyticsClientService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\AppHelperCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\DiagsCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\NetworkCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\SysInfoCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_e00420cc358cbd11\x64\OmenCap\OmenCap.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_e3868713e3d137ef\esif_uf.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d60a3faa7932ec00\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d60a3faa7932ec00\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe (services.exe ->) (Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe (services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe (svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe (svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe (svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe (svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe (svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.2419_none_e94552be42e14cae\TiWorker.exe ==================== Registry (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe [1201448 2020-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [471432 2020-05-15] (Express Vpn LLC -> ExpressVPN) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [292104 2023-09-25] (Intel Corporation -> Intel) HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY (Keine Datei) HKLM\Software\Policies\...\system: [EnableActivityFeed] 0 HKLM\Software\Policies\...\system: [PublishUserActivities] 0 HKLM\Software\Policies\...\system: [UploadUserActivities] 0 HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0 HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0 HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [536624 2023-05-12] (HP Inc. -> HP Inc.) HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2189592 2023-11-16] (Wargaming Group Limited -> Wargaming.net) HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [GameCenter] => C:\Users\sirto\AppData\Local\GameCenter\GameCenter.exe [10611912 2022-10-29] (VK Play LLC -> VK Play LLC) HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [HP OfficeJet Pro 8710 (NET)] => C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\ScanToPCActivationApp.exe [3770504 2018-04-06] (Hewlett Packard -> HP Inc.) HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [QMxNetworkSync] => C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe (Keine Datei) HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-11-16] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [MicrosoftEdgeAutoLaunch_B96F7B7310ED7E0A1C0CE5220A7ADB8E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3818024 2023-11-13] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2594208 2023-11-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Run: [CrosshairX] => C:\Program Files (x86)\Steam\steamapps\common\CrosshairX\CrosshairX.exe [154311680 2023-11-10] (GitHub, Inc.) [Datei ist nicht signiert] HKU\S-1-5-21-1727595607-4285960842-485942036-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [180224 2022-05-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\Users\sirto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ElsterAuthenticator 53.0.0.lnk [2022-04-24] ShortcutTarget: ElsterAuthenticator 53.0.0.lnk -> C:\Users\sirto\AppData\Local\ElsterAuthenticator\ElsterAuthenticator.exe (Bayerisches Landesamt fuer Steuern -> ) GroupPolicy: Beschränkung ? <==== ACHTUNG GroupPolicy-Firefox: Beschränkung <==== ACHTUNG Policies: C:\ProgramData\NTUSER.pol: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {B1969100-93A9-4931-AFDA-F2C8A6292DCC} - System32\Tasks\AppData => %ProgramFiles%\WindowsAps\MicrosoftXboxGamingOverlay\uTorrent.exe (Keine Datei) Task: {0B3062D9-1CAB-45B2-9239-078F2A5B6AB9} - System32\Tasks\Avira_FallbackUpdater => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start AviraFallbackUpdater Delayed=false Task: {2282C909-E132-49DA-A12A-AFB758FAC2C0} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO Task: {EAA92282-85DB-45E9-A501-5F085C9D4B72} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError Task: {BAF9FAC2-7CD1-49EE-95BA-CD73D771ECAB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest Task: {7F23D4A7-A0ED-441E-9D1B-56343F70C227} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF Task: {45BACE03-7FF7-4861-80B2-304D43A006EB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1 Task: {6E86832E-85E9-4723-A6EE-D65CB2DDA196} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2 Task: {59E621E2-71BF-4011-9D16-0660ABC5929C} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI Task: {03DC5711-4DF8-4146-8F15-97917A091B42} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags: Task: {26C2DA1B-8344-49F6-A6B5-48916A7B304F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError Task: {17508398-2EA7-4B54-BB67-B397AB100EB7} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => C:\windows\system32\cmd.exe [323584 2023-10-17] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckTest Task: {E9819769-1DFA-40D1-91CB-FA3F4054B638} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [702512 2023-06-30] (HP Inc. -> HP Inc.) Task: {BAA023B4-B788-4C2D-A141-64DD5A9B2EAC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-06-30] (HP Inc. -> HP Inc.) Task: {780D4F1A-E620-4399-90AC-2219C17B8979} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [230960 2023-06-30] (HP Inc. -> HP Inc.) Task: {2847D50C-3761-4624-A8DB-A8DA4C877102} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-06-30] (HP Inc. -> HP Inc.) Task: {F64767D1-7B64-43AA-B961-FA5793A2CB17} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN7CJBT52N => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-06-30] (HP Inc. -> HP Inc.) Task: {E15B7A7E-72A0-4F0E-A850-8A94639C0763} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-06-30] (HP Inc. -> HP Inc.) Task: {D9EDF8CA-C5B2-4F14-A35A-0E823A43EBB7} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice Task: {646C3513-0394-40E5-9246-1B7A922EF198} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.) Task: {535AADF1-BF9E-4359-BA5A-D4F783A93739} - System32\Tasks\Intel\Intel Telemetry 3 => C:\Program Files\Intel\Telemetry 3.0\lrio.exe [5900448 2023-09-20] (Intel Corporation -> Intel Corporation) Task: {786462A1-95BA-4EDC-A7F3-56B61CD2B252} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4850904 2023-05-24] (Intel Corporation -> Intel Corporation) Task: {912F5763-D23F-4CFF-8D3D-DBABAB3D8AF2} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [4850904 2023-05-24] (Intel Corporation -> Intel Corporation) Task: {E5AC7ACE-FF88-46FD-ACA8-450BA64E57BA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Keine Datei) Task: {C11712AF-BFBB-479E-946B-3EF7964BF082} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation) Task: {7D84DED2-9D56-4C84-8B68-A374CAAEB04B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation) Task: {7198072B-BDD5-415C-AE53-14AD9A04564B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-19] (Microsoft Corporation -> Microsoft Corporation) Task: {4FF8AB66-58C9-46F0-9F4C-5F90A1CC4580} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305304 2023-11-19] (Microsoft Corporation -> Microsoft Corporation) Task: {8D864768-A5BF-451A-952C-B2D5B3C4D8E9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Keine Datei) Task: {A3063061-2323-4516-85A4-7A25E62958CB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Keine Datei) Task: {2BF6550A-CA5A-4C27-99F8-E0CCB3927603} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Keine Datei) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Keine Datei) Task: {779F024A-2D46-4717-85AC-2292912B7F33} - System32\Tasks\Microsoft\Windows\WaaSMedic\DeferredWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {E427F81A-0459-476D-8748-D62C3B87FB29} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {ABFB96F6-1DC9-47F3-811C-2057067959BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1DA63C69-AD6B-43EF-9B95-756A08DD5F8A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6FB80831-3D6D-4968-9ABC-20BC6E7ED6EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {89A60ACA-F4B1-44EC-8DC1-D4869EFBE2A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7EA26A5C-41DD-420C-9C5C-773E45751E1C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676256 2023-11-08] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {A4B26CB0-BE31-485B-BF32-1790E5996C14} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [723872 2023-11-08] (Mozilla Corporation -> Mozilla Foundation) Task: {9D606831-279F-4811-BE37-43E1DB40C746} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {D1E1BC5D-A14F-49D2-B29B-80E370871542} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {4081222D-D5CF-4BC8-976B-BEFA79538874} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {96D3F396-DF86-4B8B-82A2-1F0F6D502581} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F42FDE15-DEAF-44BE-B42D-B4FE3F505C83} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8A981BFC-6131-4A64-958D-B2E56185D363} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AF20FDC3-5C47-4846-861E-0A878A17D95C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1C5A79B2-1BCE-4F32-9986-CB7A32DDCFA9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F75B012C-D1E2-4F25-BF17-29CC780545EC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F5F836E6-B74A-43CC-AD38-A10C8B6F46BF} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [60912 2023-10-15] (HP Inc. -> HP Inc.) Task: {B2DBF682-86A4-4836-86EF-4875A947C444} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [62960 2023-10-15] (HP Inc. -> HP Inc.) Task: {E2658CA3-6958-4434-B981-C5AC503091A8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-11-21] (Microsoft Corporation -> Microsoft Corporation) Task: {8CA41019-9BE7-41D8-9B37-7AD59C3D9C1A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1727595607-4285960842-485942036-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-11-21] (Microsoft Corporation -> Microsoft Corporation) Task: {663E4E53-8C44-4FB5-9225-7780FC8B778D} - System32\Tasks\Opera scheduled Autoupdate 1697992780 => C:\Users\sirto\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei) Task: {30ED8814-8CB3-4417-8509-07CCE76A502F} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [149488 2023-10-15] (HP Inc. -> HP Inc.) Task: {022CF30D-1810-4434-BB94-2E50DD7CDB36} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [200704 2023-03-17] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{3a0f8296-2382-4099-b86d-c2e6111b2769}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{70cf674e-511e-4d99-991c-baa23801891a}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{a1e43b3b-116d-4d41-838f-41fb41b44707}: [DhcpNameServer] 192.168.178.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\sirto\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-21] Edge HomePage: Default -> about:blank Edge Extension: (Avira Safe Shopping) - C:\Users\sirto\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-10-20] Edge Extension: (Avira Password Manager) - C:\Users\sirto\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-11-15] Edge Extension: (Google Docs Offline) - C:\Users\sirto\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-20] Edge Extension: (Edge relevant text changes) - C:\Users\sirto\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-18] Edge Profile: C:\Users\sirto\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2023-06-18] Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip] Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle] FireFox: ======== FF DefaultProfile: j96tyhyi.default FF ProfilePath: C:\Users\sirto\AppData\Roaming\Mozilla\Firefox\Profiles\j96tyhyi.default [2023-10-22] FF ProfilePath: C:\Users\sirto\AppData\Roaming\Mozilla\Firefox\Profiles\ort7sulc.default-release [2023-11-21] FF Notifications: Mozilla\Firefox\Profiles\ort7sulc.default-release -> hxxps://www.vergleich.org FF Extension: (uBlock Origin) - C:\Users\sirto\AppData\Roaming\Mozilla\Firefox\Profiles\ort7sulc.