| |
| |||||||
Log-Analyse und Auswertung: Hackerangriff TrojanervirusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
23.11.2023, 10:13
| #16 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Hackerangriff Trojanervirus Dann erklären, warum im letzten Addition.txt Logfile immer noch Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
23.11.2023, 10:29
| #17 |
 | Hackerangriff TrojanervirusCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
durchgeführt von WORKSTATION (Administrator) auf DESKTOP-HKLF9N7 (ASUS System Product Name) (23-11-2023 10:28:58)
Gestartet von C:\Users\ticro\Desktop\FRST64.exe
Geladene Profile: WORKSTATION
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3693 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Crash Processor.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <3>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Adobe\Adobe InDesign 2024\InDesign.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\CEPHtmlEngine.exe <23>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\iA Writer\iAWriter.exe ->) (Information Architects AG -> The CefSharp Authors) C:\Program Files\iA Writer\CefSharp.BrowserSubprocess.exe <3>
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (6099D0EF-9374-47ED-BDFE-A82136831235 -> File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.2.1.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe InDesign 2024\InDesign.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (B8E9A58B-32A7-4C6C-A474-D4BE2A3CEAD8 -> Xander Frangos) C:\Program Files\WindowsApps\38002AlexanderFrangos.TwinkleTray_1.15.2.0_x64__m7qx9dzpwqaze\app\Twinkle Tray.exe <5>
(explorer.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\ticro\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Information Architects AG -> iA) C:\Program Files\iA Writer\iAWriter.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(explorer.exe ->) (VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <51>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (CleverFiles) [Datei ist nicht signiert] C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_d8d8130c2588d45b\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08a52cf2f322ba79\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(sihost.exe ->) (40E66D07-5A3A-4954-9CA3-A1EB15ED0804 -> ) C:\Program Files\WindowsApps\19282JackieLiu.Notepads-Beta_1.4.8.0_x64__echhpq9pdbte8\Notepads.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2342.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <10>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Skype Software Sarl -> ) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(svchost.exe ->) (Skype Software Sarl -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [Drakonia II Gaming Mouse] => C:\Program Files (x86)\Drakonia II Gaming Mouse\hid.exe [794112 2019-03-22] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-04-15] (Power Software Ltd -> Power Software Ltd)
HKLM-x32\...\Run: [Logi Tune] => C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe [134023056 2022-12-09] (Logitech Inc -> Logitech)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2023-09-16] (Adobe Inc. -> Adobe Inc.)
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\MRT: Beschränkung <==== ACHTUNG
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [f.lux] => C:\Users\ticro\AppData\Local\FluxSoftware\Flux\flux.exe [1525880 2023-05-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4377448 2023-10-31] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Discord] => C:\Users\ticro\AppData\Local\Discord\Update.exe [1525016 2022-10-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [MicrosoftEdgeAutoLaunch_06E1957EAB573F921F12B105FFB2C315] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Camera Hub] => "C:\Program Files\Elgato\CameraHub\Camera Hub.exe" /b (Keine Datei)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37138384 2023-11-18] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2023-06-29] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13734376 2023-02-28] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11517400 2023-11-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\MountPoints2: G - "G:\setup.exe"
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2022-11-14] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON ET-M2170 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBVWE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-17] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {D747AFDA-A166-4CDD-BF9C-87C9BBA0D244} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {B243DFFA-6EE8-44C5-83F7-48D68CBEFB9D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7C692311-D0CE-4B5F-9593-846896F6EBA1} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {455EA75D-7ABB-4AB7-B755-3F8148626D14} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [313192 2023-09-12] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {4F6864B4-BF0C-49AC-953D-467ED4AFC413} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1946472 2023-09-12] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {FB6E6F84-3532-49C2-9A51-5FF3B6FB961D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d8ef70f9dc8bf1 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {7C9E40F9-31B3-4820-87BA-258060515317} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {2F9D894E-556B-457E-BFE3-EF1B4DE79038} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2023-09-14] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {DB8EF6E8-4554-467E-901B-3BE0B42B6FD2} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1254760 2022-12-05] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {9730E86E-DDE0-4AFE-A659-AB98AA2D627C} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {E71998A1-B1B8-41AD-9C5A-1DEFA5BF6DB1} - System32\Tasks\EPSON ET-M2170 Series Update {EE712C26-6847-4484-9034-1F116AFF0323} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVWE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {DD293FE9-1D46-4CBF-9E8A-229949916DD5} - System32\Tasks\GoogleUpdateTaskMachineCore{735CF719-D2AA-4EC9-9643-868778E0CD5B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-16] (Google LLC -> Google LLC)
Task: {A7645D33-0852-4437-9175-3943EF6C562B} - System32\Tasks\GoogleUpdateTaskMachineUA{ABBDF71D-6D2B-46C6-A3D6-886B290C59A5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-16] (Google LLC -> Google LLC)
Task: {401E41BB-BB23-473C-AD6F-CD721BC10EF8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB9A956B-5E52-4A31-A60A-8BF3B3A47D58} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {803EED4E-495A-4F50-A30A-AB5695A69384} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D599AAE-AA64-4250-ABE1-E922EC3BA29D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C68F8EC-531D-4B3E-8BF0-1B476C56CF87} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7335B9A2-E8A6-426F-9216-ACB827895D12} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\WINDOWS\System32\unifiedconsent.dll [278016 2023-11-18] (Microsoft Windows -> Microsoft Corporation)
Task: {299E11AC-CA16-4CC4-B7B0-A612C299492F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F358F8B7-51B0-4604-A4FC-FE56B36350FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6541D807-83DA-4F38-9B8D-1830F84FAC10} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0CC7559D-1679-4CCF-BCC2-74C9A0B00283} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {01C8303C-3BB9-4643-8530-AD7C657F2D0B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-18] (Microsoft Windows -> Microsoft Corporation)
Task: {EB3F2107-8E55-4FE3-B117-18D581EB0864} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D0869EBD-0BCE-4908-89BE-8867403E127F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {36EA9754-95C6-4445-BB07-630C30444677} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B2DBBB81-244A-4440-AE9F-D28D91C00F68} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {46B578DA-122C-4879-B43D-1AB0F4404F10} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {27312F1C-0984-453A-AB9A-9C9E51060CC9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {453C683F-B3E5-4F07-AF45-5F4D09E70FED} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {971A08DD-7599-4893-B55C-11B098070C98} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2DC25538-0304-4829-B47A-7BE2324A7DFD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8A5E4BFE-C27E-4A45-A030-046322F06E60} - System32\Tasks\Opera scheduled Autoupdate 1668199992 => C:\Users\ticro\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON ET-M2170 Series Update {EE712C26-6847-4484-9034-1F116AFF0323}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVWE.EXE:/EXE:{EE712C26-6847-4484-9034-1F116AFF0323} /F:UpdateWORKGROUP\DESKTOP-HKLF9N7$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0f641379-587b-4966-b597-38c1516525b1}: [DhcpNameServer] 192.168.178.1
Edge:
=======
Edge HomeButtonPage: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001 -> hxxps://www.ya.ru/?win=591&clid=2761555-72
Edge Profile: C:\Users\ticro\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-21]
Edge Extension: (Google Docs Offline) - C:\Users\ticro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\ticro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-07]
FireFox:
========
FF ProfilePath: C:\Users\ticro\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2023-04-29]
FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> hxxps://www.ya.ru/?win=591&clid=2761555-72
FF SearchPlugin: C:\Users\ticro\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.ru-20231929.xml [2023-04-29]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-09-16] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-09-16] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default [2023-11-23]
CHR DownloadDir: C:\Users\ticro\Desktop
CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://www.facebook.com; hxxps://www.lieferando.de; hxxps://www.sueddeutsche.de
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Pop-up-Blocker für Chrome™ - Poper Blocker) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2023-11-21]
CHR Extension: (uBlock Origin) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-11-21]
CHR Extension: (change-language) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-11-22]
CHR Extension: (Just Read) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmanlpmmkibanfdgjocnabmcaclkmod [2023-11-21]
CHR Extension: (Reader View) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecabifbgmdmgdllomnfinbmaellmclnh [2023-10-19]
CHR Extension: (Session Buddy) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2023-11-21]
CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-19]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2023-07-24]
CHR Extension: (I don't care about cookies) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-10-19]
CHR Extension: (Google Docs Offline) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-19]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-21]
CHR Extension: (Volume Master - Lautstärkeregler) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2023-11-22]
CHR Extension: (Marsala) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjlfmldcaheghnjjpgpoadjfppefjmkj [2023-01-15]
CHR Extension: (YouTube™ Repeat Button) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lapfofmpmghklaegbdamgdojjninpnkg [2023-07-24]
CHR Extension: (Shazam: Finde Songtitel in deinem Browser) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-10-27]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2023-10-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-03]
CHR Extension: (Browse AI: Fast Web Scraping & Monitoring) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpcenkclppghkfpielmefegceegofeh [2023-11-08]
CHR Extension: (Mute Tab Shortcuts) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\opcjanmpjbdbdpnjfjbboacibokblbhl [2022-12-16]
CHR Extension: (UnDistracted - Hide Facebook, YouTube Feeds) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjgklgkfeoeiebjogplpnibpfnffkng [2023-05-10]
CHR Profile: C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-09-22]
CHR DefaultSearchURL: Profile 1 -> hxxps://yandex.ru/search/?__PARAM__from=chromesearch&text={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> yandex.ru
CHR DefaultSuggestURL: Profile 1 -> hxxps://suggest.yandex.net/suggest-ff.cgi?uil=ru&part={searchTerms}
CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-22]
CHR Extension: (Яндекс) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhkbfkkohcdgpckffakhbllifkakihmh [2023-09-22]
CHR Extension: (Google Docs Offline) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-22]
CHR Profile: C:\Users\ticro\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-19]
CHR HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhkbfkkohcdgpckffakhbllifkakihmh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Profile: C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable [2023-04-29]
OPR Extension: (Rich Hints Agent) - C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-11]
OPR Extension: (Opera Wallet) - C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-11-11]
Brave:
=======
BRA Profile: C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-01-20]
BRA Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-01-02]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-01-02]
BRA Extension: (Brave NTP background images) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-01-02]
BRA Extension: (Wallet Data Files Updater) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-01-02]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-01-02]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-01-02]
BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2023-01-02]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-01-02]
BRA Extension: (Brave NTP sponsored images) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2023-01-02]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-01-02]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-09-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [399984 2023-07-27] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe [896872 2023-07-27] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-05-19] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2022-12-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1157088 2023-11-21] (ASUSTeK COMPUTER INC. -> )
R2 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [278528 2020-12-10] (CleverFiles) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-11-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2317800 2023-02-28] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178728 2023-02-28] (GOG Sp. z o.o. -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-10-25] (Logitech Inc -> Logitech)
R2 LogiTuneUpdaterService; C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe [7005584 2022-12-09] (Logitech Inc -> Logitech, Inc.)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [17595136 2023-02-03] (Logitech Inc -> Logitech, Inc.)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [49256 2022-08-15] (ASUSTeK COMPUTER INC. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2023-11-21] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43016 2023-10-19] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [32320 2022-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [386552 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Dokan Project)
S3 ElgatoVirtualCamera; C:\WINDOWS\System32\drivers\ElgatoVirtualCamera.sys [14380560 2022-08-16] (WDKTestCert Elgato,132863164269755022 -> Windows (R) Win 7 DDK provider)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54752 2023-01-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R3 MpKsl4c0bff4d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{33DE8A69-C6E7-46B0-8C26-598035B24B3C}\MpKslDrv.sys [263560 2023-11-23] (Microsoft Windows -> Microsoft Corporation)
R3 MpKslf383bc03; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{733F9CDE-23BA-48C7-932F-622DAA77AEE1}\MpKslDrv.sys [263560 2023-11-21] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19016 2023-03-12] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 RDID1102; C:\WINDOWS\system32\Drivers\RDWM1102.SYS [55296 2021-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
U4 UnlockerDriver5; \??\C:\Users\ticro\Desktop\x86\UnlockerDriver5.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-11-23 10:06 - 2023-11-23 10:06 - 000000000 ____D C:\Users\ticro\Desktop\FRST-OlderVersion
2023-11-22 21:25 - 2023-11-22 21:26 - 000000000 ____D C:\Users\ticro\Desktop\2018 Gespräche
2023-11-22 21:25 - 2023-11-22 21:25 - 000000000 ____D C:\Users\ticro\Desktop\2018 Alexander Olschweski
2023-11-22 07:18 - 2023-11-22 07:18 - 000000000 _____ C:\Users\ticro\Desktop\~umschlag_pfloecke_~h$fnf4.idlk
2023-11-22 07:17 - 2023-11-22 07:17 - 000000000 _____ C:\Users\ticro\Desktop\~tg_pfloecke_12.6x1~0u8dg9.idlk
2023-11-22 07:16 - 2023-11-22 07:16 - 000000000 _____ C:\Users\ticro\Desktop\~tg_seuchen_12.6x18~utq_9b.idlk
2023-11-22 07:16 - 2023-11-22 07:16 - 000000000 _____ C:\Users\ticro\Desktop\~tg_schwerter_des_g~gsv6q-.idlk
2023-11-21 22:01 - 2023-11-21 22:01 - 000001052 _____ C:\Users\ticro\Desktop\Adobe InDesign 2024.lnk
2023-11-21 22:00 - 2023-11-21 22:00 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2024.lnk
2023-11-21 20:41 - 2023-11-21 20:41 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop (Beta).lnk
2023-11-21 19:36 - 2023-11-21 21:49 - 117702656 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-11-21 19:33 - 2023-11-21 19:36 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-11-21 19:23 - 2023-11-21 19:23 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-11-21 16:58 - 2023-11-23 10:29 - 000045751 _____ C:\Users\ticro\Desktop\FRST.txt
2023-11-21 16:58 - 2023-11-23 10:29 - 000000000 ____D C:\FRST
2023-11-21 16:58 - 2023-11-23 10:06 - 002383872 _____ (Farbar) C:\Users\ticro\Desktop\FRST64.exe
2023-11-20 16:33 - 2023-11-20 16:33 - 000059904 _____ C:\Users\ticro\Desktop\Microsoft Publisher Document (neu).pub
2023-11-20 09:30 - 2023-11-22 14:05 - 017289216 _____ C:\Users\ticro\Desktop\TG_Schwerter_des_Geistes_Buch.indd
2023-11-20 07:58 - 2023-11-20 10:16 - 000397738 _____ C:\Users\ticro\Desktop\Umschlag_Pfloecke_WS_mit_Beschnitt.pdf
2023-11-20 06:59 - 2023-11-22 21:33 - 119939072 _____ C:\Users\ticro\Desktop\TG_Pfloecke_12.6x18.8+0.5_Beschnitt_666p_115g.indd
2023-11-20 05:00 - 2023-11-22 13:49 - 002412544 _____ C:\Users\ticro\Desktop\Umschlag_Pfloecke_WS_mit_Beschnitt.indd
2023-11-20 04:45 - 2023-11-20 04:45 - 001137386 _____ C:\Users\ticro\Desktop\ulysses_9783518472255_leseprobe.pdf
2023-11-20 01:57 - 2023-11-20 01:57 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2024.lnk
2023-11-20 01:55 - 2023-11-20 01:55 - 000001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2024.lnk
2023-11-20 01:53 - 2023-11-20 01:53 - 000001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2024.lnk
2023-11-20 01:50 - 2023-11-20 01:50 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2024.lnk
2023-11-20 01:29 - 2023-11-20 01:29 - 518089128 _____ C:\Users\ticro\Desktop\20111108-164835-rot-topaz.tiff
2023-11-18 15:17 - 2023-11-18 15:20 - 520362452 _____ C:\Users\ticro\Desktop\Roter_Drache[supervideo.tv].mp4
2023-11-18 11:26 - 2023-11-18 11:26 - 000000000 ___HD C:\$WinREAgent
2023-11-17 14:33 - 2023-11-17 14:33 - 000032288 _____ C:\Users\ticro\Desktop\RE882610078.pdf
2023-11-17 02:15 - 2023-11-17 02:15 - 002555143 _____ C:\Users\ticro\Desktop\2012.10.08 – Basisbuch 2011 [x].pdf
2023-11-16 18:30 - 2023-11-16 18:30 - 000007835 _____ C:\Users\ticro\Desktop\MedGG_9.pdf
2023-11-16 12:47 - 2023-11-16 12:47 - 000057198 _____ C:\Users\ticro\Desktop\testseite.pdf