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-11-03] FF Extension: (Mobile View Switcher) - C:\Users\sirto\AppData\Roaming\Mozilla\Firefox\Profiles\ort7sulc.default-release\Extensions\{fa247c57-77ac-41cd-b942-332051e15ced}.xpi [2022-07-30] FF ProfilePath: C:\Users\sirto\AppData\Roaming\kompozer.net\KompoZer\Profiles\8mxjgbw4.default [2022-07-03] FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-23] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-23] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Profile 1 CHR Profile: C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-06-18] CHR Profile: C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-11-15] CHR Notifications: Profile 1 -> hxxps://bestellen.dominos.de; hxxps://business.facebook.com; hxxps://flyeralarm-sports.pushengage.com; hxxps://postimg.cc; hxxps://reverscaptcha.com; hxxps://spark.adobe.com; hxxps://web.skype.com; hxxps://web.whatsapp.com; hxxps://www.autoscout24.de; hxxps://www.donaukurier.de; hxxps://www.facebook.com; hxxps://www.gesundheit.de; hxxps://www.giga.de; hxxps://www.instagram.com; hxxps://www.kino.de; hxxps://www.netflix.com; hxxps://www.rtl.de; hxxps://www.schulferien.org; hxxps://www.tui.com; hxxps://www.youtube.com CHR HomePage: Profile 1 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1 CHR StartupUrls: Profile 1 -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1" CHR DefaultSearchURL: Profile 1 -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1 CHR DefaultSearchKeyword: Profile 1 -> poshukach engin search CHR DefaultSuggestURL: Profile 1 -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms} CHR Extension: (Avira Password Manager) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-11-04] CHR Extension: (Avira Safe Shopping) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-11-13] CHR Extension: (Avira Browserschutz) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-10-18] CHR Extension: (Google Docs Offline) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-06] CHR Profile: C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 5 [2023-11-10] CHR Notifications: Profile 5 -> hxxps://myrust.de; hxxps://www.lieferando.de; hxxps://www.netflix.com; hxxps://www.youtube.com CHR HomePage: Profile 5 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1 CHR StartupUrls: Profile 5 -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1" CHR DefaultSearchURL: Profile 5 -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1 CHR DefaultSearchKeyword: Profile 5 -> poshukach engin search CHR DefaultSuggestURL: Profile 5 -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms} CHR Extension: (Avira Password Manager) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-11-04] CHR Extension: (Avira Safe Shopping) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-11-04] CHR Extension: (Avira Browserschutz) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-10-24] CHR Extension: (Google Docs Offline) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-26] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-30] CHR Profile: C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 6 [2023-10-25] CHR HomePage: Profile 6 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1 CHR StartupUrls: Profile 6 -> "hxxps://poshukach.com?fr=ps&gp=496723&altserp=1" CHR DefaultSearchURL: Profile 6 -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1 CHR DefaultSearchKeyword: Profile 6 -> poshukach engin search CHR DefaultSuggestURL: Profile 6 -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms} CHR Extension: (Avira Safe Shopping) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2023-10-24] CHR Extension: (Avira Browserschutz) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-10-24] CHR Extension: (Google Docs Offline) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-18] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\sirto\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-05] CHR Profile: C:\Users\sirto\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-18] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] Opera: ======= OPR DefaultProfile: Opera Stable OPR Profile: C:\Users\sirto\AppData\Roaming\Opera Software\Opera Stable [2023-10-23] OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding} OPR DefaultSearchKeyword: Opera Stable -> g OPR Extension: (Rich Hints Agent) - C:\Users\sirto\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-10-23] OPR Extension: (Opera Wallet) - C:\Users\sirto\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-10-23] OPR Extension: (Aria) - C:\Users\sirto\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-10-23] OPR Extension: (Cashback Assistant) - C:\Users\sirto\AppData\Roaming\Opera Software\Opera Stable\Extensions\ompjkhnkeoicimmaehlcmgmpghobbjoj [2023-10-23] ==================== Dienste (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AviraFallbackUpdater; C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe [6576104 2023-11-15] (Avira Operations GmbH -> Avira Operations GmbH) R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [266936 2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH) S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [297392 2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH) S3 BITS_bkp; C:\WINDOWS\System32\qmgr.dll [1388544 2023-10-17] (Microsoft Windows -> Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-11] (Microsoft Corporation -> Microsoft Corporation) S3 CloudBackupRestoreSvc; C:\WINDOWS\System32\CloudRestoreLauncher.dll [1261568 2023-10-17] (Microsoft Windows -> Microsoft Corporation) S3 dosvc; C:\WINDOWS\System32\svchost.exe [79920 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL) S3 dosvc; C:\WINDOWS\SysWOW64\svchost.exe [48096 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL) U2 dosvc_bkp; C:\WINDOWS\system32\dosvc.dll [90112 2023-10-17] (Microsoft Windows -> Microsoft Corporation) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [43784 2023-09-25] (Intel Corporation -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [240392 2023-09-25] (Intel Corporation -> Intel) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943016 2023-04-23] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438664 2020-05-15] (Express Vpn LLC -> ExpressVPN) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncHelper.exe [3513248 2023-11-21] (Microsoft Corporation -> Microsoft Corporation) S3 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.) R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\AppHelperCap.exe [888272 2023-08-29] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\DiagsCap.exe [886736 2023-08-29] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\NetworkCap.exe [883152 2023-08-29] (HP Inc. -> HP Inc.) R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_e00420cc358cbd11\x64\OmenCap\OmenCap.exe [755656 2023-03-16] (HP Inc. -> HP Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-07-14] (HP Inc. -> HP Inc.) S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP) R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f1a9bf9a59c52b11\x64\SysInfoCap.exe [886840 2023-08-29] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_43e3600968234e87\x64\TouchpointAnalyticsClientService.exe [497744 2023-08-02] (HP Inc. -> HP Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-06] (Malwarebytes Inc. -> Malwarebytes) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\NVDisplay.Container.exe [1275544 2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.231.1107.0002\OneDriveUpdaterService.exe [3850256 2023-11-21] (Microsoft Corporation -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-10-17] (Microsoft Windows Publisher -> Microsoft Corporation) R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group) S2 UsoSvc_bkp; C:\WINDOWS\system32\usosvc.dll [102400 2023-10-17] (Microsoft Windows -> Microsoft Corporation) S3 WaaSMedicSvc_bkp; C:\WINDOWS\System32\WaaSMedicSvc.dll [90112 2023-10-17] (Microsoft Windows -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation) S2 wuauserv_bkp; C:\WINDOWS\system32\wuaueng.dll [130520 2023-10-17] (Microsoft Windows -> Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AmPeStorU; C:\WINDOWS\system32\drivers\AmPeStorU.sys [242984 2021-06-24] (Alcorlink Corp. -> ) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin2\brynhildr.sys [2188544 2022-05-26] (Activision Publishing Inc -> Activision Blizzard, Inc.) S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [28440 2020-05-15] (ExprsVPN LLC -> ExpressVPN) R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.) R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.) R2 HpReadHWData; C:\WINDOWS\system32\drivers\HpReadHWData.sys [52176 2023-08-19] (HP Inc. -> Windows (R) Win 7 DDK provider) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222800 2023-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-10-24] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [595896 2020-06-07] (McAfee, Inc. -> McAfee LLC.) S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107960 2020-06-07] (McAfee, Inc. -> McAfee LLC.) R3 MpKslb78925b2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{798EB2F8-FE20-4DFC-AF2E-84AA9C40DCF9}\MpKslDrv.sys [263560 2023-11-21] (Microsoft Windows -> Microsoft Corporation) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek) R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [67496 2023-03-23] (Realtek Semiconductor Corp. -> Realtek) R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [44304 2020-05-15] (ExprsVPN LLC -> The OpenVPN Project) S4 UCPD; C:\WINDOWS\System32\drivers\UCPD.sys [29184 2023-08-19] (Microsoft Windows -> Microsoft Corporation) R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-08] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-08] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP) U1 aswbdisk; kein ImagePath S3 etdsupp_16.0; \??\C:\Users\sirto\AppData\Local\Temp\etdsupp_16.0.sys [X] <==== ACHTUNG S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-11-21 05:12 - 2023-11-21 05:13 - 000046479 _____ C:\Users\sirto\Downloads\FRST.txt 2023-11-21 05:12 - 2023-11-21 05:12 - 000000000 ____D C:\FRST 2023-11-21 05:03 - 2023-11-21 05:03 - 002383872 _____ (Farbar) C:\Users\sirto\Downloads\FRST64.exe 2023-11-19 14:31 - 2023-11-19 14:31 - 000803640 _____ C:\WINDOWS\system32\perfh007.dat 2023-11-19 14:31 - 2023-11-19 14:31 - 000175500 _____ C:\WINDOWS\system32\perfc007.dat 2023-11-17 16:27 - 2023-11-17 16:27 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant 2023-11-17 16:23 - 2023-11-17 16:23 - 000000017 _____ C:\Users\sirto\AppData\Local\resmon.resmoncfg 2023-11-15 23:04 - 2023-11-16 00:33 - 000000000 ____D C:\Users\sirto\AppData\Local\Sysinternals 2023-11-15 22:33 - 2023-11-15 22:33 - 000000000 ____D C:\Users\sirto\Downloads\TCP418View 2023-11-15 22:32 - 2023-11-15 22:33 - 000000000 ____D C:\ProgramData\SystemExplorer 2023-11-15 22:32 - 2023-11-15 22:32 - 000001162 _____ C:\Users\Public\Desktop\System Explorer.lnk 2023-11-15 22:32 - 2023-11-15 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer 2023-11-15 22:32 - 2023-11-15 22:32 - 000000000 ____D C:\Program Files (x86)\System Explorer 2023-11-15 18:12 - 2023-11-15 18:12 - 000003706 _____ C:\WINDOWS\system32\Tasks\Avira_FallbackUpdater 2023-11-15 17:51 - 2023-11-15 17:51 - 000000000 ___HD C:\$SysReset 2023-11-15 17:27 - 2023-11-15 17:27 - 000000000 ___HD C:\$Windows.~WS 2023-11-15 17:27 - 2023-11-15 17:27 - 000000000 ____D C:\$WINDOWS.~BT 2023-11-11 19:06 - 2023-11-11 19:06 - 000000000 ___HD C:\OneDriveTemp 2023-11-09 23:03 - 2023-11-09 23:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira 2023-11-09 22:35 - 2023-11-09 22:35 - 000000000 ____D C:\Users\sirto\Doctor Web 2023-11-09 11:25 - 2023-11-09 22:58 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2023-11-09 11:24 - 2023-11-09 11:24 - 000000000 ____D C:\WINDOWS\pss 2023-11-05 20:13 - 2023-11-05 20:13 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS 2023-11-05 15:45 - 2023-11-05 15:45 - 000000000 ____D C:\ProgramData\Intel Telemetry 2023-11-05 07:11 - 2023-11-05 07:11 - 000003670 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2023-11-05 07:11 - 2023-09-25 17:59 - 000047240 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys 2023-11-04 19:17 - 2023-11-04 19:17 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk 2023-11-04 19:17 - 2023-11-04 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2023-11-04 03:08 - 2023-11-04 03:08 - 000000000 ____D C:\Users\sirto\AppData\LocalLow\NVIDIA 2023-11-04 03:07 - 2023-11-04 03:07 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2023-11-04 03:04 - 2023-10-30 11:37 - 001424080 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2023-11-04 03:04 - 2023-10-30 11:37 - 001424080 _____ C:\WINDOWS\system32\vulkan-1.dll 2023-11-04 03:04 - 2023-10-30 11:37 - 001246408 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2023-11-04 03:04 - 2023-10-30 11:37 - 001246408 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2023-11-04 03:04 - 2023-10-30 11:37 - 000850640 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2023-11-04 03:04 - 2023-10-30 11:37 - 000850640 _____ C:\WINDOWS\system32\vulkaninfo.exe 2023-11-04 03:04 - 2023-10-30 11:37 - 000731344 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2023-11-04 03:04 - 2023-10-30 11:37 - 000731344 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2023-11-04 03:04 - 2023-10-30 11:36 - 001487920 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2023-11-04 03:04 - 2023-10-30 11:36 - 001226776 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2023-11-04 03:04 - 2023-10-30 11:33 - 000670248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2023-11-04 03:04 - 2023-10-30 11:33 - 000504856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2023-11-04 03:04 - 2023-10-30 11:32 - 058720920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2023-11-04 03:04 - 2023-10-30 11:32 - 001540744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2023-11-04 03:04 - 2023-10-30 11:32 - 001198744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2023-11-04 03:04 - 2023-10-30 11:32 - 000958088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2023-11-04 03:04 - 2023-10-30 11:31 - 002171016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2023-11-04 03:04 - 2023-10-30 11:31 - 001624616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2023-11-04 03:04 - 2023-10-30 11:31 - 000997416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2023-11-04 03:04 - 2023-10-30 11:31 - 000810536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2023-11-04 03:04 - 2023-10-30 11:31 - 000773656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2023-11-04 03:04 - 2023-10-30 11:30 - 015095424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2023-11-04 03:04 - 2023-10-30 11:30 - 012375600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2023-11-04 03:04 - 2023-10-30 11:30 - 006462088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2023-11-04 03:04 - 2023-10-30 11:30 - 005862424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2023-11-04 03:04 - 2023-10-30 11:30 - 005860480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2023-11-04 03:04 - 2023-10-30 11:30 - 003620400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2023-11-04 03:04 - 2023-10-30 11:30 - 000459824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2023-11-04 03:04 - 2023-10-30 11:29 - 000853128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2023-11-04 03:04 - 2023-10-30 11:28 - 006745768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2023-11-04 03:04 - 2023-10-27 02:29 - 000113883 _____ C:\WINDOWS\system32\nvinfo.pb 2023-11-03 19:54 - 2023-11-03 19:54 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2023-11-02 02:35 - 2023-11-02 02:35 - 000000000 ____D C:\AdwCleaner 2023-11-02 02:23 - 2023-11-02 02:23 - 000000000 ____D C:\Users\sirto\AppData\Local\OO Software 2023-11-02 02:21 - 2023-11-15 18:07 - 000000000 ____D C:\Program Files\QuickCPU 2023-11-02 02:21 - 2023-11-02 17:35 - 000000000 ____D C:\Users\sirto\AppData\Local\Coderbag 2023-11-02 02:21 - 2023-11-02 02:21 - 000000957 _____ C:\Users\Public\Desktop\QuickCPU.lnk 2023-11-02 02:21 - 2023-11-02 02:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickCPU64 2023-10-26 22:37 - 2023-10-26 22:37 - 000027376 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_141294693833722.dll 2023-10-26 14:44 - 2023-11-08 00:20 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-10-24 23:25 - 2023-11-21 05:10 - 000000000 ____D C:\Users\sirto\AppData\Local\Malwarebytes 2023-10-24 23:25 - 2023-10-24 23:25 - 000002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-10-24 23:25 - 2023-10-24 23:25 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2023-10-24 23:25 - 2023-10-24 23:25 - 000000000 ____D C:\Users\sirto\AppData\Local\mbam 2023-10-24 23:24 - 2023-10-24 23:24 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-10-24 23:24 - 2023-10-24 23:24 - 000000000 ____D C:\Program Files\Malwarebytes 2023-10-24 01:49 - 2023-10-24 01:49 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Microsoft\CLR Security Config 2023-10-23 23:20 - 2023-10-23 23:20 - 000027376 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_1288069833075.dll 2023-10-23 11:14 - 2023-10-23 11:14 - 000001168 _____ C:\Users\sirto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon.lnk 2023-10-23 01:10 - 2023-10-23 01:10 - 000000000 ____D C:\tmp1 2023-10-23 01:06 - 2022-12-23 00:53 - 001185656 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys 2023-10-22 17:39 - 2023-11-02 16:43 - 000003600 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1697992780 2023-10-22 17:39 - 2023-10-22 17:39 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Opera Software 2023-10-22 17:39 - 2023-10-22 17:39 - 000000000 ____D C:\Users\sirto\AppData\Local\Opera Software 2023-10-22 17:37 - 2023-10-22 17:40 - 000000000 ____D C:\Users\sirto\AppData\Roaming\stubinstaller 2023-10-22 17:36 - 2023-10-22 17:36 - 000367096 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys ==================== Ein Monat (geänderte) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2023-11-21 05:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-11-21 05:10 - 2023-08-27 01:50 - 000000000 ____D C:\Users\sirto\AppData\Roaming\CrosshairX 2023-11-21 05:10 - 2023-04-23 17:46 - 000000000 ____D C:\Program Files (x86)\Steam 2023-11-21 05:10 - 2022-10-09 03:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-11-21 05:10 - 2020-08-16 15:58 - 000000000 ____D C:\ProgramData\NVIDIA 2023-11-21 05:09 - 2022-10-09 03:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-11-21 05:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState 2023-11-21 05:09 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-11-21 05:09 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-11-21 05:09 - 2022-02-08 16:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-11-21 05:09 - 2022-01-25 17:24 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-11-21 05:09 - 2020-12-12 23:23 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt 2023-11-21 05:09 - 2020-08-16 15:49 - 000000000 ____D C:\Intel 2023-11-21 05:09 - 2020-05-06 09:58 - 000012288 ___SH C:\DumpStack.log.tmp 2023-11-21 05:08 - 2020-12-03 16:44 - 000000000 ____D C:\Users\sirto\AppData\Roaming\vlc 2023-11-21 05:00 - 2022-10-09 03:57 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1727595607-4285960842-485942036-1001 2023-11-21 05:00 - 2022-10-09 03:57 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-11-21 05:00 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps 2023-11-21 05:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-11-21 05:00 - 2022-01-23 16:50 - 000002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-11-21 01:01 - 2022-10-09 03:57 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5A9BA50D-6393-4B83-BFD7-93A06E53A4FC} 2023-11-21 00:54 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF 2023-11-20 09:22 - 2023-06-18 13:44 - 000000000 ____D C:\Users\sirto\AppData\Local\OGH 2023-11-20 05:42 - 2020-12-03 15:19 - 000000000 ____D C:\Users\sirto\AppData\Local\D3DSCache 2023-11-20 03:54 - 2020-12-07 02:15 - 000000000 ____D C:\Users\sirto\AppData\Local\CrashDumps 2023-11-19 20:13 - 2022-07-20 15:45 - 000000000 ____D C:\Users\sirto\OneDrive\Dokumente\Outlook-Dateien 2023-11-19 20:13 - 2020-12-07 00:37 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Microsoft\Word 2023-11-19 17:54 - 2021-12-14 17:16 - 000000000 ____D C:\Users\sirto\AppData\Roaming\discord 2023-11-19 17:54 - 2021-01-20 22:32 - 000000000 ____D C:\Program Files\Microsoft Office 2023-11-19 17:46 - 2022-09-03 17:23 - 000000000 ____D C:\Users\sirto\AppData\Local\Discord 2023-11-19 14:31 - 2022-10-09 03:56 - 001919168 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-11-18 00:39 - 2021-09-21 17:36 - 000000000 ____D C:\Users\sirto\AppData\Local\Steam 2023-11-17 16:25 - 2022-10-09 03:52 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Microsoft\Windows 2023-11-16 05:07 - 2022-10-09 03:52 - 000000000 ____D C:\Users\sirto 2023-11-16 02:29 - 2022-10-30 04:45 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK 2023-11-15 22:18 - 2020-12-05 00:49 - 000000000 ____D C:\Program Files (x86)\Google 2023-11-15 18:12 - 2023-10-18 20:59 - 000000000 ____D C:\Program Files (x86)\Avira 2023-11-15 18:10 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-11-15 18:08 - 2023-10-18 21:01 - 011537360 _____ C:\WINDOWS\system32\rtp.db 2023-11-15 18:08 - 2023-10-18 20:59 - 000000000 ____D C:\ProgramData\Avira 2023-11-15 18:08 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-11-15 18:08 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2023-11-15 17:59 - 2020-12-03 15:09 - 000000000 ____D C:\Users\sirto\AppData\Local\Packages 2023-11-15 17:59 - 2020-08-16 15:52 - 000000000 ____D C:\ProgramData\Packages 2023-11-15 17:44 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-11-15 17:31 - 2023-07-06 11:18 - 000000000 ____D C:\WINDOWS\Panther 2023-11-15 17:31 - 2020-12-19 23:44 - 000000000 ____D C:\ESD 2023-11-15 16:52 - 2020-12-03 18:07 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Microsoft\MMC 2023-11-15 14:14 - 2020-12-03 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2023-11-15 14:14 - 2020-12-03 23:34 - 000000000 ____D C:\Program Files\Common Files\MAGIX Services 2023-11-15 14:11 - 2020-12-07 00:37 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Microsoft\Office 2023-11-14 22:35 - 2021-10-24 16:19 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-11-14 02:15 - 2021-01-20 22:23 - 000001046 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2023-11-14 02:15 - 2021-01-20 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2023-11-12 18:43 - 2020-12-26 16:22 - 000000000 ____D C:\Users\sirto\AppData\Local\ElevatedDiagnostics 2023-11-11 20:51 - 2023-06-18 13:44 - 000003748 _____ C:\WINDOWS\system32\Tasks\SystemOptimizer 2023-11-09 23:00 - 2020-06-13 00:54 - 000000000 ____D C:\Program Files\HP 2023-11-09 22:37 - 2020-08-16 15:58 - 000000000 ____D C:\ProgramData\Package Cache 2023-11-09 11:30 - 2020-12-03 16:50 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-11-09 05:16 - 2020-12-03 15:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-11-08 22:17 - 2020-05-06 09:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-11-08 02:30 - 2023-10-18 21:00 - 000001085 _____ C:\Users\Public\Desktop\Avira.lnk 2023-11-08 02:30 - 2023-10-18 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2023-11-08 00:20 - 2020-12-03 15:17 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-11-05 15:45 - 2020-08-16 16:02 - 000000000 ____D C:\ProgramData\Intel 2023-11-05 07:11 - 2022-10-09 03:57 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2023-11-05 