2023-11-15 09:39 - 2023-11-15 09:39 - 003276442 _____ C:\Users\ticro\Desktop\Tanck 2022.pdf
2023-11-13 21:17 - 2023-11-13 21:17 - 004866460 _____ C:\Users\ticro\Desktop\Istanbul 2015.pdf
2023-11-13 21:16 - 2023-11-13 21:16 - 000918650 _____ C:\Users\ticro\Desktop\Lohse 2021 de.pdf
2023-11-13 21:15 - 2023-11-13 21:15 - 004866460 _____ C:\Users\ticro\Desktop\Yeni-Tıp-Tarihi-Araştırmaları-21-2015.pdf
2023-11-13 21:15 - 2023-11-13 21:15 - 001140297 _____ C:\Users\ticro\Desktop\Lohse 2021.pdf
2023-11-12 12:48 - 2023-11-12 12:48 - 000955631 _____ C:\Users\ticro\Desktop\Greenwood 1928.pdf
2023-11-09 17:35 - 2023-11-09 17:35 - 052119823 _____ C:\Users\ticro\Desktop\Jonas 2017.pdf
2023-11-09 17:23 - 2023-11-09 17:23 - 000000000 ____D C:\Users\ticro\Desktop\Firefly
2023-11-07 07:23 - 2023-11-07 07:23 - 000077058 _____ C:\Users\ticro\Desktop\Schikowski 2016.pdf
2023-11-07 07:22 - 2023-11-07 07:22 - 003145020 _____ C:\Users\ticro\Desktop\Stompe-Ritter 2014.pdf
2023-11-07 07:20 - 2023-11-07 07:20 - 004375353 _____ C:\Users\ticro\Desktop\Thießen 2021.pdf
2023-11-07 07:18 - 2023-11-07 07:18 - 006436962 _____ C:\Users\ticro\Desktop\Stettler 1979.pdf
2023-11-07 07:18 - 2023-11-07 07:18 - 000326733 _____ C:\Users\ticro\Desktop\Hagner 2018.pdf
2023-11-06 19:01 - 2023-11-06 19:01 - 004993819 _____ C:\Users\ticro\Desktop\Bonah 2011.pdf
2023-11-06 05:52 - 2023-11-06 05:54 - 000000000 ____D C:\Users\ticro\Desktop\PDFs ungeordnet
2023-11-06 05:52 - 2023-11-06 05:53 - 000000000 ____D C:\Users\ticro\Desktop\Bilder ungeordnet
2023-11-06 05:25 - 2023-11-06 05:25 - 087807032 _____ C:\Users\ticro\Desktop\Lena MeyerLandrut öffnet ihre Tasche mit Lieblingsbuch Nagelöl In the Bag VOGUE Germany YouTube1080p.mp4
2023-11-06 04:51 - 2023-11-06 04:51 - 042459453 _____ C:\Users\ticro\Desktop\Adobe InDesign Course Class 29 Creating an Index YouTube1080p.mp4
2023-11-03 21:52 - 2023-11-18 21:41 - 000000000 ____D C:\Users\ticro\Desktop\Gendersprache, Transgender, Frauenquote
2023-10-31 11:24 - 2023-10-31 11:24 - 153316210 _____ C:\Users\ticro\Desktop\lena-desktop-2023-BE-topaz.tiff
2023-10-28 21:19 - 2023-10-28 21:19 - 000000000 ____D C:\Users\ticro\AppData\Roaming\iA Inc
2023-10-27 21:17 - 2023-10-27 21:17 - 000903052 _____ C:\Users\ticro\Desktop\Ulrichs 2012.pdf
2023-10-27 20:16 - 2023-10-27 20:16 - 847000527 _____ C:\WINDOWS\MEMORY.DMP
2023-10-27 20:16 - 2023-10-27 20:16 - 004397476 _____ C:\WINDOWS\Minidump\102723-11359-01.dmp
2023-10-26 05:25 - 2023-10-26 05:25 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk
2023-10-25 07:58 - 2023-11-19 21:12 - 120090624 _____ C:\Users\ticro\Desktop\TG_Seuchen_12.6x18.8+0.5_Beschnitt_600p_115g_mit_Farbseiten_WS3-Feinsatz.indd
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-11-23 10:26 - 2022-11-03 13:39 - 000000000 ____D C:\Users\ticro\AppData\Local\ClassicShell
2023-11-23 10:25 - 2022-11-03 11:38 - 000000000 ____D C:\Users\ticro\AppData\Local\LogiOptionsPlus
2023-11-23 10:20 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-23 10:16 - 2022-11-03 11:44 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-23 10:16 - 2022-09-08 04:13 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-23 10:08 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-23 09:55 - 2023-02-20 01:46 - 000000000 ____D C:\Users\ticro\Documents\Assassin's Creed Unity
2023-11-23 08:05 - 2023-01-06 12:26 - 000000000 ____D C:\Users\ticro\AppData\Roaming\vlc
2023-11-23 00:53 - 2022-11-03 11:42 - 000000000 ____D C:\Program Files\ASUS
2023-11-22 20:10 - 2022-11-11 20:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-11-22 12:42 - 2022-11-03 12:51 - 001723308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-22 12:42 - 2019-12-07 15:51 - 000743838 _____ C:\WINDOWS\system32\perfh007.dat
2023-11-22 12:42 - 2019-12-07 15:51 - 000150260 _____ C:\WINDOWS\system32\perfc007.dat
2023-11-22 12:25 - 2022-11-03 11:33 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-22 08:03 - 2022-11-11 20:49 - 000179300 _____ C:\Users\ticro\Desktop\Notizen.md
2023-11-22 08:03 - 2022-11-11 20:48 - 000000000 ____D C:\Users\ticro\AppData\Roaming\iA Writer
2023-11-21 22:22 - 2022-11-11 20:33 - 000000000 ____D C:\Users\ticro\AppData\Roaming\Microsoft\Word
2023-11-21 22:00 - 2022-11-11 20:36 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-11-21 21:57 - 2022-12-20 21:48 - 000000000 ____D C:\Users\ticro\AppData\Local\CrashDumps
2023-11-21 21:52 - 2022-11-11 20:38 - 000000000 ___RD C:\Users\ticro\Creative Cloud Files
2023-11-21 21:51 - 2023-10-19 05:50 - 000000000 ____D C:\Users\ticro\AppData\Roaming\asus_framework
2023-11-21 21:50 - 2022-11-03 12:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-21 21:50 - 2022-11-03 12:05 - 001205104 _____ () C:\WINDOWS\system32\wpbbin.exe
2023-11-21 21:50 - 2022-11-03 12:05 - 001157088 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2023-11-21 21:50 - 2022-11-03 12:05 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-21 21:49 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-11-21 21:45 - 2023-07-26 15:17 - 000000000 ____D C:\Users\ticro\AppData\Roaming\DeepL_SE
2023-11-21 21:42 - 2022-11-11 20:52 - 000000000 ____D C:\Program Files (x86)\Steam
2023-11-21 21:41 - 2022-12-26 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2023-11-21 21:41 - 2022-12-26 14:31 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-11-21 21:41 - 2022-11-03 11:33 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-11-21 21:40 - 2022-11-12 17:25 - 000000000 ____D C:\ProgramData\MAGIX
2023-11-21 20:59 - 2022-11-12 17:52 - 000000000 ____D C:\Program Files\Common Files\VST3
2023-11-21 20:59 - 2022-11-11 21:20 - 000000000 ____D C:\Program Files\Electronic Arts
2023-11-21 20:59 - 2022-11-03 11:37 - 000000000 ____D C:\ProgramData\Package Cache
2023-11-21 19:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-21 19:24 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-21 19:23 - 2022-11-11 20:30 - 000000000 ____D C:\Program Files\Microsoft Office
2023-11-21 19:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-11-21 19:22 - 2022-11-03 12:45 - 005178376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-21 19:22 - 2022-11-03 12:05 - 000000000 ____D C:\ProgramData\ASUS
2023-11-21 19:21 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-11-21 19:21 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-21 19:21 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-11-21 19:21 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-21 19:21 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2023-11-21 19:21 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\de
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-21 19:21 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-11-21 19:19 - 2022-12-16 08:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-11-21 19:19 - 2022-12-16 08:26 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2023-11-21 19:19 - 2022-12-16 08:26 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-11-21 19:16 - 2022-12-16 06:25 - 000000000 ____D C:\Users\ticro\Desktop\Coronavirus Buch
2023-11-20 18:55 - 2022-11-11 18:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-20 09:46 - 2022-11-03 11:34 - 000000000 ____D C:\Users\ticro\AppData\Roaming\Adobe
2023-11-20 05:46 - 2023-07-29 12:13 - 001536000 _____ C:\Users\ticro\Desktop\Umschlag_Beschnitt_0,5cm_für_115g_weiss_600p_29.90x19.indd
2023-11-20 01:57 - 2022-11-11 20:36 - 000000000 ____D C:\Program Files\Adobe
2023-11-20 01:53 - 2022-11-11 20:43 - 000000000 ____D C:\Users\Public\Documents\Adobe
2023-11-18 11:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-18 11:31 - 2019-12-07 15:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-11-18 11:31 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-11-18 11:31 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-11-18 11:29 - 2022-11-03 12:48 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-18 11:23 - 2022-11-11 18:12 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-11-18 00:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-18 00:26 - 2022-11-03 12:05 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-17 07:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-11-17 01:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-11-17 01:16 - 2023-02-16 14:39 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-13 20:10 - 2023-05-09 14:34 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2023.lnk
2023-11-13 20:07 - 2023-09-19 11:26 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2024.lnk
2023-11-13 20:07 - 2022-11-11 20:36 - 000000000 ____D C:\ProgramData\Adobe
2023-11-11 08:10 - 2023-02-16 14:39 - 000004014 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{ABBDF71D-6D2B-46C6-A3D6-886B290C59A5}
2023-11-11 08:10 - 2023-02-16 14:39 - 000003890 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{735CF719-D2AA-4EC9-9643-868778E0CD5B}
2023-11-10 12:06 - 2022-11-12 15:18 - 000000000 ____D C:\Users\ticro\AppData\Roaming\discord
2023-11-10 12:06 - 2022-11-12 15:18 - 000000000 ____D C:\Users\ticro\AppData\Local\Discord
2023-11-08 18:09 - 2022-12-16 07:04 - 000001456 _____ C:\Users\ticro\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2023-11-07 16:05 - 2022-11-03 12:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-06 19:23 - 2022-12-16 06:32 - 000000000 ____D C:\Users\ticro\Desktop\TG_S_BILDER
2023-11-05 03:55 - 2022-11-11 18:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-04 16:03 - 2022-11-03 11:43 - 000000000 ____D C:\Program Files (x86)\LightingService
2023-11-01 01:20 - 2022-11-03 12:48 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-11-01 01:20 - 2022-11-03 12:48 - 000003630 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-29 23:42 - 2022-12-16 06:25 - 000000000 ____D C:\Users\ticro\Desktop\chap-4-references
2023-10-29 10:32 - 2022-11-03 12:42 - 000000000 ____D C:\Users\ticro
2023-10-27 20:16 - 2022-12-24 12:56 - 000000000 ____D C:\WINDOWS\Minidump
2023-10-27 20:16 - 2022-11-03 12:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-27 07:47 - 2022-11-11 20:33 - 000000000 ____D C:\Users\ticro\AppData\Roaming\Microsoft\Office
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2022-12-16 07:04 - 2023-11-08 18:09 - 000001456 _____ () C:\Users\ticro\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2022-11-11 20:42 - 2022-11-11 20:42 - 000000000 _____ () C:\Users\ticro\AppData\Local\oobelibMkey.log
2022-12-16 10:22 - 2022-12-16 10:22 - 000007605 _____ () C:\Users\ticro\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
23.11.2023, 10:50
| #18 |
| | Hackerangriff TrojanervirusCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
durchgeführt von WORKSTATION (23-11-2023 10:29:42)
Gestartet von C:\Users\ticro\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3693 (X64) (2022-11-03 11:48:05)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1068755797-3644653114-3026200473-500 - Administrator - Enabled)
DefaultAccount (S-1-5-21-1068755797-3644653114-3026200473-503 - Limited - Disabled)
Gast (S-1-5-21-1068755797-3644653114-3026200473-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1068755797-3644653114-3026200473-504 - Limited - Disabled)
WORKSTATION (S-1-5-21-1068755797-3644653114-3026200473-1001 - Administrator - Enabled) => C:\Users\ticro
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 23.006.20380 - Adobe)
Adobe After Effects 2024 (HKLM-x32\...\AEFT_24_0_3) (Version: 24.0.3 - Adobe Inc.)
Adobe Audition 2024 (HKLM-x32\...\AUDT_24_0_3) (Version: 24.0.3 - Adobe Inc.)
Adobe Bridge 2023 (HKLM-x32\...\KBRG_13_0_5) (Version: 13.0.5 - Adobe Inc.)
Adobe Bridge 2024 (HKLM-x32\...\KBRG_14_0_1) (Version: 14.0.1 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.0.0.571 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.)
Adobe Illustrator 2023 (HKLM-x32\...\ILST_27_8) (Version: 27.8 - Adobe Inc.)
Adobe InDesign 2024 (HKLM-x32\...\IDSN_19_0) (Version: 19.0 - Adobe Inc.)
Adobe Media Encoder 2024 (HKLM-x32\...\AME_24_0_3) (Version: 24.0.3 - Adobe Inc.)
Adobe Photoshop (Beta) (HKLM-x32\...\PHSPBETA_25_3) (Version: 25.3.0.2405 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_1) (Version: 25.1.0.120 - Adobe Inc.)
Adobe Premiere Pro 2024 (HKLM-x32\...\PPRO_24_0_3) (Version: 24.0.3 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AntConc Version 4.1.4 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\{1FC711C0-DFA6-49BA-87C9-EC7C86DFE265}_is1) (Version: 4.1.4 - AntLab Solutions)
A-PRO Driver (HKLM\...\RolandRDID0102) (Version: - Roland Corporation)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.6.8 - ASUS)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.50.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{6aabd550-b97f-4b87-8c12-fb271d7c8047}) (Version: 1.1.50.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.9.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{2fc4816b-566a-4170-9b4d-1dc8bad8a164}) (Version: 1.3.9.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.39 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.6.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{20a5b340-899f-4e14-904f-8cb333ce9663}) (Version: 0.0.6.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.0.1.5 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 3.03.09 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.107 - ASUSTeK Computer Inc.) Hidden
Audacity 3.2.5 (HKLM\...\Audacity_is1) (Version: 3.2.5 - Audacity Team)
AURA DRAM Component (HKLM\...\{6FB66775-BB93-4D0A-9871-4CC9B2E87BF3}) (Version: 1.1.23 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{179f415f-2ff3-4db1-bcc1-d5730f746db8}) (Version: 1.1.23 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.36 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.36 - ASUS)
AURA Service (HKLM-x32\...\{0fcadbd2-1a6a-4a4a-a56d-fc7163d9b3fa}) (Version: 3.07.25 - ASUSTeK Computer Inc.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.25 - ASUSTeK Computer Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Browse 2023.1 (HKLM\...\{E2E127D1-DAF6-11ED-9C23-5CF9DD6B5363}) (Version: 2023.1.0.975 - Sony)
Catalyst Prepare 2023.1 (HKLM\...\{E0DB7FE1-DB0E-11ED-989C-5CF9DD6B5363}) (Version: 2023.1.0.975 - Sony)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
CrystalDiskInfo 8.17.13 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.13 - Crystal Dew World)
Discord (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Discord) (Version: 1.0.9007 - Discord Inc.)
Disk Drill 4.1.551.0 (HKLM-x32\...\{a2831651-c6b5-4aac-a467-d9fe836c8701}) (Version: 4.1.551.0 - CleverFiles)
Disk Drill 4.1.551.0 (x64) (HKLM\...\{E17DB604-AFC0-4B5E-916D-65D5BFF75774}) (Version: 4.1.551.0 - CleverFiles) Hidden
Dokan Library 1.5.1.1000 (x64) (HKLM\...\{65A3A964-3DC3-0105-0001-211126123627}) (Version: 1.5.1.1000 - Dokany Project) Hidden
Dokan Library 1.5.1.1000 Bundle (HKLM-x32\...\{05c046de-f751-48c8-b8d3-77259ea88eb7}) (Version: 1.5.1.1000 - Dokany Project)
Drakonia II Gaming Mouse (HKLM-x32\...\{74757EB2-1BA0-4242-8F0A-11708D82850B}}_is1) (Version: 1.0.0.0 - Sharkoon)
Druckerdeinstallation für EPSON ET-M2170 Series (HKLM\...\EPSON ET-M2170 Series) (Version: - Seiko Epson Corporation)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.40.3 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{7f329536-2468-4b20-88dc-5e2defcd5ff3}) (Version: 1.1.40.3 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{3BBD4AB3-079D-43CD-8C93-A2AD929EE15A}) (Version: 1.3.65.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
Epson Printer Connection Checker (HKLM-x32\...\{562C1C83-6199-49DD-987B-60D5FF7BC971}) (Version: 3.3.2.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
f.lux (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Flux) (Version: 4.124 - f.lux Software LLC)
FeelYourSound Chillout Engine (HKLM\...\Chillout Engine_is1) (Version: 1.0.0 - FeelYourSound)
FeelYourSound Chord Potion (HKLM\...\Chord Potion_is1) (Version: 2.2.1 - FeelYourSound)
FeelYourSound House Engine (HKLM\...\House Engine_is1) (Version: 1.2.0 - FeelYourSound)
FeelYourSound Melodic Flow (HKLM\...\Melodic Flow_is1) (Version: 1.1.0 - FeelYourSound)
FeelYourSound Sundog (HKLM\...\Sundog_is1) (Version: 3.8.0 - FeelYourSound)
FeelYourSound Xoto Pad (HKLM\...\Xoto Pad_is1) (Version: 2.9.0 - FeelYourSound)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Generals Evolution Beta 0.3 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Generals Evolution Beta 0.3) (Version: - )
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.60.2 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 119.0.6045.160 - Google LLC)
iA Writer (HKLM\...\{43D19872-0096-433C-B718-7E350F0DF797}) (Version: 1.4.8641.17184 - iA Inc)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{a9913343-8463-4fd2-8a33-ae89cbbfe139}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logi Firmware Update Tool for C930e (HKLM-x32\...\FWUpdateC930e) (Version: 2.1.14.0 - Logitech Europe S.A.)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.32.366807 - Logitech)
Logi Tune (HKLM-x32\...\{467b811d-8d20-4c9a-810c-37b3293ba815}) (Version: 3.0.180.0 - Logitech)
Logi Tune 3.0.180 (HKLM-x32\...\{006206E7-C138-4EA2-A8DB-72BD0016BD53}) (Version: 3.0.180.0 - Logitech) Hidden
Logitech Capture (HKLM\...\Capture) (Version: 2.08.11 - Logitech)
Logitech Kameraeinstellungen (HKLM-x32\...\LogiUCDPP) (Version: 2.12.20.0 - Logitech Europe S.A.)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v15.1.0) (Version: - Maxon Computer GmbH)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v2023.0.0) (Version: - Maxon Computer GmbH)
Maxon Cinema 4D 2023 (HKLM\...\Maxon Cinema 4D 2023) (Version: 2023 - Maxon)
Microsoft .NET Host - 6.0.15 (x64) (HKLM\...\{AC25127C-9BB1-4F9A-9B02-B6B6178DD891}) (Version: 48.63.56695 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.15 (x64) (HKLM\...\{EDD929D3-DFE9-40BA-8A13-30F9CE1E2F18}) (Version: 48.63.56695 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.15 (x64) (HKLM\...\{368BE572-D3CE-47B6-A3B1-DE0270E5C109}) (Version: 48.63.56695 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.17029.20028 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.15 (x64) (HKLM\...\{B353ABAB-7F7C-4605-852D-0E5C3E1FA289}) (Version: 48.63.56729 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.15 (x64) (HKLM-x32\...\{06cd4f51-0a4b-471c-9ccc-e3dd11294c03}) (Version: 6.0.15.32217 - Microsoft Corporation)
mp3DirectCut 1.27 (HKLM-x32\...\mp3DirectCut 1.27) (Version: - )
MSVCRT Redists (HKLM\...\{40E9018F-DB42-11ED-AEFC-5CF9DD6B5363}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 5.0.2 - Neat Video team, ABSoft & Team V.R)
Neat Video v5.5.9 Demo plug-in (Second Revision) for Premiere (HKLM\...\Neat Video v5 (SR) for Premiere_is1) (Version: - Neat Video team, ABSoft)
Notion 2.0.41 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.41 - Notion Labs, Inc)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.160 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.160 - NVIDIA Corporation)
NVIDIA Grafiktreiber 527.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.56 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Video Effects (HKLM-x32\...\NVIDIA Video Effects) (Version: 0.7.2 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 28.1.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20028 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.6 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{abe059bb-10a7-4d38-ba59-a4bf3ac7b71a}) (Version: 1.0.9.6 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 221215 - Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
REDlauncher (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.01.02 - ASUSTek Computer Inc.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.1.5.0 - ASUSTek COMPUTER INC.)