07:11 - 2022-10-09 03:57 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2023-11-04 19:17 - 2022-10-09 03:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel 2023-11-04 19:17 - 2020-12-08 01:48 - 000000000 ____D C:\Program Files\Intel 2023-11-04 19:08 - 2021-12-14 15:35 - 000000000 ____D C:\ProgramData\Avast Software 2023-11-04 03:08 - 2020-12-03 16:56 - 000000000 ____D C:\Users\sirto\AppData\Local\NVIDIA 2023-11-04 02:37 - 2023-10-18 21:03 - 000000000 ____D C:\Users\Public\Security Sessions 2023-11-02 16:43 - 2023-09-15 00:32 - 000002700 _____ C:\WINDOWS\system32\Tasks\OmenOverlay 2023-11-02 16:43 - 2023-09-05 13:44 - 000002760 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitor 2023-11-02 16:43 - 2022-10-09 03:57 - 000003682 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-11-02 16:43 - 2022-10-09 03:57 - 000003458 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-11-02 16:43 - 2022-10-09 03:57 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-11-02 16:43 - 2022-10-09 03:57 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-11-02 16:43 - 2022-10-09 03:57 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2023-11-02 16:43 - 2022-10-09 03:57 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-11-02 16:43 - 2022-10-09 03:57 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-11-02 16:43 - 2022-10-09 03:57 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-11-02 16:43 - 2022-10-09 03:57 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-11-02 16:43 - 2022-10-09 03:57 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-11-02 16:43 - 2022-10-09 03:57 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-11-02 16:43 - 2022-10-09 03:57 - 000002766 _____ C:\WINDOWS\system32\Tasks\HPAudioSwitch 2023-11-02 16:43 - 2022-10-09 03:57 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2023-11-02 13:57 - 2020-08-16 15:51 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2023-11-02 02:38 - 2021-01-12 16:28 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard 2023-11-02 02:38 - 2020-12-03 15:29 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Hewlett-Packard 2023-11-02 02:38 - 2020-05-27 00:34 - 000000000 ___HD C:\hp 2023-11-01 16:18 - 2022-05-22 00:48 - 000000000 ____D C:\SWSetup 2023-11-01 16:03 - 2020-12-03 17:09 - 000000000 ____D C:\Users\sirto\AppData\Local\HP_Inc 2023-10-31 15:54 - 2020-12-03 15:14 - 000000000 ____D C:\Users\sirto\AppData\Local\PlaceholderTileLogoFolder 2023-10-30 11:28 - 2022-07-04 10:01 - 007866464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2023-10-25 22:36 - 2023-09-24 12:15 - 000000000 ____D C:\Users\sirto\AppData\Roaming\Samsung Magician 2023-10-25 22:36 - 2022-02-09 14:24 - 000000000 ____D C:\ProgramData\Battle.net ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======== 2020-12-04 01:02 - 2021-10-23 23:13 - 000276480 _____ () C:\Users\sirto\AppData\Roaming\cookies.sqlite 2021-03-27 18:12 - 2022-09-20 20:59 - 000017408 _____ () C:\Users\sirto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2023-11-17 16:23 - 2023-11-17 16:23 - 000000017 _____ () C:\Users\sirto\AppData\Local\resmon.resmoncfg 2022-12-02 16:47 - 2022-12-02 16:47 - 000000019 _____ () C:\Users\sirto\AppData\Local\tkeyf.txt 2020-12-04 17:50 - 2022-09-29 21:35 - 000000019 _____ () C:\Users\sirto\AppData\Local\tkeys.txt 2022-10-16 21:30 - 2023-03-12 19:57 - 000000019 _____ () C:\Users\sirto\AppData\Local\tkeysss.txt 2022-12-03 19:07 - 2023-01-12 21:21 - 000000019 _____ () C:\Users\sirto\AppData\Local\tky.txt ==================== SigCheck ============================ (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) ==================== Ende von FRST.txt ======================== |
21.11.2023, 06:04 | #2 |
| Kein Windows update nach Hackerangriff unnötiges doppeltes Log entfernt
__________________//cosinus Geändert von cosinus (21.11.2023 um 15:10 Uhr) |
21.11.2023, 06:08 | #3 |
| AdditionCode:
ATTFilter Durchgeführt von Sir (21-11-2023 05:13:57) Gestartet von C:\Users\sirto\Downloads Microsoft Windows 11 Pro Version 23H2 22635.2483 (X64) (2022-10-09 14:43:53) Start-Modus: Normal ========================================================== ==================== Konten: ============================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) Administrator (S-1-5-21-1727595607-4285960842-485942036-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1727595607-4285960842-485942036-503 - Limited - Disabled) Gast (S-1-5-21-1727595607-4285960842-485942036-501 - Limited - Disabled) Sir (S-1-5-21-1727595607-4285960842-485942036-1001 - Administrator - Enabled) => C:\Users\sirto WDAGUtilityAccount (S-1-5-21-1727595607-4285960842-485942036-504 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Total AV (Disabled - Up to date) {B185458D-38B3-A010-10F7-3D378DAA6032} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Ashampoo Photo Commander 15 (HKLM-x32\...\{0A11EA01-E0CE-916E-BC94-74670FA71836}_is1) (Version: 15.1.0 - Ashampoo GmbH & Co. KG) Aslain's WoT Modpack Version 1.22.1.0.17 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.22.1.0.17 - Aslain) Avira Fallback Updater (HKLM-x32\...\Avira Fallback Updater) (Version: - ) Hidden Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.96.2 - Avira Operations GmbH) Hidden Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH) BeeCut V1.7.0.12 (HKLM-x32\...\{CA76BFA8-1862-49D7-B2C7-AE3D6CF40E53}_is1) (Version: 1.7.0.12 - Apowersoft LIMITED) CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden Discord (HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Discord) (Version: 1.0.9006 - Discord Inc.) Documentation Manager (HKLM\...\{044299A8-BCBB-48BA-9B72-B6113039D2DC}) (Version: 22.250.1.2 - Intel Corporation) Hidden ElsterAuthenticator 53.0.0 (HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\7709-8144-5045-9628) (Version: 53.0.0 - Bayerisches Landesamt fuer Steuern) ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8465D8876}) (Version: 7.9.1.69 - ExpressVPN) Hidden HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.) HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.17.0 - HP Inc.) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP Dropbox Plugin (HKLM-x32\...\{1E18E86D-632C-48B5-962C-B60C2E53A478}) (Version: 36.0.41.58587 - HP) HP Google Drive Plugin (HKLM-x32\...\{039DDA62-50CC-4E7F-9D54-7CF032A2D362}) (Version: 36.0.41.58587 - HP) HP OfficeJet Pro 8710 - Grundlegende Software für das Gerät (HKLM\...\{3574B2B8-5FA1-4F63-A6C7-652F213DFD80}) (Version: 40.12.1161.1896 - HP Inc.) HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP) Intel Driver && Support Assistant (HKLM-x32\...\{63B67EA4-4AE1-4A45-A67D-21318B4345EF}) (Version: 23.4.39.9 - Intel) Hidden Intel Driver && Support Assistant (HKLM-x32\...\{7D5F1DA8-0A8A-4762-8053-DD597941CA1C}) (Version: 23.2.17.8 - Intel) Hidden Intel(R) Computing Improvement Program (HKLM\...\{663AD3E8-E97D-4559-A61F-24BEF338F859}) (Version: 2.4.10611 - Intel Corporation) Intel(R) SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000250-0220-1031-84C8-B8D95FA3C8C3}) (Version: 22.250.0.2 - Intel Corporation) Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation) MAGIX Video deluxe 2023 Premium (HKLM\...\{CEB4565F-4CA9-4A0F-9252-3196C923122B}) (Version: 22.0.3.165 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2023 Premium (HKLM\...\MX.{CEB4565F-4CA9-4A0F-9252-3196C923122B}) (Version: 22.0.3.172 - MAGIX Software GmbH) MAGIX Video deluxe Premium (Demo) (HKLM\...\{8AB9AFF3-FFF3-4367-A4B4-AD513A8AD874}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe Premium (Designelemente 1) (HKLM\...\{B22F6395-840B-4446-AF88-82334EC171C8}) (Version: 20.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe Premium (Designelemente 2) (HKLM\...\{00A57FA0-0E57-4C4B-8729-C773136B44D8}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe Premium (Filmvorlagen 1) (HKLM\...\{C3115613-C2D1-4655-AD09-2A2D0F97F598}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe Premium (Filmvorlagen 2) (HKLM\...\{BB9C4B54-A647-4649-9CDC-EA09E5D5405C}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe Premium (Menüvorlagen) (HKLM\...\{91D752E2-C0D8-41E0-98BC-3DED8FD0D70F}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe Premium (Migrate Content) (HKLM\...\{093F2C78-2F97-418B-A287-92AB026A19AD}) (Version: 22.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe Premium (Titeleffekte) (HKLM\...\{4999D30E-9754-42A3-8583-8CCA233EC6D2}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe Premium (Überblendeffekte) (HKLM\...\{76DD673B-ABF7-47CD-9A98-5E5E76193364}) (Version: 19.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe Premium (Vorlagen und Effekte) (HKLM-x32\...\MAGIX_GlobalContent.Video_deluxe_Premium) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe Premium Update (HKLM\...\{840DEEEE-5BC9-4421-99CA-53FEEE36B085}) (Version: 22.0.3.172 - MAGIX Software GmbH) Hidden MAGIX Video deluxe Premium Update (HKLM\...\{DB415432-9EA2-4A10-9E6F-1A9D834BABA9}) (Version: 22.0.3.171 - MAGIX Software GmbH) Hidden MAGIX Video deluxe Premium Update (HKLM\...\{E0689030-C935-4D17-9B88-D10ABD622EFB}) (Version: 22.0.3.167 - MAGIX Software GmbH) Hidden Malwarebytes version 4.6.6.294 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.6.294 - Malwarebytes) Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.16924.20150 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.7 - Microsoft Corporation) Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.72 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.231.1107.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Mozilla Firefox (x64 de) (HKLM\...\Mozilla Firefox 119.0.1 (x64 de)) (Version: 119.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 83.0 - Mozilla) Neat Video v5.5.6 Pro plug-in for Magix (64-bit) (HKLM\...\Neat Video v5 for Magix_is1) (Version: - Neat Video team, ABSoft) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation) NVIDIA Grafiktreiber 546.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.01 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20150 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.16924.20088 - Microsoft Corporation) Hidden OpenGL Extensions Viewer 6.3 (HKLM-x32\...\GLVIEW3) (Version: 632 - ) Quick CPU x64 (HKLM\...\{B21672C7-B575-41EE-997C-B7D4EA5FB172}) (Version: 4.7.0.0 - CoderBag LLC) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.) Shark007 ADVANCED Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 14.1.6 - Shark007) Shark007 ADVANCED x64Components (HKLM\...\ADVANCED x64Components_is1) (Version: 14.1.6 - Shark007) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN) Wargaming.net Game Center (HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\Wargaming.net Game Center) (Version: 23.6.0.4252 - Wargaming.net) Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.2183 - Microsoft Corporation) Windows-Treiberpaket - Microsoft Corporation Net (06/27/2013 ) (HKLM\...\773B1C83DBE7169C11BD69164C3A35E7C5C76747) (Version: 06/27/2013 - Microsoft Corporation) Windows-Treiberpaket - Nordic Semiconductor ASA (libusbK) Nordic Semiconductor DFU (11/17/2017 1.0.0.0) (HKLM\...\9E604C253CF23E22559521E18F5477442849274E) (Version: 11/17/2017 1.0.0.0 - Nordic Semiconductor ASA) Windows-Treiberpaket - Nordic Semiconductor ASA (usbser) Ports (05/11/2018 1.0.1.0) (HKLM\...\8BE37708EC0B1921B47CD432537BB725532CEF79) (Version: 05/11/2018 1.0.1.0 - Nordic Semiconductor ASA) WinRAR 5.91 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH) World of Tanks EU (HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\2314027414) (Version: - Wargaming.net) Packages: ========= AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt [2023-10-08] (INTEL CORP) [Startup Task] B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.20.234.0_x64__v10z8vjag6ke6 [2023-06-17] (HP Inc.) Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.502.261.0_x64__8wekyb3d8bbwe [2023-10-15] (Microsoft Corporation) Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2023-09-27] (HP Inc.) HP CoolSense -> C:\Program Files\WindowsApps\AD2F1837.HPCoolSense_1.1.2.0_x64__v10z8vjag6ke6 [2020-08-16] (HP Inc.) HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2023-10-12] (HP Inc.) HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.4.0.0_x64__v10z8vjag6ke6 [2023-11-01] (HP Inc.) HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2023-10-08] (HP Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_149.1.1056.0_x64__v10z8vjag6ke6 [2023-09-11] (HP Inc.) HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.30.18.0_x64__v10z8vjag6ke6 [2023-09-23] (HP Inc.) HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.39.0_x64__v10z8vjag6ke6 [2023-09-30] (HP Inc.) Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-09-27] (INTEL CORP) Media Engine-Add-On für Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-29] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-03-19] (Microsoft Corporation) [MS Ad] Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2310.10002.0_x64__8wekyb3d8bbwe [2023-10-15] (Microsoft Corporation) [Startup Task] Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.62361.0_x64__8wekyb3d8bbwe [2023-09-05] (Microsoft Corporation) Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-10-17] (Microsoft Corporation) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-11-04] (NVIDIA Corp.) OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6 [2023-11-15] (HP Inc.) [Startup Task] Photos Media Add-On (Internal) -> C:\Program Files\WindowsApps\Microsoft.PhotosDLCMediaEngineInternal_2017.39101.64310.0_x64__8wekyb3d8bbwe [2023-02-27] (Microsoft Corporation) Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-10-17] (Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1727595607-4285960842-485942036-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (Intel Corporation -> Intel) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-12] (Intel Corporation -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH) ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL [2023-10-31] (Avira Operations GmbH -> Avira Operations GmbH) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-10-24] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-12] (Intel Corporation -> ) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.231.1107.0002\FileSyncShell64.dll [2023-11-21] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\nvshext.dll [2023-10-30] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-10-24] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Drivers32: [vidc.i420] => C:\windows\system32\lvcod64.dll [175392 2012-10-23] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-23] (Logitech, Inc. -> Logitech Inc.) ==================== Verknüpfungen & WMI ======================== ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============= 2023-09-15 23:23 - 2023-09-15 23:23 - 000138240 _____ () [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\f5836eea869011d9f6291cf9b7052643\Interop.IWshRuntimeLibrary.ni.dll 2023-09-15 23:22 - 2023-09-15 23:22 - 000134656 _____ (hardcodet.net) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\2291c400342bb064ac70d3f43f4350d0\Hardcodet.Wpf.TaskbarNotification.ni.dll 2021-10-21 21:14 - 2018-04-06 20:41 - 007593472 _____ (HP Inc.) [Datei ist nicht signiert] C:\WINDOWS\system32\spool\DRIVERS\x64\3\HPOJ8710_FaxPCSendRenderPlugin.dll 2023-09-15 23:23 - 2023-09-15 23:23 - 001701376 _____ (Mark Heath & Contributors) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\812bfcdb6de89f4e84e286670a1fecae\NAudio.ni.dll 2023-10-15 12:03 - 2023-10-15 12:03 - 003062272 _____ (Newtonsoft) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\42169599bfe84f556899f55e1a8cb8a7\Newtonsoft.Json.ni.dll 2023-09-25 17:59 - 2023-09-25 17:59 - 002889728 _____ (SQLite Development Team) [Datei ist nicht signiert] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll 2023-10-15 12:03 - 2023-10-15 12:03 - 000793088 _____ (The Apache Software Foundation) [Datei ist nicht signiert] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\1c57748b3b2fd11cd905689020edb288\log4net.ni.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log:F107EE40EF [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer1.log_backup1:2DD1EC5C91 [3442] AlternateDataStreams: C:\ProgramData\DisplaySessionContainer2.log:CCB2353F35 [3442] AlternateDataStreams: C:\ProgramData\NvcDispCorePlugin.log:AAE9D2281E [3442] AlternateDataStreams: C:\ProgramData\NvcDispCorePlugin.log_backup1:E79F04DA79 [3442] AlternateDataStreams: C:\ProgramData\NVDisplay.ContainerLocalSystem.log:5ACBC90093 [3442] AlternateDataStreams: C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1:A416BDA264 [3442] AlternateDataStreams: C:\ProgramData\NVDisplayContainerWatchdog.log:204739A7F2 [3442] AlternateDataStreams: C:\ProgramData\NVDisplayContainerWatchdog.log_backup1:C3CA1050CA [3442] AlternateDataStreams: C:\ProgramData\settings.ini:27EB0451C1 [3442] AlternateDataStreams: C:\ProgramData\settings.ini:FBCB33148D [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN.lnk:193B723030 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Audio Switch.lnk:BD4A45E559 [3442] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ================= ==================== Internet Explorer (Nicht auf der Ausnahmeliste) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1727595607-4285960842-485942036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> {7B6E8D22-7BC6-41A1-8CB1-DB7C2E752BE2} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {7B6E8D22-7BC6-41A1-8CB1-DB7C2E752BE2} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-1727595607-4285960842-485942036-1001 -> {7B6E8D22-7BC6-41A1-8CB1-DB7C2E752BE2} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-01-23] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-01-23] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\localhost -> localhost ==================== Hosts Inhalt: ========================= (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere Bereiche =========================== (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files (x86)\QuickTime\QTSystem\ HKU\S-1-5-21-1727595607-4285960842-485942036-1001\Control Panel\Desktop\\Wallpaper -> c:\users\sirto\onedrive\bilder\screenshots\wallpaperkiss_1151310.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) HKU\S-1-5-21-1727595607-4285960842-485942036-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1) ist aktiviert. Network Binding: ============= Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) WLAN: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) HKLM\...\StartupApproved\Run: => "RtkAudUService" HKLM\...\StartupApproved\Run: => "PDF24" HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService" HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\StartupFolder: => "ElsterAuthenticator 50.0.0.lnk" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\StartupFolder: => "ElsterAuthenticator 50.1.0.lnk" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\StartupFolder: => "ElsterAuthenticator 53.0.0.lnk" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "HPSEU_Host_Launcher" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "Lync" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "Wargaming.net Game Center" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "VLC" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "GameCenter" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "HP OfficeJet Pro 8710 (NET)" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "Battle.net" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B96F7B7310ED7E0A1C0CE5220A7ADB8E" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "QMxNetworkSync" HKU\S-1-5-21-1727595607-4285960842-485942036-1001\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_F7DC231E2F5CCFF26A8DC3287A4D5959" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================ (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [UDP Query User{CA941457-6D41-404E-A0BD-256055629DB9}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{413D14C4-8074-4B8F-AC5D-51BB95640174}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{B8658235-EFC5-4F67-938A-D52E42599850}C:\users\sirto\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\sirto\appdata\local\gamecenter\gamecenter.exe (VK Play LLC -> VK Play LLC) FirewallRules: [TCP Query User{E1E01061-7B2D-4D40-9F31-80F526C3F1FE}C:\users\sirto\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\sirto\appdata\local\gamecenter\gamecenter.exe (VK Play LLC -> VK Play LLC) FirewallRules: [UDP Query User{98A16D8F-1879-4845-BD48-CA2C30F69910}C:\users\sirto\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\sirto\appdata\local\gamecenter\gamecenter.exe (VK Play LLC -> VK Play LLC) FirewallRules: [TCP Query User{699EBE7B-B9CA-423B-915A-77AF596836D3}C:\users\sirto\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\sirto\appdata\local\gamecenter\gamecenter.exe (VK Play LLC -> VK Play LLC) FirewallRules: [UDP Query User{8796443E-FA27-42F0-8DB9-721ECA2F599E}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [TCP Query User{82B664C4-D036-4891-ACB7-321760ABAC80}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{9C95E80E-F6E9-4F41-9E0D-7429E058B8A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2AB01CAE-E9D1-4D02-9536-F19B6B04058B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{8A982FEE-AA95-47B7-B5BD-7FFCFFF72BAC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{64103919-1B5E-4D51-A03E-7499E8CA9689}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{401F7083-1C61-4FE5-86DE-67879A5729B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CBCC8BE0-0F16-47D7-AEF7-C31B1A5AC365}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D56C9C29-0922-4310-9281-69A07D5E1F10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{85853778-60DC-4645-BEA1-09F69B979B44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{1D1DB129-604B-47C6-81FF-5264C9AC631D}] => (Allow) C:\Program Files (x86)\Apowersoft\Beecut\BeeCut.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [{EB2ABEF7-A5E0-4E10-A5BC-4D904FABD366}] => (Allow) C:\Program Files (x86)\Apowersoft\Beecut\BeeCut.exe (Apowersoft Ltd -> Apowersoft) FirewallRules: [{20E8F9C0-F016-4AA6-AB52-F29466C352ED}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{27943096-AAAB-46A3-95BB-B399BC2745D5}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{008188B6-04CF-435F-8F14-A6B24DAB6CC9}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\SendAFax.