Samplitude Pro X4 Suite (HKLM\...\{ECEEBE1E-65B2-4136-9C7B-FAC839BE433F}) (Version: 15.0.0.40 - MAGIX Software GmbH) Hidden
Samplitude Pro X4 Suite (HKLM\...\MX.{ECEEBE1E-65B2-4136-9C7B-FAC839BE433F}) (Version: 15.0.0.40 - MAGIX Software GmbH)
Samplitude Pro X7 Suite (HKLM\...\{3B7DD78F-EB57-4DC8-A462-E2563DCBA942}) (Version: 18.0.0.22190 - MAGIX Software GmbH) Hidden
Samplitude Pro X7 Suite (HKLM\...\MX.{3B7DD78F-EB57-4DC8-A462-E2563DCBA942}) (Version: 18.1.1.22392 - MAGIX Software GmbH)
Samplitude Pro X7 Suite Update (HKLM\...\{0C0053F1-F049-4F95-BE6F-357273CF970B}) (Version: 18.1.1.22392 - MAGIX Software GmbH) Hidden
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Topaz Photo AI (HKLM\...\{7F8736DE-1FE0-4FDB-A517-6B3891EF8098}) (Version: 1.5.2 - Topaz Labs LLC)
Topaz Video AI 3.2.5 (HKLM\...\Topaz Video AI_is1) (Version: 3.2.5 - LR)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 125.1.10585 - Ubisoft)
United Plugins Bundle (HKLM\...\{349EC1D2-8D77-40B4-89EE-612E2F1F6E26}_is1) (Version: 2023.2 - United Plugins & Team V.R)
Unity Hub 3.5.2 (HKLM\...\Unity Technologies - Hub) (Version: 3.5.2 - Unity Technologies Inc.)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.5 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{fba0580a-1ad3-44e2-b463-13a30387085c}) (Version: 1.0.0.5 - PD) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VGA (HKLM-x32\...\{0f87ebb7-aabb-43e5-9c5d-28744f517468}) (Version: 3.01.05 - ASUSTek Computer Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Warcraft II (HKLM-x32\...\1418669891_is1) (Version: 2.02 v4 - GOG.com)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.2183 - Microsoft Corporation)
WinRAR 5.00 beta 6 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
WinSnap (HKLM-x32\...\WinSnap) (Version: 4.5.2 - NTWind Software)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-12-16] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2023-11-21] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-11-11] (Adobe Systems Incorporated)
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.4.0.0_x86__kc6t79cpj4tp0 [2023-02-04] (AMZN Mobile LLC)
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.6.8.0_x64__qmba6cd70vzyy [2023-07-27] (ASUSTeK COMPUTER INC.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.41.5.0_x64__6rarf9sa4v8jt [2022-11-03] (Disney)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.2.1.0_x86__1sdd7yawvg6ne [2023-07-27] (File-New-Project) [Startup Task]
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2023-07-27] (INTEL CORP) [Startup Task]
LiquidText -> C:\Program Files\WindowsApps\LiquidText.LiquidText_2.6.82.0_x64__rx5mtpcf576t0 [2023-01-03] (LiquidText)
Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2302.13003.0_x64__8wekyb3d8bbwe [2023-03-24] (Microsoft Corporation) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Studios) [MS Ad]
MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation) [MS Ad]
Notepads App -> C:\Program Files\WindowsApps\19282JackieLiu.Notepads-Beta_1.4.8.0_x64__echhpq9pdbte8 [2023-01-03] (Jackie Liu)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-12-26] (NVIDIA Corp.)
Resultivity -> C:\Program Files\WindowsApps\zababahano.3545749027C6F_4.1.77.0_x64__h479t9074rj58 [2023-01-03] (zababahano)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2022-11-03] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0 [2023-07-08] (Spotify AB) [Startup Task]
Twinkle Tray -> C:\Program Files\WindowsApps\38002AlexanderFrangos.TwinkleTray_1.15.2.0_x64__m7qx9dzpwqaze [2023-01-03] (Xander Frangos) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2342.7.0_x64__cv1g1gvanyjgm [2023-10-31] (WhatsApp Inc.) [Startup Task]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-246D6BDDE8A9} -> [Creative Cloud Files] => C:\Users\ticro\Creative Cloud Files [2022-11-11 20:38]
CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\nvshext.dll [2022-12-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2020-02-10 21:36 - 2020-02-10 21:36 - 001221632 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\iA Writer\CefSharp.BrowserSubprocess.Core.dll
2020-02-10 21:36 - 2020-02-10 21:36 - 001861120 _____ () [Datei ist nicht signiert] [Datei wird verwendet] C:\Program Files\iA Writer\CefSharp.Core.dll
2023-10-19 05:49 - 2023-09-14 15:02 - 000322048 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2023-10-19 05:49 - 2023-09-14 15:02 - 000175616 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node
2023-10-19 05:49 - 2023-04-14 13:18 - 000159744 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ref-napi\prebuilds\win32-ia32\electron.napi.node
2023-10-19 05:49 - 2023-04-14 13:18 - 000319488 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\sharp\build\Release\sharp-win32-ia32.node
2023-10-19 05:49 - 2023-09-14 15:02 - 000541696 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\usb\prebuilds\win32-ia32\node.napi.node
2023-11-21 21:51 - 2023-11-21 21:51 - 000137728 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\318e1930-75a2-4fad-876a-63f96416c2d5.tmp.node
2023-11-21 21:51 - 2023-11-21 21:51 - 000118272 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\3d43964d-f93e-405c-938a-b609b57e3895.tmp.node
2023-11-21 21:51 - 2023-11-21 21:51 - 000109056 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\3f27d63a-3871-4c03-940d-d61cba87045c.tmp.node
2023-11-21 21:51 - 2023-11-21 21:51 - 000123392 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\4cbbfa96-405a-4896-a06e-1d2b977c2f73.tmp.node
2023-11-21 21:51 - 2023-11-21 21:51 - 000104960 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\74147ef3-9f72-4d7c-a9a9-ecc34ff778e4.tmp.node
2023-11-21 21:51 - 2023-11-21 21:51 - 000665088 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\b08e8cb6-68c0-4dbb-9198-57028c96bffe.tmp.node
2023-11-21 21:51 - 2023-11-21 21:51 - 000287744 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\d7bf46e7-1588-4790-8eea-ef4abd3fac79.tmp.node
2023-11-21 21:51 - 2023-11-21 21:51 - 000665088 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\e6597e8d-808a-4f51-aa9d-a9d676cecca4.tmp.node
2023-11-21 21:51 - 2023-11-21 21:51 - 000148480 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\f32994db-28be-4212-84b6-fb5d2c0151db.tmp.node
2023-11-05 04:48 - 2023-11-05 04:48 - 000178688 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\Locale\de_de\PDFMaker\PDFMOfficeAddin.DEU
2023-11-21 21:59 - 2023-11-21 21:59 - 000190976 _____ () [Datei ist nicht signiert] C:\Program Files\Adobe\Adobe InDesign 2024\tbbmalloc.dll
2017-01-04 09:55 - 2017-01-04 09:55 - 001044480 _____ () [Datei ist nicht signiert] C:\Program Files\iA Writer\e_sqlite3.DLL
2020-01-30 07:55 - 2020-01-30 07:55 - 116862464 _____ () [Datei ist nicht signiert] C:\Program Files\iA Writer\libcef.dll
2020-01-30 06:46 - 2020-01-30 06:46 - 000373760 _____ () [Datei ist nicht signiert] C:\Program Files\iA Writer\libegl.dll
2020-01-30 06:46 - 2020-01-30 06:46 - 008005632 _____ () [Datei ist nicht signiert] C:\Program Files\iA Writer\libglesv2.dll
2023-11-05 04:48 - 2023-11-05 04:48 - 000021504 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu
2018-07-15 13:15 - 2018-07-15 13:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\WINDOWS\system32\StartMenuHelper64.dll
2022-11-11 20:31 - 2022-11-11 20:31 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2022-11-11 20:31 - 2022-11-11 20:31 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2022-11-11 20:31 - 2022-11-11 20:31 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2022-11-11 20:31 - 2022-11-11 20:31 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\enppmon.dll
2020-01-30 06:47 - 2020-01-30 06:47 - 000969216 _____ (The Chromium Authors) [Datei ist nicht signiert] C:\Program Files\iA Writer\chrome_elf.dll
2019-04-22 13:46 - 2019-04-22 13:46 - 000524288 _____ (Thomas Maierhofer) [Datei ist nicht signiert] C:\Program Files\iA Writer\Hunspellx64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.ya.ru/?win=591&clid=2761555-72
SearchScopes: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001 -> DefaultScope 3914679a-e6cb-11ed-a583-50ebf6945631 URL = hxxps://yandex.ru/search/?win=591&clid=2761556-72&text={searchTerms}
SearchScopes: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001 -> 3914679a-e6cb-11ed-a583-50ebf6945631 URL = hxxps://yandex.ru/search/?win=591&clid=2761556-72&text={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\localhost -> localhost
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ticro\Desktop\lena-desktop-2023-BE-topaz.tiff
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "Drakonia II Gaming Mouse"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "Logi Tune"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\StartupFolder: => "DeepL auto-start.lnk"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Opera GX Stable"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_06E1957EAB573F921F12B105FFB2C315"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Wave Link"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "DevEmu_Enabler"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{E467071E-787E-4CFC-9D8F-A0225CA0C063}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BE7E08EF-6FDB-4038-9CAA-8BB15B8C46EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5ABE7B84-EB8E-4CA4-8EB2-E2621F2F9279}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4EB181E2-F4F1-4A60-AD83-EBCDFE19AF60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{42035DFA-B079-452F-8E01-8B23586BC73B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{482870BA-4D39-4519-B605-8DDF745E4E8B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CD13C8F0-10B3-493D-9535-4738B79E1A5D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D8DEC60E-F02C-40B7-96BF-473568D9C3C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{64CD89AF-B837-4ACC-BF58-9F1635EFACC6}] => (Allow) C:\Users\ticro\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [{4B4BD7BD-8DE2-4E20-9FEF-8745FE5511A2}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{A4E9BB71-04A4-450F-A257-375C5CDBBC48}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4E4939BA-3F89-4D6B-A69B-44B878F541D3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2AFD1823-0B10-4343-916C-8EB4BDBEE839}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DBC75C1E-1B33-4DFA-8215-45C40E4AE728}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{14280CBA-69E9-4E5B-BA43-C93672918906}] => (Allow) C:\Users\ticro\AppData\Local\Programs\Opera\92.0.4561.43\opera.exe => Keine Datei
FirewallRules: [{C432913C-C437-438F-B2AC-1AACF3DA8DF7}] => (Allow) C:\Program Files\MAGIX\Samplitude Pro X4 Suite\Sam.exe => Keine Datei
FirewallRules: [TCP Query User{3041F59A-F205-4E89-9669-27A7D4DA4942}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E90519A3-D25F-401E-9D07-C3B0E4984E85}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1BDEEFAF-5753-4210-9B36-B8D081A0E906}] => (Allow) C:\Users\ticro\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => Keine Datei
FirewallRules: [{8D76F525-218F-43CB-B6C6-859FE8198669}] => (Allow) C:\Users\ticro\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => Keine Datei
FirewallRules: [{CEA2CB14-0347-42B0-9911-3492AE03267A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{E6301D6B-1483-416D-A282-93F4654F16EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{85D0E562-BB83-4178-AC57-EEB0B4946823}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{5697DDBE-F0BC-4D32-8FBD-67B9AA1A0EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{04DD9DF3-2112-4F9E-AF9C-77FD65E58923}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe => Keine Datei
FirewallRules: [{43B51A2F-AF30-49DE-9495-304E98A2A46C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe => Keine Datei
FirewallRules: [{6122C4A3-167F-4156-A729-50F3A0A2578D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BF9355D9-AFD0-4564-BB66-48F343AA1F70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5AA9FF16-5A28-48CA-A96A-B3EFDEFA7116}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CDAFD7A0-439C-4824-BC99-4954F38857B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5BE9F168-1754-44DB-B50F-EB8B599C8F26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{10629BCB-ABE4-4758-A4A6-2580950278B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{61C29E0A-3886-4E96-95AD-0AE30571003C}C:\program files\ea games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files\ea games\mass effect 2\binaries\me2game.exe => Keine Datei
FirewallRules: [UDP Query User{0FF59E65-8888-4DE7-B2D5-6A8A1A18EF53}C:\program files\ea games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files\ea games\mass effect 2\binaries\me2game.exe => Keine Datei
FirewallRules: [TCP Query User{488489CD-79FC-4372-899A-4E4532A2D630}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [UDP Query User{FACD06DA-5DF6-49C3-BA3C-2B102B239A8B}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{4D44169B-9296-4F59-BB26-51A8BA567E63}] => (Allow) C:\Program Files\EA Games\Mass Effect 2\Binaries\MassEffect2.exe => Keine Datei
FirewallRules: [{37F89AA8-4FF1-4700-A11E-EFC2390CC6C9}] => (Allow) C:\Program Files\EA Games\Mass Effect 2\Binaries\MassEffect2.exe => Keine Datei
FirewallRules: [TCP Query User{F0310B8D-BB9E-4C00-97E2-5743B9B044A2}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{23226AD5-B478-4F39-B042-D73F3A5E724F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F9143B22-FE08-4D2B-ADBB-50D1357EB292}] => (Allow) C:\Program Files\Vuze\Azureus.exe => Keine Datei
FirewallRules: [{BFFCDBAE-3D39-4A8D-9610-05022D9A1621}] => (Allow) C:\Program Files\Vuze\Azureus.exe => Keine Datei
FirewallRules: [{535BB1C2-9201-403D-BC44-93E3221A5DA9}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.4.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (16916B57-7991-4968-B02A-2ADE4B5FB0DE -> Amazon.com Services LLC)
FirewallRules: [{E25451A8-C3BB-4AA3-B905-B153077B4DC8}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.4.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (16916B57-7991-4968-B02A-2ADE4B5FB0DE -> Amazon.com Services LLC)
FirewallRules: [{8E0AE310-7E11-4B3B-BD2B-8B94EA17049F}] => (Allow) C:\Program Files\Elgato\CameraHub\Camera Hub.exe => Keine Datei
FirewallRules: [{25507D72-A6B9-49E3-81FB-2264CE7DF01A}] => (Allow) C:\Program Files\Elgato\WaveLink\WaveLink.exe => Keine Datei
FirewallRules: [TCP Query User{D3F40382-A4F6-4A05-8623-DF2362B34877}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FFEA3775-0066-478B-90C4-2A7F3FF92C70}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{83025C3C-42B9-4715-B447-462E8A5BFB84}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin\FarCry6.exe => Keine Datei
FirewallRules: [{0010D7FD-6AEF-4D0F-9F1D-521E4113309B}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin\FarCry6.exe => Keine Datei
FirewallRules: [{ABD09784-B90F-450D-8040-A833FF27515F}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin_plus\FarCry6.exe => Keine Datei
FirewallRules: [{F3D23AFE-668D-41CD-B119-E61E5D8645B7}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin_plus\FarCry6.exe => Keine Datei
FirewallRules: [{AEB1D351-E89A-40B4-BAED-3CEB5954DDA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{0A4476D0-F16D-4BE5-A35C-39F98E6AA6FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{CD6CCE3C-807B-4BDA-8D88-849B95F0F91E}] => (Allow) C:\Program Files\MAGIX\Samplitude Pro X7 Suite\Sam.exe => Keine Datei
FirewallRules: [{D6719EA8-3AA3-4099-8CA5-A1F9C609DC2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\System Shock Demo\SystemShock.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{6F9772D1-48D9-4232-A55A-6C84AFC5E0A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\System Shock Demo\SystemShock.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{EA474D3D-9D35-45A9-B8FC-DFB525E99B2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Concrete Jungle\Concrete Jungle.exe (ColePowered Games Ltd. -> ) [Datei ist nicht signiert]
FirewallRules: [{CE430EE6-367B-4020-9E62-B7D5576381C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Concrete Jungle\Concrete Jungle.exe (ColePowered Games Ltd. -> ) [Datei ist nicht signiert]
FirewallRules: [{C1277428-7DBB-4125-9932-D12CAA6E3F94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mechabellum Playtest\game.exe => Keine Datei
FirewallRules: [{9EC7A4A7-8B7B-4F9C-804D-D3141FF3F6C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mechabellum Playtest\game.exe => Keine Datei