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{4F27DA0A-3B05-48C5-9F1B-0AD8FB52E3C5}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{4856BDE1-7744-4E68-9DB6-30B8D5B44692}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{63D6BB67-1E7B-48BB-9E2E-C336E0375185}] => (Allow) LPort=5357 FirewallRules: [{580B455C-A22C-4609-A323-1991E51EDD3C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{18B8129E-B4D4-4738-BDA5-DCB984E90F58}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2023 Premium\Videodeluxe.exe (MAGIX Software GmbH -> MAGIX Software GmbH) FirewallRules: [{E23CA24A-F3C9-4A0E-977C-4FC57E1BABCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{2E639089-7F44-4991-AE55-19AD21EB5DB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{7F28DE6D-2066-4A97-8CBC-5AD3EB964D77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{88184EC4-937A-498E-B740-94BCFD03E912}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{41A5D1F4-B2BB-4EBB-A6D4-5CFEE73AD5A7}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming Group Limited -> Wargaming.net) FirewallRules: [{DE1A89E4-33FC-427B-9F78-9C69C161A62D}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming Group Limited -> Wargaming.net) FirewallRules: [{13FFA406-D7D6-4891-8745-674B8A99972F}] => (Allow) C:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{2F67E483-1A30-409D-B3C8-D28089918793}] => (Allow) C:\Games\World_of_Tanks_EU\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net) FirewallRules: [{FBE51CC0-740D-4ABF-823E-3A9B6354C50E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{12F7B165-0E7B-4B99-AAD1-FAF39B67612F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{756345CF-DFC6-4203-B61A-67D717374FA3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4AE84F65-DC57-4F2A-91DD-40237F7B325E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{FD8E7E38-A874-4305-B0C8-6B8EE7637698}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc.) FirewallRules: [{DA8709D9-517F-466D-BEDF-6A72E7E39CB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc.) FirewallRules: [{B4FE212D-366D-4B49-8F84-A64506587730}] => (Allow) C:\Program Files\NewBlueFX\Common\EffectHost64.exe () [Datei ist nicht signiert] FirewallRules: [{DD24C943-F188-443C-9F7F-EA9CAD3243EE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A451CEF1-5813-408D-B5A9-0BC412FA7626}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrosshairX\CrosshairX.exe (GitHub, Inc.) [Datei ist nicht signiert] FirewallRules: [{28E0C070-C94C-40FF-8B29-BA41634B0BFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CrosshairX\CrosshairX.exe (GitHub, Inc.) [Datei ist nicht signiert] FirewallRules: [{5FAA689B-70B9-4EF8-BC66-C95D34831AB0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{E942E849-D95F-4C23-8A4B-52541653A462}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{F71045B3-7C02-4094-9056-3B8F0F3973BD}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{E1C4678C-40CF-4560-B467-D257E4A9D4F0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{DDA1B086-62EF-457D-B6E0-1DEF691DF052}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{3B2B6EC5-5F2B-4CF3-941C-3674D1738345}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{296D3AB1-5B10-4144-895D-6AFA4590AF83}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{96F1AA58-A33B-42CA-9C5A-E1111552FCBF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{C6849CB9-9B46-406D-B763-1BDB8D12D89C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{797BA9BA-2585-4275-9C87-2B55FD6AB943}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{709DDC01-7584-487B-892D-0E8EE99AD5AF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{AEE2BAD0-21F4-40CA-95F7-025EEB7783C0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{624DFD76-7E83-4FBA-980D-599924E27285}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{D2577756-CF34-4FCB-9D93-BCBA1B310209}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{DC74556F-B673-457F-BC3D-F3E271ED01D4}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{F2C5F0CC-12C7-459C-AE85-607E6EC57BF1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2310.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{B658195E-BFC4-4C07-8462-15A38F75079A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23258.704.2395.9691_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7A298855-0491-4964-8FD9-E47C5089CD5D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23258.704.2395.9691_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0E5BF87A-D87E-4267-AE45-87AFB4797A9A}] => (Allow) C:\Program Files\Fortect\MainService.exe => Keine Datei FirewallRules: [{D2673FB2-3511-4E94-8E09-CE9879E0E9ED}] => (Allow) C:\Program Files\Fortect\MainService.exe => Keine Datei FirewallRules: [{A74DE7BD-5FF6-432B-BBE4-8765C72B67F1}] => (Allow) C:\Program Files\Fortect\MainService.exe => Keine Datei FirewallRules: [{15854952-27C0-4535-BE29-FF4841026709}] => (Allow) C:\Program Files\Fortect\MainService.exe => Keine Datei FirewallRules: [{48FC8364-8562-4DB1-BE9A-D065BF2FE8D5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Wiederherstellungspunkte ========================= 09-11-2023 23:03:33 Avira System Speedup Optimierung 14-11-2023 02:16:11 Revo Uninstaller's restore point - Instagram 14-11-2023 02:19:26 Revo Uninstaller's restore point - CCleaner 14-11-2023 02:20:30 Revo Uninstaller's restore point - Instagram 14-11-2023 02:21:21 Revo Uninstaller's restore point - Call of Duty Modern Warfare 15-11-2023 14:15:52 Revo Uninstaller's restore point - Revo Uninstaller 2.4.5 15-11-2023 14:16:24 Revo Uninstaller's restore point - Avira Security ==================== Fehlerhafte Geräte im Gerätemanager ============ Name: HP Wide Vision HD Camera Description: Realtek DMFT - RGB Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f} Manufacturer: Realtek Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ======================== Applikationsfehler: ================== Error: (11/21/2023 05:09:26 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (11/21/2023 05:09:26 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (11/21/2023 05:09:26 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren. . Error: (11/21/2023 05:09:26 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x8007045b, Der Computer wird heruntergefahren. ] Error: (11/21/2023 01:01:23 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: ) Description: Event-ID 2 Error: (11/20/2023 06:10:24 AM) (Source: Application Error) (EventID: 1000) (User: NT-AUTORITÄT) Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.39.3323.1171, Zeitstempel: 0x64e85748 Name des fehlerhaften Moduls: nvxdsyncplugin.dll, Version: 8.17.15.4601, Zeitstempel: 0x653accbc Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000095e85 ID des fehlerhaften Prozesses: 0x0x3ba8 Startzeit der fehlerhaften Anwendung: 0x0x1da1b6fde068838 Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\NVDisplay.Container.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\plugins\Session\nvxdsyncplugin.dll Berichtskennung: 6dae32f4-0580-47f9-a176-db74040fd7f4 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/20/2023 06:10:23 AM) (Source: Application Error) (EventID: 1000) (User: NT-AUTORITÄT) Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.39.3323.1171, Zeitstempel: 0x64e85748 Name des fehlerhaften Moduls: nvxdsyncplugin.dll, Version: 8.17.15.4601, Zeitstempel: 0x653accbc Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000095e85 ID des fehlerhaften Prozesses: 0x0x770 Startzeit der fehlerhaften Anwendung: 0x0x1da1b6fdd5e9525 Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\NVDisplay.Container.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\plugins\Session\nvxdsyncplugin.dll Berichtskennung: c10bc400-a95d-4727-b2b7-f908dbf0a869 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (11/20/2023 06:10:22 AM) (Source: Application Error) (EventID: 1000) (User: NT-AUTORITÄT) Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.39.3323.1171, Zeitstempel: 0x64e85748 Name des fehlerhaften Moduls: nvxdsyncplugin.dll, Version: 8.17.15.4601, Zeitstempel: 0x653accbc Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000095e85 ID des fehlerhaften Prozesses: 0x0x3b10 Startzeit der fehlerhaften Anwendung: 0x0x1da1b6fdcbc083a Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\NVDisplay.Container.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_4c15af8e078cdfdd\Display.NvContainer\plugins\Session\nvxdsyncplugin.dll Berichtskennung: a6745b25-f05b-4cf5-9e1b-31049f884aa4 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (11/21/2023 05:14:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Update Orchestrator Service" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (11/21/2023 05:14:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Update Orchestrator Service erreicht. Error: (11/21/2023 05:14:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Übermittlungsoptimierung" wurde nicht richtig gestartet. Error: (11/21/2023 05:11:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Avira Security Updater" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (11/21/2023 05:11:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Security Updater erreicht. Error: (11/21/2023 05:11:53 AM) (Source: DCOM) (EventID: 10010) (User: MABPAVILLON) Description: Der Server "{8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (11/21/2023 05:09:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "wuauserv_bkp" wurde aufgrund folgenden Fehlers nicht gestartet: Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (11/21/2023 05:09:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (45000 ms) wurde beim Verbindungsversuch mit dem Dienst wuauserv_bkp erreicht. Windows Defender: ================ Date: 2023-11-19 22:49:45 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {58215E38-4778-4664-B348-1C9854183F73} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2023-11-19 03:22:07 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {0976DFCA-F446-4021-8321-67EE01DDE957} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2023-11-17 17:54:40 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {B8D4ADF9-7029-4B94-942A-8C50A3E7A17A} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2023-11-17 17:11:41 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {9FB5DBAA-D40C-4809-9AC2-0D07EA827BC9} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Date: 2023-11-17 16:02:21 Description: Die Microsoft Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet. Überprüfungs-ID: {03DDF3AF-1249-45E6-8EA0-D97C41A34327} Überprüfungstyp: Antimalware Überprüfungsparameter: Schnellüberprüfung Benutzer: NT-AUTORITÄT\SYSTEM Event[0] Date: 2023-11-21 01:37:22 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.401.826.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.23100.2009 Fehlercode: 0x80070102 Fehlerbeschreibung: Der Wartevorgang wurde abgebrochen. Date: 2023-11-21 01:37:22 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.401.826.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.23100.2009 Fehlercode: 0x80070102 Fehlerbeschreibung: Der Wartevorgang wurde abgebrochen. Date: 2023-11-20 12:25:42 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.401.826.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.23100.2009 Fehlercode: 0x80240022 Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich. Date: 2023-11-20 12:25:42 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.401.826.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.23100.2009 Fehlercode: 0x80240022 Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich. Date: 2023-11-19 14:39:06 Description: Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten. Neue Version der Sicherheitsinformationen: %Vorherige Version der Sicherheitsinformationen: 1.401.826.0 Update Source: Microsoft Update-Server Sicherheitstyp: AntiVirus Updatetyp: Voll Benutzer: NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: %Vorherige Modulversion: 1.1.23100.2009 Fehlercode: 0x80240022 Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich. CodeIntegrity: =============== Date: 2023-11-15 18:01:19 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== BIOS: Insyde F.46 10/04/2023 Hauptplatine: HP 8744 Prozessor: Intel(R) Core(TM) i7-10750H CPU @ 2.60GHz Prozentuale Nutzung des RAM: 17% Installierter physikalischer RAM: 40736.11 MB Verfügbarer physikalischer RAM: 33559.2 MB Summe virtueller Speicher: 46368.11 MB Verfügbarer virtueller Speicher: 38077.1 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:475.94 GB) (Free:221.73 GB) (Model: SAMSUNG MZVLB512HBJQ-000H1) NTFS Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:931.38 GB) (Model: WDC WD10SPSX-60A6WT0) NTFS \\?\Volume{c64e98d5-8638-4bbe-a416-dbbdb210eb08}\ () (Fixed) (Total:0.72 GB) (Free:0.08 GB) NTFS \\?\Volume{a79fc2db-dba7-42ba-94bf-f2b58f45333b}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32 ==================== MBR & Partitionstabelle ==================== ==================== Ende von Addition.txt ======================= Geändert von cosinus (21.11.2023 um 15:09 Uhr) Grund: code tags |
21.11.2023, 15:08 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kein Windows update nach HackerangriffZitat:
Mit da wurde was vielleicht, vielleicht auch nicht gefunden, kann niemand etwas anfangen. Zu dem Tool schweigst du dich leider auch komplett aus.
__________________ Logfiles bitte immer in CODE-Tags posten |
22.11.2023, 00:46 | #5 |
| Kein Windows update nach Hackerangriff Mit dieser Datei sollte man skins und eine bessere FPS in dem Spiel Rust haben, die Datei ist natürlich nicht mehr auf dem PC und im Youtube Video wo die Datei angeboten wurde per links existiert leider nicht mehr. Ich werde am Abend die Malwarebytes log posten Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Scan-Datum: 25.10.23 Scan-Zeit: 00:25 Protokolldatei: 4ed742fa-72bc-11ee-8bf9-00ffc37e793d.json -Softwaredaten- Version: 4.6.5.293 Komponentenversion: 1.0.2181 Version des Aktualisierungspakets: 1.0.76540 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 11 (Build 22635.2483) CPU: x64 Dateisystem: NTFS Benutzer: Mabpavillon\Sir -Scan-Übersicht- Scan-Typ: Bedrohungs-Scan Scan gestartet von: Manuell Ergebnis: Abgeschlossen Gescannte Objekte: 281894 Erkannte Bedrohungen: 56 In die Quarantäne verschobene Bedrohungen: 56 Abgelaufene Zeit: 3 Min., 48 Sek. -Scan-Optionen- Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Erkennung PUM: Erkennung -Scan-Details- Prozess: 1 PUP.Optional.QuickDriverUpdater, C:\PROGRAM FILES\QUICK DRIVER UPDATER\QDU.EXE, In Quarantäne, 9521, 814053, , , , , DFE06DF90A37A45B23E33F510DDA9554, 68E15D06D36F57BB45C819E0A3AADA7023493BFBEA1D2CBD1F3C1F421FE4B546 Modul: 5 PUP.Optional.QuickDriverUpdater, C:\PROGRAM FILES\QUICK DRIVER UPDATER\SYSTEM.DATA.SQLITE.DLL, In Quarantäne, 9521, 814201, , , , , F008D53EF467BA98705ED7D178D0C578, B648F4071B4F5F89729194C55A83F8643FB8482E43896FEA6854409E69D75F3A PUP.Optional.QuickDriverUpdater, C:\PROGRAM FILES\QUICK DRIVER UPDATER\MICROSOFT.WIN32.TASKSCHEDULER.DLL, In Quarantäne, 9521, 814053, , , , , 10B55F05EC011648F5ED0C2476C4ABE3, 05AB1BBCB2CCE566B6D170011B446C5A34AEED37E73341FD4FBE348FB838930C PUP.Optional.QuickDriverUpdater, C:\PROGRAM FILES\QUICK DRIVER UPDATER\X64\SQLITE.INTEROP.DLL, In Quarantäne, 9521, 814201, , , , , 65142EC86E7FE03453EFE502A1D8EA1A, 39785F30001D4A858E968D93A5E2CEF0717FEDC6CF668F557854B374ECE54F4F PUP.Optional.QuickDriverUpdater, C:\PROGRAM FILES\QUICK DRIVER UPDATER\QDU.EXE, In Quarantäne, 9521, 814053, , , , , DFE06DF90A37A45B23E33F510DDA9554, 68E15D06D36F57BB45C819E0A3AADA7023493BFBEA1D2CBD1F3C1F421FE4B546 PUP.Optional.QuickDriverUpdater, C:\PROGRAM FILES\QUICK DRIVER UPDATER\NEWTONSOFT.JSON.DLL, In Quarantäne, 9521, 814201, , , , , 61B376BC89F5FC3A366DE14B8590EF20, AFA948DF1F47F5822C6F17CB025C212700FC513D9F5A3118361E981B5AC4718B Registrierungsschlüssel: 11 PUP.Optional.QuickDriverUpdater, HKLM\SOFTWARE\qdu-pr, In Quarantäne, 9521, 814062, 1.0.76540, , ame, , , RiskWare.Script.Base64, HKU\S-1-5-21-1727595607-4285960842-485942036-1001\SOFTWARE\afbacbdcdbbd, In Quarantäne, 10006, 883372, 1.0.76540, , ame, , , PUP.Optional.QuickDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1745FA8E-3AEE-4239-A380-89B8F6EDB642}_IS1, In Quarantäne, 9521, 814060, 1.0.76540, , ame, , , PUP.Optional.QuickDriverUpdater, HKLM\SOFTWARE\DIGITAL PROTECTION SERVICES S.R.L\Quick Driver Updater, In Quarantäne, 9521, 814059, 1.0.76540, , ame, , , PUP.Optional.QuickDriverUpdater, HKU\S-1-5-21-1727595607-4285960842-485942036-1001\SOFTWARE\DIGITAL PROTECTION SERVICES S.R.L\Quick Driver Updater, In Quarantäne, 9521, 814063, 1.0.76540, , ame, , , PUP.Optional.QuickDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Quick Driver Updater skipuac, In Quarantäne, 9521, 814053, , , , , , PUP.Optional.QuickDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BE738C25-5A6E-4852-AD49-EEDFE59A3C7B}, In Quarantäne, 9521, 814053, , , , , , PUP.Optional.QuickDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{BE738C25-5A6E-4852-AD49-EEDFE59A3C7B}, In Quarantäne, 9521, 814053, , , , , , PUP.Optional.QuickDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Quick Driver Updater_Logon, In Quarantäne, 9521, 814053, , , , , , PUP.Optional.QuickDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2089A96D-DFDE-4498-AD6A-4479FABCB205}, In Quarantäne, 9521, 814053, , , , , , PUP.Optional.QuickDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{2089A96D-DFDE-4498-AD6A-4479FABCB205}, In Quarantäne, 9521, 814053, , , , , , Registrierungswert: 2 RiskWare.Script.Base64, HKU\S-1-5-21-1727595607-4285960842-485942036-1001\SOFTWARE\afbacbdcdbbd|0, In Quarantäne, 10006, 883372, 1.0.76540, , ame, , , PUP.Optional.QuickDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1745FA8E-3AEE-4239-A380-89B8F6EDB642}_IS1|DISPLAYNAME, In Quarantäne, 9521, 814060, 1.0.76540, , ame, , , Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Daten-Stream: 0 (keine bösartigen Elemente erkannt) Ordner: 7 PUP.Optional.QuickDriverUpdater, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\QUICK DRIVER UPDATER, In Quarantäne, 9521, 814055, 1.0.76540, , ame, , , PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\DrvDownload\NVIDIA_USB_Type-C_Port_Policy_Controller, In Quarantäne, 9521, 814057, , , , , , PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\DrvBackups\2023.10.23 02.06.16, In Quarantäne, 9521, 814057, , , , , , PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\DrvBackups, In Quarantäne, 9521, 814057, , , , , , PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\Icons, In Quarantäne, 9521, 814057, , , , , , PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\smico, In Quarantäne, 9521, 814057, , , , , , PUP.Optional.QuickDriverUpdater, C:\PROGRAM FILES\QUICK DRIVER UPDATER, In Quarantäne, 9521, 814201, 1.0.76540, , ame, , , Datei: 30 PUP.Optional.QuickDriverUpdater, C:\USERS\PUBLIC\DESKTOP\QUICK DRIVER UPDATER.LNK, In Quarantäne, 9521, 814056, 1.0.76540, , ame, , 073FC0E617DBF5E7ED29E4210C2EFF5D, A5B932C5D9B2B2A0D92A76CE7037966936CA6F13A51C241507E8E56138C404CA PUP.Optional.QuickDriverUpdater, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Driver Updater\Quick Driver Updater entfernen.lnk, In Quarantäne, 9521, 814055, , , , , 3C3FA8B10F451465371B66F3F080F6B6, FFF84B449D3858C3382D2C7C0D377C55BA1A96669FB2D46CFB0C41125EE50E87 PUP.Optional.QuickDriverUpdater, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Driver Updater\Quick Driver Updater.lnk, In Quarantäne, 9521, 814055, , , , , EEC2B015810EC399C8B58690A9033001, DFB24B3E915F5E14E550891FE473127461F216A950706787F65F6AE080C42518 PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\DrvBackups\2023.10.23 02.06.16\Realtek_Gaming_GbE_Family_Controller.zip, In Quarantäne, 9521, 814057, , , , , D52A84E1AEDC324BC71A20FE1E8860C6, F1AF4438A92CF5E31CF5E35A24762B908CE0CE941A0D8125E628685B1187B763 PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\DrvBackups\2023.10.23 02.06.16\Reports.xml, In Quarantäne, 9521, 814057, , , , , 002D417BDDDB414EF18F328B8EB2B4BA, 2B9B2F3D420BA494D0444DB541396C42E4FF5743B97FF2F9BCC019132D0F6033 PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\DrvDownload\NVIDIA_USB_Type-C_Port_Policy_Controller\eaae6afde87dbebd92f835df321a45f0.cab, In Quarantäne, 9521, 814057, , , , , 762998C75E694602D5055C9D174B3F5D, 55541BEACECB1F6F6A3E52FA9ACFDF6FEEFFCD295CEB1A4D10C1BBCE404D1DFA PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\Icons\usbIcon.png, In Quarantäne, 9521, 814057, , , , , 98D946A31404A311D327F744C62F891C, B9D5B1AE4A391921A3E4C21D2310B5381067BB5571C2D2A247528AB42D76D702 PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\smico\5whesuaz.png, In Quarantäne, 9521, 