FirewallRules: [TCP Query User{74BC57EA-B137-49A0-AD86-6F94732761DC}C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe => Keine Datei
FirewallRules: [UDP Query User{3CC76833-CC29-4346-B9FE-9537C037FC70}C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe => Keine Datei
FirewallRules: [{7BA482D4-DD69-4296-B9AA-D7B2BF9B47C5}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Warcraft II BNE\Warcraft II BNE.exe (GOG Sp. z o.o. -> Blizzard Entertainment)
FirewallRules: [{F7A1049B-A179-4CFE-AB8E-AA87F02AA8CD}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Warcraft II BNE\Warcraft II BNE_dx.exe (Blizzard Entertainment) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{D932DED3-CEB4-49C1-AF72-12EB0B61D47B}C:\program files (x86)\diablo iv - beta\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv - beta\diablo iv.exe => Keine Datei
FirewallRules: [UDP Query User{B2287F4E-DC44-46B7-81BB-ACFFAA18932B}C:\program files (x86)\diablo iv - beta\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv - beta\diablo iv.exe => Keine Datei
FirewallRules: [TCP Query User{D1144B85-2D51-4EB8-92FF-8CB2DE594B43}C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe] => (Allow) C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe => Keine Datei
FirewallRules: [UDP Query User{68B42E64-BAA5-4857-A6E3-F760B09B8B2B}C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe] => (Allow) C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe => Keine Datei
FirewallRules: [{9BF1A858-1D38-46BE-9381-486CE21E6F63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [Datei ist nicht signiert]
FirewallRules: [{C2607182-F8B7-4DF8-988A-AE0F12065733}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{79A8FF7A-F53F-46FC-A47D-C821C8422DB9}C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game] => (Allow) C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game (Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B09C4EFB-C981-4FDA-8524-C7B28A3B5705}C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game] => (Allow) C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game (Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{BDC73CD5-4829-43E5-8679-AE961E1F0CCA}C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{8C574421-8F5A-4555-B2B3-F047468E5F57}C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{A062616C-7199-493F-8619-720A068A70A2}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe => Keine Datei
FirewallRules: [UDP Query User{E6B532E6-767F-443E-B031-CEB3F5D57630}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe => Keine Datei
FirewallRules: [{EAFF1D3A-234C-4CEA-A0F9-EDAF7C1B4EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warzone 2100\bin\warzone2100.exe (Warzone 2100 Project) [Datei ist nicht signiert]
FirewallRules: [{A561E583-61CD-4257-97A1-0634974C2DA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warzone 2100\bin\warzone2100.exe (Warzone 2100 Project) [Datei ist nicht signiert]
FirewallRules: [{8AFE83B3-7723-4B1E-B84D-F77E9837BC00}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{647DDFFB-B845-4CA1-8CBF-7F23876EEE13}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{DEFA4F63-72AE-46BE-A5FC-1813B94F81A7}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{480014BA-0F08-4B0F-9206-EF702303B155}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{E140EBEA-05C9-47C1-A457-02B4847375CC}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{258CC155-829F-4BF9-B1B4-DC0F2FF9736C}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{FC0D4E53-09C1-4B65-A0A1-72A442FA611D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{41A6BF3F-3F65-49EE-9058-B5179F4C76AE}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{298BB7B2-D4E3-45E6-90FC-E307996BD70A}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [TCP Query User{FCC00902-4F5E-405B-90EB-302A23D15FC8}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Block) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [UDP Query User{B5809E4C-CAFB-488D-BDB2-B8CFE2FDDE19}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Block) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{6137EF17-4761-48A7-A2C4-FAD8C962C2F2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CF12C5CC-7CF9-4D4C-AA28-2B9C8C352BD2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
18-11-2023 11:25:32 Windows Modules Installer
18-11-2023 11:26:20 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: RAID-Controller
Description: RAID-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Realtek Bluetooth 5.1 Adapter
Description: Realtek Bluetooth 5.1 Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Realtek Semiconductor Corp.
Service: BTHUSB
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (11/21/2023 09:57:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CEPHtmlEngine.exe, Version: 11.5.3.132, Zeitstempel: 0x62fb47ef
Name des fehlerhaften Moduls: libcef.dll, Version: 88.39.4.0, Zeitstempel: 0x60270a51
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000002cefe4e
ID des fehlerhaften Prozesses: 0x275c
Startzeit der fehlerhaften Anwendung: 0x01da1cbd4e7f4706
Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\libcef.dll
Berichtskennung: f8197b3e-6042-430c-9831-3be3e04408db
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/21/2023 09:57:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CEPHtmlEngine.exe, Version: 11.5.3.132, Zeitstempel: 0x62fb47ef
Name des fehlerhaften Moduls: libcef.dll, Version: 88.39.4.0, Zeitstempel: 0x60270a51
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000002cefe4e
ID des fehlerhaften Prozesses: 0x275c
Startzeit der fehlerhaften Anwendung: 0x01da1cbd4e7f4706
Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\libcef.dll
Berichtskennung: b8a60aa9-bc1f-4b95-8744-ae94eb59ff05
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/21/2023 09:00:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (11/21/2023 08:58:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NTKDaemon.exe, Version: 1.9.1.0, Zeitstempel: 0x63984753
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.19041.3636, Zeitstempel: 0x81cf5d89
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000007286e
ID des fehlerhaften Prozesses: 0x113c
Startzeit der fehlerhaften Anwendung: 0x01da1ca9cfd6aebe
Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: 9ee0619d-37bc-4adc-ab0f-4ccdb34d324d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/21/2023 07:18:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm chrome.exe Version 118.0.5993.120 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17f4
Startzeit: 01da0ccabba8c08b
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\Google\Chrome\Application\chrome.exe
Bericht-ID: 9a700b71-3ec3-4491-bea6-36d3a8b09cbe
Vollständiger Name des fehlerhaften Pakets:
Relative Anwendungs-ID des fehlerhaften Pakets:
Absturztyp: Top level window is idle
Error: (11/21/2023 07:17:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm InDesign.exe Version 19.0.0.151 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: fe20
Startzeit: 01da1ca6d601db78
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2024\InDesign.exe
Bericht-ID: 92f5e9ac-c9bd-4b46-81ae-bb78d4a98c7b
Vollständiger Name des fehlerhaften Pakets:
Relative Anwendungs-ID des fehlerhaften Pakets:
Absturztyp: Top level window is idle
Error: (11/20/2023 09:57:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: fef0
Startzeit: 01da1b8f8a571382
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe
Bericht-ID: ec1ea0f9-f205-4634-9a21-79df0b9d974a
Vollständiger Name des fehlerhaften Pakets:
Relative Anwendungs-ID des fehlerhaften Pakets:
Absturztyp: Top level window is idle
Error: (11/20/2023 09:30:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm InDesign.exe Version 18.5.1.79 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 78f8
Startzeit: 01da1b8bcfbd150a
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\Adobe\Adobe InDesign 2023\InDesign.exe
Bericht-ID: 6195aec7-fa3d-4575-bd57-65dde5795ab7
Vollständiger Name des fehlerhaften Pakets:
Relative Anwendungs-ID des fehlerhaften Pakets:
Absturztyp: Top level window is idle
Systemfehler:
=============
Error: (11/21/2023 09:51:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "RasMan" ist vom Dienst "SstpSvc" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Vorgang wurde erfolgreich beendet.
Error: (11/21/2023 08:54:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Logi Tune Updater service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/21/2023 08:53:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "EABackgroundService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/21/2023 07:31:29 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HKLF9N7)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/21/2023 07:31:29 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HKLF9N7)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/21/2023 07:31:29 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HKLF9N7)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/21/2023 07:31:29 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HKLF9N7)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/21/2023 07:31:29 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HKLF9N7)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
================
Date: 2023-11-22 07:16:44
Description:
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2023-11-22T06:16:44.220Z
Benutzer: DESKTOP-HKLF9N7\WORKSTATION
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Sicherheitsversion: 1.401.963.0
Modulversion: 1.1.23100.2009
Produktversion: 4.18.23100.2009
Date: 2023-11-22 07:16:44
Description:
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2023-11-22T06:16:44.220Z
Benutzer: DESKTOP-HKLF9N7\WORKSTATION
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
Sicherheitsversion: 1.401.963.0
Modulversion: 1.1.23100.2009
Produktversion: 4.18.23100.2009
Date: 2023-11-22 07:16:32
Description:
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2023-11-22T06:16:32.904Z
Benutzer: DESKTOP-HKLF9N7\WORKSTATION
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
Sicherheitsversion: 1.401.963.0
Modulversion: 1.1.23100.2009
Produktversion: 4.18.23100.2009
Date: 2023-11-22 07:16:27
Description:
C:\Program Files\Adobe\Adobe InDesign 2024\InDesign.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents zu ändern.
Erkennungszeit: 2023-11-22T06:16:27.410Z
Benutzer: DESKTOP-HKLF9N7\WORKSTATION
Pfad: %userprofile%\Documents
Prozessname: C:\Program Files\Adobe\Adobe InDesign 2024\InDesign.exe
Sicherheitsversion: 1.401.963.0
Modulversion: 1.1.23100.2009
Produktversion: 4.18.23100.2009
Date: 2023-11-22 07:16:27
Description:
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2023-11-22T06:16:27.410Z
Benutzer: DESKTOP-HKLF9N7\WORKSTATION
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Sicherheitsversion: 1.401.963.0
Modulversion: 1.1.23100.2009
Produktversion: 4.18.23100.2009
Event[0]:
Date: 2023-11-21 13:29:25
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.401.908.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.23100.2009
Fehlercode: 0x8024402c
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2023-11-21 13:29:21
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.401.908.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.23100.2009
Fehlercode: 0x8024402c
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2023-04-14 07:19:41
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.387.870.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.20200.4
Fehlercode: 0x8024402c
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2023-03-11 21:50:56
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.383.1577.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.20000.2
Fehlercode: 0x80240438
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
CodeIntegrity:
===============
Date: 2023-11-23 09:54:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08a52cf2f322ba79\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 2004 08/24/2022
Hauptplatine: ASUSTeK COMPUTER INC. ROG STRIX Z690-F GAMING WIFI
Prozessor: 12th Gen Intel(R) Core(TM) i7-12700K
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 65277.42 MB
Verfügbarer physikalischer RAM: 45940.76 MB
Summe virtueller Speicher: 75005.42 MB
Verfügbarer virtueller Speicher: 50862.67 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.86 GB) (Free:380.2 GB) (Model: WD_BLACK SN770 1TB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:742.82 GB) (Model: WD_BLACK SN770 1TB) NTFS
Drive e: (KOKOS DATA) (Fixed) (Total:7452.03 GB) (Free:1705.99 GB) (Model: WD Game Drive USB Device) NTFS
Drive f: (STUDIO BASIS) (Fixed) (Total:100.61 GB) (Free:10.47 GB) (Model: ASMT ASM1156-PM SCSI Disk Device) NTFS
Drive h: (Elements) (Fixed) (Total:4657.49 GB) (Free:4214.98 GB) (Model: WD Elements 2621 USB Device) NTFS
Drive i: () (Fixed) (Total:1862.98 GB) (Free:679.23 GB) (Model: WD My Passport 2599 USB Device) NTFS
Drive k: (GAMING, STUDIO, CC) (Fixed) (Total:931.51 GB) (Free:27.28 GB) (Model: ASMT ASM1156-PM SCSI Disk Device) NTFS
\\?\Volume{ace156fe-f69b-4e11-b3e7-83a1f49cd2df}\ () (Fixed) (Total:0.53 GB) (Free:0.06 GB) NTFS
\\?\Volume{d16583dc-1548-43ce-a208-175893b6751a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 59535ABC)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 595365C2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 3 (Size: 7452 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 4 (Size: 4657.5 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: BB8F2C62)
Partition 1: (Active) - (Size=100.6 GB) - (Type=07 NTFS)
==========================================================
Disk: 6 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1101698E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt =======================
|
|
23.11.2023, 10:54
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hackerangriff Trojanervirus adwCleaner Führe AdwCleaner gemäß der bebilderten Anleitung aus und poste abschließend die Logdatei in CODE-Tags. adwcleaner bitte wiederholen falls es Funde gab.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.11.2023, 11:50
| #20 |
| | Hackerangriff Trojanervirus Da bin ich jetzt schon lange am suchen. Der Ordner ist längst gelöscht. Ich habe über Windowssuche nochmal alles mit "Native" gesucht. Kein Ergebnis. Unsichtbare Ordner auf sichtbar geschaltet. Kein Ergebnis. "ProgramData", "Programme", "Programme (x86)", überall geschaut. Nach "Common Files" gesucht, kein Fund. Was nun? So, hier die adwcleaner-logfiles. Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-08-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-23-2023
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.3693)
# Cleaned: 7
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main|HomeButtonPage
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\3914679a-e6cb-11ed-a583-50ebf6945631
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
***** [ Chromium (and derivatives) ] *****
Deleted ????? ??????a - fhkbfkkohcdgpckffakhbllifkakihmh
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
Deleted Yandex.Market Adviser - sovetnik@metabar.ru
***** [ Firefox URLs ] *****
Deleted https://www.ya.ru/?win=591&clid=2761555-72
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1889 octets] - [12/11/2022 17:44:55]
AdwCleaner[C00].txt - [1967 octets] - [12/11/2022 17:45:44]
AdwCleaner[S01].txt - [2164 octets] - [23/11/2023 11:24:57]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Ich habe in dem Ordner "System32" einen Ordner namens "OpenSSH" gefunden, in dem sich eine Datei namens "ssh-keygen" befindet. Ich weiß nicht, was das ist. Ich habe nur gehört, dass man den "System32"-Ordner nicht anrühren sollte, weil es für Windowns ist. Laut Google soll das aber harmlos sein und hat auch nichts mit der Native-Datei zu tun, die die Virenüberprüfung anzeigt. Ich habe nun nochmal das Analysetool benutzt. Das steht in der Additional-Datei immer noch die Zeile: Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe Die Windows-Suche findet kein "NTK", "NTKDaemon", "Native Instruments". Ich habe nun nochmal adwcleaner ausgeführt. Da heißt es jetzt: "Es wurden auf Ihrem System keine Elemente erkannt." Ich hoffe, ich habe alles richtig gemacht. |
|
23.11.2023, 11:58
| #21 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hackerangriff TrojanervirusZitat:
Zitat:
Du hast gelesen was zu tun ist, wenn adwCleaner fündig wurde?