814057, , , , , 2B5233EA3765839BCA71EEC73ADD3895, 8E7D5AC39915488DD12262AAE13A2CA8C18E2234ABF73DA2618C27348058B303 PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\smico\j1wwpbw5.png, In Quarantäne, 9521, 814057, , , , , 2B5233EA3765839BCA71EEC73ADD3895, 8E7D5AC39915488DD12262AAE13A2CA8C18E2234ABF73DA2618C27348058B303 PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\smico\jbetrdao.png, In Quarantäne, 9521, 814057, , , , , 972A0A5477B3DD7266DC1EFDD71293DB, 7E29BC82A2D38F1889720B96615086D13CA9EE1847C483B4D8ADF2BD55AC75C7 PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\Errorlog.txt, In Quarantäne, 9521, 814057, , , , , B448B27271B7A49DD2F7D65F091F85AB, 7BB3D93597A81E2E0AA6669B87F1801366562724ED40A4F5186761CE79D3FAB5 PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\Logs.txt, In Quarantäne, 9521, 814057, , , , , 048ACA7ECA546B6ECD5CA8E9C5DBA38B, 26926DA8E5E113DAE3973789441515BEF1BCA9FFE8F8D878B09EF3C9729D88F5 PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\Mydb.sqlite, In Quarantäne, 9521, 814057, , , , , CA33F13469335C30FA8D05B9CF7B7867, EC5CEF397E119CF41D0B4D2BD5A915287150C904111B0151726812D30AEB0D70 PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\notifier.xml, In Quarantäne, 9521, 814057, , , , , 53AA3958ED72D3723E83F754DB3FD069, 102DEC455F62B9D53F058E3DD84DC654B13A520DC6C981F81F97F34A5D24418E PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\res.bin, In Quarantäne, 9521, 814057, , , , , 311D0FA4B791E1548CE64A1454CD9F51, 909EB50D767CCA45A8893EBB2E1ECDA16577236448DE5D871DE31A1D84C0E7EA PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\Result.cb, In Quarantäne, 9521, 814057, , , , , 67805C16917D3FAE2056E5A0150524D2, DE2A43D585C371A6F0690A71DC7B8B9EC7261F9F8DA666F03698BD27B0B1F393 PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\update.xml, In Quarantäne, 9521, 814057, , , , , 2209065AF35D8486C2E32B6596D1A339, 850A19849454FABD26F69A256FE7B68B43ACFF19F7DEBEC192999E84B7F7D0EA PUP.Optional.QuickDriverUpdater, C:\Users\sirto\AppData\Roaming\Digital Protection Services S.R.L\Quick Driver Updater\Updatelog.txt, In Quarantäne, 9521, 814057, , , , , CB1F45F37BB16DDFFB7E8BE558857BD7, CAFDF1DA4ACF9E4CCA35AE7E5B9FBE1014DBDCECDFD0DB7AFB24D1277865C69B PUP.Optional.QuickDriverUpdater, C:\WINDOWS\TEMP\SENTRY_TEMP\QDUVERIF.EXE.94D1B7D98E281BFAE782DF744869F652, In Quarantäne, 9521, 814053, 1.0.76540, , ame, , 692CADD2DBD4CD7025F70C1D54AB4AD1, F10A0CE208BA18FF6DFCA70E15BEE2CBC912EDBCE81C658C62AD83336B4E0BCC PUP.Optional.QuickDriverUpdater, C:\WINDOWS\TEMP\SENTRY_TEMP\QDU.EXE.6636717C9D17D5A7C175CF943D5EDF9B, In Quarantäne, 9521, 814053, 1.0.76540, , ame, , DFE06DF90A37A45B23E33F510DDA9554, 68E15D06D36F57BB45C819E0A3AADA7023493BFBEA1D2CBD1F3C1F421FE4B546 PUP.Optional.QuickDriverUpdater, C:\WINDOWS\TEMP\SENTRY_TEMP\QDUREPPATH.EXE.44E4D7A8A34758E25CC63911E31769B1, In Quarantäne, 9521, 814053, 1.0.76540, , ame, , 66661321C59AD0A610B6487CED73D90E, 373C77E9D4E8B3ADD75CA00EC8AC577F05C004C32CDFA2D99C3FD43248DA0DD9 PUP.Optional.QuickDriverUpdater, C:\PROGRAM FILES\QUICK DRIVER UPDATER\SYSTEM.DATA.SQLITE.DLL, In Quarantäne, 9521, 814201, 1.0.76540, , ame, , F008D53EF467BA98705ED7D178D0C578, B648F4071B4F5F89729194C55A83F8643FB8482E43896FEA6854409E69D75F3A PUP.Optional.QuickDriverUpdater, C:\PROGRAM FILES\QUICK DRIVER UPDATER\MICROSOFT.WIN32.TASKSCHEDULER.DLL, In Quarantäne, 9521, 814053, 1.0.76540, , ame, , 10B55F05EC011648F5ED0C2476C4ABE3, 05AB1BBCB2CCE566B6D170011B446C5A34AEED37E73341FD4FBE348FB838930C PUP.Optional.QuickDriverUpdater, C:\PROGRAM FILES\QUICK DRIVER UPDATER\X64\SQLITE.INTEROP.DLL, In Quarantäne, 9521, 814201, 1.0.76540, , ame, , 65142EC86E7FE03453EFE502A1D8EA1A, 39785F30001D4A858E968D93A5E2CEF0717FEDC6CF668F557854B374ECE54F4F PUP.Optional.QuickDriverUpdater, C:\WINDOWS\SYSTEM32\TASKS\Quick Driver Updater skipuac, In Quarantäne, 9521, 814053, , , , , 022C5F2E33F54D9F9152DFD3655D16BA, 06DBE6C02036BDFFA3C5D9FA6D8533991034A1B749592B9450F6764AA4BAB541 PUP.Optional.QuickDriverUpdater, C:\WINDOWS\SYSTEM32\TASKS\Quick Driver Updater_Logon, In Quarantäne, 9521, 814053, , , , , D22A9363C790F8D951472774317A4F2E, A6FE2B483AA8F4BC2539E91FABF592259A544C7EB652FE29A89AAAC06283ED93 PUP.Optional.QuickDriverUpdater, C:\PROGRAM FILES\QUICK DRIVER UPDATER\QDU.EXE, In Quarantäne, 9521, 814053, 1.0.76540, , ame, , DFE06DF90A37A45B23E33F510DDA9554, 68E15D06D36F57BB45C819E0A3AADA7023493BFBEA1D2CBD1F3C1F421FE4B546 PUP.Optional.QuickDriverUpdater, C:\PROGRAM FILES\QUICK DRIVER UPDATER\NEWTONSOFT.JSON.DLL, In Quarantäne, 9521, 814201, 1.0.76540, , ame, , 61B376BC89F5FC3A366DE14B8590EF20, AFA948DF1F47F5822C6F17CB025C212700FC513D9F5A3118361E981B5AC4718B PUP.Optional.BundleInstaller, C:\USERS\SIRTO\DOWNLOADS\MEMU-SETUP-ABROAD-SDK.EXE, In Quarantäne, 99, 1139033, 1.0.76540, , ame, , C6A3C781BB3C4B53890BB0F48959EA12, 50C3138CD1F4E52FFEF732253F17145FF320AE671C1544AC686A004D16805665 PUP.Optional.ChipDe, C:\USERS\SIRTO\DOWNLOADS\TCPVIEW - CHIP INSTALLER _ICFAP.EXE, In Quarantäne, 6727, 562568, 1.0.76540, , ame, , F5980F17F44DA870072C5CE396EB01BF, 2F9079DF89E96A997A910F9243173AC60BFE625501452152F8AB281778E5696B Physischer Sektor: 0 (keine bösartigen Elemente erkannt) WMI: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Malwarebytes www.malwarebytes.com -Protokolldetails- Datum des Schutzereignisses: 25.10.23 Uhrzeit des Schutzereignisses: 23:53 Protokolldatei: e7441396-7380-11ee-9497-00ffc37e793d.json -Softwaredaten- Version: 4.6.5.293 Komponentenversion: 1.0.2181 Version des Aktualisierungspakets: 1.0.76568 Lizenz: Testversion -Systemdaten- Betriebssystem: Windows 11 (Build 22635.2483) CPU: x64 Dateisystem: NTFS Benutzer: System -Einzelheiten zu blockierten Websites- Bösartige Website: 1 , C:\Program Files (x86)\Steam\steamapps\common\Rust\RustClient.exe, Blockiert, -1, -1, 0.0.0, , -Website-Daten- Kategorie: Trojaner Domäne: IP-Adresse: 46.105.77.230 Port: 2024 Typ: Ausgehend Datei: C:\Program Files (x86)\Steam\steamapps\common\Rust\RustClient.exe (end) |
23.11.2023, 22:32 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kein Windows update nach Hackerangriff MKDB hatte mir Hinweise gegeben, eigentlich wollte er die selbst hier posten, aber ich gebe ihn mal wieder. 1. Das ist kein Hackerangriff. Du hast das Tool selbst auf deinen Rechner geladen und hast somit die Situation selbst herbeigeführt. 2. Das System wurde durch die Malware schwer mitgenommen. Ob eine vollständige Reparatur/Wiederherstellung möglich ist, ist schwer zu sagen. Wie empfehlen eine saubere Neuinstallation von Windows.
__________________ --> Kein Windows update nach Hackerangriff |
24.11.2023, 21:12 | #7 |
| Kein Windows update nach Hackerangriff Ja das ist mir selber auch klar das ich die Situation selbst verschuldet habe, mir ist halt wichtig ob das System noch zu retten war und ob evtl. der Virus, Trojaner immer noch auf dem PC ist !!! |
26.11.2023, 14:02 | #8 |
/// TB-Ausbilder | Kein Windows update nach Hackerangriff Dieses Thema scheint erledigt und wird aus unseren Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Jeder andere bitte hier klicken und ein eigenes Thema erstellen. |
Themen zu Kein Windows update nach Hackerangriff |
avast, avira, defender, desktop, email, firefox, format, geld, google, homepage, internet, malware, mozilla, performance, prozesse, realtek, registry, rundll, scan, security, services.exe, software, svchost.exe, updates, windows |