__________________ --> Hackerangriff Trojanervirus |
|
23.11.2023, 12:26
| #22 | |
| | Hackerangriff TrojanervirusZitat:
Fehlt sonst noch was? |
|
23.11.2023, 12:29
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hackerangriff Trojanervirus Richtig. Wo ist das Log dazu?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.11.2023, 12:33
| #24 |
| | Hackerangriff Trojanervirus Ach so, natürlich. Hier nochmal ein Scan mit Log. Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-23-2023
# Duration: 00:00:03
# OS: Windows 10 (Build 19045.3693)
# Scanned: 32106
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1889 octets] - [12/11/2022 17:44:55]
AdwCleaner[C00].txt - [1967 octets] - [12/11/2022 17:45:44]
AdwCleaner[S01].txt - [2164 octets] - [23/11/2023 11:24:57]
AdwCleaner[C01].txt - [2220 octets] - [23/11/2023 11:25:15]
AdwCleaner[S02].txt - [1664 octets] - [23/11/2023 11:25:48]
AdwCleaner[S03].txt - [1725 octets] - [23/11/2023 11:49:14]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########
|
|
23.11.2023, 12:36
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hackerangriff Trojanervirus Dann bitte jetzt weiter mit Malwarebytes Antimalware.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.11.2023, 13:21
| #26 |
| | Hackerangriff Trojanervirus Nachdem Malwarebytes fertig war, funktionierte mein Internet nicht mehr und ich musste das Netzwerk zurücksetzen und neustarten. Jetzt geht es wieder. Hier die Log von Malwarebytes Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 23.11.23
Scan-Zeit: 13:01
Protokolldatei: 0ad00daa-89f8-11ee-836d-50ebf6945631.json
-Softwaredaten-
Version: 4.6.6.294
Komponentenversion: 1.0.2201
Version des Aktualisierungspakets: 1.0.77609
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 19045.3693)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-HKLF9N7\WORKSTATION
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 315867
Erkannte Bedrohungen: 8
In die Quarantäne verschobene Bedrohungen: 8
Abgelaufene Zeit: 1 Min., 37 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 1
PUP.Optional.Avanquest, HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\SOFTWARE\Onesafe Driver Manager, In Quarantäne, 5753, 389271, 1.0.77609, , ame, , ,
Registrierungswert: 2
PUM.Optional.DisableMRT, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\MRT|DONTREPORTINFECTIONINFORMATION, In Quarantäne, 8512, 676881, 1.0.77609, , ame, , ,
PUM.Optional.DisableMRT, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|DONTREPORTINFECTIONINFORMATION, In Quarantäne, 8512, 676881, 1.0.77609, , ame, , ,
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 3
PUP.Optional.BrowserManager, C:\Users\ticro\AppData\Local\Yandex\BrowserManager\data\SeederTasks, In Quarantäne, 2693, 383595, , , , , ,
PUP.Optional.BrowserManager, C:\Users\ticro\AppData\Local\Yandex\BrowserManager\data, In Quarantäne, 2693, 383595, , , , , ,
PUP.Optional.BrowserManager, C:\USERS\TICRO\APPDATA\LOCAL\YANDEX\BROWSERMANAGER, In Quarantäne, 2693, 383595, 1.0.77609, , ame, , ,
Datei: 2
PUP.Optional.BrowserManager, C:\Users\ticro\AppData\Local\Yandex\BrowserManager\data\SeederTasks\thumbsv1.json, In Quarantäne, 2693, 383595, , , , , 3AE8DB03105EB3ECF68FB8D128DCE2CD, 6AFB3D6B1B9433E64AC980F4F67DC5C44B53CB52E5244AC0AA8ACA5E769090C1
PUP.Optional.DotSetupIo, C:\USERS\TICRO\APPDATA\ROAMING\POWERISO\UPGRADE\POWERISO8.EXE, In Quarantäne, 10299, 1016023, 1.0.77609, , ame, , 9A244A448D153A887BD6DE108C04B8B8, B7BB4866D9F73FF31BFAB8C1DD040838855615CB33E091A9D76A12505AEFC99B
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
23.11.2023, 13:59
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hackerangriff Trojanervirus Dann bitte jetzt neue FRST-Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.11.2023, 14:13
| #28 |
| | Hackerangriff TrojanervirusCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
durchgeführt von WORKSTATION (Administrator) auf DESKTOP-HKLF9N7 (ASUS System Product Name) (23-11-2023 14:14:06)
Gestartet von C:\Users\ticro\Desktop\FRST64.exe
Geladene Profile: WORKSTATION
Plattform: Microsoft Windows 10 Pro Version 22H2 19045.3693 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Chrome
Start-Modus: Normal
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Crash Processor.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <3>
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (B8E9A58B-32A7-4C6C-A474-D4BE2A3CEAD8 -> Xander Frangos) C:\Program Files\WindowsApps\38002AlexanderFrangos.TwinkleTray_1.15.2.0_x64__m7qx9dzpwqaze\app\Twinkle Tray.exe <5>
(explorer.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\ticro\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <29>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.332\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (CleverFiles) [Datei ist nicht signiert] C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_d8d8130c2588d45b\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08a52cf2f322ba79\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2342.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <10>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Skype Software Sarl -> ) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(svchost.exe ->) (Skype Software Sarl -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [Drakonia II Gaming Mouse] => C:\Program Files (x86)\Drakonia II Gaming Mouse\hid.exe [794112 2019-03-22] () [Datei ist nicht signiert]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2013-04-15] (Power Software Ltd -> Power Software Ltd)
HKLM-x32\...\Run: [Logi Tune] => C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe [134023056 2022-12-09] (Logitech Inc -> Logitech)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2023-09-16] (Adobe Inc. -> Adobe Inc.)
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Beschränkung <==== ACHTUNG
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [f.lux] => C:\Users\ticro\AppData\Local\FluxSoftware\Flux\flux.exe [1525880 2023-05-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4377448 2023-10-31] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Discord] => C:\Users\ticro\AppData\Local\Discord\Update.exe [1525016 2022-10-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [MicrosoftEdgeAutoLaunch_06E1957EAB573F921F12B105FFB2C315] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Camera Hub] => "C:\Program Files\Elgato\CameraHub\Camera Hub.exe" /b (Keine Datei)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37138384 2023-11-18] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2023-06-29] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13734376 2023-02-28] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11517400 2023-11-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\MountPoints2: G - "G:\setup.exe"
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2022-11-14] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON ET-M2170 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBVWE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-17] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Edge: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {D747AFDA-A166-4CDD-BF9C-87C9BBA0D244} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {B243DFFA-6EE8-44C5-83F7-48D68CBEFB9D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7C692311-D0CE-4B5F-9593-846896F6EBA1} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {455EA75D-7ABB-4AB7-B755-3F8148626D14} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [313192 2023-09-12] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {4F6864B4-BF0C-49AC-953D-467ED4AFC413} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1946472 2023-09-12] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {FB6E6F84-3532-49C2-9A51-5FF3B6FB961D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d8ef70f9dc8bf1 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {7C9E40F9-31B3-4820-87BA-258060515317} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {2F9D894E-556B-457E-BFE3-EF1B4DE79038} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [139091304 2023-09-14] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {DB8EF6E8-4554-467E-901B-3BE0B42B6FD2} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1254760 2022-12-05] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {9730E86E-DDE0-4AFE-A659-AB98AA2D627C} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Keine Datei)
Task: {E71998A1-B1B8-41AD-9C5A-1DEFA5BF6DB1} - System32\Tasks\EPSON ET-M2170 Series Update {EE712C26-6847-4484-9034-1F116AFF0323} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVWE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {DD293FE9-1D46-4CBF-9E8A-229949916DD5} - System32\Tasks\GoogleUpdateTaskMachineCore{735CF719-D2AA-4EC9-9643-868778E0CD5B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-16] (Google LLC -> Google LLC)
Task: {A7645D33-0852-4437-9175-3943EF6C562B} - System32\Tasks\GoogleUpdateTaskMachineUA{ABBDF71D-6D2B-46C6-A3D6-886B290C59A5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-02-16] (Google LLC -> Google LLC)
Task: {401E41BB-BB23-473C-AD6F-CD721BC10EF8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB9A956B-5E52-4A31-A60A-8BF3B3A47D58} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {803EED4E-495A-4F50-A30A-AB5695A69384} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D599AAE-AA64-4250-ABE1-E922EC3BA29D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C68F8EC-531D-4B3E-8BF0-1B476C56CF87} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7335B9A2-E8A6-426F-9216-ACB827895D12} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\WINDOWS\System32\unifiedconsent.dll [278016 2023-11-18] (Microsoft Windows -> Microsoft Corporation)
Task: {01C8303C-3BB9-4643-8530-AD7C657F2D0B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-18] (Microsoft Windows -> Microsoft Corporation)
Task: {EB3F2107-8E55-4FE3-B117-18D581EB0864} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D0869EBD-0BCE-4908-89BE-8867403E127F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {36EA9754-95C6-4445-BB07-630C30444677} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B2DBBB81-244A-4440-AE9F-D28D91C00F68} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {46B578DA-122C-4879-B43D-1AB0F4404F10} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {27312F1C-0984-453A-AB9A-9C9E51060CC9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {453C683F-B3E5-4F07-AF45-5F4D09E70FED} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {971A08DD-7599-4893-B55C-11B098070C98} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2DC25538-0304-4829-B47A-7BE2324A7DFD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8A5E4BFE-C27E-4A45-A030-046322F06E60} - System32\Tasks\Opera scheduled Autoupdate 1668199992 => C:\Users\ticro\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Keine Datei)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON ET-M2170 Series Update {EE712C26-6847-4484-9034-1F116AFF0323}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVWE.EXE:/EXE:{EE712C26-6847-4484-9034-1F116AFF0323} /F:UpdateWORKGROUP\DESKTOP-HKLF9N7$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{eb186bc7-baa1-4deb-9135-cd88fd9ceebb}: [DhcpNameServer] 192.168.178.1
Edge:
=======
Edge Profile: C:\Users\ticro\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-21]
Edge Extension: (Google Docs Offline) - C:\Users\ticro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\ticro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-07]
FireFox:
========
FF ProfilePath: C:\Users\ticro\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default [2023-04-29]
FF Homepage: Mozilla\Firefox\Profiles\nahd6ha2.default -> hxxps://www.google.com/
FF SearchPlugin: C:\Users\ticro\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.ru-20231929.xml [2023-04-29]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2023-09-16] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2023-09-16] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default [2023-11-23]
CHR DownloadDir: C:\Users\ticro\Desktop
CHR Notifications: Default -> hxxps://business.facebook.com; hxxps://www.facebook.com; hxxps://www.lieferando.de; hxxps://www.sueddeutsche.de
CHR Session Restore: Default -> ist aktiviert.
CHR Extension: (Pop-up-Blocker für Chrome™ - Poper Blocker) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2023-11-21]
CHR Extension: (uBlock Origin) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-11-21]
CHR Extension: (change-language) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-11-23]
CHR Extension: (Just Read) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmanlpmmkibanfdgjocnabmcaclkmod [2023-11-21]
CHR Extension: (Reader View) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecabifbgmdmgdllomnfinbmaellmclnh [2023-10-19]
CHR Extension: (Session Buddy) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2023-11-21]
CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-11-23]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2023-07-24]
CHR Extension: (I don't care about cookies) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-10-19]
CHR Extension: (Google Docs Offline) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-19]
CHR Extension: (AdBlock*– der beste Ad-Blocker) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-21]
CHR Extension: (Volume Master - Lautstärkeregler) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2023-11-23]
CHR Extension: (Marsala) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjlfmldcaheghnjjpgpoadjfppefjmkj [2023-01-15]
CHR Extension: (YouTube™ Repeat Button) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lapfofmpmghklaegbdamgdojjninpnkg [2023-07-24]
CHR Extension: (Shazam: Finde Songtitel in deinem Browser) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-10-27]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2023-10-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-03]
CHR Extension: (Browse AI: Fast Web Scraping & Monitoring) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpcenkclppghkfpielmefegceegofeh [2023-11-08]
CHR Extension: (Mute Tab Shortcuts) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\opcjanmpjbdbdpnjfjbboacibokblbhl [2022-12-16]
CHR Extension: (UnDistracted - Hide Facebook, YouTube Feeds) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjgklgkfeoeiebjogplpnibpfnffkng [2023-05-10]
CHR Profile: C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-09-22]
CHR Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-22]
CHR Extension: (Яндекс) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhkbfkkohcdgpckffakhbllifkakihmh [2023-09-22]
CHR Extension: (Google Docs Offline) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ticro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-22]
CHR Profile: C:\Users\ticro\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-19]
CHR HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fhkbfkkohcdgpckffakhbllifkakihmh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Profile: C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable [2023-04-29]
OPR Extension: (Rich Hints Agent) - C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-11]
OPR Extension: (Opera Wallet) - C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\ticro\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-11-11]
Brave:
=======
BRA Profile: C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-01-20]
BRA Extension: (Adobe Acrobat: Werkzeuge zum Bearbeiten, Konvertieren und Signieren von PDF-Dateien) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-01-02]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-01-02]
BRA Extension: (Brave NTP background images) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-01-02]
BRA Extension: (Wallet Data Files Updater) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-01-02]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-01-02]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-01-02]
BRA Extension: (Brave Ad Block Updater (EasyList Germany (plaintext))) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfmefmifdjlfneapckmpkinmlofjehbp [2023-01-02]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-01-02]
BRA Extension: (Brave NTP sponsored images) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\obbokncgfcbepeipkhpdepjjoncelefj [2023-01-02]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\ticro\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-01-02]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2023-09-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [399984 2023-07-27] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.23\atkexComSvc.exe [896872 2023-07-27] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [558104 2022-05-19] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.20\AsusFanControlService.exe [1722216 2022-12-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-11-03] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [1157088 2023-11-23] (ASUSTeK COMPUTER INC. -> )
R2 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [278528 2020-12-10] (CleverFiles) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-11-08] (Microsoft Corporation -> Microsoft Corporation)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2317800 2023-02-28] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178728 2023-02-28] (GOG Sp. z o.o. -> GOG.com)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4799336 2023-09-13] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-10-25] (Logitech Inc -> Logitech)
R2 LogiTuneUpdaterService; C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe [7005584 2022-12-09] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-23] (Malwarebytes Inc. -> Malwarebytes)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [17595136 2023-02-03] (Logitech Inc -> Logitech, Inc.)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [49256 2022-08-15] (ASUSTeK COMPUTER INC. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Datei ist nicht signiert]
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2023-11-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43016 2023-10-19] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [32320 2022-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [386552 2021-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Dokan Project)
S3 ElgatoVirtualCamera; C:\WINDOWS\System32\drivers\ElgatoVirtualCamera.sys [14380560 2022-08-16] (WDKTestCert Elgato,132863164269755022 -> Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54752 2023-01-18] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222784 2023-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-11-23] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2023-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2023-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188008 2023-11-23] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19016 2023-03-12] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 RDID1102; C:\WINDOWS\system32\Drivers\RDWM1102.SYS [55296 2021-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
U4 UnlockerDriver5; \??\C:\Users\ticro\Desktop\x86\UnlockerDriver5.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-11-23 13:20 - 2023-11-23 13:20 - 000188008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-11-23 13:20 - 2023-11-23 13:20 - 000000000 ____D C:\Users\ticro\AppData\LocalLow\IGDump
2023-11-23 12:57 - 2023-11-23 13:20 - 000000000 ____D C:\Users\ticro\AppData\Local\Malwarebytes
2023-11-23 12:57 - 2023-11-23 12:57 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-11-23 12:57 - 2023-11-23 12:57 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-11-23 12:57 - 2023-11-23 12:57 - 000000000 ____D C:\Users\ticro\AppData\Local\mbam
2023-11-23 12:57 - 2023-11-23 12:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-11-23 12:57 - 2023-11-23 12:57 - 000000000 ____D C:\Program Files\Malwarebytes
2023-11-23 12:49 - 2023-11-23 12:49 - 002606880 _____ (Malwarebytes) C:\Users\ticro\Desktop\MBSetup.exe
2023-11-23 11:44 - 2023-11-23 14:14 - 000043568 _____ C:\Users\ticro\Desktop\FRST.txt
2023-11-23 11:03 - 2023-11-23 11:03 - 008791352 _____ (Malwarebytes) C:\Users\ticro\Desktop\adwcleaner.exe
2023-11-23 10:06 - 2023-11-23 10:06 - 000000000 ____D C:\Users\ticro\Desktop\FRST-OlderVersion
2023-11-22 21:25 - 2023-11-22 21:26 - 000000000 ____D C:\Users\ticro\Desktop\2018 Gespräche
2023-11-22 21:25 - 2023-11-22 21:25 - 000000000 ____D C:\Users\ticro\Desktop\2018 Alexander Olschweski
2023-11-21 22:01 - 2023-11-21 22:01 - 000001052 _____ C:\Users\ticro\Desktop\Adobe InDesign 2024.lnk
2023-11-21 22:00 - 2023-11-21 22:00 - 000001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2024.lnk
2023-11-21 20:41 - 2023-11-21 20:41 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop (Beta).lnk
2023-11-21 19:36 - 2023-11-23 13:18 - 117964800 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-11-21 19:33 - 2023-11-21 19:36 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-11-21 19:23 - 2023-11-21 19:23 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-11-21 16:58 - 2023-11-23 14:14 - 000000000 ____D C:\FRST
2023-11-21 16:58 - 2023-11-23 10:06 - 002383872 _____ (Farbar) C:\Users\ticro\Desktop\FRST64.exe
2023-11-20 09:30 - 2023-11-23 12:25 - 017387520 _____ C:\Users\ticro\Desktop\TG_Schwerter_des_Geistes_Buch.indd
2023-11-20 07:58 - 2023-11-20 10:16 - 000397738 _____ C:\Users\ticro\Desktop\Umschlag_Pfloecke_WS_mit_Beschnitt.pdf
2023-11-20 06:59 - 2023-11-23 12:50 - 119939072 _____ C:\Users\ticro\Desktop\TG_Pfloecke_12.6x18.8+0.5_Beschnitt_666p_115g.indd
2023-11-20 05:00 - 2023-11-23 12:12 - 002588672 _____ C:\Users\ticro\Desktop\Umschlag_Pfloecke_WS_mit_Beschnitt.indd
2023-11-20 04:45 - 2023-11-20 04:45 - 001137386 _____ C:\Users\ticro\Desktop\ulysses_9783518472255_leseprobe.pdf
2023-11-20 01:57 - 2023-11-20 01:57 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2024.lnk
2023-11-20 01:55 - 2023-11-20 01:55 - 000001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2024.lnk
2023-11-20 01:53 - 2023-11-20 01:53 - 000001250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2024.lnk
2023-11-20 01:50 - 2023-11-20 01:50 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2024.lnk
2023-11-20 01:29 - 2023-11-20 01:29 - 518089128 _____ C:\Users\ticro\Desktop\20111108-164835-rot-topaz.tiff
2023-11-18 15:17 - 2023-11-18 15:20 - 520362452 _____ C:\Users\ticro\Desktop\Roter_Drache[supervideo.tv].mp4
2023-11-18 11:26 - 2023-11-18 11:26 - 000000000 ___HD C:\$WinREAgent
2023-11-17 14:33 - 2023-11-17 14:33 - 000032288 _____ C:\Users\ticro\Desktop\RE882610078.pdf
2023-11-17 02:15 - 2023-11-17 02:15 - 002555143 _____ C:\Users\ticro\Desktop\2012.10.08 – Basisbuch 2011 [x].pdf
2023-11-16 18:30 - 2023-11-16 18:30 - 000007835 _____ C:\Users\ticro\Desktop\MedGG_9.pdf
2023-11-16 12:47 - 2023-11-16 12:47 - 000057198 _____ C:\Users\ticro\Desktop\testseite.pdf
2023-11-15 09:39 - 2023-11-15 09:39 - 003276442 _____ C:\Users\ticro\Desktop\Tanck 2022.pdf
2023-11-13 21:17 - 2023-11-13 21:17 - 004866460 _____ C:\Users\ticro\Desktop\Istanbul 2015.pdf
2023-11-13 21:16 - 2023-11-13 21:16 - 000918650 _____ C:\Users\ticro\Desktop\Lohse 2021 de.pdf
2023-11-13 21:15 - 2023-11-13 21:15 - 004866460 _____ C:\Users\ticro\Desktop\Yeni-Tıp-Tarihi-Araştırmaları-21-2015.pdf
2023-11-13 21:15 - 2023-11-13 21:15 - 001140297 _____ C:\Users\ticro\Desktop\Lohse 2021.pdf
2023-11-12 12:48 - 2023-11-12 12:48 - 000955631 _____ C:\Users\ticro\Desktop\Greenwood 1928.pdf
2023-11-09 17:35 - 2023-11-09 17:35 - 052119823 _____ C:\Users\ticro\Desktop\Jonas 2017.pdf
2023-11-09 17:23 - 2023-11-09 17:23 - 000000000 ____D C:\Users\ticro\Desktop\Firefly
2023-11-07 07:23 - 2023-11-07 07:23 - 000077058 _____ C:\Users\ticro\Desktop\Schikowski 2016.pdf
2023-11-07 07:22 - 2023-11-07 07:22 - 003145020 _____ C:\Users\ticro\Desktop\Stompe-Ritter 2014.pdf
2023-11-07 07:20 - 2023-11-07 07:20 - 004375353 _____ C:\Users\ticro\Desktop\Thießen 2021.pdf
2023-11-07 07:18 - 2023-11-07 07:18 - 006436962 _____ C:\Users\ticro\Desktop\Stettler 1979.pdf
2023-11-07 07:18 - 2023-11-07 07:18 - 000326733 _____ C:\Users\ticro\Desktop\Hagner 2018.pdf
2023-11-06 19:01 - 2023-11-06 19:01 - 004993819 _____ C:\Users\ticro\Desktop\Bonah 2011.pdf
2023-11-06 05:52 - 2023-11-06 05:54 - 000000000 ____D C:\Users\ticro\Desktop\PDFs ungeordnet
2023-11-06 05:52 - 2023-11-06 05:53 - 000000000 ____D C:\Users\ticro\Desktop\Bilder ungeordnet
2023-11-06 05:25 - 2023-11-06 05:25 - 087807032 _____ C:\Users\ticro\Desktop\Lena MeyerLandrut öffnet ihre Tasche mit Lieblingsbuch Nagelöl In the Bag VOGUE Germany YouTube1080p.mp4
2023-11-06 04:51 - 2023-11-06 04:51 - 042459453 _____ C:\Users\ticro\Desktop\Adobe InDesign Course Class 29 Creating an Index YouTube1080p.mp4
2023-11-03 21:52 - 2023-11-18 21:41 - 000000000 ____D C:\Users\ticro\Desktop\Gendersprache, Transgender, Frauenquote
2023-10-31 11:24 - 2023-10-31 11:24 - 153316210 _____ C:\Users\ticro\Desktop\lena-desktop-2023-BE-topaz.tiff
2023-10-28 21:19 - 2023-10-28 21:19 - 000000000 ____D C:\Users\ticro\AppData\Roaming\iA Inc
2023-10-27 21:17 - 2023-10-27 21:17 - 000903052 _____ C:\Users\ticro\Desktop\Ulrichs 2012.pdf
2023-10-27 20:16 - 2023-10-27 20:16 - 847000527 _____ C:\WINDOWS\MEMORY.DMP
2023-10-27 20:16 - 2023-10-27 20:16 - 004397476 _____ C:\WINDOWS\Minidump\102723-11359-01.dmp
2023-10-26 05:25 - 2023-10-26 05:25 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk
2023-10-25 07:58 - 2023-11-19 21:12 - 120090624 _____ C:\Users\ticro\Desktop\TG_Seuchen_12.6x18.8+0.5_Beschnitt_600p_115g_mit_Farbseiten_WS3-Feinsatz.indd
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2023-11-23 14:14 - 2023-01-06 12:26 - 000000000 ____D C:\Users\ticro\AppData\Roaming\vlc
2023-11-23 14:07 - 2022-11-03 11:38 - 000000000 ____D C:\Users\ticro\AppData\Local\LogiOptionsPlus
2023-11-23 14:05 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-23 13:32 - 2022-11-11 20:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-11-23 13:29 - 2022-11-03 13:39 - 000000000 ____D C:\Users\ticro\AppData\Local\ClassicShell
2023-11-23 13:26 - 2022-11-03 12:51 - 001723308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-23 13:26 - 2019-12-07 15:51 - 000743838 _____ C:\WINDOWS\system32\perfh007.dat
2023-11-23 13:26 - 2019-12-07 15:51 - 000150260 _____ C:\WINDOWS\system32\perfc007.dat
2023-11-23 13:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-23 13:22 - 2022-11-03 11:44 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-23 13:22 - 2022-09-08 04:13 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-23 13:20 - 2023-10-19 05:50 - 000000000 ____D C:\Users\ticro\AppData\Roaming\asus_framework
2023-11-23 13:20 - 2023-02-20 01:46 - 000000000 ____D C:\Users\ticro\Documents\Assassin's Creed Unity
2023-11-23 13:20 - 2022-11-11 20:38 - 000000000 ___RD C:\Users\ticro\Creative Cloud Files
2023-11-23 13:20 - 2022-11-03 11:33 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-23 13:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-11-23 13:19 - 2022-11-03 12:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-23 13:19 - 2022-11-03 12:05 - 001205104 _____ () C:\WINDOWS\system32\wpbbin.exe
2023-11-23 13:19 - 2022-11-03 12:05 - 001157088 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2023-11-23 13:19 - 2022-11-03 12:05 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-23 13:18 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-11-23 13:09 - 2022-11-12 17:55 - 000000000 ____D C:\Users\ticro\AppData\Local\ElevatedDiagnostics
2023-11-23 13:04 - 2023-04-29 21:19 - 000000000 ____D C:\Users\ticro\AppData\Local\Yandex
2023-11-23 12:57 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-11-23 12:51 - 2022-12-20 21:48 - 000000000 ____D C:\Users\ticro\AppData\Local\CrashDumps
2023-11-23 00:53 - 2022-11-03 11:42 - 000000000 ____D C:\Program Files\ASUS
2023-11-22 08:03 - 2022-11-11 20:49 - 000179300 _____ C:\Users\ticro\Desktop\Notizen.md
2023-11-22 08:03 - 2022-11-11 20:48 - 000000000 ____D C:\Users\ticro\AppData\Roaming\iA Writer
2023-11-21 22:22 - 2022-11-11 20:33 - 000000000 ____D C:\Users\ticro\AppData\Roaming\Microsoft\Word
2023-11-21 22:00 - 2022-11-11 20:36 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-11-21 21:45 - 2023-07-26 15:17 - 000000000 ____D C:\Users\ticro\AppData\Roaming\DeepL_SE
2023-11-21 21:42 - 2022-11-11 20:52 - 000000000 ____D C:\Program Files (x86)\Steam
2023-11-21 21:41 - 2022-12-26 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2023-11-21 21:41 - 2022-12-26 14:31 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-11-21 21:41 - 2022-11-03 11:33 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-11-21 21:40 - 2022-11-12 17:25 - 000000000 ____D C:\ProgramData\MAGIX
2023-11-21 20:59 - 2022-11-12 17:52 - 000000000 ____D C:\Program Files\Common Files\VST3
2023-11-21 20:59 - 2022-11-11 21:20 - 000000000 ____D C:\Program Files\Electronic Arts
2023-11-21 20:59 - 2022-11-03 11:37 - 000000000 ____D C:\ProgramData\Package Cache
2023-11-21 19:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-21 19:24 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-21 19:23 - 2022-11-11 20:30 - 000000000 ____D C:\Program Files\Microsoft Office
2023-11-21 19:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-11-21 19:22 - 2022-11-03 12:45 - 005178376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-21 19:22 - 2022-11-03 12:05 - 000000000 ____D C:\ProgramData\ASUS
2023-11-21 19:21 - 2019-12-07 15:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-11-21 19:21 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-21 19:21 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-11-21 19:21 - 2019-12-07 15:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-21 19:21 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2023-11-21 19:21 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\de
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-21 19:21 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-21 19:21 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-11-21 19:19 - 2022-12-16 08:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-11-21 19:19 - 2022-12-16 08:26 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2023-11-21 19:19 - 2022-12-16 08:26 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-11-21 19:16 - 2022-12-16 06:25 - 000000000 ____D C:\Users\ticro\Desktop\Coronavirus Buch
2023-11-20 18:55 - 2022-11-11 18:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-20 09:46 - 2022-11-03 11:34 - 000000000 ____D C:\Users\ticro\AppData\Roaming\Adobe
2023-11-20 05:46 - 2023-07-29 12:13 - 001536000 _____ C:\Users\ticro\Desktop\Umschlag_Beschnitt_0,5cm_für_115g_weiss_600p_29.90x19.indd
2023-11-20 01:57 - 2022-11-11 20:36 - 000000000 ____D C:\Program Files\Adobe
2023-11-20 01:53 - 2022-11-11 20:43 - 000000000 ____D C:\Users\Public\Documents\Adobe
2023-11-18 11:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-18 11:31 - 2019-12-07 15:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-11-18 11:31 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-11-18 11:31 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-11-18 11:29 - 2022-11-03 12:48 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-18 11:23 - 2022-11-11 18:12 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-11-18 00:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-18 00:26 - 2022-11-03 12:05 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-17 07:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-11-17 01:16 - 2023-02-16 14:39 - 000002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-13 20:10 - 2023-05-09 14:34 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2023.lnk
2023-11-13 20:07 - 2023-09-19 11:26 - 000001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2024.lnk
2023-11-13 20:07 - 2022-11-11 20:36 - 000000000 ____D C:\ProgramData\Adobe
2023-11-11 08:10 - 2023-02-16 14:39 - 000004014 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{ABBDF71D-6D2B-46C6-A3D6-886B290C59A5}
2023-11-11 08:10 - 2023-02-16 14:39 - 000003890 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{735CF719-D2AA-4EC9-9643-868778E0CD5B}
2023-11-10 12:06 - 2022-11-12 15:18 - 000000000 ____D C:\Users\ticro\AppData\Roaming\discord
2023-11-10 12:06 - 2022-11-12 15:18 - 000000000 ____D C:\Users\ticro\AppData\Local\Discord
2023-11-08 18:09 - 2022-12-16 07:04 - 000001456 _____ C:\Users\ticro\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2023-11-07 16:05 - 2022-11-03 12:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-06 19:23 - 2022-12-16 06:32 - 000000000 ____D C:\Users\ticro\Desktop\TG_S_BILDER
2023-11-05 03:55 - 2022-11-11 18:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-04 16:03 - 2022-11-03 11:43 - 000000000 ____D C:\Program Files (x86)\LightingService
2023-11-01 01:20 - 2022-11-03 12:48 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-11-01 01:20 - 2022-11-03 12:48 - 000003630 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-29 23:42 - 2022-12-16 06:25 - 000000000 ____D C:\Users\ticro\Desktop\chap-4-references
2023-10-29 10:32 - 2022-11-03 12:42 - 000000000 ____D C:\Users\ticro
2023-10-27 20:16 - 2022-12-24 12:56 - 000000000 ____D C:\WINDOWS\Minidump
2023-10-27 20:16 - 2022-11-03 12:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-27 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-27 07:47 - 2022-11-11 20:33 - 000000000 ____D C:\Users\ticro\AppData\Roaming\Microsoft\Office
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2022-12-16 07:04 - 2023-11-08 18:09 - 000001456 _____ () C:\Users\ticro\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2022-11-11 20:42 - 2022-11-11 20:42 - 000000000 _____ () C:\Users\ticro\AppData\Local\oobelibMkey.log
2022-12-16 10:22 - 2022-12-16 10:22 - 000007605 _____ () C:\Users\ticro\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
|
|
23.11.2023, 14:20
| #29 |
| | Hackerangriff TrojanervirusCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
durchgeführt von WORKSTATION (23-11-2023 14:15:05)
Gestartet von C:\Users\ticro\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3693 (X64) (2022-11-03 11:48:05)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
Administrator (S-1-5-21-1068755797-3644653114-3026200473-500 - Administrator - Enabled)
DefaultAccount (S-1-5-21-1068755797-3644653114-3026200473-503 - Limited - Disabled)
Gast (S-1-5-21-1068755797-3644653114-3026200473-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1068755797-3644653114-3026200473-504 - Limited - Disabled)
WORKSTATION (S-1-5-21-1068755797-3644653114-3026200473-1001 - Administrator - Enabled) => C:\Users\ticro
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 23.006.20380 - Adobe)
Adobe After Effects 2024 (HKLM-x32\...\AEFT_24_0_3) (Version: 24.0.3 - Adobe Inc.)
Adobe Audition 2024 (HKLM-x32\...\AUDT_24_0_3) (Version: 24.0.3 - Adobe Inc.)
Adobe Bridge 2023 (HKLM-x32\...\KBRG_13_0_5) (Version: 13.0.5 - Adobe Inc.)
Adobe Bridge 2024 (HKLM-x32\...\KBRG_14_0_1) (Version: 14.0.1 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.0.0.571 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.)
Adobe Illustrator 2023 (HKLM-x32\...\ILST_27_8) (Version: 27.8 - Adobe Inc.)
Adobe InDesign 2024 (HKLM-x32\...\IDSN_19_0) (Version: 19.0 - Adobe Inc.)
Adobe Media Encoder 2024 (HKLM-x32\...\AME_24_0_3) (Version: 24.0.3 - Adobe Inc.)
Adobe Photoshop (Beta) (HKLM-x32\...\PHSPBETA_25_3) (Version: 25.3.0.2405 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_1) (Version: 25.1.0.120 - Adobe Inc.)
Adobe Premiere Pro 2024 (HKLM-x32\...\PPRO_24_0_3) (Version: 24.0.3 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AntConc Version 4.1.4 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\{1FC711C0-DFA6-49BA-87C9-EC7C86DFE265}_is1) (Version: 4.1.4 - AntLab Solutions)
A-PRO Driver (HKLM\...\RolandRDID0102) (Version: - Roland Corporation)
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.6.8 - ASUS)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.50.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{6aabd550-b97f-4b87-8c12-fb271d7c8047}) (Version: 1.1.50.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{4EBEAC95-76BC-46A8-8644-6E2F1C87CF70}) (Version: 1.3.9.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{2fc4816b-566a-4170-9b4d-1dc8bad8a164}) (Version: 1.3.9.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.39 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.6.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{20a5b340-899f-4e14-904f-8cb333ce9663}) (Version: 0.0.6.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.0.1.5 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 3.03.09 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.107 - ASUSTeK Computer Inc.) Hidden
Audacity 3.2.5 (HKLM\...\Audacity_is1) (Version: 3.2.5 - Audacity Team)
AURA DRAM Component (HKLM\...\{6FB66775-BB93-4D0A-9871-4CC9B2E87BF3}) (Version: 1.1.23 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{179f415f-2ff3-4db1-bcc1-d5730f746db8}) (Version: 1.1.23 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.36 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.36 - ASUS)
AURA Service (HKLM-x32\...\{0fcadbd2-1a6a-4a4a-a56d-fc7163d9b3fa}) (Version: 3.07.25 - ASUSTeK Computer Inc.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.25 - ASUSTeK Computer Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Browse 2023.1 (HKLM\...\{E2E127D1-DAF6-11ED-9C23-5CF9DD6B5363}) (Version: 2023.1.0.975 - Sony)
Catalyst Prepare 2023.1 (HKLM\...\{E0DB7FE1-DB0E-11ED-989C-5CF9DD6B5363}) (Version: 2023.1.0.975 - Sony)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
CrystalDiskInfo 8.17.13 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.13 - Crystal Dew World)
Discord (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Discord) (Version: 1.0.9007 - Discord Inc.)
Disk Drill 4.1.551.0 (HKLM-x32\...\{a2831651-c6b5-4aac-a467-d9fe836c8701}) (Version: 4.1.551.0 - CleverFiles)
Disk Drill 4.1.551.0 (x64) (HKLM\...\{E17DB604-AFC0-4B5E-916D-65D5BFF75774}) (Version: 4.1.551.0 - CleverFiles) Hidden
Dokan Library 1.5.1.1000 (x64) (HKLM\...\{65A3A964-3DC3-0105-0001-211126123627}) (Version: 1.5.1.1000 - Dokany Project) Hidden
Dokan Library 1.5.1.1000 Bundle (HKLM-x32\...\{05c046de-f751-48c8-b8d3-77259ea88eb7}) (Version: 1.5.1.1000 - Dokany Project)
Drakonia II Gaming Mouse (HKLM-x32\...\{74757EB2-1BA0-4242-8F0A-11708D82850B}}_is1) (Version: 1.0.0.0 - Sharkoon)
Druckerdeinstallation für EPSON ET-M2170 Series (HKLM\...\EPSON ET-M2170 Series) (Version: - Seiko Epson Corporation)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.40.3 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{7f329536-2468-4b20-88dc-5e2defcd5ff3}) (Version: 1.1.40.3 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{3BBD4AB3-079D-43CD-8C93-A2AD929EE15A}) (Version: 1.3.65.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
Epson Printer Connection Checker (HKLM-x32\...\{562C1C83-6199-49DD-987B-60D5FF7BC971}) (Version: 3.3.2.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
f.lux (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Flux) (Version: 4.124 - f.lux Software LLC)
FeelYourSound Chillout Engine (HKLM\...\Chillout Engine_is1) (Version: 1.0.0 - FeelYourSound)
FeelYourSound Chord Potion (HKLM\...\Chord Potion_is1) (Version: 2.2.1 - FeelYourSound)
FeelYourSound House Engine (HKLM\...\House Engine_is1) (Version: 1.2.0 - FeelYourSound)
FeelYourSound Melodic Flow (HKLM\...\Melodic Flow_is1) (Version: 1.1.0 - FeelYourSound)
FeelYourSound Sundog (HKLM\...\Sundog_is1) (Version: 3.8.0 - FeelYourSound)
FeelYourSound Xoto Pad (HKLM\...\Xoto Pad_is1) (Version: 2.9.0 - FeelYourSound)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Generals Evolution Beta 0.3 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\Generals Evolution Beta 0.3) (Version: - )
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.60.2 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 119.0.6045.160 - Google LLC)
iA Writer (HKLM\...\{43D19872-0096-433C-B718-7E350F0DF797}) (Version: 1.4.8641.17184 - iA Inc)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{a9913343-8463-4fd2-8a33-ae89cbbfe139}) (Version: 1.1.18 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logi Firmware Update Tool for C930e (HKLM-x32\...\FWUpdateC930e) (Version: 2.1.14.0 - Logitech Europe S.A.)
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.32.366807 - Logitech)
Logi Tune (HKLM-x32\...\{467b811d-8d20-4c9a-810c-37b3293ba815}) (Version: 3.0.180.0 - Logitech)
Logi Tune 3.0.180 (HKLM-x32\...\{006206E7-C138-4EA2-A8DB-72BD0016BD53}) (Version: 3.0.180.0 - Logitech) Hidden
Logitech Capture (HKLM\...\Capture) (Version: 2.08.11 - Logitech)
Logitech Kameraeinstellungen (HKLM-x32\...\LogiUCDPP) (Version: 2.12.20.0 - Logitech Europe S.A.)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v15.1.0) (Version: - Maxon Computer GmbH)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v2023.0.0) (Version: - Maxon Computer GmbH)
Malwarebytes version 4.6.6.294 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.6.294 - Malwarebytes)
Maxon Cinema 4D 2023 (HKLM\...\Maxon Cinema 4D 2023) (Version: 2023 - Maxon)
Microsoft .NET Host - 6.0.15 (x64) (HKLM\...\{AC25127C-9BB1-4F9A-9B02-B6B6178DD891}) (Version: 48.63.56695 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.15 (x64) (HKLM\...\{EDD929D3-DFE9-40BA-8A13-30F9CE1E2F18}) (Version: 48.63.56695 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.15 (x64) (HKLM\...\{368BE572-D3CE-47B6-A3B1-DE0270E5C109}) (Version: 48.63.56695 - Microsoft Corporation) Hidden
Microsoft 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.17029.20028 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Edge WebView2-Laufzeit (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.15 (x64) (HKLM\...\{B353ABAB-7F7C-4605-852D-0E5C3E1FA289}) (Version: 48.63.56729 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.15 (x64) (HKLM-x32\...\{06cd4f51-0a4b-471c-9ccc-e3dd11294c03}) (Version: 6.0.15.32217 - Microsoft Corporation)
mp3DirectCut 1.27 (HKLM-x32\...\mp3DirectCut 1.27) (Version: - )
MSVCRT Redists (HKLM\...\{40E9018F-DB42-11ED-AEFC-5CF9DD6B5363}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
Neat Video for Premiere (HKLM\...\Neat Video for Premiere_is1) (Version: 5.0.2 - Neat Video team, ABSoft & Team V.R)
Neat Video v5.5.9 Demo plug-in (Second Revision) for Premiere (HKLM\...\Neat Video v5 (SR) for Premiere_is1) (Version: - Neat Video team, ABSoft)
Notion 2.0.41 (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.41 - Notion Labs, Inc)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.160 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.160 - NVIDIA Corporation)
NVIDIA Grafiktreiber 527.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.56 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Video Effects (HKLM-x32\...\NVIDIA Video Effects) (Version: 0.7.2 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 28.1.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20028 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.6 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{abe059bb-10a7-4d38-ba59-a4bf3ac7b71a}) (Version: 1.0.9.6 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 221215 - Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
REDlauncher (HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.01.02 - ASUSTek Computer Inc.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.1.5.0 - ASUSTek COMPUTER INC.)
Samplitude Pro X4 Suite (HKLM\...\{ECEEBE1E-65B2-4136-9C7B-FAC839BE433F}) (Version: 15.0.0.40 - MAGIX Software GmbH) Hidden
Samplitude Pro X4 Suite (HKLM\...\MX.{ECEEBE1E-65B2-4136-9C7B-FAC839BE433F}) (Version: 15.0.0.40 - MAGIX Software GmbH)
Samplitude Pro X7 Suite (HKLM\...\{3B7DD78F-EB57-4DC8-A462-E2563DCBA942}) (Version: 18.0.0.22190 - MAGIX Software GmbH) Hidden
Samplitude Pro X7 Suite (HKLM\...\MX.{3B7DD78F-EB57-4DC8-A462-E2563DCBA942}) (Version: 18.1.1.22392 - MAGIX Software GmbH)
Samplitude Pro X7 Suite Update (HKLM\...\{0C0053F1-F049-4F95-BE6F-357273CF970B}) (Version: 18.1.1.22392 - MAGIX Software GmbH) Hidden
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Topaz Photo AI (HKLM\...\{7F8736DE-1FE0-4FDB-A517-6B3891EF8098}) (Version: 1.5.2 - Topaz Labs LLC)
Topaz Video AI 3.2.5 (HKLM\...\Topaz Video AI_is1) (Version: 3.2.5 - LR)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 125.1.10585 - Ubisoft)
United Plugins Bundle (HKLM\...\{349EC1D2-8D77-40B4-89EE-612E2F1F6E26}_is1) (Version: 2023.2 - United Plugins & Team V.R)
Unity Hub 3.5.2 (HKLM\...\Unity Technologies - Hub) (Version: 3.5.2 - Unity Technologies Inc.)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.5 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{fba0580a-1ad3-44e2-b463-13a30387085c}) (Version: 1.0.0.5 - PD) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VGA (HKLM-x32\...\{0f87ebb7-aabb-43e5-9c5d-28744f517468}) (Version: 3.01.05 - ASUSTek Computer Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Warcraft II (HKLM-x32\...\1418669891_is1) (Version: 2.02 v4 - GOG.com)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.2183 - Microsoft Corporation)
WinRAR 5.00 beta 6 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
WinSnap (HKLM-x32\...\WinSnap) (Version: 4.5.2 - NTWind Software)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-12-16] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2023-11-21] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-11-11] (Adobe Systems Incorporated)
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.4.0.0_x86__kc6t79cpj4tp0 [2023-02-04] (AMZN Mobile LLC)
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.6.8.0_x64__qmba6cd70vzyy [2023-07-27] (ASUSTeK COMPUTER INC.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.41.5.0_x64__6rarf9sa4v8jt [2022-11-03] (Disney)
EarTrumpet -> C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.2.1.0_x86__1sdd7yawvg6ne [2023-07-27] (File-New-Project) [Startup Task]
Intel® Grafik-Kontrollraum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2023-07-27] (INTEL CORP) [Startup Task]
LiquidText -> C:\Program Files\WindowsApps\LiquidText.LiquidText_2.6.82.0_x64__rx5mtpcf576t0 [2023-01-03] (LiquidText)
Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2302.13003.0_x64__8wekyb3d8bbwe [2023-03-24] (Microsoft Corporation) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Studios) [MS Ad]
MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation) [MS Ad]
Notepads App -> C:\Program Files\WindowsApps\19282JackieLiu.Notepads-Beta_1.4.8.0_x64__echhpq9pdbte8 [2023-01-03] (Jackie Liu)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-12-26] (NVIDIA Corp.)
Resultivity -> C:\Program Files\WindowsApps\zababahano.3545749027C6F_4.1.77.0_x64__h479t9074rj58 [2023-01-03] (zababahano)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2022-11-03] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0 [2023-07-08] (Spotify AB) [Startup Task]
Twinkle Tray -> C:\Program Files\WindowsApps\38002AlexanderFrangos.TwinkleTray_1.15.2.0_x64__m7qx9dzpwqaze [2023-01-03] (Xander Frangos) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2342.7.0_x64__cv1g1gvanyjgm [2023-10-31] (WhatsApp Inc.) [Startup Task]
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-246D6BDDE8A9} -> [Creative Cloud Files] => C:\Users\ticro\Creative Cloud Files [2022-11-11 20:38]
CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-23] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f52c4b8723f8dd33\nvshext.dll [2022-12-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-10-03] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-23] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2013-04-15] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2013-06-19] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Verknüpfungen & WMI ========================
==================== Geladene Module (Nicht auf der Ausnahmeliste) =============
2023-10-19 05:49 - 2023-09-14 15:02 - 000322048 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2023-10-19 05:49 - 2023-09-14 15:02 - 000175616 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node
2023-10-19 05:49 - 2023-04-14 13:18 - 000159744 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ref-napi\prebuilds\win32-ia32\electron.napi.node
2023-10-19 05:49 - 2023-04-14 13:18 - 000319488 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\sharp\build\Release\sharp-win32-ia32.node
2023-10-19 05:49 - 2023-09-14 15:02 - 000541696 _____ () [Datei ist nicht signiert] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\usb\prebuilds\win32-ia32\node.napi.node
2023-11-23 13:20 - 2023-11-23 13:20 - 000665088 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\0492e012-cd4a-4582-9dbd-3e479b9a7340.tmp.node
2023-11-23 13:20 - 2023-11-23 13:20 - 000148480 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\1d746e64-de68-4580-bc6b-7b90aa1b6abc.tmp.node
2023-11-23 13:20 - 2023-11-23 13:20 - 000109056 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\517b99ab-a8eb-4ca7-9c05-be261f625fe7.tmp.node
2023-11-23 13:20 - 2023-11-23 13:20 - 000137728 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\9b167f9d-cd25-4ee5-af47-f6e85187a5b8.tmp.node
2023-11-23 13:20 - 2023-11-23 13:20 - 000104960 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\9c6a290f-408f-4fed-b1ff-8771c6b80940.tmp.node
2023-11-23 13:20 - 2023-11-23 13:20 - 000123392 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\c175ba8b-869b-472a-ac82-7f3f800626ba.tmp.node
2023-11-23 13:20 - 2023-11-23 13:20 - 000665088 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\cf8a1f82-a0b4-466a-a5c8-6ad3dc2eff66.tmp.node
2023-11-23 13:20 - 2023-11-23 13:20 - 000287744 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\cfc6d1af-c535-47b5-b17b-e509624abaf5.tmp.node
2023-11-23 13:20 - 2023-11-23 13:20 - 000118272 _____ () [Datei ist nicht signiert] \\?\C:\Users\ticro\AppData\Local\Temp\e56a2818-928e-4e2c-9b4d-3e05b2136465.tmp.node
2023-11-05 04:48 - 2023-11-05 04:48 - 000021504 _____ (Adobe Systems Inc.) [Datei ist nicht signiert] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\de_de\Acrobat Elements\ContextMenuShim64.deu
2018-07-15 13:15 - 2018-07-15 13:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\WINDOWS\System32\enppmon.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =================
==================== Internet Explorer (Nicht auf der Ausnahmeliste) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001 -> DefaultScope 3914679a-e6cb-11ed-a583-50ebf6945631 URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Datei ist nicht signiert]
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\localhost -> localhost
==================== Hosts Inhalt: =========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Andere Bereiche ===========================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ticro\Desktop\lena-desktop-2023-BE-topaz.tiff
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "Drakonia II Gaming Mouse"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "Logi Tune"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\StartupFolder: => "DeepL auto-start.lnk"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Opera GX Stable"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_06E1957EAB573F921F12B105FFB2C315"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "Wave Link"
HKU\S-1-5-21-1068755797-3644653114-3026200473-1001\...\StartupApproved\Run: => "DevEmu_Enabler"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{E467071E-787E-4CFC-9D8F-A0225CA0C063}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BE7E08EF-6FDB-4038-9CAA-8BB15B8C46EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5ABE7B84-EB8E-4CA4-8EB2-E2621F2F9279}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4EB181E2-F4F1-4A60-AD83-EBCDFE19AF60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{42035DFA-B079-452F-8E01-8B23586BC73B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{482870BA-4D39-4519-B605-8DDF745E4E8B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CD13C8F0-10B3-493D-9535-4738B79E1A5D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D8DEC60E-F02C-40B7-96BF-473568D9C3C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.197.962.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{64CD89AF-B837-4ACC-BF58-9F1635EFACC6}] => (Allow) C:\Users\ticro\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [{4B4BD7BD-8DE2-4E20-9FEF-8745FE5511A2}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{A4E9BB71-04A4-450F-A257-375C5CDBBC48}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4E4939BA-3F89-4D6B-A69B-44B878F541D3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2AFD1823-0B10-4343-916C-8EB4BDBEE839}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DBC75C1E-1B33-4DFA-8215-45C40E4AE728}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{14280CBA-69E9-4E5B-BA43-C93672918906}] => (Allow) C:\Users\ticro\AppData\Local\Programs\Opera\92.0.4561.43\opera.exe => Keine Datei
FirewallRules: [{C432913C-C437-438F-B2AC-1AACF3DA8DF7}] => (Allow) C:\Program Files\MAGIX\Samplitude Pro X4 Suite\Sam.exe => Keine Datei
FirewallRules: [TCP Query User{3041F59A-F205-4E89-9669-27A7D4DA4942}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E90519A3-D25F-401E-9D07-C3B0E4984E85}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1BDEEFAF-5753-4210-9B36-B8D081A0E906}] => (Allow) C:\Users\ticro\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => Keine Datei
FirewallRules: [{8D76F525-218F-43CB-B6C6-859FE8198669}] => (Allow) C:\Users\ticro\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => Keine Datei
FirewallRules: [{CEA2CB14-0347-42B0-9911-3492AE03267A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{E6301D6B-1483-416D-A282-93F4654F16EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{85D0E562-BB83-4178-AC57-EEB0B4946823}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{5697DDBE-F0BC-4D32-8FBD-67B9AA1A0EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Empires IV\RelicCardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{04DD9DF3-2112-4F9E-AF9C-77FD65E58923}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe => Keine Datei
FirewallRules: [{43B51A2F-AF30-49DE-9495-304E98A2A46C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe => Keine Datei
FirewallRules: [{6122C4A3-167F-4156-A729-50F3A0A2578D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BF9355D9-AFD0-4564-BB66-48F343AA1F70}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5AA9FF16-5A28-48CA-A96A-B3EFDEFA7116}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CDAFD7A0-439C-4824-BC99-4954F38857B6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5BE9F168-1754-44DB-B50F-EB8B599C8F26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{10629BCB-ABE4-4758-A4A6-2580950278B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{61C29E0A-3886-4E96-95AD-0AE30571003C}C:\program files\ea games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files\ea games\mass effect 2\binaries\me2game.exe => Keine Datei
FirewallRules: [UDP Query User{0FF59E65-8888-4DE7-B2D5-6A8A1A18EF53}C:\program files\ea games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files\ea games\mass effect 2\binaries\me2game.exe => Keine Datei
FirewallRules: [TCP Query User{488489CD-79FC-4372-899A-4E4532A2D630}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [UDP Query User{FACD06DA-5DF6-49C3-BA3C-2B102B239A8B}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{4D44169B-9296-4F59-BB26-51A8BA567E63}] => (Allow) C:\Program Files\EA Games\Mass Effect 2\Binaries\MassEffect2.exe => Keine Datei
FirewallRules: [{37F89AA8-4FF1-4700-A11E-EFC2390CC6C9}] => (Allow) C:\Program Files\EA Games\Mass Effect 2\Binaries\MassEffect2.exe => Keine Datei
FirewallRules: [TCP Query User{F0310B8D-BB9E-4C00-97E2-5743B9B044A2}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{23226AD5-B478-4F39-B042-D73F3A5E724F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F9143B22-FE08-4D2B-ADBB-50D1357EB292}] => (Allow) C:\Program Files\Vuze\Azureus.exe => Keine Datei
FirewallRules: [{BFFCDBAE-3D39-4A8D-9610-05022D9A1621}] => (Allow) C:\Program Files\Vuze\Azureus.exe => Keine Datei
FirewallRules: [{535BB1C2-9201-403D-BC44-93E3221A5DA9}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.4.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (16916B57-7991-4968-B02A-2ADE4B5FB0DE -> Amazon.com Services LLC)
FirewallRules: [{E25451A8-C3BB-4AA3-B905-B153077B4DC8}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_9.4.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (16916B57-7991-4968-B02A-2ADE4B5FB0DE -> Amazon.com Services LLC)
FirewallRules: [{8E0AE310-7E11-4B3B-BD2B-8B94EA17049F}] => (Allow) C:\Program Files\Elgato\CameraHub\Camera Hub.exe => Keine Datei
FirewallRules: [{25507D72-A6B9-49E3-81FB-2264CE7DF01A}] => (Allow) C:\Program Files\Elgato\WaveLink\WaveLink.exe => Keine Datei
FirewallRules: [TCP Query User{D3F40382-A4F6-4A05-8623-DF2362B34877}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FFEA3775-0066-478B-90C4-2A7F3FF92C70}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{83025C3C-42B9-4715-B447-462E8A5BFB84}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin\FarCry6.exe => Keine Datei
FirewallRules: [{0010D7FD-6AEF-4D0F-9F1D-521E4113309B}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin\FarCry6.exe => Keine Datei
FirewallRules: [{ABD09784-B90F-450D-8040-A833FF27515F}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin_plus\FarCry6.exe => Keine Datei
FirewallRules: [{F3D23AFE-668D-41CD-B119-E61E5D8645B7}] => (Allow) C:\Program Files\Epic Games\FarCry6TrialWeekend\bin_plus\FarCry6.exe => Keine Datei
FirewallRules: [{AEB1D351-E89A-40B4-BAED-3CEB5954DDA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{0A4476D0-F16D-4BE5-A35C-39F98E6AA6FD}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{CD6CCE3C-807B-4BDA-8D88-849B95F0F91E}] => (Allow) C:\Program Files\MAGIX\Samplitude Pro X7 Suite\Sam.exe => Keine Datei
FirewallRules: [{D6719EA8-3AA3-4099-8CA5-A1F9C609DC2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\System Shock Demo\SystemShock.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{6F9772D1-48D9-4232-A55A-6C84AFC5E0A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\System Shock Demo\SystemShock.exe (Epic Games, Inc.) [Datei ist nicht signiert]
FirewallRules: [{EA474D3D-9D35-45A9-B8FC-DFB525E99B2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Concrete Jungle\Concrete Jungle.exe (ColePowered Games Ltd. -> ) [Datei ist nicht signiert]
FirewallRules: [{CE430EE6-367B-4020-9E62-B7D5576381C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Concrete Jungle\Concrete Jungle.exe (ColePowered Games Ltd. -> ) [Datei ist nicht signiert]
FirewallRules: [{C1277428-7DBB-4125-9932-D12CAA6E3F94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mechabellum Playtest\game.exe => Keine Datei
FirewallRules: [{9EC7A4A7-8B7B-4F9C-804D-D3141FF3F6C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mechabellum Playtest\game.exe => Keine Datei
FirewallRules: [TCP Query User{74BC57EA-B137-49A0-AD86-6F94732761DC}C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe => Keine Datei
FirewallRules: [UDP Query User{3CC76833-CC29-4346-B9FE-9537C037FC70}C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base89720\sc2_x64.exe => Keine Datei
FirewallRules: [{7BA482D4-DD69-4296-B9AA-D7B2BF9B47C5}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Warcraft II BNE\Warcraft II BNE.exe (GOG Sp. z o.o. -> Blizzard Entertainment)
FirewallRules: [{F7A1049B-A179-4CFE-AB8E-AA87F02AA8CD}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\Warcraft II BNE\Warcraft II BNE_dx.exe (Blizzard Entertainment) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{D932DED3-CEB4-49C1-AF72-12EB0B61D47B}C:\program files (x86)\diablo iv - beta\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv - beta\diablo iv.exe => Keine Datei
FirewallRules: [UDP Query User{B2287F4E-DC44-46B7-81BB-ACFFAA18932B}C:\program files (x86)\diablo iv - beta\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv - beta\diablo iv.exe => Keine Datei
FirewallRules: [TCP Query User{D1144B85-2D51-4EB8-92FF-8CB2DE594B43}C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe] => (Allow) C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe => Keine Datei
FirewallRules: [UDP Query User{68B42E64-BAA5-4857-A6E3-F760B09B8B2B}C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe] => (Allow) C:\users\ticro\appdata\local\temp\rar$exa0.433\fritz.box_7590_ax-07.31-recover.exe => Keine Datei
FirewallRules: [{9BF1A858-1D38-46BE-9381-486CE21E6F63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [Datei ist nicht signiert]
FirewallRules: [{C2607182-F8B7-4DF8-988A-AE0F12065733}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [Datei ist nicht signiert]
FirewallRules: [TCP Query User{79A8FF7A-F53F-46FC-A47D-C821C8422DB9}C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game] => (Allow) C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game (Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [UDP Query User{B09C4EFB-C981-4FDA-8524-C7B28A3B5705}C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game] => (Allow) C:\program files (x86)\steam\steamapps\common\command and conquer red alert 3\data\ra3_1.12.game (Electronic Arts Inc.) [Datei ist nicht signiert]
FirewallRules: [TCP Query User{BDC73CD5-4829-43E5-8679-AE961E1F0CCA}C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe => Keine Datei
FirewallRules: [UDP Query User{8C574421-8F5A-4555-B2B3-F047468E5F57}C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\aquanox deep descent\anx\binaries\win64\anx-win64-shipping.exe => Keine Datei
FirewallRules: [TCP Query User{A062616C-7199-493F-8619-720A068A70A2}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe => Keine Datei
FirewallRules: [UDP Query User{E6B532E6-767F-443E-B031-CEB3F5D57630}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe => Keine Datei
FirewallRules: [{EAFF1D3A-234C-4CEA-A0F9-EDAF7C1B4EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warzone 2100\bin\warzone2100.exe (Warzone 2100 Project) [Datei ist nicht signiert]
FirewallRules: [{A561E583-61CD-4257-97A1-0634974C2DA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warzone 2100\bin\warzone2100.exe (Warzone 2100 Project) [Datei ist nicht signiert]
FirewallRules: [{8AFE83B3-7723-4B1E-B84D-F77E9837BC00}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{647DDFFB-B845-4CA1-8CBF-7F23876EEE13}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{DEFA4F63-72AE-46BE-A5FC-1813B94F81A7}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{480014BA-0F08-4B0F-9206-EF702303B155}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{E140EBEA-05C9-47C1-A457-02B4847375CC}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{258CC155-829F-4BF9-B1B4-DC0F2FF9736C}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{FC0D4E53-09C1-4B65-A0A1-72A442FA611D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{41A6BF3F-3F65-49EE-9058-B5179F4C76AE}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{298BB7B2-D4E3-45E6-90FC-E307996BD70A}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [TCP Query User{FCC00902-4F5E-405B-90EB-302A23D15FC8}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Block) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [UDP Query User{B5809E4C-CAFB-488D-BDB2-B8CFE2FDDE19}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Block) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{6137EF17-4761-48A7-A2C4-FAD8C962C2F2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CF12C5CC-7CF9-4D4C-AA28-2B9C8C352BD2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager ============
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: RAID-Controller
Description: RAID-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Realtek Bluetooth 5.1 Adapter
Description: Realtek Bluetooth 5.1 Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Realtek Semiconductor Corp.
Service: BTHUSB
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: ========================
Applikationsfehler:
==================
Error: (11/23/2023 01:11:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm iAWriter.exe Version 1.4.8641.17184 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ac
Startzeit: 01da1e0618f3b1a6
Beendigungszeit: 6
Anwendungspfad: C:\Program Files\iA Writer\iAWriter.exe
Bericht-ID: 0e3372f7-8686-4987-b11d-9e22588134ae
Vollständiger Name des fehlerhaften Pakets:
Relative Anwendungs-ID des fehlerhaften Pakets:
Absturztyp: Unknown
Error: (11/23/2023 12:51:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CEPHtmlEngine.exe, Version: 11.5.3.132, Zeitstempel: 0x62fb47ef
Name des fehlerhaften Moduls: libcef.dll, Version: 88.39.4.0, Zeitstempel: 0x60270a51
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000002cefe4e
ID des fehlerhaften Prozesses: 0x34d8
Startzeit der fehlerhaften Anwendung: 0x01da1df79daaa306
Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\libcef.dll
Berichtskennung: eda64d68-8bf1-46d5-a950-ccf1bd30fc9f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/23/2023 12:51:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CEPHtmlEngine.exe, Version: 11.5.3.132, Zeitstempel: 0x62fb47ef
Name des fehlerhaften Moduls: libcef.dll, Version: 88.39.4.0, Zeitstempel: 0x60270a51
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000002cefe4e
ID des fehlerhaften Prozesses: 0x34d8
Startzeit der fehlerhaften Anwendung: 0x01da1df79daaa306
Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\libcef.dll
Berichtskennung: 5375e52d-82ac-4329-a073-127faf5a344b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/21/2023 09:57:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CEPHtmlEngine.exe, Version: 11.5.3.132, Zeitstempel: 0x62fb47ef
Name des fehlerhaften Moduls: libcef.dll, Version: 88.39.4.0, Zeitstempel: 0x60270a51
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000002cefe4e
ID des fehlerhaften Prozesses: 0x275c
Startzeit der fehlerhaften Anwendung: 0x01da1cbd4e7f4706
Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\libcef.dll
Berichtskennung: f8197b3e-6042-430c-9831-3be3e04408db
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/21/2023 09:57:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CEPHtmlEngine.exe, Version: 11.5.3.132, Zeitstempel: 0x62fb47ef
Name des fehlerhaften Moduls: libcef.dll, Version: 88.39.4.0, Zeitstempel: 0x60270a51
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000002cefe4e
ID des fehlerhaften Prozesses: 0x275c
Startzeit der fehlerhaften Anwendung: 0x01da1cbd4e7f4706
Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Adobe\Adobe InDesign 2024\Resources\CEP\CEPHtmlEngine\libcef.dll
Berichtskennung: b8a60aa9-bc1f-4b95-8744-ae94eb59ff05
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/21/2023 09:00:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (11/21/2023 08:58:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NTKDaemon.exe, Version: 1.9.1.0, Zeitstempel: 0x63984753
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.19041.3636, Zeitstempel: 0x81cf5d89
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000007286e
ID des fehlerhaften Prozesses: 0x113c
Startzeit der fehlerhaften Anwendung: 0x01da1ca9cfd6aebe
Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: 9ee0619d-37bc-4adc-ab0f-4ccdb34d324d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (11/21/2023 07:18:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Das Programm chrome.exe Version 118.0.5993.120 hat die Interaktion mit Windows beendet und wurde geschlossen. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17f4
Startzeit: 01da0ccabba8c08b
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\Google\Chrome\Application\chrome.exe
Bericht-ID: 9a700b71-3ec3-4491-bea6-36d3a8b09cbe
Vollständiger Name des fehlerhaften Pakets:
Relative Anwendungs-ID des fehlerhaften Pakets:
Absturztyp: Top level window is idle
Systemfehler:
=============
Error: (11/23/2023 11:32:37 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "asComSvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}
Error: (11/23/2023 11:32:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ASUS Com Service erreicht.
Error: (11/23/2023 11:32:07 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "asComSvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}
Error: (11/23/2023 11:32:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ASUS Com Service erreicht.
Error: (11/23/2023 11:31:30 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HKLF9N7)
Description: Der Server "{95775DC4-77AA-4E94-8CF6-68267EEF1856}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/23/2023 11:29:53 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "asComSvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}
Error: (11/23/2023 11:29:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ASUS AURA SYNC lighting service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (11/23/2023 11:29:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ASUS Com Service erreicht.
Windows Defender:
================
Date: 2023-11-23 13:20:20
Description:
Der überwachte Ordnerzugriff hat C:\Program Files (x86)\LightingService\LightingService.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2023-11-23T12:20:20.346Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\Harddisk0\DR0
Name des Prozesses: C:\Program Files (x86)\LightingService\LightingService.exe
Sicherheitsversion: 1.401.1047.0
Modulversion: 1.1.23100.2009
Produktversion: 4.18.23100.2009
Date: 2023-11-23 13:20:06
Description:
Der überwachte Ordnerzugriff hat C:\Program Files\ASUS\ROG Live Service\FileOperator.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2023-11-23T12:20:06.516Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\Harddisk0\DR0
Name des Prozesses: C:\Program Files\ASUS\ROG Live Service\FileOperator.exe
Sicherheitsversion: 1.401.1047.0
Modulversion: 1.1.23100.2009
Produktversion: 4.18.23100.2009
Date: 2023-11-23 11:31:37
Description:
Der überwachte Ordnerzugriff hat C:\Program Files (x86)\LightingService\LightingService.exe daran gehindert, Änderungen am Speicher durchzuführen.
Erkennungszeit: 2023-11-23T10:31:37.429Z
Benutzer: NT-AUTORITÄT\SYSTEM
Pfad: \Device\Harddisk0\DR0
Name des Prozesses: C:\Program Files (x86)\LightingService\LightingService.exe
Sicherheitsversion: 1.401.1047.0
Modulversion: 1.1.23100.2009
Produktversion: 4.18.23100.2009
Date: 2023-11-23 11:29:25
Description:
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2023-11-23T10:29:25.702Z
Benutzer: DESKTOP-HKLF9N7\WORKSTATION
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
Sicherheitsversion: 1.401.1047.0
Modulversion: 1.1.23100.2009
Produktversion: 4.18.23100.2009
Date: 2023-11-23 11:29:25
Description:
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe wurde durch den überwachten Ordnerzugriff daran gehindert, %userprofile%\Documents\AdobeGCData\ zu ändern.
Erkennungszeit: 2023-11-23T10:29:25.702Z
Benutzer: DESKTOP-HKLF9N7\WORKSTATION
Pfad: %userprofile%\Documents\AdobeGCData\
Prozessname: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Sicherheitsversion: 1.401.1047.0
Modulversion: 1.1.23100.2009
Produktversion: 4.18.23100.2009
Event[0]:
Date: 2023-11-21 13:29:25
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.401.908.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.23100.2009
Fehlercode: 0x8024402c
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2023-11-21 13:29:21
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.401.908.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.23100.2009
Fehlercode: 0x8024402c
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2023-04-14 07:19:41
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.387.870.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.20200.4
Fehlercode: 0x8024402c
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2023-03-11 21:50:56
Description:
Bei Microsoft Defender Antivirus ist ein Fehler beim Aktualisieren der Sicherheitsinformationen aufgetreten.
Neue Version der Sicherheitsinformationen:
%Vorherige Version der Sicherheitsinformationen: 1.383.1577.0
Update Source: Microsoft Update-Server
Sicherheitstyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
%Vorherige Modulversion: 1.1.20000.2
Fehlercode: 0x80240438
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
CodeIntegrity:
===============
Date: 2023-11-23 14:13:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
BIOS: American Megatrends Inc. 2004 08/24/2022
Hauptplatine: ASUSTeK COMPUTER INC. ROG STRIX Z690-F GAMING WIFI
Prozessor: 12th Gen Intel(R) Core(TM) i7-12700K
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 65277.42 MB
Verfügbarer physikalischer RAM: 56172.87 MB
Summe virtueller Speicher: 75005.42 MB
Verfügbarer virtueller Speicher: 62355.19 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.86 GB) (Free:400.25 GB) (Model: WD_BLACK SN770 1TB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:742.82 GB) (Model: WD_BLACK SN770 1TB) NTFS
Drive e: (KOKOS DATA) (Fixed) (Total:7452.03 GB) (Free:1705.99 GB) (Model: WD Game Drive USB Device) NTFS
Drive f: (STUDIO BASIS) (Fixed) (Total:100.61 GB) (Free:10.47 GB) (Model: ASMT ASM1156-PM SCSI Disk Device) NTFS
Drive h: (Elements) (Fixed) (Total:4657.49 GB) (Free:4214.98 GB) (Model: WD Elements 2621 USB Device) NTFS
Drive i: () (Fixed) (Total:1862.98 GB) (Free:679.23 GB) (Model: WD My Passport 2599 USB Device) NTFS
Drive k: (GAMING, STUDIO, CC) (Fixed) (Total:931.51 GB) (Free:27.28 GB) (Model: ASMT ASM1156-PM SCSI Disk Device) NTFS
\\?\Volume{ace156fe-f69b-4e11-b3e7-83a1f49cd2df}\ () (Fixed) (Total:0.53 GB) (Free:0.06 GB) NTFS
\\?\Volume{d16583dc-1548-43ce-a208-175893b6751a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 59535ABC)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 595365C2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 3 (Size: 4657.5 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: BB8F2C62)
Partition 1: (Active) - (Size=100.6 GB) - (Type=07 NTFS)
==========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1101698E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 6 (Size: 7452 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==================== Ende von Addition.txt =======================
Wie gesagt gibt es den Ordner nicht mehr, wenn ich in Program Files schaue. Windows-Suche findet auch nichts. |
|
23.11.2023, 14:51
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hackerangriff Trojanervirus Scripting/Repair mit FRST64 WARNUNG AN ALLE MITLESER !!! Dieses FRST-Script ist ausschließlich für diesen Nutzer gedacht und sollte niemals 1:1 für ein anderes System angewendet werden!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Hackerangriff Trojanervirus |
| antivirus, computer, dateien, detected, diverse, einloggen, entfernen, festplatte, forum, frage, geld, hacked, internet, laptop, opera, passwort, security, software, starten, systeme, trojaner, virus, warning, werbung, windows |
Linear-Darstellung
